FreeBSD for Devs #03
Vitor Lobo
Posted on April 20, 2024
Table of contents
- Configuring Internet Access
- Switching to the Root User
- Managing User Accounts
- Setting Up Doas
- Configuring Wired and Wireless Networks
- Wireless Network Setup
- System Updates and Package Installation
- Setting Up a Development Environment
- Installing a Lightweight Desktop Environment (XFCE)
- Managing Services
Congratulations on successfully installing FreeBSD! Now that the system is up and running, the post-installation phase is where you can truly begin to shape your computing environment to fit your specific needs. This phase is not just about ensuring everything works; it's about optimizing performance, enhancing security, and customizing your system for maximum efficiency and usability.
Setting up a FreeBSD environment tailored for development in C, C++, Go, and Lisp requires a few foundational steps to ensure everything runs smoothly. Let’s walk through these steps, starting with your internet setup, moving onto system updates, user management, and setting up a lightweight graphical environment like XFCE. I'll also explain why we'll use doas
instead of sudo
, and how to manage services.
Configuring Internet Access
Based on the detailed documentation provided from the FreeBSD Documentation Portal, we can enrich the previous guidance on network configuration, particularly focusing on identifying network adapters, setting up both wired and wireless networks, and including more advanced settings for IPv6. Here’s how to incorporate these advanced networking concepts into your FreeBSD setup:
Before configuring your network, you should identify which network adapters are available on your system. This is important to ensure that the correct drivers and settings are used for each network interface:
pciconf -lv | grep -A1 -B3 network
This command lists all network adapters recognized by your system, specifying the driver associated with each device. For example, the output might indicate whether an Ethernet adapter uses the em(4)
driver and a wireless adapter uses the iwn(4)
driver.
You're absolutely right about the need for instructions on using the su
command, which is essential for tasks requiring root privileges. Here’s an updated section to include this crucial step, ensuring users know when and how to elevate their privileges appropriately:
Switching to the Root User
Before you start making system-wide changes such as network configurations or installing packages, you'll need to have the appropriate administrative privileges.
In FreeBSD, you can switch to the root user from your regular user account by using the su
command. This allows you to perform tasks that require root permissions.
- Open your terminal.
- Enter the following command:
su -
You will be prompted to enter the root password. Once authenticated, you will have root access and can execute commands with administrative privileges.
Note: It's important to use root privileges only when necessary, as it helps prevent accidental changes that could affect the system's security or stability. For routine tasks, it's safer to operate as a regular user.
Managing User Accounts
After switching to the root user, you can proceed to manage user accounts:
-
Create a new user and add them to the
wheel
group:
pw useradd devuser -m -G wheel
passwd devuser
Adding a user to the wheel
group allows them to use the su
command to switch to the root user, given that they know the root password. This is essential for tasks that require elevated privileges without staying logged in as root.
Setting Up Doas
As an alternative to sudo
, FreeBSD uses doas
for delegating authority to users, providing a simpler and more secure way to manage administrative privileges:
-
Install
doas
(if not already installed):
pkg install -y doas
-
Configure
doas
: Open/usr/local/etc/doas.conf
:
vi /usr/local/etc/doas.conf
Add the following line to allow members of the wheel group to execute commands as root:
permit :wheel
The doas
command is a minimalist replacement for the more widely known sudo, originating from the OpenBSD project. It was specifically designed to be simpler and easier to configure than sudo, adhering to the general philosophy of OpenBSD that focuses on code correctness, simplicity, and clarity.
Configuring Wired and Wireless Networks
For a static IP configuration in /etc/rc.conf
, ensuring it persists across reboots:
ifconfig_em0="inet 192.168.1.150 netmask 255.255.255.0"
defaultrouter="192.168.1.1"
And add DNS settings directly in /etc/resolv.conf
:
nameserver 8.8.8.8
nameserver 8.8.4.4
After setting up, restart the network interfaces and routing to apply changes:
service netif restart && service routing restart
Test the network connection:
ping -c2 www.FreeBSD.org
Wireless Network Setup
If connecting to a wireless network:
-
Configure wpa_supplicant:
Add the network details to
/etc/wpa_supplicant.conf
:
network={
ssid="YourNetworkSSID"
psk="YourNetworkPassword"
}
- Start the Wireless Interface:
ifconfig wlan0 up
- Connect using DHCP:
dhclient wlan0
To automatically configure wireless at boot, add the following to /etc/rc.conf
:
wlans_iwn0="wlan0"
ifconfig_wlan0="WPA DHCP"
And restart the networking service:
service netif restart
When configuring Wi-Fi settings in the wpa_supplicant.conf
file, it's important to consider the security of your network credentials. Storing the Pre-Shared Key (PSK) or password in plaintext can be a security risk, especially if unauthorized users gain access to your configuration files.
To enhance security, you can use the wpa_passphrase
utility to generate a hashed version of your PSK, which obfuscates your original password.
Using wpa passphrase to Secure Your PSK
wpa_passphrase
is a command-line utility that takes your SSID and the plain text password as inputs and outputs the SSID along with a precomputed PSK hash. This hash is what you can use in your wpa_supplicant.conf
instead of the plain text password.
- Open your terminal.
- **Run the
wpa_passphrase
command with your SSID and password:
wpa_passphrase YOUR_SSID YOUR_PASSWORD
Replace YOUR_SSID
with your network's SSID and YOUR_PASSWORD
with your actual network password.
Here's an example of what the command might look like:
wpa_passphrase HomeNetwork MySecretPassword
Output:
network={
ssid="HomeNetwork"
#psk="MySecretPassword"
psk=1ab23cd45e67f8901a2b3c4d5e6f7a8b9c0d1e2f3g4567890h1234567890abcd
}
Notice that the output provides a hashed version of your password.
-
Copy the hashed
psk
value and use it in yourwpa_supplicant.conf
. You can ignore or remove the line with the plaintext password (it's commented out anyway).
Why Use a Hashed PSK?
Enhanced Security: By using the hashed PSK in your configuration files, you minimize the risk of password theft. The hash is not reversible, which means even if someone accesses the hash, they cannot easily convert it back to the original password.
Reduce Exposure: If your configuration file is inadvertently shared or exposed, the plaintext password isn't directly visible, providing an additional layer of security against potential misuse.
Open the wpa_supplicant.conf
file in your favorite text editor and replace or add your network configuration with the hashed PSK. It should look something like this:
network={
ssid="HomeNetwork"
psk=1ab23cd45e67f8901a2b3c4d5e6f7a8b9c0d1e2f3g4567890h1234567890abcd
}
Save the file, and you're all set. Your Wi-Fi connection is now a bit more secure, and you've taken a significant step in protecting your network credentials.
System Updates and Package Installation
Simplifying the explanation of how to update and upgrade FreeBSD is crucial for making the process more accessible to users. Here's a streamlined version of the guidance provided in the FreeBSD documentation, focusing specifically on the practical steps necessary to keep your FreeBSD system up-to-date using the freebsd-update
tool.
FreeBSD is continuously being developed, and it's essential to keep your system updated whether you're running a release version or following the development snapshots. FreeBSD provides a simple yet powerful utility called freebsd-update
for applying security patches and performing system upgrades.
The freebsd-update
tool offers a straightforward way to apply binary security patches and perform system upgrades without the need for manual compilation:
- To check for and download available updates:
freebsd-update fetch
- To apply the downloaded updates:
freebsd-update install
If an update includes kernel patches, a system reboot is required to apply the changes. For regular binary updates or when updating userland applications, a restart of the affected services might be sufficient.
You can also use freebsd-update
to upgrade to a new release of the operating system, whether it's a minor or major version change:
- To upgrade to a new release (e.g., from FreeBSD 13.1 to 13.2):
freebsd-update -r 14.1-RELEASE upgrade
freebsd-update install
After running these commands, follow any on-screen instructions to complete the upgrade process. You might need to perform multiple rounds of fetching and installing updates, especially when upgrading between major versions.
Configuring freebsd-update
The command freebsd-update
utilizes a configuration file located at /etc/freebsd-update.conf
, which works well with its default settings for most users. If needed, you can tweak this file to refine which components of the system are updated or to handle how updates to modified files are managed. I will discuss this subject in more depth at another time.
Setting Up a Development Environment
Install development tools for C, C++, Go, and Lisp for example:
pkg install -y gcc llvm go sbcl
Choosing an editor or an Integrated Development Environment (IDE) for your development work is a deeply personal choice, and it's essential to select tools that align well with your workflow and preferences. While Emacs is my preferred choice because of its extensive capabilities and customizability, FreeBSD offers a broad range of other editors and IDEs, including both open-source options like Vim and NeoVim, and proprietary software such as the JetBrains suite of IDEs.
If you're curious about the proprietary IDEs available on FreeBSD, particularly those from JetBrains, you can easily discover what's available directly from your terminal. JetBrains offers specialized IDEs tailored for different programming languages and development environments. To see which JetBrains products are available through FreeBSD's package manager, you can use the pkg search
command. Here’s how:
Run the following command to search for all available JetBrains products:
pkg search jetbrains
This command will list all the JetBrains products available in the FreeBSD package repository, such as:
$ pkg search jetbrains
jetbrains-clion-2023.3.4_1 JetBrains CLion IDE
jetbrains-datagrip-2023.2_1 JetBrains DataGrip IDE for your Databases
jetbrains-goland-2023.3.6 JetBrains GoLand IDE
jetbrains-mono-2.304,1 Free and open source typeface for developers
jetbrains-phpstorm-2023.3.6 JetBrains PhpStorm IDE
jetbrains-pty4j-0.12.25 Pty4J's native library
jetbrains-restarter-233.14015.106_2 IntelliJ cross-platform restarter
jetbrains-rustrover-2023.3.eap.13 JetBrains Rust IDE
jetbrains-sqlite-233.14015.106 IntelliJ SQLite native library
jetbrains-webstorm-2023.3.6 JetBrains JavaScript IDE
These listings give you an idea of the specialized tools available for different development needs. Although I didn't provide the installation instructions, knowing that these options are readily available through the package manager can help you consider whether you might want to explore these tools further for your projects.
Absolutely, FreeBSD offers a fantastic level of convenience when it comes to setting up your development environment thanks to its robust package management system, pkg
. This tool simplifies the installation of IDEs, programming languages, and various development tools with just a few commands. This practicality allows developers to quickly and efficiently set up their environments without the hassle of manual compilation and configuration.
$ pkg install <package-name>
Using this command, you can install everything from advanced IDEs like JetBrains products to different programming languages and their respective tools, making it incredibly streamlined to get your system ready for productive work.
In cases where a specific software isn't available through pkg
, FreeBSD provides an even deeper reservoir of software through its Ports Collection. The /usr/ports
directory houses over 30,000 additional tools and applications, encompassing a vast array of software that caters to nearly every need. Whether you're looking for the latest utilities, libraries, or applications, the Ports Collection is likely to have it.
Although using the Ports Collection can involve more steps than the binary package system, including compiling software from source, it offers unparalleled flexibility and control over how software is built and installed. This makes it an invaluable resource for those who need to customize their installations.
I'll delve deeper into how to utilize the Ports Collection effectively in a future discussion, providing a comprehensive guide to navigating this powerful component of FreeBSD. For now, the ease of installing and managing software with pkg
should give you a solid foundation for setting up a robust development environment on FreeBSD.
Installing a Lightweight Desktop Environment (XFCE)
Sure, setting up XFCE on FreeBSD using .xinitrc
is a great way to ensure that you start the XFCE desktop environment automatically when you run startx
. Here’s a casual step-by-step guide to get you going:
First off, you need to install XFCE if it's not already installed. Open your terminal and make sure you’re either logged in as root or you have sufficient privileges to install packages (you can use su
or doas
to get root access if needed). Then, run the following command:
pkg install -y xfce
This command pulls XFCE and all its dependencies from the FreeBSD package repository and installs them on your system. If you haven't already installed the X Window System, you'll need it to use XFCE. Here’s how to install it:
pkg install -y xorg
This installs Xorg, which is the standard display server for UNIX-like operating systems, enabling graphical environments on your machine. Now, you’ll want to set up your user environment to start XFCE automatically when you use startx
. You'll do this in the .xinitrc
file located in your home directory. If the file doesn't exist, you'll create it. Here’s how:
- Open your terminal and navigate to your home directory:
cd ~
- Check if the
.xinitrc
file exists:
ls -a
- If you don't see
.xinitrc
, create it using a text editor likevi
ornano
:
vi .xinitrc
- Add the following line to the
.xinitrc
file:
exec startxfce4
This line tells the X Window System to start the XFCE desktop environment when you run startx
. Save and close the file. If you're using vi
, you can do this by hitting Esc
, typing :wq
, and then pressing Enter
. With everything set up, you can now start XFCE:
- Simply type the following command in your terminal:
startx
- This command initializes the X Window System and starts XFCE based on the configuration you added to
.xinitrc
.
And that’s pretty much it! You should now see the XFCE desktop environment loading up, ready for you to use.
Choosing between using a desktop manager or the .xinitrc
method with startx
really boils down to what you personally prefer. If you dig simplicity and control, or if you're working on a system where resources like memory and processing power are tight, the .xinitrc
approach might be more up your alley.
On the flip side, if you're all about convenience, want a fancier login screen, or have multiple users with different tastes in desktop environments, a desktop manager could be the way to go.
I brought up XFCE as an example of a desktop environment that can be launched this way, but in my case, I rock i3wm—a window manager that's all about being straightforward and efficient, kicked off through .xinitrc
. This reflects my personal preference for a setup that keeps the system lean and mean, without the extra baggage of a full-blown desktop manager.
Managing Services
To see all available services and which are enabled:
- List all services:
service -l
- List enabled services:
service -e
Now, you should have a fully functional development environment for C, C++, Go, and Lisp on a FreeBSD system with a light, efficient desktop interface and secure user permissions management via doas
. Always refer to the man pages (man command
) for detailed info on commands and configurations!
For anyone working with or learning about FreeBSD, one of the best resources at your disposal is the FreeBSD Handbook. Available at FreeBSD Documentation, the Handbook provides comprehensive coverage of all aspects of FreeBSD, from installation to advanced system administration.
Whether you're a beginner looking to understand the basics or an experienced user aiming to deepen your knowledge of system internals and network configuration, the Handbook offers detailed guidance and is continuously updated to reflect the latest developments.
Reference Links
- FreeBSD Handbook - Your go-to resource for all things FreeBSD, covering installation, system administration, and more.
- Configuring Internet Access
- Setting Up User Accounts
- Configuring Doas
- Configuring Networks in FreeBSD
- System Updates and Package Management
- Setting Up a Development Environment on FreeBSD
- Installing XFCE on FreeBSD
- Managing FreeBSD Services
- Using wpa_passphrase for Secure Network Connections
- FreeBSD Wireless Networking
Posted on April 20, 2024
Join Our Newsletter. No Spam, Only the good stuff.
Sign up to receive the latest update from our blog.