TrueOS Tips, Tricks, and FAQ


#10

IPFW Rules for NFS server
Add the following to /etc/ipfw.custom. If you want to allow from “any” replace the IP address with the word “any”, if you want to allow a single IP, replace with yours.
Then either restart the firewall or simply sh /etc/ipfw.custom as root.

# Set rules command prefix
cmd="ipfw -q add"

# Allow NFS from 192.168.254.43
# NFS needs 2049 for nfsd
# rpcbind at 111
# unfortunately statd/mountd anything below 1024
# Openport rules are added at 10000, default deny at 64000,
# so lets put these at 63000
$cmd 63000 allow tcp from 192.168.237.73 to me dst-port 111-1024 in keep-state :default
$cmd 63001 allow udp from 192.168.237.73 to me dst-port 111-1024 in keep-state :default
$cmd 63002 allow udp from 192.168.237.73 to me dst-port 2049 in keep-state :default
$cmd 63003 allow tcp from 192.168.237.73 to me dst-port 2049 in keep-state :default

TrueOS's ipfw default configuration script
#11

Postgresql 10 server on TrueOS

Install via pkg (as root or sudo )

pkg install postgresql10-server

Running it through FreeBSD init system (rc)

Since there are no open-rc scripts for it, you can run it via the RC script like so.

sudo /usr/local/etc/rc.d/postgresql start

Running postgresql through open-rc

I hacked up an init script. Copy the following code snippet into /usr/local/etc/init.d/postgresql
and make sure it has the same permissions and ownerships as other files in /usr/local/etc/init.d/

#!/sbin/openrc-run

name=postgresql

# set defaults
postgresql_enable=${postgresql_enable:-"NO"}
postgresql_flags=${postgresql_flags:-"-w -s -m fast"}
postgresql_user=${postgresql_user:-"postgres"}
eval postgresql_data=${postgresql_data:-"~${postgresql_user}/data10"}
postgresql_class=${postgresql_class:-"default"}
postgresql_initdb_flags=${postgresql_initdb_flags:-"--encoding=utf-8 --lc-collate=C"}
extra_commands="initdb reload"

# Command
command=/usr/local/bin/pg_ctl
command_args="-D ${postgresql_data} ${postgresql_flags}"


postgresql_initdb()
{
    su -l -c ${postgresql_class} ${postgresql_user} -c "exec /usr/local/bin/initdb ${postgresql_initdb_flags} -D ${postgresql_data} -U ${postgresql_user}"
}

get_config() {
[ -f ${postgresql_data%/}/postgresql.conf ] || return 1
eval echo $(sed -e 's:#.*::' ${postgresql_data%/}/postgresql.conf \
    | awk '$1 == "'$1'" { print ($2 == "=" ? $3 : $2) }')
}

depend() {
    use net
    provide postgresql

    if [ "$(get_config log_destination)" = "syslog" ]; then
        use logger
    fi
}

checkconfig() {

# Check that postgresql_data directory exists
if [ ! -d ${postgresql_data} ] ; then
    eerror "Directory not found: ${postgresql_data}"
    eerror "HINT: Ensure that postgresql_data points to the right path."
    return 1
fi

# Check for the existence of PostgreSQL's config files, and set the
# proper mode and ownership.
# Only three files should be checked as potentially other files
# may be in PGDATA that should not be touched.
local file
for file in postgresql pg_hba pg_ident ; do
    file="${postgresql_data%/}/${file}.conf"
    if [ -f ${file} ] ; then
        checkpath -f -m 0600 -o postgres:postgres ${file}
    else
        eerror "${file} not found"
        return 1
    fi
done

}

start_pre(){
    checkconfig || return 1
    ebegin "Starting Postgresql10"
    rm -f ${postgresql_data%/}/postmaster.pid
}

start() {
    su -l ${postgresql_user} -c "exec ${command} ${command_args} start"
}

stop() {
    ebegin "Stopping Postgresql10"
    su -l ${postgresql_user} -c "exec ${command} ${command_args} stop"
}

initdb(){
  postgresql_initdb
}

status(){
  su -l ${postgresql_user} -c "exec ${command} ${command_args} status"
}

reload() {
    ebegin "Reloading Postgres10 config data"
    su -l ${postgresql_user} -c "exec ${command} ${command_args} reload"
}

Now you can start postgresql service normally

service postgresql start

You can run the following to have it start up with the system by default.

rc-update add postgres

I read rabbitmq’s init file, the postgres rc.d init file and Gentoo’s open-rc file to come up with the script. No unicorns were harmed in its making.


#12

Meltdown, Spectre -FreeBSD first response

Was advised FreeBSD has made their first micro-code update available. Use at your own risk

https://www.freshports.org/sysutils/devcpu-data/

pkg-message:

Installing this port will allow host startup to update the CPU microcode on
a FreeBSD system automatically. In order to enable this feature, add the
following to the system’s /etc/rc.conf:

microcode_update_enable=“YES”

To ensure the update is applied, reboot the system or start the microcode update
service via:

service microcode_update start

If the CPU requires a microcode update, a console message such as the following
will appear:

Updating CPU Microcode…
/usr/local/share/cpucontrol/m32306c3_00000022.fw: updating cpu /dev/cpuctl0 from rev 0x17 to rev 0x22… done.
/usr/local/share/cpucontrol/m32306c3_00000022.fw: updating cpu /dev/cpuctl2 from rev 0x17 to rev 0x22… done.
/usr/local/share/cpucontrol/m32306c3_00000022.fw: updating cpu /dev/cpuctl4 from rev 0x17 to rev 0x22… done.
/usr/local/share/cpucontrol/m32306c3_00000022.fw: updating cpu /dev/cpuctl6 from rev 0x17 to rev 0x22… done.
Done.

Master Sites:

There is no master site for this port.

#13

Open-RC scripting and how to write


#14

Settings in /etc/periodic.conf

I like to override some of the defaults for the periodic scripts. Don’t email to root, keep output in a file. Don’t do DNS lookups, clean /tmp, add ZFS, NTP and SMART status in the daily log. Here’s how I do it:

# periodic.conf overrides
# output to file
daily_output="/var/log/daily.log"
daily_status_security_output="/var/log/dailysecurity.log"
daily_status_network_usedns="NO"
daily_status_named_usedns="NO"
daily_clean_tmps_enable="YES"
daily_status_ntpd_enable="NO"
daily_status_zfs_enable="YES"
daily_scrub_zfs_enable="NO"    # set to YES for autoscrubbing at threshold days
daily_scrub_zfs_default_threshold="45"          # days between scrubs
daily_status_smart_enable="YES"
daily_status_smart_devices="/dev/ada0 /dev/ada1 /dev/ada2"
daily_queuerun_enable="NO"
weekly_output="/var/log/weekly.log"
weekly_status_security_output="/var/log/weeklysecurity.log"
monthly_output="/var/log/monthly.log"
monthly_status_security_output="/var/log/monthlysecurity.log"

#15

Cleaning Linux partitions in TrueOS and w/o Linux distro


#16

ZFS and how to access missing pools:

https://discourse.trueos.org/t/zfs-and-how-to-access-missing-pools/2476/4


#17

USB-Audio as default audio device (HOWTO):

A) Read man-page: 

% man snd | grep -A 17 hw.snd.verbose
     hw.snd.verbose
             Level of verbosity for the /dev/sndstat device.  Higher values include
             more output and the highest level, four, should be used when reporting
             problems.  Other options include:

             0   Installed devices and their allocated bus resources.

             1   The number of playback, record, virtual channels, and flags per
                 device.

             2   Channel information per device including the channel's current
                 format, speed, and pseudo device statistics such as buffer
                 overruns and buffer underruns.

             3   File names and versions of the currently loaded sound modules.

             4   Various messages intended for debugging.

B) Set settings accordingly:

% cat /boot/loader.conf.local | grep snd
snd_uaudio_load="YES"
hw.snd.verbose="3"

C) Reboot

D) Check /dev/sndstat:

% cat /dev/sndstat  | grep snd_uaudio
pcm4: <USB audio> at ? kld snd_uaudio (1p:1v/1r:1v) default

E) Set settings accordingly:

% cat /boot/loader.conf.local | grep 'snd.default_unit'
hw.snd.default_unit="4"

F) Reboot

That’s all.


#18

A rough overview of using Nvidia Optimus on FreeBSD.

https://wiki.freebsd.org/Graphics/OptimusVideoSupport


#19

Once you change to using the IPFS network

You will need to sync your system as well, run the following commands;

sudo pc-updatemanager confcheck
sudo pc-updatemanager syncconf
sudo pc-updatemanager pkgcheck


Cannot upgrade to 18.03
#20

iPhone Hotspot USB tethering to TrueOS Laptop

Look at this link --> iPhone Hotspot USB tethering to TrueOS Laptop


#21

FreeBSD USB Disk and ZVOL Encryption with GELI

https://antranigv.am/weblog_en/posts/freebsd-geli-encryption-usb-and-zvol/


#22

How to change boot-up delay and root password.

To change the timing of boot-up delay go to:

/boot/defaults/loader.conf

Edit the last line in the loader.conf file to desired delay at:

Speed up boot time
autoboot_delay="02"   <-- indicates delay in seconds

To change root password

During system boot-up, enter a single user mode

Then type:

mount -uw /

Next type:

passwd

Enter your new password for root

Next type:

exit

Now, you can login with your new root’s password :slight_smile:


#23

man loader.conf:

FILES
     /boot/defaults/loader.conf  default settings -- do not change this file.
     /boot/loader.4th            defines the commands used by loader to read and
                                 process loader.conf.
     /boot/loader.conf           user defined settings.
     /boot/loader.conf.local     machine-specific settings for sites with a common
                                 loader.conf.

#24

#UEFI graphics screw up


#25

A quick Life Preserver howto - Thank you @michael.ger


closed #26

opened #27

#28

Some Lenovo, and probably other computers with UEFI video garbage

UEFI Resolution

Kris Moore edited this page on Jun 6 · 1 revision

On some systems when booted via UEFI you may end up in a console resolution that isn’t supported, resulting in a corrupt display. To work-around this issue you can do the following:

At the boot-loader menu, drop to the Command-Prompt (Under Advanced). Run the command ‘gop set 0’, replacing 0 with 1/2/3/4 until you find a resolution that seems to work with your system.

Once you’ve come up with a working resolution you can hard-code it by putting the 'gop set ’ command in /boot/loader.rc.local.

original link --> UEFI Resolution


#29

Trident ZFS pool /usr/local mystery

Thanks to @rowo, @jgroenveld, & @mer