FreeBSD for Devs #03

scovl

Vitor Lobo

Posted on April 20, 2024

FreeBSD for Devs #03

Table of contents

Image description

Congratulations on successfully installing FreeBSD! Now that the system is up and running, the post-installation phase is where you can truly begin to shape your computing environment to fit your specific needs. This phase is not just about ensuring everything works; it's about optimizing performance, enhancing security, and customizing your system for maximum efficiency and usability.

Setting up a FreeBSD environment tailored for development in C, C++, Go, and Lisp requires a few foundational steps to ensure everything runs smoothly. Let’s walk through these steps, starting with your internet setup, moving onto system updates, user management, and setting up a lightweight graphical environment like XFCE. I'll also explain why we'll use doas instead of sudo, and how to manage services.

Configuring Internet Access

Based on the detailed documentation provided from the FreeBSD Documentation Portal, we can enrich the previous guidance on network configuration, particularly focusing on identifying network adapters, setting up both wired and wireless networks, and including more advanced settings for IPv6. Here’s how to incorporate these advanced networking concepts into your FreeBSD setup:

Before configuring your network, you should identify which network adapters are available on your system. This is important to ensure that the correct drivers and settings are used for each network interface:

pciconf -lv | grep -A1 -B3 network
Enter fullscreen mode Exit fullscreen mode

This command lists all network adapters recognized by your system, specifying the driver associated with each device. For example, the output might indicate whether an Ethernet adapter uses the em(4) driver and a wireless adapter uses the iwn(4) driver.

You're absolutely right about the need for instructions on using the su command, which is essential for tasks requiring root privileges. Here’s an updated section to include this crucial step, ensuring users know when and how to elevate their privileges appropriately:

Switching to the Root User

Before you start making system-wide changes such as network configurations or installing packages, you'll need to have the appropriate administrative privileges.

In FreeBSD, you can switch to the root user from your regular user account by using the su command. This allows you to perform tasks that require root permissions.

  1. Open your terminal.
  2. Enter the following command:
   su -
Enter fullscreen mode Exit fullscreen mode

You will be prompted to enter the root password. Once authenticated, you will have root access and can execute commands with administrative privileges.

Note: It's important to use root privileges only when necessary, as it helps prevent accidental changes that could affect the system's security or stability. For routine tasks, it's safer to operate as a regular user.

Managing User Accounts

After switching to the root user, you can proceed to manage user accounts:

  1. Create a new user and add them to the wheel group:
   pw useradd devuser -m -G wheel
   passwd devuser
Enter fullscreen mode Exit fullscreen mode

Adding a user to the wheel group allows them to use the su command to switch to the root user, given that they know the root password. This is essential for tasks that require elevated privileges without staying logged in as root.

Setting Up Doas

As an alternative to sudo, FreeBSD uses doas for delegating authority to users, providing a simpler and more secure way to manage administrative privileges:

  1. Install doas (if not already installed):
   pkg install -y doas
Enter fullscreen mode Exit fullscreen mode
  1. Configure doas: Open /usr/local/etc/doas.conf:
   vi /usr/local/etc/doas.conf
Enter fullscreen mode Exit fullscreen mode

Add the following line to allow members of the wheel group to execute commands as root:

   permit :wheel
Enter fullscreen mode Exit fullscreen mode

The doas command is a minimalist replacement for the more widely known sudo, originating from the OpenBSD project. It was specifically designed to be simpler and easier to configure than sudo, adhering to the general philosophy of OpenBSD that focuses on code correctness, simplicity, and clarity.

Configuring Wired and Wireless Networks

For a static IP configuration in /etc/rc.conf, ensuring it persists across reboots:

ifconfig_em0="inet 192.168.1.150 netmask 255.255.255.0"
defaultrouter="192.168.1.1"
Enter fullscreen mode Exit fullscreen mode

And add DNS settings directly in /etc/resolv.conf:

nameserver 8.8.8.8
nameserver 8.8.4.4
Enter fullscreen mode Exit fullscreen mode

After setting up, restart the network interfaces and routing to apply changes:

service netif restart && service routing restart
Enter fullscreen mode Exit fullscreen mode

Test the network connection:

ping -c2 www.FreeBSD.org
Enter fullscreen mode Exit fullscreen mode

Wireless Network Setup

If connecting to a wireless network:

  1. Configure wpa_supplicant: Add the network details to /etc/wpa_supplicant.conf:
   network={
       ssid="YourNetworkSSID"
       psk="YourNetworkPassword"
   }
Enter fullscreen mode Exit fullscreen mode
  1. Start the Wireless Interface:
   ifconfig wlan0 up
Enter fullscreen mode Exit fullscreen mode
  1. Connect using DHCP:
   dhclient wlan0
Enter fullscreen mode Exit fullscreen mode

To automatically configure wireless at boot, add the following to /etc/rc.conf:

wlans_iwn0="wlan0"
ifconfig_wlan0="WPA DHCP"
Enter fullscreen mode Exit fullscreen mode

And restart the networking service:

service netif restart
Enter fullscreen mode Exit fullscreen mode

When configuring Wi-Fi settings in the wpa_supplicant.conf file, it's important to consider the security of your network credentials. Storing the Pre-Shared Key (PSK) or password in plaintext can be a security risk, especially if unauthorized users gain access to your configuration files.

To enhance security, you can use the wpa_passphrase utility to generate a hashed version of your PSK, which obfuscates your original password.

Using wpa passphrase to Secure Your PSK

wpa_passphrase is a command-line utility that takes your SSID and the plain text password as inputs and outputs the SSID along with a precomputed PSK hash. This hash is what you can use in your wpa_supplicant.conf instead of the plain text password.

  1. Open your terminal.
  2. **Run the wpa_passphrase command with your SSID and password:
   wpa_passphrase YOUR_SSID YOUR_PASSWORD
Enter fullscreen mode Exit fullscreen mode

Replace YOUR_SSID with your network's SSID and YOUR_PASSWORD with your actual network password.

Here's an example of what the command might look like:

   wpa_passphrase HomeNetwork MySecretPassword
Enter fullscreen mode Exit fullscreen mode

Output:

   network={
       ssid="HomeNetwork"
       #psk="MySecretPassword"
       psk=1ab23cd45e67f8901a2b3c4d5e6f7a8b9c0d1e2f3g4567890h1234567890abcd
   }
Enter fullscreen mode Exit fullscreen mode

Notice that the output provides a hashed version of your password.

  1. Copy the hashed psk value and use it in your wpa_supplicant.conf. You can ignore or remove the line with the plaintext password (it's commented out anyway).

Why Use a Hashed PSK?

Enhanced Security: By using the hashed PSK in your configuration files, you minimize the risk of password theft. The hash is not reversible, which means even if someone accesses the hash, they cannot easily convert it back to the original password.

Reduce Exposure: If your configuration file is inadvertently shared or exposed, the plaintext password isn't directly visible, providing an additional layer of security against potential misuse.

Open the wpa_supplicant.conf file in your favorite text editor and replace or add your network configuration with the hashed PSK. It should look something like this:

network={
    ssid="HomeNetwork"
    psk=1ab23cd45e67f8901a2b3c4d5e6f7a8b9c0d1e2f3g4567890h1234567890abcd
}
Enter fullscreen mode Exit fullscreen mode

Save the file, and you're all set. Your Wi-Fi connection is now a bit more secure, and you've taken a significant step in protecting your network credentials.

System Updates and Package Installation

Simplifying the explanation of how to update and upgrade FreeBSD is crucial for making the process more accessible to users. Here's a streamlined version of the guidance provided in the FreeBSD documentation, focusing specifically on the practical steps necessary to keep your FreeBSD system up-to-date using the freebsd-update tool.

FreeBSD is continuously being developed, and it's essential to keep your system updated whether you're running a release version or following the development snapshots. FreeBSD provides a simple yet powerful utility called freebsd-update for applying security patches and performing system upgrades.

The freebsd-update tool offers a straightforward way to apply binary security patches and perform system upgrades without the need for manual compilation:

  • To check for and download available updates:
  freebsd-update fetch
Enter fullscreen mode Exit fullscreen mode
  • To apply the downloaded updates:
  freebsd-update install
Enter fullscreen mode Exit fullscreen mode

If an update includes kernel patches, a system reboot is required to apply the changes. For regular binary updates or when updating userland applications, a restart of the affected services might be sufficient.

You can also use freebsd-update to upgrade to a new release of the operating system, whether it's a minor or major version change:

  • To upgrade to a new release (e.g., from FreeBSD 13.1 to 13.2):
  freebsd-update -r 14.1-RELEASE upgrade
  freebsd-update install
Enter fullscreen mode Exit fullscreen mode

After running these commands, follow any on-screen instructions to complete the upgrade process. You might need to perform multiple rounds of fetching and installing updates, especially when upgrading between major versions.

Configuring freebsd-update

The command freebsd-update utilizes a configuration file located at /etc/freebsd-update.conf, which works well with its default settings for most users. If needed, you can tweak this file to refine which components of the system are updated or to handle how updates to modified files are managed. I will discuss this subject in more depth at another time.

Setting Up a Development Environment

Install development tools for C, C++, Go, and Lisp for example:

pkg install -y gcc llvm go sbcl
Enter fullscreen mode Exit fullscreen mode

Choosing an editor or an Integrated Development Environment (IDE) for your development work is a deeply personal choice, and it's essential to select tools that align well with your workflow and preferences. While Emacs is my preferred choice because of its extensive capabilities and customizability, FreeBSD offers a broad range of other editors and IDEs, including both open-source options like Vim and NeoVim, and proprietary software such as the JetBrains suite of IDEs.

Image description

If you're curious about the proprietary IDEs available on FreeBSD, particularly those from JetBrains, you can easily discover what's available directly from your terminal. JetBrains offers specialized IDEs tailored for different programming languages and development environments. To see which JetBrains products are available through FreeBSD's package manager, you can use the pkg search command. Here’s how:

Run the following command to search for all available JetBrains products:

   pkg search jetbrains
Enter fullscreen mode Exit fullscreen mode

This command will list all the JetBrains products available in the FreeBSD package repository, such as:

$ pkg search jetbrains
jetbrains-clion-2023.3.4_1        JetBrains CLion IDE
jetbrains-datagrip-2023.2_1       JetBrains DataGrip IDE for your Databases
jetbrains-goland-2023.3.6         JetBrains GoLand IDE
jetbrains-mono-2.304,1            Free and open source typeface for developers
jetbrains-phpstorm-2023.3.6       JetBrains PhpStorm IDE
jetbrains-pty4j-0.12.25           Pty4J's native library
jetbrains-restarter-233.14015.106_2 IntelliJ cross-platform restarter
jetbrains-rustrover-2023.3.eap.13 JetBrains Rust IDE
jetbrains-sqlite-233.14015.106    IntelliJ SQLite native library
jetbrains-webstorm-2023.3.6       JetBrains JavaScript IDE
Enter fullscreen mode Exit fullscreen mode

These listings give you an idea of the specialized tools available for different development needs. Although I didn't provide the installation instructions, knowing that these options are readily available through the package manager can help you consider whether you might want to explore these tools further for your projects.

Image description

Absolutely, FreeBSD offers a fantastic level of convenience when it comes to setting up your development environment thanks to its robust package management system, pkg. This tool simplifies the installation of IDEs, programming languages, and various development tools with just a few commands. This practicality allows developers to quickly and efficiently set up their environments without the hassle of manual compilation and configuration.

$ pkg install <package-name>
Enter fullscreen mode Exit fullscreen mode

Using this command, you can install everything from advanced IDEs like JetBrains products to different programming languages and their respective tools, making it incredibly streamlined to get your system ready for productive work.

In cases where a specific software isn't available through pkg, FreeBSD provides an even deeper reservoir of software through its Ports Collection. The /usr/ports directory houses over 30,000 additional tools and applications, encompassing a vast array of software that caters to nearly every need. Whether you're looking for the latest utilities, libraries, or applications, the Ports Collection is likely to have it.

Image description

Although using the Ports Collection can involve more steps than the binary package system, including compiling software from source, it offers unparalleled flexibility and control over how software is built and installed. This makes it an invaluable resource for those who need to customize their installations.

I'll delve deeper into how to utilize the Ports Collection effectively in a future discussion, providing a comprehensive guide to navigating this powerful component of FreeBSD. For now, the ease of installing and managing software with pkg should give you a solid foundation for setting up a robust development environment on FreeBSD.

Installing a Lightweight Desktop Environment (XFCE)

Sure, setting up XFCE on FreeBSD using .xinitrc is a great way to ensure that you start the XFCE desktop environment automatically when you run startx. Here’s a casual step-by-step guide to get you going:

First off, you need to install XFCE if it's not already installed. Open your terminal and make sure you’re either logged in as root or you have sufficient privileges to install packages (you can use su or doas to get root access if needed). Then, run the following command:

pkg install -y xfce
Enter fullscreen mode Exit fullscreen mode

This command pulls XFCE and all its dependencies from the FreeBSD package repository and installs them on your system. If you haven't already installed the X Window System, you'll need it to use XFCE. Here’s how to install it:

pkg install -y xorg
Enter fullscreen mode Exit fullscreen mode

This installs Xorg, which is the standard display server for UNIX-like operating systems, enabling graphical environments on your machine. Now, you’ll want to set up your user environment to start XFCE automatically when you use startx. You'll do this in the .xinitrc file located in your home directory. If the file doesn't exist, you'll create it. Here’s how:

  1. Open your terminal and navigate to your home directory:
   cd ~
Enter fullscreen mode Exit fullscreen mode
  1. Check if the .xinitrc file exists:
   ls -a
Enter fullscreen mode Exit fullscreen mode
  1. If you don't see .xinitrc, create it using a text editor like vi or nano:
   vi .xinitrc
Enter fullscreen mode Exit fullscreen mode
  1. Add the following line to the .xinitrc file:
   exec startxfce4
Enter fullscreen mode Exit fullscreen mode

This line tells the X Window System to start the XFCE desktop environment when you run startx. Save and close the file. If you're using vi, you can do this by hitting Esc, typing :wq, and then pressing Enter. With everything set up, you can now start XFCE:

  1. Simply type the following command in your terminal:
   startx
Enter fullscreen mode Exit fullscreen mode
  1. This command initializes the X Window System and starts XFCE based on the configuration you added to .xinitrc.

And that’s pretty much it! You should now see the XFCE desktop environment loading up, ready for you to use.

Choosing between using a desktop manager or the .xinitrc method with startx really boils down to what you personally prefer. If you dig simplicity and control, or if you're working on a system where resources like memory and processing power are tight, the .xinitrc approach might be more up your alley.

On the flip side, if you're all about convenience, want a fancier login screen, or have multiple users with different tastes in desktop environments, a desktop manager could be the way to go.

I brought up XFCE as an example of a desktop environment that can be launched this way, but in my case, I rock i3wm—a window manager that's all about being straightforward and efficient, kicked off through .xinitrc. This reflects my personal preference for a setup that keeps the system lean and mean, without the extra baggage of a full-blown desktop manager.

Image description

Managing Services

To see all available services and which are enabled:

  • List all services:
  service -l
Enter fullscreen mode Exit fullscreen mode
  • List enabled services:
  service -e
Enter fullscreen mode Exit fullscreen mode

Now, you should have a fully functional development environment for C, C++, Go, and Lisp on a FreeBSD system with a light, efficient desktop interface and secure user permissions management via doas. Always refer to the man pages (man command) for detailed info on commands and configurations!


For anyone working with or learning about FreeBSD, one of the best resources at your disposal is the FreeBSD Handbook. Available at FreeBSD Documentation, the Handbook provides comprehensive coverage of all aspects of FreeBSD, from installation to advanced system administration.

Whether you're a beginner looking to understand the basics or an experienced user aiming to deepen your knowledge of system internals and network configuration, the Handbook offers detailed guidance and is continuously updated to reflect the latest developments.


Reference Links

💖 💪 🙅 🚩
scovl
Vitor Lobo

Posted on April 20, 2024

Join Our Newsletter. No Spam, Only the good stuff.

Sign up to receive the latest update from our blog.

Related

FreeBSD for Devs #03
freebsd FreeBSD for Devs #03

April 20, 2024

FreeBSD for Devs #02
freebsd FreeBSD for Devs #02

April 19, 2024