FreeBSD

Installing FreeBSD on a Raspberry Pi.

FreeBSD is not a official Linux type of distribution.

FreeBSD
=====================================================================================================================================================
https://www.freebsd.org/where.html
https://download.freebsd.org/ftp/releases/ISO-IMAGES/12.2/
https://download.freebsd.org/ftp/releases/ISO-IMAGES/12.2/FreeBSD-12.2-RELEASE-arm-armv6-RPI-B.img.xz
https://download.freebsd.org/ftp/releases/ISO-IMAGES/12.2/FreeBSD-12.2-RELEASE-arm-armv7-RPI2.img.xz
https://download.freebsd.org/ftp/releases/ISO-IMAGES/12.2/FreeBSD-12.2-RELEASE-arm64-aarch64-RPI3.img.xz
https://www.freebsd.org/doc/handbook/
==================================================================================================================
===================================
Username: freebsd
Password: freebsd (initial password)

Username: root
Password: root (initial password)
===================================

su -
Password: root

###bsdinstall

 

bsdconfig Timezone; Networking Management:hostname, ip-address, gateway, DNS; Startup - startup-services: Enable ntpd,ntpdate,sshd DISABLE:motd

Disable direct root login (not with keys):
passwd root
passwd freebsd

ssh-keygen
cd .ssh
vi authorized_keys
chmod 400 authorized_keys
(Connect via ssh from remote system)
cat <SourceSystem>:/root/.ssh/id_rsa.pub > <TargetSystem>:/root/.ssh/authorized_keys


vi /etc/ssh/sshd_config
#PermitRootLogin prohibit-password
PermitRootLogin yes
#VersionAddendum none
#Banner none

service sshd reload


> motd

freebsd-update fetch
freebsd-update install

pkg update
pkg upgrade


pkg install -y wget autoconf automake gmake gettext gcc openssl net-snmp p5-Net-SNMP-Util bind-tools dtrace-toolkit
pkg install -y sudo libmcrypt git lsof nmap arp-scan zip unzip mcrypt msmtp mailutils mutt iperf screen expect


pw groupadd pi -g 1000
pw useradd pi -u 1000 -g pi -G staff,wheel -c "Default pi user" -d /home/pi -m
passwd pi


###pkg clean -a && pkg upgrade -f

 

====================================================================================================================================
pkg info

pkg update: update the depository sources
pkg upgrade: upgrade the packages you are already using on the system
pkg search <string>: find the package you want to install, example:
pkg install <package>: install the package you want, example: pkg install nano
pkg remove <package>: uninstall any package on the system
pkg help: get a list of all other options available

====================================================================================================================================

vi /etc/fstab
proc /proc procfs rw 0 0

Update sudoers

ln -s /usr/local/etc/sudoers /etc/sudoers
ln -s /usr/local/bin/bash /bin/bash

root@sandbox:/etc # cat rc.conf
hostname="sandbox"
ifconfig_DEFAULT="DHCP"
sshd_enable="YES"
sendmail_enable="NONE"
sendmail_submit_enable="NO"
sendmail_outbound_enable="NO"
sendmail_msp_queue_enable="NO"
growfs_enable="YES"
ifconfig_ue0="inet 192.168.178.## netmask 255.255.255.0"
defaultrouter="192.168.178.1"
ntpd_enable="YES"
ntpdate_enable="YES"
update_motd="NO"

root@sandbox:/etc # cat resolv.conf
# Generated by resolvconf
nameserver 208.67.222.222
nameserver 208.67.220.220


vi /etc/hosts (disable all ip6 lines)
127.0.0.1 localhost

......

.....
#::1 localhost ip6-localhost ip6-loopback
#ff02::1 ip6-allnodes
#ff02::2 ip6-allrouters
#127.0.1.1

 

==================================================================================================================
vi /etc/sysctl.conf
#vm.swappiness=1
#vm.min_free_kbytes=16384

service sysctl reload
sysctl -a (lists all settings)

pkg install freecolor
freecolor -t -m -o
echo "/usr/local/bin/freecolor -t -m -o" > /usr/local/bin/free
chmod 755 /usr/local/bin/free
ln -s /usr/local/bin/free /bin/free
ln -s /usr/local/bin/sudo /bin/sudo

freebsd-version
sysctl -a hw.model

ps -auxw


==================================================================================================================

shutdown -r now

=========================================================================================================

NRPE/NSCA client:
pw groupadd nagios -g 5666
pw useradd nagios -u 5666 -g nagios -c "Nagios user for monitoring" -d /usr/local/nagios -m


mkdir /usr/local/nagios
mkdir /usr/local/nagios/etc
mkdir /usr/local/nagios/etc/inputs
mkdir /usr/local/nagios/tmp
mkdir /usr/local/nagios/bin
mkdir /usr/local/nagios/libexec
mkdir /usr/local/nagios/libexec/ak72
mkdir /usr/local/nagios/var
mkdir /usr/local/nagios/var/tmp
chown -R nagios:nagios /usr/local/nagios

pkg install procenv procmap


Nagios plugins:
tar zxvf nagios-plugins-2.3.3.tar.gz
cd ../nagios-plugins-2.#.#
./configure --with-nagios-user=nagios --with-nagios-group=nagios
make


check_load.c: In function 'cmpstringp':
../config.h:1999:58: error: 'procjid' undeclared (first use in this function); did you mean 'procpid'?
1999 | #define PS_VARLIST procstat,&procuid,&procpid,&procppid,&procjid,&procvsz,&procrss,&procpcpu,procprog,&pos
*** Error code 1
Stop.
make[2]: stopped in /root/nagios-plugins-2.3.3/plugins
*** Error code 1
*** Error code 1

vi config.h delete "&procjid," entry
/* Variable list for sscanf of 'ps' output */
#define PS_VARLIST procstat,&procuid,&procpid,&procppid,&procvsz,&procrss,&procpcpu,procprog,&pos

make

make install

cp -p /usr/local/nagios/libexec/check_http /usr/local/nagios/libexec/check_https
chown -R nagios:nagios /usr/local/nagios

NRPE Client:
tar zxvf nrpe-4.#.#.tar.gz
./configure
make all
make install
make install-config
make install-init
(/lib/systemd/system/nrpe.service)

service nrpe start

 

NSCA Client:

tar zxvf nsca-2.#.#.tar.gz
./configure
make all

#cp -p src/nsca /usr/local/nagios/bin/
#chown nagios:nagios /usr/local/nagios/bin/nsca

cp -p src/send_nsca /usr/local/nagios/libexec/
chown nagios:nagios /usr/local/nagios/libexec/send_nsca

#cp -p sample-config/nsca.cfg /usr/local/nagios/etc/
#chown nagios:nagios /usr/local/nagios/etc/nsca.cfg
#chmod 600 /usr/local/nagios/etc/nsca.cfg

scp -p unix4life:/usr/local/nagios/libexec/send_nsca.cfg <remotehost>:/usr/local/nagios/libexec/send_nsca.cfg
scp -p unix4life:/usr/local/nagios/etc/nrpe.cfg redberry:/usr/local/nagios/etc/
scp -p -r unix4life:/usr/local/nagios/libexec/eventhandlers redberry:/usr/local/nagios/libexec/
scp -p -r unix4life:/usr/local/nagios/libexec/ak72 redberry:/usr/local/nagios/libexec/

cp -p /usr/local/nagios/libexec/check_procs /usr/local/nagios/libexec/check_procs_OFF
cp -p /usr/local/nagios/libexec/ak72/ps_mon /usr/local/nagios/libexec/check_procs


chown -R nagios:nagios /usr/local/nagios

==================================================================================================================


Rsyslog config
vi /etc/rsyslog.conf => is now done via /etc/systemd/journald.conf

vi /etc/systemd/journald.conf
#Storage=none
MaxLevelStore=warning
MaxLevelSyslog=warning
MaxLevelKMsg=warning
MaxLevelConsole=warning

vi /etc/audit/auditd.conf
#write_logs = yes
write_logs = no
log_file = /var/log/audit/audit.log

service auditd reload

scp -p unix4life:/root/Check_cache_memory.ksh redberry:

Crontab:
crontab crontab_redberry
crontab -l


#Speedtest:
#download: ookla-speedtest-1.0.0-armhf-linux.tgz
#tar zxvf ookla-speedtest-1.0.0-armhf-linux.tgz
#mv speedtest /usr/bin/

==================================================================================================================
sysstat
http://pagesperso-orange.fr/sebastien.godard/

tar xf sysstat.....xz
cd sysstat...
./configure --prefix=/usr
make
make install

mkdir /var/log/sysstat
ln -s /usr/lib/sa /usr/lib/sysstat

scp -p unix4life:/etc/cron.d/sysstat redberry:/etc/cron.d/
scp -p unix4life:/etc/cron.daily/sysstat redberry:/etc/cron.daily/
scp -p unix4life:/etc/sysstat/sysstat redberry:/etc/sysconfig/

(in /etc/rc.d/rc.local enable the mount command)
mount -t tmpfs -o size=10M tmpfs /var/log/sysstat/
sleep 1
restorecon /var/log/sysstat => Important SELinux!!!


==================================================================================================================

Configure mail:
touch /etc/msmtprc
chmod 640 /etc/msmtprc

vi /etc/msmtprc
# Gmail specifics
# Accounts will inherit settings from this section
defaults
auth on
tls on
tls_certcheck off
# tls_trust_file /etc/ssl/certs/ca-certificates.crt
logfile /var/log/msmtp.log
aliases /etc/aliases
# Gmail specifics
account gmail
host smtp.gmail.com
port 587
from <info@FQDN>
user <username>@gmail.com
password <Password>
# Default
account default : gmail


##########TOT HIER##################
portsnap fetch
portsnap update
f.e. : cd /usr/ports/misc/raspberrypi-userland/ ; make install

 

  Donate now via the Paypal button on the top in US Dollar and on the bottom in Euro