If you've never tried FreeBSD, take a few minutes now -- you might be surprised
InfoWorld|Dec 15, 2014
Among the legions of Linux users and admins, there seems to be a sort of
passive curiosity about FreeBSD and other *BSDs. Like commuters on a
packed train, they gaze out at a less crowded, vaguely mysterious train
heading in a slightly different direction and wonder what traveling on
that train might be like -- for a moment. The few who cross over find
themselves in a place that is equal parts familiar and foreign. And the
strange parts can be scary.
Practical advice for you to take full advantage of the benefits of APM and keep your IT environment Learn More
For those who've known only Linux, FreeBSD has places of darkness and
confusion. But if you know what they are going in, it's easy enough to
get past them. I've been a BSD guy since the heady days of BSDi and
SunOS, so let me give you a brief introduction. You might be surprised
at how much you like it.
First off, modern FreeBSD does not automatically mean you need to
compile everything. While old habits die hard and many veteran FreeBSD
users still build their entire OS from source, most FreeBSD users these
days opt for binary installs and package installation. It’s faster, of
course, and the benefits of custom compilation are fewer on newer
hardware.
The easiest way to get a test FreeBSD box up and running is to download a boot-only ISO
and fire up a VM. FreeBSD is available in production and legacy
releases, not unlike Ubuntu’s LTS scheme. FreeBSD 8.4-Release and
9.3-Release are considered legacy, while 10.1-Release is production. If
you want to be as current as possible, go with 10.1, but 9.3-Release
should be good for most everyone. This brief walkthrough is based on
9.3.
Boot from the boot-only ISO and you’ll soon see an install screen. You
can boot the LiveCD version, grab a shell, or install FreeBSD.
Let’s install it. Set the keyboard, pick a host name, and take the
defaults on the distribution selection dialog. This will install a basic
system with the ports tree, which we might want to have for custom
compilations later. Next, we set up a NIC to download the install
packages, which should be self-explanatory, then choose a mirror site --
the closer the better.
Next comes disk partitioning. This is where some Linux users get the
willies; FreeBSD is different enough from Linux to throw them for a
loop. Fundamentally, however, it’s the same: We define partitions and
configure swap and mount points. We can even configure labels and use
ZFS, but for this test, let’s select guided partitioning. This will set
up a boot partition, swap partition, and a main partition mounted as
root.
Once the partitions have been formatted, the installer will pull down
the distribution files and install them on the disk. On a reasonably
fast Internet connection, this will take a surprisingly short period of
time — only a few minutes on a 20Mb circuit. You can set the root
password, time zone, and a few startup options (take the default to have
sshd start), and add a user or two if you like (note that root login
via SSH is disabled by default). Then exit and reboot into your fresh
FreeBSD installation.
After the reboot, log in as root, or as a user and su to root, and do some basic housekeeping. First, run freebsd-update fetch
to download all the update patches. In a minute or two, you’ll see a
list of what files will be updated to bring the system to current. Now
run freebsd-update install to install the patches. Boom, you’re current.
Now, let’s install software we might need. We’ll be using pkgng, the
newer FreeBSD package management system. You’ll find it very easy to
use. Run pkg, and you’ll be prompted to install pkgng. Now run pkg update. Then pkg search bash to see a list of packages matching the string bash. We can install the bash shell with pkg install bash. We can install anything else the same way. If we want to install a LAMP stack and Perl, we would issue pkg install apache24 php5 mod_php5 mysql55-server php5-mysql perl5. Look familiar? Note that you could as easily install PHP 5.3, 5.4, 5.5, or 5.6, or MySQL 5.1, 5.5, or 5.6.
When we install these packages, they install by default under
/usr/local. This includes the startup scripts, which will be in
/usr/local/etc/rc.d/. Configurations are usually in /usr/local/etc, and
binaries in /usr/local/bin. Core system utilities like ssh and bind,
however, will be under /usr, with configurations in /etc.
Of utmost importance in FreeBSD is /etc/rc.conf. This is where the bulk
of basic system configuration is handled; it's also where we set
interface IP addresses and tell the system what services to start. You
can’t really install and start a system service with FreeBSD without
also enabling it in /etc/rc.conf. This tends to result in fewer problems
with services that don’t start on reboot because an admin forgot to set
them that way. If you set apache24_enable=“YES” in
/etc/rc.conf, then Apache will start at boot and manually from the
shell, but if you don’t set that, Apache won’t start either way (well,
unless you start it with /usr/local/etc/rc.d/apache24 onestart).
You can also set variables like socket file locations and command-line
parameters in /etc/rc.conf. All of your other daemons will behave this
way — it’s a one-stop shop for system configuration.
Then there’s pf, the fantastic FreeBSD firewall. Have a look at
/usr/share/examples/pf/pf.conf, copy it to /etc/pf.conf, and modify it
as needed. You’ll find it much simpler than iptables. The example file
shows how to do NAT, port redirection, and basic firewalling, and how to
permit traffic to reach certain ports. It really doesn’t get much
easier than pass in on $ext_if proto tcp to ($ext_if) port ssh, or adding IP addresses and subnets to definable tables and referencing them with single rule. Seriously, pf is fantastic.
Oh, and ports — the part that tends to concern Linux-only folks. The
FreeBSD ports and packages collection is a hierarchy of all software
available via the FreeBSD project. Organized into logical groups (lang,
www, mail, shells, security, and so forth), ports allows you to build
and install any of that software from source.
We already installed the ports collection, but we might as well get it up to date. Run portsnap fetch to download the latest ports snapshot, then portsnap extract to update the entirety of the ports tree.
To build a package, you only need to navigate into the ports subdirectory and issue make.
However, because we’re also using pkgng, we need to tie the two
together if we need to install from ports instead of pkgng. Edit
/etc/make.conf and add the line WITH_PKGNG="yes".
Generally speaking, we would only build from ports if the package
available from pkgng is missing compile-time options. For instance, we
might need package foo compiled with libbar support, but the foo package
does not have libbar support by default. Thus, we would find foo under
/usr/ports and issue make, which would prompt us for
compile-time options. We’d select libbar support, and the package and
all dependencies would be built. Then running make install would install foo, and pkgng would know all about it. Running pkg info foo would give us all that information.
There’s plenty more to FreeBSD than this short intro, such as enabling
Linux software compatibility and using ZFS, but perhaps this glimpse
across the tracks is enough to convince a few Linux-only folks to take a
walk on the other side. There’s an awful lot to like about FreeBSD, and
it’s not as scary as you might think.
Credit:
Thinkstock
No comments:
Post a Comment