Archive for the ‘FreeBSD’ Category

Building & administering jails on FreeBSD, Part 1

Monday, June 21st, 2010

The FreeBSD jail(8) manpage & Chapter 15 of the FreeBSD handbook do a great job of explaining jails & helping you get on your way with creating jails, this post builds on that information, covering alternative methods for getting your jails installed & adding what’s not covered already such as maintenance of jails (patching to be specific) & version upgrades.

  • Part 1 (this post :) ) will cover alternative install methods & jail maintenance
  • Part 2 (not yet published) will cover upgrading to a new version FreeBSD

Once completed the information from these posts will be submitted for inclusion in the handbook.

So lets begin, when creating a “complete” jail you have two options for the source of the userland, compile from source code or use the prebuilt binaries from install media, both the jail manpage & handbook cover building from source code, we wont go over it again here.

One thing worth mentioning though is if you want to build from source code, create a src.conf file & disable items which are not required, this should speed up the time required to build world & reduce the amount of disk space used by jails.

Here are two sample src.conf files, which disable building items such as firewalls (no use unless you’re using vimage), acpi or documentation:
Sample src.conf #1
Sample src.conf #2

To install the userland from installation media
first create the root directory for the jail, eg
mkdir -p /usr/jails/mynewjail
set the $DESTDIR variable to this location
if using sh
export DESTDIR=/usr/jails/mynewjail
if using csh/tcsh
setenv DESTDIR /usr/jails/mynewjail
mount the media (using the 8.0-RELEASE cd 1 iso in this example)
mount -t cd9660 /dev/`mdconfig -f /some/path/to/8.0-RELEASE-i386-disc1.iso` /mnt

Extract the binaries from the tar balls on the install media into your declared destination, realistically, you’ll only need to extract base, but you can do a complete install if you wish to.
To install just base:
cd /mnt/8.0-RELEASE/base; ./install.sh

You are about to extract the base distribution into /usr/jails/mynewjail – are you SURE
you want to do this over your installed system (y/n)?

To install everything but kernel:
if using sh
cd /mnt/8.0-RELEASE; for dir in base catpages dict doc games info manpages ports; do (cd $dir ; ./install.sh) ; done
if using csh/tcsh
foreach dir ( base catpages dict doc games info manpages ports )
cd /mnt/8.0-RELEASE/$dir; ./install.sh
end

All configuration steps from here on to get up and running are as specified in the jail man page & handbook.

Keeping jails up to date with patches
On a host with default settings the freebsd-update(8) tool doesn’t work as
chflags(1) is not permitted in a jail, set sysctl security.jail.chflags_allowed to 1 to allow it & freebsd-update can be used.
The other option is to patch the userland manually from the host OS. All the needs to be done is the $DESTDIR has to be passed to the make install command eg.
In section 2b of the FreeBSD-SA-10:04.jail advisory you’re told to
# make obj && make depend && make && make install
after patching, instead you would issue
# make obj && make depend && make && make install DESTDIR=/usr/jails/mynewjail

Tags: , ,
Posted in FreeBSD | No Comments »

OpenNMS-dev port for FreeBSD

Wednesday, June 9th, 2010

I’ve created a new FreeBSD port for installing releases from the unstable branch of OpenNMS.
This port suffers from the same issue as the stable port

You can grab the port here

9/6/10
Initial port, installs version 1.7.92

Tags: , ,
Posted in FreeBSD | No Comments »

IPlike port for FreeBSD

Tuesday, January 5th, 2010

As part of getting OpenNMS on FreeBSD via ports I’ve created a port for the IPLIKE which is a C implementation of the iplike stored procedure that’s used by OpenNMS.
You can download a copy of the port here

If I haven’t heard any bad reports by the end of the week, I will raise a PR to have it added to ports.

ports/142581 was commited earlier today

iplike commit message on freshports.org

The port can be found at databases/iplike, please update your ports

Tags: , ,
Posted in FreeBSD | No Comments »

OpenNMS port for FreeBSD

Tuesday, January 27th, 2009

The port is for the current stable version, v1.6.2. It is in its very early stages, there are still some issues which need to be ironed out:

* The port will install just fine except that it complains about some files listed in the pkg-plist which are not there, well they are there but the files named are dynamically generated everytime a build is attempted (jetty-webapps & webapps cache files) so this will need to be fixed.

* As there are issues with these filenames in the pkg-plist, make package fails.

* A problems with the jicmp dependency, it fails to detect that jicmp is installed & attempts to build & install it no-matter what & obviously fails if it is.

All previous issues with the port listed above have been resolved, the port now just needs to be tested before submission for inclusion in ports.

You can grab the port here

11/5/09
Port updated to version 1.6.4, use the link above to fetch a new copy of the port.
There is an issue with the packing list as it currently doesn’t take into account new files that are created from things such as availability reports, which means when you come to remove the package some files are left behind as well as empty directories, this will be solved in the next revision when I’ll separate out the location the data resides from the binary & config files.

17/5/09
Port updated to version 1.6.5, again use the link above to fetch a new copy of the port.
The issue with the packing list still existed in this version.

3/8/09
Updated the packing list so that it now includes some files which I missed before.
There are issues with the packing list which still need to be resolved.

5/1/10
Updated the port to 1.6.8, if you have a previous version of the port installed, backup your opennms directory before doing the upgrade as files will be removed.
I have a been working on separating the config files, logs & rrd data from the libraries & binaries etc, the OpenNMS build mechanism has support for this, allowing one to pass -Dinstall.etc.dir=/confdir/opennms-data/etc -Dopennms.home=/opt/opennms -Dinstall.logs.dir=/var/log to build.sh
Unfortunately the source code doesn’t, there are 2 major hurdles which need be passed before this will work correctly
1) some files ignore some of the variables passed to build.sh, most important one being install.etc.dir, see bug report
2) source files are hardcoded to look for files/directories under $opennms.home eg the etc directory.
I have a whole bunch of diffs which I need to go over again as I’ve hit a wall, I would’ve included the patches with this update but, all the diffs manage to do is break things, so I removed them from this version.
The port now use openjdk as it doesn’t suffer from the SIGSEGV issue experienced by some, including myself, a workaround if you want to remain with diablo or sunjdk is to disable IPv6 support in the JDK. You will also need to remove the if condition from the OpenNMS port Makefile aswell.
I’ve also created a seperate port for iplike here

18/3/10
Thanks to David Okeby for updating the port to version 1.6.9 & sharing a link in the comments section below, I’ve mirrored a copy of the port on this site & updated the download link, the original had resource files inside which I’ve removed.

6/4/10
Updated to version 1.6.10, as mentioned before, backup your opennms directory before upgrading to prevent data loss.

9/6/10
Update to version 1.8.0, the port now requires openjdk 1.6 to run

Tags: , ,
Posted in FreeBSD | 30 Comments »

CoovaChilli 1.0.12 port for FreeBSD

Wednesday, June 18th, 2008

As v1.0.12 is finally released I’ve updated the unfinished port for the SVN builds
The todo list is kinda the same but I’m on the case this time & its fairly trivial to sort out, I just need feedback on any issues building the port & getting it up & running.

Grab the port here
If you need a main.conf to start with grab it here

29/6/08
Thanks to David Bird for working over the issues with coova on FreeBSD this weekend, the random coredump issue has been resolved & chilli_query now works properly aswell as coova itself! :)
I’ve updated the port, use the link above to download & test.

20/11/08
Updated the port to make it build-able on FreeBSD 7.0, added rc script & sample configs, the port is nearly ready for submission, its now lacking documentation & a little cleaning up on scripts, use the link above to fetch a new copy of the port.

11/1/09
Tidied up the scripts by removing linux related references e.g iptables, the port has now been submitted for inclusion in the ports tree ports/130357
Use the link above to fetch a copy in the meantime.

20/1/09
Port Commited
Please note that the sample configs are now located in /usr/local/share/examples/cooovachilli
The chillispot port has also been updated to prevent installation of both packages.


CoovaChilli port for FreeBSD commited

Tags: ,
Posted in FreeBSD | 11 Comments »

Dell PowerEdge T105 & *BSD

Friday, February 1st, 2008

Dell where running a special offer this week on the PowerEdge T105 servers.
For £173inc Vat & Shipping they make perfect test boxes, I placed the order on monday & they where here on thursday.
I’ve spent some of today trying ou the AMD64 flavours of FreeBSD 6.3 & 7.0-RC1, NetBSD 4.0 & 200802010002Z snapshot, OpenBSD 4.2 RELEASE & CURRENT.
One word of warning the onboard broadcom network card is a POS, you will need an additional network card installed in the system if you’re planning to have any means of connectivity to you box.
I used a cheapo intel pro/1000 GT PCI network card.

Here are some dmesgs:
FreeBSD 6.3-RELEASE AMD64
FreeBSD 7.0-RC1 AMD64
The broadcom network card was enabled in the bios but wasn’t detected by the kernel

I was unable to NetBSD 4.0 & 200802010002Z as the setup program claimed there where any disks installed.

OpenBSD 4.2-RELEASE GENERIC kernel
OpenBSD 4.2-RELEASE GENERIC.MP kernel
OpenBSD 4.2-CURRENT GENERIC kernel
The broadcom network worked fine during the install process as far as I was able to obtain a IP address from a DHCP server, upon reboot when the system went multiuser & the network card was initialised the system would panic, using the intel card instead stopped the panic onboot, but still panicked on reboot, disabling the broadcom network card in the bios solved any panics. Screenshot
I was unable to test the 4.2-CURRENT GENERIC.MP kernel as the system failed to boot, complaining about em0: watchdog timeout -- resetting
&
wd0a: device timeout writing fsbn 1885728 of 1885728-1885759 (wd0 bn 1885791; cn 11 tn 98 sn 12), retrying Screenshot

I also booted the system off the FreeBSD-CURRENT snapshot using the bootonly iso, the broadcom network card was detected but panicked when attempting to obtain a IP address via DHCP.

Tags: , , ,
Posted in FreeBSD, NetBSD, OpenBSD | 4 Comments »

CoovaChilli for FreeBSD

Monday, December 24th, 2007

I’ve created a long overdue port of CoovaChilli for FreeBSD, this should be considered as a work in progress for a couple of reasons:
1) As the current stable release v1.0.11 doesn’t build on the BSD’s the port installs a SVN checkout of build 152 which resolves build issues with FreeBSD
2) this is a result of a couple of hours of faffing around due to me being a bit rusty, the port definitely installs & uninstalls cleanly
but doesn’t install things in the right place as far as where things should live in the BSD userland e.g the www files are installed in {PREFIX}/etc/chilli/www which is wrong + some others bits.
3) The port doesn’t include any of additional docs/configs which where included with the chillispot port, eg a PF config.
4) No testing has been done apart from the fact that it builds correctly

You can grab a copy of the port here
copy the file to /usr/ports/net-mgmt
& uncompress

Update:
Small change, the correct location of the localstate directory (/var) is passed onto configure, redownload the file if you grabbed a copy previously.

Tags: , ,
Posted in FreeBSD | 7 Comments »

Chillispot 1.1.0 for FreeBSD

Saturday, August 11th, 2007

I’ve finally gotten around to bringing the FreeBSD port of Chillispot up to date with the current release (v1.1.0).
As v1.1.0 is considered unstable it will not overwrite v1.0 which is currently in the tree, it will instead live alongside it in net-mgmt/chillispot-dev.
I have not had a chance to test this port with any wireless clients yet but it should work in theory, the only difference between this port & the initial patch I made to make it buildable is that I’ve used an alternative method for dealing with clearenv() as pointed out by Joe Marcus Clarke

Grab a copy of the first revision of the port here

Tags: , ,
Posted in FreeBSD | 4 Comments »

Brighton Chilli 0.002-ALPHA Released

Friday, November 10th, 2006

I finally managed to roll out a new release of Brighton Chilli, the new release contains the following fixes & additions:
Added support for WPA & 802.11i to the kernel
Added support for Atheros chipset cards to the kernel
Fixed a typo in chilli.conf (chilli should redirect to the right file now)
Patch for chillispots hotspotlogin.cgi to enable it to work with lighttpd
Move the cgi-bin directory to /var mfs so that it’s on a writable FS allowing hotspotlogin.cgi to be edited
Added chillispot to rc.conf
Serial console redirection now works
Changed the loader logo to beastie

Tags: , ,
Posted in FreeBSD | 5 Comments »

Brighton Chilli Is Born

Tuesday, September 5th, 2006

I’ve made a Freesbie containing everything needed to get a chillispot based wifi hotspot up and running.

At the moment you need to tweak some of the config files by hand but I will hopefully manage to automate everything withing the next couple of releases

Check it out here

Tags: , ,
Posted in FreeBSD | No Comments »

Chillispot PF Config & More

Monday, August 28th, 2006

I have just submitted a PR to update my port for FreeBSD
The update contains a Install guide which covers install & config of Chillispot, Apache 1.3.x with mod_ssl, MySQL 4.1.x & freeRADIUS + A sample PF config file aswell as a IPFW config file & a RC startup script.
If you can’t wait till it’s merged into the tree you can grab a copy of the port from here

Tags: , ,
Posted in FreeBSD | 1 Comment »

IPFW Config for use with Chillispot (Mac OS X & FreeBSD)

Wednesday, July 5th, 2006

I was sent this sample config by a guy called Karl for inclusion with the FreeBSD port (still haven’t done it yet, sorry Karl!)
It should theoretically work with OS X aswell, now all that’s left is a config for PF & all should be well.

Tags: , , , ,
Posted in FreeBSD, OS X | No Comments »

Yay! net-mgmt/chillispot commited!!!

Sunday, December 25th, 2005

My port for chillispot was commited on the 20/12/05

Commits Log on Freshports.org

Tags: , , ,
Posted in FreeBSD | No Comments »

My 1st Port net-mgmt/chillispot for FreeBSD

Wednesday, December 14th, 2005

Just submitted my first port Chillispot via the PR (Problem Reports) Page
Hopefully it will make it into the source tree!!
In the meantime you can download a copy of it here

Tags: , , ,
Posted in FreeBSD | No Comments »