Monthly Archives: October 2008

Run named within FreeBSD Jail

I spent some time this afternoon trying to setup named (BIND 9.5) within a FreeBSD jail for internal use.  I ran into an issue where it was unable to mount devfs and failed on me.  After a little bit of digging I found a solution.

This is the error that was reported (see link):

/etc/rc.d/named: WARNING: devfs_domount(): Unable to mount devfs on /var/named/dev
devfs rule: ioctl DEVFSIO_RAPPLY: Operation not permitted
devfs rule: ioctl DEVFSIO_RAPPLY: Operation not permitted

In a nutshell, add the following line to the jail /etc/rc.conf and you should be OK.

named_chrootdir=""

Yes, this means that you’re not running named within a chroot like it would by default but remember its in a jail anyway–a really fancy, hardened chroot.

Restrict Edit-Access to MediaWiki

I setup a personal wiki some time ago but it quickly was overrun by spam.  Just about the point that I considered abandoning it altogether I figured out how to restrict edit access.  This post, more than anything, is a note to myself… but as always it’ll end up on the Google machine and hopefully help someone else.

The following changes should be added (anywhere) to your LocalSettings.php.

Restrict anonymous editing:
$wgGroupPermissions['*']['edit'] = false;

Restrict editing by all non-sysop users:
$wgGroupPermissions['*']['edit'] = false;
$wgGroupPermissions['user']['edit'] = false;
$wgGroupPermissions['sysop']['edit'] = true;

Restrict editing by absolutely everyone:
$wgGroupPermissions['*']['edit'] = false;
$wgGroupPermissions['user']['edit'] = false;
$wgGroupPermissions['sysop']['edit'] = false;

Here’s to less spam on the interweb!

FreeBSD 7.0 – Wireless Encyption With WPA-PSK

Why is it that wireless is the “killer-app” of hardware on the *NIX platforms?  I remember spending hours and hours getting it working via ndiswrapper on Ubuntu back in the day.  Luckily its simple to get working in FreeBSD 7.0, and adding WPA encryption is just a few more steps.

Here I’ll outline what I’ve added to get WPA-PSK working on FreeBSD 7.0 on my Dell Latitude D630.

First, if you are not using the default GENERIC kernel you’ll need to load some encryption modules.

You’ll want to load the following by adding the lines to your /boot/loader.conf:

wlan_ccmp_load=”YES”
wlan_tkip_load=”YES”
wlan_wep_load=”YES”
wlan_xauth_load=”YES”
wlan_acl_load=”YES”

If you are using the default GENERIC kernel these are already included so you can skip right on to the next step.

You’ll need to configure wpa_supplicant with your ssid, key type and pre-shared key.  This is an example of what my config looks like using WPA-PSK from my netgear wireless router:

network={
ssid=”ssid-name”
key_mgmt=WPA-PSK
psk=”pre-shared-key”
}

I also added this line to my /etc/rc.conf to automate the connection process:

ifconfig_wpi0=”WPA DHCP”

Hope it works for you as well.  Good luck!

FreeBSD 7.0 – Finding and Loading the Correct Sound Driver

After getting my desktop setup (following these steps) I realized that I didn’t have working sound.  It took me a bit of digging around and help from IRC to find out how.  I hope to make this a bit easier for others by getting it on the web and into the infinite wisdom of Google.

First of all you need to find the right module.  The method that I used initially was a bit of a shotgun approach, but it ended up telling me the right module in the end.

If you’re coming from Linux you might be familiar with the ‘modprobe’ tool for adding and removing modules from your kernel.  In FreeBSD this tool is ‘kldload’.  So, what we’ll do is load the ‘snd_driver’ module, which will end up telling us which one.  This may take some time and your machine may be unresponsive for a few moments.  Don’t panic (…unless, of course, it remains unresponsive for more than five-minutes).

kldload snd_driver

cat /dev/sndstat

On my machine I get the following output, which tells me I should use the ‘snd_hda’ module.

FreeBSD Audio Driver (newpcm: 32bit 2007061600/i386)
Installed devices:
pcm0: <Intel 82801H High Definition Audio Controller> at memory 0xf6dfc000 irq 21 kld snd_hda [20071129_0050] [MPSAFE] (1p:1v/1r:1v channels duplex default)

To autoload this module at boot time you’ll want to add the module to your /boot/loader.conf file:

snd_hda_load=”YES”

If your output reports a different module the syntax is still the same.  module_name_load=”YES”

Unfortunately, on the D630 and D830, this only activates sound from the headphones but not the built in speakers.  A workaround(?) that I found was to add another line to activate the built in speakers.  The following line goes in your /boot/device.hints file.

hint.pcm.0.config=”gpio0,gpio1,gpio2,gpio3,gpio4,gpio5,gpio6,gpio7″

note: I don’t know which of the gpioX values actually does the trick, but leaving all of them in doesn’t seem to negatively affect anything.  If anyone knows which value(s) actually does the job I’d appreciate the help.  (I haven’t had the time to try each one or a combination, followed by reboots, to test.)

FreeBSD 7.0 – Update The Boot Delay (Faster Boot)

By default FreeBSD sets a ten second delay during the boot process allowing the user to select alternate boot options.  Options such as single user mode, recovery, etc.  If you’d like to change this boot delay to something more reasonable you can add the following to your /boot/loader.conf:

autoboot_delay=X

I’ve set mine to two seconds (autoboot_delay=2) as I feel that is reasonable to give me time if I need it, but not sit and count down if I don’t.  If you’d like to bypass this menu altogether you can set the value to “-1″.

Putting Beastie Back In The Boot Menu

If you’ve used FreeBSD in the past you’re likely familiar with the mascot, Beastie.  In the past Beastie was part of the boot menu, but recently he was replaced with a simple FREEBSD text image.  To put Beastie back in the menu you can add the following to your /boot/loader.conf:

loader_logo=”beastiebw”

Next time you reboot you’ll see something a little more fun than the generic FreeBSD text.

Dell Latitude D630 – FreeBSD – Wireless (ipw3945)

Activating the wireless on your Dell Latitude D630 is fairly easy. For whatever reason its not supported in the default generic kernel, but all it takes is adding a few lines to a config file. A added the following lines to the /boot/loader.conf:

if_wpi_load=”YES”
wlan_load=”YES”
wlan_amrr_load=”YES”
firmware_load=”YES”
wpifw_load=”YES”
legal.intel_wpi.license_ack=1

These steps are also outlined in the wpi man page (man wpi). It tells you exactly the lines that need to go into the /boot/loader.conf. So, if you ever happen to forget again, at least that much of the instructions are on your machine (assuming you have man pages installed.)

At this point you should be able to reboot and be able to use your wireless. I use the following commands to activate and connect to an access point:

ifconfig wpi0 up
ifconfig wpi0 list scan
ifconfig wpi0 ssid [broadcast ID]
dhclient wpi0

I’ve had good luck with the wireless so far, outside of a few times when the device seems to have just switched itself off. In those cases I simply repeat the above steps after issuing a “ifconfig wpi0 down”.

Dell Latitude D630 – FreeBSD 7.0 – SLiM – OpenBox – Firefox 3

Last you heard from me I was trying out FreeBSD 7.0 and mentioned that I would try to write down some of the things that I’d learned.  For this post I thought I’d outline the steps I took to do my installation, including getting all the goodies working (wireless, sound, etc).  This guide is hardware-specific to the Dell Latitude D630.

Installation

To begin the installation I used the steps outlined on this post (USB based installation).  I used the entire drive and partitioned as follows:

  • 512M /
  • 2G swap
  • 2G /var
  • 1G /tmp
  • [remaining] /usr

I then selected the “Minimal” option, for a base install around 200M.  I did add Linux compatibility when prompted, also added SSH login and customized the terminal options to “SWISS” for a slightly better console resolution.  I set my timezone appropriately, selected any remaining defaults and reboot the machine.

At this point you’ll have a very bare system, so you’ll want to add a few more things.  We’ll launch ‘sysinstall’ to re-enter the installation manager and add a few more goodies.

Inside the default sysinstall screen you’ll want to select “Configure”.  Select “Media” to point the installer to the available data.  In my case, as I used the USB based installation I selected MSDOS partition.  After this select “Distributions”.  From here I added “man” and “ports”, which installs the man pages and the ports collection.  You can add other options as needed, but this was the base set I installed.

Ports Collection

Now one of the big reasons that I like FreeBSD is the ability to really customize your base system.  You can select just what you want to install toward the type of system you’re going to build.  Now before we start installing from ports we’ll want to update our ports collection.  The ports that we installed is from the base installer which, at this point, is out of date.  Unless you want to upgrade your ports (meaning you’ll get to recompile them *again*) you’ll want to update the ports tree now.

There are two methods available for updating your ports tree.  You can use ‘portsnap’ or ‘cvsup’.  The differences, as I understand them, are that ‘portsnap’ will download the latest snapshot of the ports and extract them whereas ‘cvsup’ will manage your collection via cvs.  I prefer the cvsup method because future ports updates are only incremental saving time and bandwidth.

I’ll outline both methods below.

To use the portsnap method use the command:

portsnap fetch && portsnap extract

To use the cvsup method we’ll first need to install that utility.  This can be done using:

cd /usr/ports/net/cvsup-without-gui && make install clean

When this is finished you can update the ports collection using:

cvsup -L2 -g -h cvsup.freebsd.org /usr/share/examples/cvsup/ports-supfile

This may take a while depending on your bandwidth, but when its finished you should have the latest snapshot of the ports collection.  At this point anything else you install should be the latest.

Building The Desktop

Below I’ll simply outline the commands I used to install some basic tools and get the minimalist desktop environment put together.  The installer may prompt you with build options.  Those are up to you.  If you have no idea, the defaults are likely safe.

First I installed a more comfortable shell environment, bash.

cd /usr/ports/shells/bash && make install clean

cd /usr/portsr/shells/bash-completion && make install clean

Add the following to your ~/.bashrc file:

if [ -f /usr/local/etc/bash_completion ]; then
source /usr/local/etc/bash_completion
fi

Lastly I update the user shell to bash.

chsh -s bash

I’d also like an improved editor, vim.

cd /usr/ports/editors/vim-lite && make install clean

Once I’ve got my preferred editor and shell installed I move on to the X server with xorg.

cd /usr/ports/x11/xorg && make install clean

This build, on my C2D, 2G RAM machine takes over an hour.  YMMV, of course.

After xorg is installed you’ll need to configure it.  I’ve had good luck with the “X -configure” tool.  Try to auto-configure X and test that configuration using the following commands:

X -configure

X -config xorg.conf.new

note: to exit the second command (assuming it worked as expected) is ctrl-alt-bkspace.

If you get a working X server with a movable mouse cursor you’ll need to copy this config file into place:

cp xorg.conf.new /etc/X11/xorg.conf

We can now add the graphical login manager, SLiM:

cd /usr/ports/x11/slim && make install clean

To activate SLiM at boot time you’ll want to add the following to the /etc/rc.conf:

slim_enable=”YES”

We’ll add the minimal window manager, OpenBox next:

cd /usr/ports/x11-wm/openbox && make install clean

To have SLiM launch OpenBox upon successful login you’ll need to add the following to your .xinitrc:

exec openbox-session

Lastly I added a web browser, firefox3 and I’m covered.

cd /usr/ports/www/firefox3 && make install clean

Your mileage and tastes may vary, of course, but these are the steps that I followed to get a minimal, keyboard driven, desktop environment.

My next post will outline activating wireless for the ipw3495 card.

How To Install FreeBSD 7.x From USB

I have the horrible habit of not putting a label on a CD after I’ve burned it.  This leads to having a stack of CDs and not knowing which does what.  This was my problem recently when installing FreeBSD, so I decided to start using USB based installations where possible.  I prefer the multiple-write capability of USB, and this way I don’t waste CDs.

Step one is to download a modified unetbootin utility particularly for FreeBSD.  You can get .rpm, .deb, .exe or .sh for both 32 and 64bit here.  I went with the 32bit .sh file.  BE CAREFUL WITH THE PACKAGED VERSIONS AS IT SEEMS THEY DEFAULT TO WRITING TO YOUR LOCAL DISK!

Once you have the unetbootin utility downloaded you’ll want to write the data to your USB drive.  This is done using the command:

chmod +x unetbootin-freebsd70*.sh

./unetbootin-freebsd70*.sh installmode=usbdrive targetpartition=/dev/sdX1 formatpartition=yes|no

Be sure you know which /dev entry your USB drive is connected to and don’t overwrite your existing boot loader on your main disk.  The last option, “formatpartition” can be a yes or no.

This will take a minute, and when its done you should have a bootable FreeBSD 7.0 usb disk.  If you are able to do FTP based installation you’re ready to go at this point.

Now if you’d like to be able to do the full installation from the USB as well you’ll want to copy the contents of the .iso onto the same drive.  If you don’t have an .iso you can find one here.

To copy the contents of the .iso to the USB drive I did something like this:

sudo mount -o loop 7.0-RELEASE-i386-disc1.iso /mnt/

sudo mount /dev/sdX1 /media/disk (this should auto-mount if you re-plug the USB drive)

sudo cp -RvLu /mnt/* /media/disk/

When this is done you should have the contents of the FreeBSD install CD on your USB drive.  When prompted for the install type specify MSDOS partition and you’re set.

I will likely post some more FreeBSD tips based on more of my notes.