Posts Tagged ‘freebsd’

FreeBSD post install configuration steps to make on fresh FreeBSD install to make ready for server and Desktop use

Saturday, October 28th, 2017

freebsd-post-install-configuration-steps-to-make-on-fresh-install-to-make-ready-for-server-freebsd-logo


1. Update binary packages

First thing to do just like on any new operating system install is to update / patch the server
 

# freebsd-update fetch
# freebsd-update install

 


2. Update FreeBSD port packages

As a FreeBSD administrator you will need ports every now and then so make sure you have them at their latest release for your FBSD release

 

# pkg update
# pkg upgrade

 


3. Install editors and bash

 

# pkg install nano vim joe bash bash_completion

 


4. Install sudo

To be able to run commands without becoming superuser root just like on any Linux you will probably want to have sudo package installed

# pkg install sudo

 

Sudo config file is under /usr/local/etc/sudoers

To edit it with syntax check enabled use visudo

 

# visudo

# sudo pkg update
 

 

If you want a regular account to have root superuser edit / modify and do things permissions

 

# pw groupmod wheel -M your_user_name

 

Then to make the wheel permissions work add to sudoers:

 

%wheel    ALL=(ALL=ALL)    ALL

5. FreeBSD modify personal information for account

 

# chpass your_user_name

To change your account and others to use bash instead of default freebsd csh

 

# csh -s /bin/bash your_user_name

 


7. Set a Static IP address for a FreeBSD server and configure DNS

Edit /etc/rc.local to look something like so

 

#ifconfig_em0="DHCP"
ifconfig_em0="inet 192.168.1.100 netmask 255.255.255.0"
# default gateway
defaultrouter="192.168.1.1"

 

/etc/rc.conf is also the file where you can easily enable / disable freebsd startup scripts

To restart network interafaces just like Debian Linux's /etc/init.d/networking restart type

 

# service netif restart
# service routing restart

 

To set Google DNS in FreeBSD just like in Linux add the IPs with nameserver prefix to /etc/resolv.conf

 

# echo 'nameserver 8.8.8.8' >> /etc/resolv.conf
# echo 'nameserver 8.8.8.8' >> /etc/resolv.conf
# echo 'search your-domain-name' >> /etc/resolv.conf

 

– If you need to change the hostname of the FreeBSD server change in /etc/rc.conf

hostname="your-freebsdhostname"

– To add multiple IP addresses to a network interface on FBSD add line like below to /etc/rc.conf

ifconfig_em0_alias0="192.168.1.5 netmask 255.255.255.255"
ifconfig_em0_alias1="192.168.1.6 netmask 255.255.255.255"

To apply changes and bring up the newly set multiple IPs

# service netif restart


8. Setting up proper timezone

If for some reason the Time zone is improperly set during FreeBSD install, you can later set that with

# tzsetup

9. Set up ntp time server synchronization daemon

# vim /etc/rc.conf

ntpd_enable="YES"
ntpd_sync_on_start="YES"

First command will bring up NTP server at start up and second make it synchroniza with Internet NTP servers, to restart ntp so it set proper time
immediately

# service ntpd start


10. Add additional SWAP space to FreeBSD server after install

– First we need to create the swap file with command and then set up proper permissions for it

# truncate -S 3G /swapf
# chmod 0600 /swapf

– Then to make the swapf being used on boot we need to add it to /etc/fstab

# echo "md99 none swap sw,file=/swapf,late 0 0" >> /etc/fstab

To immediately apply the new added swap to be used by the system run:

# swapon -aqL

To check various things on how swap is configured use

# swapinfo -g


11. Configure Firewall in FreeBSD

# vim /etc/rc.conf

firewall_enable="YES"
firewall_script="/usr/local/etc/ipfw.rules"

A very basic firewall to add to ipfw.rules file would be something like so:
 

    $IPF 70 allow all from any to any out keep-state
    $IPF 80 allow icmp from any to any
    # open port ftp

    $IPF 110 allow tcp from any to any 21 in
    $IPF 120 allow tcp from any to any 21 out

    # 22 for ssh
    $IPF 130 allow tcp from any to any 22 in
    $IPF 140 allow tcp from any to any 22 out

    # mail port 25

    $IPF 150 allow tcp from any to any 25 in
    $IPF 160 allow tcp from any to any 25 out

    # dns (53) udp and tcp in
    $IPF 170 allow udp from any to any 53 in
    $IPF 175 allow tcp from any to any 53 in

    # dns (53) udp and tcp out
    $IPF 180 allow udp from any to any 53 out
    $IPF 185 allow tcp from any to any 53 out

    # http (80),
    $IPF 200 allow tcp from any to any 80 in
    $IPF 210 allow tcp from any to any 80 out
    # deny and log everything
    $IPF 500 deny log all from any to any

To launch the firewall
 

# service ipfw start


To list current FreeBSD Firewall rules use

# ipfw list

Finally if you need to check your connections to the server just like Linux's netstat you might consider using sockstat comand
 

# sockstat -4 -6

– 4 -6 will list you network connections for ipv4 and ipv6 both tcp and udp

Share this on

How to find and Delete Duplicate files in directory on Linux server with find and fdupes command

Monday, March 16th, 2015

search-duplcate-files-linux-command-and-graphical-tools-how-to-find-duplicate-files-on-linux-mac-and-windows-os

Linux / UNIX find command is very helpful to do a lot of tasks to us admins such as Deleting empty directories to free up occupied inodes or finding and printing only empty files within a root file system within all sub-directories
There is too much of uses of find, however one that is probably rarely used known by sysadmins find command use is how to search for duplicate files on a Linux server:
 

find -not -empty -type f -printf “%s\n” | sort -rn | uniq -d | xargs -I{} -n1 find -type f -size {}c -print0 | xargs -0 md5sum | sort | uniq -w32 –all-repeated=separate

If you're curious how does duplicate files finding works, they are found by comparing file sizes and MD5 signatures, followed by a byte-by-byte comparison.

Most common application of below command is when you want to search and get rid of some old obsolete files which you forgot to delete such as old /etc/ configurations, old SQL backups and PHP / Java / Python programming code files etc.

If you have to do a regular duplicate file find on multiple servers Linux servers perhaps you should install and use  fdupes command.
On Debian Linux to install it:

root@pcfreak:/# apt-cache show fdupes|grep -i descr -A 4
Description: identifies duplicate files within given directories
 FDupes uses md5sums and then a byte by byte comparison to find
 duplicate files within a set of directories. It has several useful
 options including recursion.
Homepage: http://code.google.com/p/fdupes/

 

root@pc-freak.net:/# apt-get install –yes fdupes

To search for duplicate files with fdupes in lets /etc/ just run fdupes without arguments:

 

root@pcfreak:/# fdupes /etc/
/etc/magic
/etc/magic.mime

/etc/odbc.ini
/etc/.pwd.lock
/etc/environment
/etc/odbcinst.ini

/etc/shadow-
/etc/shadow


If you want to look up for all duplicate files within root directory:
 

root@pcfreak:/# fdupes -r /etc/
Building file list /

 

You can also find duplicate files for multiple directories by just passing all directories as arguments to fdupes

 

root@pcfreak:/# fdupes -r /etc/ /usr/ /root /disk /nfs_mount /nas


The -r argument (makes a recursive subdirectory search for duplicates), if you want to also see what is the size of duplicate files found add -S option

 

fdupes -r -S /etc/ /usr/ /root /disk /nfs_mount /nas

 


If you want to delete all duplicate files within lets say /etc/

 

root@pcfreak:/# fdupes -d /etc/

fdupes is also available and installable also on RPM based Linux distros Fedora / RHEL / CentOS etc., install on CentOS with:
 

[root@centos~ ]# yum -y install fdupes


There is also a port available for those who want to run it on FreeBSD on BSD install it from ports:

 

freebsd# cd /usr/ports/sysutils/fdupes
freebsd# make install clean


If you have a GUI environment installed on the server and you don't want to bother with command line to search for all duplicate files under main filesystem and other lint (junk) files take a look at FSlint

FSlint-2.02-search-for-duplicate-and-lint-files-linux-gui-tool

If you're looking for a GUI cross platform duplicate file finder tool that runs on all major used Operating Systems Mac OS X / Windows / Linux take a look at dupeGuru

 

Share this on

How to fix postfix mail server error ‘relay access denied’ on FreeBSD

Wednesday, January 30th, 2013

If you're running a newly configured Postfix SMTP server and you get in /var/log/maillog errors like:

Relay access denied

i.e. in log whenever you try to deliver a mail to the mail server you get something like:

Jan 29 10:05:04 600h postfix/smtpd[4624]: NOQUEUE: reject: RCPT from mxtb-pws3.mxtoolbox.com[64.20.227.133]: 554 5.7.1 <test@example.com>: Relay access denied; from=<supertool@mxtoolbox.com> to=<test@example.com> proto=ESMTP helo=<please-read-policy.mxtoolbox.com>

This is to because the virtualdomain to which postfix is trying to deliver is not added among the domains for which relaying is allowed.

To fix it edit /etc/postfix/main.cf ; find line

relay_domains = $mydestination

and add all domains, for which relaying should be allowed. Let's say you have virtual domains example.com and example1.com to enable relaying, add to conf:

relay_domains = $mydestination example.com example1.com

Also whether, virtual domain names are read from a separate configured hashed .db file like /etc/postfix/virtual.db

Usually done via /etc/postfix/main.cf via vars:

virtual_mailbox_maps = hash:/etc/postfix/virtual
virtual_alias_maps = hash:/etc/postfix/virtual

Its necessery to run cmd;

postmap virtual
# ls -al /etc/postfix/virtual*
-rwxrwxrwx  1 root  wheel      45 Jan 29 05:27 /etc/postfix/virtual
-rwxrwxrwx  1 root  wheel  131072 Jan 29 10:58 /etc/postfix/virtual.db

This command re-builds virtual.db including all newly input domains in /etc/postfix/virtual

Finally to load new configs its necessary to restart postfix;

This particular Postfix is running on FreeBSD so to restart it;

# /etc/rc.d/postfix restart
....

 

 

Share this on

Fixing Apache error – client denied by server configuration on FreeBSD

Thursday, January 17th, 2013

If you have just installed a FreeBSD host with Apache and configured a Vhost document root to interpret  PHP or Perl scripts and you end up with error in browser like:

 

HTTP 403 / client denied by server configuration error

or

Forbidden
You don't have permission to access /index.html on this server.

It is most likely due to improperly configured Apache directory or directories permissions. In Apache error log /var/log/httpd-error.log, there are plenty of error messages logged like:

[Tue Jan 15 13:09:39 2013] [error] [client 92.96.95.177] client denied by server configuration: /usr/home/hipo/public_html/management
[Tue Jan 15 13:09:41 2013] [error] [client 92.96.95.177] client denied by server configuration: /usr/home/hipo/public_html/management
[Tue Jan 15 13:09:41 2013] [error] [client 92.96.95.177] client denied by server configuration: /usr/home/hipo/public_html
[Tue Jan 15 13:09:41 2013] [error] [client 92.96.95.177] client denied by server configuration: /usr/home/hipo/public_html
[Tue Jan 15 13:09:41 2013] [error] [client 92.96.95.177] client denied by server configuration: /usr/home/hipo/public_html
[Tue Jan 15 13:09:41 2013] [error] [client 92.96.95.177] client denied by server configuration: /usr/home/hipo/public_html

The issue is caused by Apache <Directory> configuration which is restrictive and set to first deny and then apply allow rule, i.e.:

 

<Directory /usr/home/hipo/public_html>
  Options ExecCGI -Indexes FollowSymLinks
   Allowoverride All
    Order Deny,allow
    Deny from all
    Allow from localhost
    Allow from 123.123.123.123
</Directory>

To solve the problem change default Deny set policy (Deny from all) and first policy to be applied which is Deny to allow;

 <Directory "/usr/home/hipo/public_html">
        Options ExecCGI -Indexes FollowSymLinks
        Allowoverride All
        Order Allow,deny
        Allow from all
        #DirectoryIndex index.cgi
  </Directory>

It is possible to not specify any Order Allow,deny (if there is no previous Apache <Directory> directive to override, so in many  cases you can use;

 <Directory "/usr/home/hipo/public_html">
        Options ExecCGI -Indexes FollowSymLinks
        Allowoverride All
        Allow from all
        #DirectoryIndex index.cgi
  </Directory>

Finally restart Apache and all should be good;

freebsd# /usr/local/etc/rc.d/apache22 restart
....

Share this on

FreeBSD Desktop: Allow All system users to mount CDROM, DVD, USB Devices and other external devices

Friday, November 16th, 2012

freebsd allow all system users to mount CD  DVD USB in GNOME and KDE desktop - freebsd power to serve logo

Users who use FreeBSD for multiple logins Desktop host or in universities multiple login Desktop  shared user PCs will have problems with mounting CD and DVD Roms, Usbs and other external devices. To mount any of those a root or toor superuser  will be required and this makes a really bad impression to the novice users, making them think FreeBSD is user unfriendly, where in reality it was just build to behave so with higher security in mind.
This ruins a whole user GNOME experience and disappoints the end user, especially if the user is just a person who needs to do some browsing and copy few files from and to the host.
This prevents udevd and auto mount in GNOME and  KDE GUI environments to be unable to automatically mount and unmount CD / DVDs and USBS where plugged or unplugged but instead just poping up permission errors whether CD or USB is attached.
Thanksfully, you can change this behavior to make FreeBSD a bit more user friendly and of course 'less secure' by few simple commands 🙂

Here is how:

freebsd# sysctl -w vfs.usermount=1

vfs.usermount: 0 -> 1

echo 'vfs.usermount=1' >> /etc/sysctl.conf

What is required next is to add all devices which will be mountable by all users in /dev/devfs.conf.

To get a list of devices do:
freebsd# camcontrol devlist

at scbus0 target 0 lun 0 (pass0,da0) at scbus1 target 3 lun 0 (pass1,sa0) at scbus1 target 6 lun 0 (pass2,cd0) #

Most USB devices are recognized and assigned as /dev/da0, and almost all CD and DVD Rom devices will be initialized by kernel as /dev/cd0, however if you get something different just set the appropriate vals.

a) Add permission records for CD / DVD ROM in /etc/devfs.conf
freebsd# echo 'own /dev/da0 root:operator' >> /etc/devfs.conf
freebsd# echo 'perm /dev/da00 0666' >> /etc/devfs.conf

b) Add permission records for USBs in /dev/devfs.conf

freebsd# echo '## allow member of operator to mount cdrom' >> /etc/devfs.conf
freebsd# echo 'own /dev/cd0 root:operator' >> /etc/devfs.conf
freebsd# echo 'perm /dev/cd0 0660' >> /etc/devfs.conf

To allow, all present system users to have access to mount USB, CD / DVD roms, it is necessery to add all users to the operator, group. This is a security bad practice as this will make allow all users to have extra permissions to binaries on the system owned or allowed to be accessed by operator group. However for home computers, where you, your sister and a bunch of good friends have accounts, security shouldn't be of a great concern.

If you know well all your users and you have disabled SSH on the system and security is not of top priority run:

freebsd# /usr/local/bin/bash
root@freebsd~# for i in /home/*; do user=$(echo $i|sed -e 's#/home/##g'); do \
pw groupmod operator -m $user; \
done

Onwards, you can check few users to see to see if they are added to operator group

freebsd$ id
uid=1001(hipo) gid=1001(hipo) groups=1001(hipo),0(wheel),5(operator)

Well that's all now your GNOME hal process – (Hardware Abstraction Layer) will be able to manage CD / DVDs and USBs with no more weird errors.

This article was inspired by cybercity's Allow normal users to mount CDROMs DVDs and USB devices. So thanks 'em for being a source of inspiration.

Enjoy 🙂

Share this on

Convert PDF .pdf to Plain Text .txt files on GNU / Linux and FreeBSD / pdftotext

Friday, November 16th, 2012

Convert PDF .pdf to .txt Plain Text on GNU / Linux Redhat, Debian, CentOS, Fedora and FreeBSD with pdftotext poppler-utils

If you need to convert Adobe PDF to Plain Text on Linux or FreeBSD, you will have to take a look at a poppler-utils – (PDF Utilities).

For those who wonder why you need at all a .PDF in .TXT, I can think of at least 4 good reasons. 
 

PDF to text convertion on Linux and other UNIX-es is possible through a set of tools called poppler-utils

poppler-utils is installable on most Linux distributions on Debian Ubuntu based Linux-es it is installable with the usual:

noah:~# apt-get install --yes poppler-utils
....

On Fedora it is available and installable from default repositories with yum

[root@fedora~]# yum -y install poppler-utils 

On Mandriva Linux:
[root@mandriva~] # urpmi poppler
....

On FreeBSD (and possibly other BSDs) you can install via ports or install it from binary with:

freebsd# pkg_add -vr poppler-utils
....

Here is a list of poppler-utils contents from the .deb Debian package, on other distros and BSD the /bin content tools are same.
noah:~ # dpkg -L poppler-utils|grep -i /usr/bin/
/usr/bin/pdftohtml
/usr/bin/pdfinfo
/usr/bin/pdfimages
/usr/bin/pdftops
/usr/bin/pdftoabw
/usr/bin/pdftoppm
/usr/bin/pdffonts
/usr/bin/pdftotext

1. Converting  .pdf to .txt 

Converting whole PDF document to TXT is done with:

$ pdftotext PeopleWare-Productive_Projects.pdf PeopleWare-Productive_Projects.txt
 
2. Extracting from PDF to Text file only selected pages

 Dumping to .TXT only specific pages from a PDF file: is done through -f and -l arguments (First and Last) pages number.

$ pdftotext -f 3 -l 10 PeopleWare-Productive_Projects.pdf PeopleWare-Productive_Projects.txt

3. Converting PDF to TXT  protected with password

  $ pdftotext -opw 'Password' Password-protected-file.pdf Unprotected-file-dump.txt

the -opw arguments stand for 'Owner Password'. As suggested by man page -opw will bypass all PDF security restrictions. In PDFs there are file permission password protection as well as user password. 

To remove permissions password protection of file

$ pdftotext -upw 'Password' Password-protected-file.pdf Unprotected-file-dump.txt

 
4. Converting .pdf to .txt and setting type of end of file

Depending on the type of Operating System the TEXT file will be red further, you can set the type of end of lines (for those who don't know it here is the 3 major OSes UNIX, Windows, and MAC end of line codes:

DOS & Windows: \r\n 0D0A (hex), 13,10 (decimal)
Unix & Mac OS X: \n, 0A, 10
Macintosh (OS 9): \r, 0D, 13

$ pdftotext -eol unix PeopleWare-Productive_Projects.pdf
PeopleWare-Productive_Projects.txt

The -eol accepts (mac, unix or dos) as options

A bit off topic but very useful thing is to then listen to converted .txt files using festival.

5. Reading .PDF in Linux Text Console and Terminals

$ pdftotext PDF_file_to_Read.pdf -

Btw it is interesting to mention Midnight Commander ( mcview ), component which supports opening .pdf files in console uses pdftotext for extracting PDFs and visualizing in plain text in exactly same way

Well that's it happy convertion.

Share this on

tmux – FreeBSD, BSD* and Linux alterinative to GNU screen terminal emulator

Thursday, November 1st, 2012

tmux gnu screen (newer) alternative terminal emulator for Linux, FreeBSD, OpenBSD
After my yesterday blog post explaining basis GNU screen use, I've decided to blog a bit more on the topic as I find terminal emulation to be quite interesting 🙂

Just like on on GNU / Linux, GNU Screen is available and installable via FreeBSD port – /usr/ports/sysutils/screen. Though screen is compatible with FreeBSD, it is not from scratch written to run on BSD architecture, but rather ported. Besides, that within the fild of terminal emulation, there are plenty of recent developments and feature richer programs available from install already. One of those I reference is tmux..  tmux's is superior to screen in that it is a re-writen terminal (from scratch) terminal emulator – multiplexer (as referenced in man tmux).

Another fundamental difference is it comes licensed under "less restrictive" BSD license (interesting fact is BSD has only 3 clauses), whether to GNU Screen applies GPLv 2 / 3 (4 freedoms clauses).
Tmux is presently existing for multiple architectures besides BSD including Linux and even as I check in its documentation has support for HP-HX and IRIX.

To install / use tmux on FreeBSD / NetBSD install port /usr/ports/sysutils/tmux with

: freebsd# cd /usr/ports/sysutils/tmux
freebsd# make install clean
....

Installing mux on Debian GNU Linux is available straight from default package repositories, i.e. :

debian:~# apt-get install --yes mux
....

It is inteersting fact to mention, since OpenBSD 4.6 – Mr. Theo De Raddt and friends decided tmux to part of the base system! This means a lot since OpenBSD has always existed with the main ideology to be the most secure UNIX / BSD based OS around. This fact probably means from purely secure stand point tmux might be better choice than gnu screen

Another reason why tmux might be better alternative to Screen for BSD users besides security, is its configuration is much more simplistic whilst compared with Screen. If you have used screen, already you should surely know how complicated things are when it comes to configuration and screen (set) variables.

tmux's pre-defined command bindings are similar to SCREEN's, the difference is instead of Screen's:

CTRL + a + (letter)

key bindings are invoked with:

CTRL + b + (kbd letter)
 

People who already are acustomed to screen (like myself 🙂 )  would not be easy to re-learn use CTRL + b, thus it is helpful to revert default tmux CTRL + b  to screen's CTRL + a.


http://niallohiggins.com/2009/06/04/tmux-a-bsd-alternative-to-gnu-screen/

$ echo 'set -g prefix C-a' >> ~/.tmux.conf
$ echo 'bind-key C-a last-window' >> ~/.tmux.conf

Moving over virtual windows in tmux just like in screen can be done using:

CTRL + a + 1 … 9

One has to be careful, as pressing CTRL + a should be done with a llittle delay before pressing the next letter, otherwise the command does not take affect.
 

Detaching emulated session, in tmux is done like in screen with pressing:

CTRL + a + (d [half a sec delay before pressing])

Attaching to latest detached tmux session is done with:

tmux attach

 

There are plenty of other stuff and applications but here I will not get in detail as it is all  in man page.


tmux
is great for BSD users,
but for Linux users  byobu is  more interactive and user friendly (out of the box – with no need for extra configs)

Here are 2 screenshots from tmux website:
advanced tmux use 4 squares split virtual terminals / tmux use screenshot

tmux screenshot with shared multiple wins

Share this on

How to do (all) install packages binary upgrade FreeBSD 7.2 to FreeBSD 9.0 RELEASE

Wednesday, October 3rd, 2012

FreeBSD binary upgrade portupgrade pkgng pkg_add 7.2 to FreeBSD 9.0 RELEASE how to
In last article I’ve writen how FreeBSD version to version upgrade can be done using, as it is (mostly) mandatory to complete a packages binary upgrade right after the kernel and world update, in this article I will explain how to do BSD binary package upgrade.

Once the BSD boots with a new after succesful:


# freebsd-update upgrade -r 9.0-RELEASE && freebsd-update install

1. Upgrade FreeBSD port tree structure (skele) with latest BSD available,br />
It is necessery either to rebuild all installed packages on System or do a binary upgrade, this is because some of the installed packages might already be linked to older versions of FreeBSD 7.2 [in my case] – (or whatever older version) world you have.

1. Update BSD port tree skele to the latest published on FreeBSD download servers

It is generally wise idea to upgrade your BSD port structure immediately after BSD world and kernel upgrade.
For convenience you can use following ports-supfile (configured to fetch latest FreeBSD) ports directory structure:

Download it in /etc and run csup:


freebsd# cd /etc/
freebsd# wget -q http://www.pc-freak.net/files/ports-supfile
freebsd# csup -g -L 2 /etc/ports-supfile
Parsing supfile "/etc/ports-supfile"
Connecting to cvsup4.de.freebsd.org
Connected to 212.12.50.227
Server software version: SNAP_16_1h
MD5 authentication started
MD5 authentication successful
Negotiating file attribute support
Exchanging collection information
Establishing multiplexed-mode data connection
Running
Updating collection ports-all/cvs
Edit ports/UPDATING
....
....

The port structure upgrade takes me on my Pentium 1.8 Ghz with 1GB ramwith a 20 Mbit connectivity to the internet about 15 minutes; It could vary depending on PC hardware and Internet connectivity as well as to when for a last time the port tree was upgraded (how much new data csup has to fetch to hdd).

2. Re-build ports Index file /usr/ports/INDEX*

Onwards the ports index file needs to be rebuild;


freebsd# make index
Generating INDEX-9 - please wait..
....

Here my make index failed with an error:


*** Error code 1
1 error
********************************************************************
Before reporting this error, verify that you are running a supported
version of FreeBSD (see http://www.FreeBSD.org/ports/) and that you
have a complete and up-to-date ports collection. (INDEX builds are
not supported with partial or out-of-date ports collections -- in
particular, if you are using cvsup, you must cvsup the "ports-all"
collection, and have no "refuse" files.) If that is the case, then
report the failure to ports@FreeBSD.org together with relevant
details of your ports configuration (including FreeBSD version,
your architecture, your environment, and your /etc/make.conf
settings, especially compiler flags and WITH/WITHOUT settings).
Note: the latest pre-generated version of INDEX may be fetched
automatically with "make fetchindex".
********************************************************************
*** Error code 1

Cause this error, I had to update the index with portsnap (get already pre-generated one by another person).

portsnap has other advantages too – it doesn’t take so long time as well as load CPU less than manually building it; even better it takes shorter time to complete. This is why for (ports index updates) on productive servers it might be (probably) better to use portsnap:


freebsd# make fetchindex
/usr/ports/INDEX-9.bz2 100% of 1622 kB 203 kBps
freebsd# ls -al INDEX-*
-rw-r--r-- 1 root wheel 24216397 Mar 14 2011 INDEX-7
-rw-r--r-- 1 root wheel 36006912 Feb 8 2010 INDEX-7.db
-rw-r--r-- 1 root wheel 26526196 Oct 2 14:45 INDEX-9
freebsd# rm -f INDEX-7 INDEX-7.db

3. Do a binary package upgrade of every packages present on previous FreeBSD 7.2 install with portupgrade

It is generally also a good idea to create a dump of all system installed packages with pkg_info, before doing anything else:


freebsd# pkg_info -qoa | sort > /root/packagelist

Since my system is quite, slow I cannot afford to recompile all from BSD ports, thus I used the “old fashioned” portupgrade to complete the binary upgrade:

For “conservative” BSD users it might be better to use portupgrade, to do upgrade all installed packages with it run:


freebsd# rm /var/db/pkg/pkgdb.db && pkgdb -Ffuv && portupgrade -afpRr -m BATCH=yes
....

I got during above portupgrade errors like:


Stale dependency: brasero-2.26.0_1 --> hal-0.5.11_23 -- manually run 'pkgdb -F' to fix, or specify -O to force.

In order to solve this errors, I had to exec:


freebsd# pkgdb -Fa

Then after each time fixing the pkgdb database run:


freebsd# pkgdb -Ffuv && portupgrade -afpRr -m BATCH=yes

Besides portupgrade, the upgrade can be done using other metdhology;

a) Using a few lines shell of bash scripting loop and pkg_info and pkg_add

b) Using pkgng

4. Binary all package upgrade using pkg_info, pkg_delete, pkg_add with a while shell loop

An alternative FreeBSD installed packages upgrade to latest is with standard BSD tools combined with few lines of shell of bash while loop.

This whole update approach is thoroughfully explained in this BSD forum thread .

The update method pointed by the forum can be done by issuing (preferrably in bash shell root console):


root # pkg_info -qoa > /root/packagelist
root # pkg_delete -a -f
root # rm -r -f /boot/modules /usr/local /var/db/pkg
root # while read PKG; do pkg_add -r $( basename ${PKG} ); done < /root/packagelist

The problem with this update approach is if some packages names are changed, some packages might not be able to be found by and (respectively) will fail to fetch and install with pkg_add -r. Thus I personally don’t recommend using this .update method as it is unsafe.

5. Completing packages BSD binary upgrade with pkgng (PKG Next Generation) tool

Install pkgng from respective port, e.g.:


freebsd# cd cd /usr/ports/ports-mgmt/pkg
....
....
/usr/local/man/man8/pkg-remove.8.gz -> /usr/local/man/man8/pkg-delete.8.gz
/usr/local/man/man8/pkg-static.8.gz -> /usr/local/man/man8/pkg.8.gz
===> pkg-static (install)
install -o root -g wheel -m 555 pkg-static /usr/local/sbin
If you are upgrading from the old package format, first run:
# pkg2ng
===> Running ldconfig
/sbin/ldconfig -m /usr/local/lib
===> Registering installation for pkg-1.0.1
===> Cleaning for pkg-1.0.1
freebsd# make install clean
....

Right after installing you can use it and upgrade packs:


freebsd# cp -rpf /usr/local/etc/pkg.conf.sample /usr/local/etc/pkg.conf
freebsd# pkg update
Updating repository catalogue
repo.txz 100% 13MB 771.3KB/s 1.3MB/s 00:17
freebsd# pkg upgrade -fy
...
freebsd# pkg-static update
....
freebsd# pkg-static upgrade -fy

,,,
,,,,

P.S. I tried the pkgng for my first time, for some weird reason I was unable to upgrade my packages with it on 1 host, though literally followed update instructions on Full binary upgrade with pkgng 1.0-beta7 – Bapt tutorial . If someone knows of a better tutorial how update can be done using pkgng drop me a comment or point me to a tutorial.
The overall all packages update experience for me wasn’t so nice as it took me too much of time to upgrade. I like BSD stability but when it comes to updates its a time eater …

Share this on

How to do world and kernel binary upgrade of FreeBSD 7.2 RELEASE to FreeBSD 9.0

Tuesday, October 2nd, 2012

FreeBSD 7.2 to FreeBSD 9.0 kernel world and kernel binary upgrade fbsd logo

1. Use FreeBSD upgrade with 9.0-RELEASE as an argument


freebsd# freebsd-update upgrade -r 9.0-RELEASE
....

Note that you will get on screen an error message like so:

The update metadata is correctly signed, but failed an integrity check.
Cowardly refusing to proceed any further.

You can safely ignore the message but anyways it is good to do following substitution in freebsd-update sript:

2. Patch freebsd-update script with sed


freebsd# sed -i '' -e 's/=_/=%@_/' /usr/sbin/freebsd-update
....

After that, run freebsd-update, one more time:


freebsd# freebsd-update upgrade -r 9.0-RELEASE
....

3. Confirm merges and changes from 7.2 to 9.0

Here during the upgrade you will be prompted for about 20-30 questions, which in most cases will be okay if you answer with yes. Most questions, are just notifications that in FreeBSD 9.0, some extra users were added some version release numbers are changed and the old files need to get merged with the new ones. It is good idea to read all the prompts and be sure to know what you’re doing before answering. Anyhow in my case I was quite in hurry so I simply did yes and q (to quit each of the diff notification screens pop-ping up after each yes answer.

4. Install all the freebsd-update upgrade fetched binaries

Once this process is completed you can safely install FBSD 9.0 kernel and world binaries:


freebsd# freebsd-update install
....

5. Restart the system to test if FreeBSD 9.0 RELEASE just installed new kernel boots

To test if all is okay with the update restart system:


# shutdown -r now
....

After system boots, do uname and uptime to assure system boots with 9.0 kernel:


freebsd# uptime
7:37PM up 2 days, 22:37, 1 user, load averages: 1.05, 1.02, 1.00
freebsd# uname -a;
FreeBSD freebsd 9.0-RELEASE-p3 FreeBSD 9.0-RELEASE-p3 #0: Tue Jun 12 01:47:53 UTC 2012 root@i386-builder.daemonology.net:/usr/obj/usr/src/sys/GENERIC i386
freebsd#

5. Finalize binary and world upgrade

Then to finalize the binary BSD world and kernel update once again issue:


freebsd# freebsd-update install
...
Please rebuild all installed 3rd party software (e.g., programs
installed from the ports tree) and then run
"/usr/sbin/freebsd-update install" again to
finish installing updates.


freebsd# freebsd-update install
....

That’s all FreeBSD 7.2 -> 9.0 (kernel and world) upgrade is succesful. After the upgrade some packages might not be working and you will have to check and manually update ports which are not working (due to linked to old FreeBSD 7.2 world libraries and so on). It is also good to upgrade all installed ports. I will explain how I did ports upgrade a separate article. Cheers 😉

Share this on