FreeBSD beginners ④

Original: http://ewangsoft.blog.163.com/blog/static/77215582200962911124129/

-----------------

93. Configure the kernel: (1) Obtain a hardware configuration list: dmesg, man, pciconf (pciconf
-LV ). (2) Before compiling a developed kernel, if only a specific hardware support is required,
A ready-made module may already exist. The kernel module is stored in the/boot/kernel directory and can be loaded into the running kernel by the kldload (8) command.
Basically, all kernel drivers have specific modules and manuals. For example, the ath wireless Ethernet driver mentioned below.
The online manual for this device contains the following information: Alternatively, to load the driver as a module at boot
Time, place the following line in loader. conf (5 ):
If_ath_load = "yes", follow the example and add if_ath_load = "yes" to/boot/loader. conf"
This module can be dynamically loaded when the machine is started. (3) change the configuration file: the default Kernel configuration file is/usr/src/sys/ARCH/CONF/generic. If
For a detailed list of platform-related options and devices, see the notes in the same directory as the generic file. platform-independent options can be found in
/Usr/src/sys/CONF/notes. (4) enter/usr/src and translate the kernel: # Make buildkernel
Kernconf = mykernel (5) install the new kernel # Make installkernel
Kernconf = mykernel (6) when using this method to compile the kernel, you need to install the complete FreeBSD source code. By default, When you compile your customized kernel,
All kernel modules will also participate in the construction. If you want to upgrade the kernel faster, or you only want to compile the required modules, Edit
/Etc/make. conf: modules_override = Linux ACPI sound/sound
Sound/driver/ds1 NTFS. The content of this variable is the list of modules you want to build. Without_modules = Linux ACPI
Sound/sound/driver/ds1 NTFS. The content of this variable is a list of modules that will not be compiled during the compilation process.

94. display the current path in CLI: Add: set prompt = "% B [% N @ % m % ~] To/. cshrc. % B #"
. It takes effect without restarting: source. cshrc.

95. The system configuration information is mainly located
/Etc/rc. conf, which can be read by Sh. This file contains a large part of the configuration information and mainly configures the system when the system starts. Use
Sysinstall (8) or make world does not overwrite RC. conf
File (sysinstall may modify this file ). The system administrator must log on to/etc/rc. conf.
File to overwrite the default settings in/etc/defaults/rc. conf. This default file should not be copied to/etc
It contains the default value rather than an example. All specific changes should be made in RC. conf.
. In cluster applications, to reduce management costs, you can apply a variety of policies to separate all-site settings from system-specific settings. The recommended method is to place the full-site settings in another file.
, Such as/etc/rc. conf. site, and include it in/etc/rc. conf (add a line in RC. conf :.
/Etc/rc. conf. site ).

96. When a port or package is installed, the configuration file examples are also installed. Normally, these files are installed in
/Usr/local/etc. They are usually identified by the. Default suffix.

97. Before rc. d appears, the application will put a simple STARTUP script in/usr/local/etc/rc. d.
Directory, the scripts in this directory will be read by the system initialization script. In 2002, FreeBSD integrated rc. d from NetBSD
System and use it to initialize the system. Most files in the/etc/rc. d directory are used to manage basic services. They can be started or stopped,
And restart options. Rc. d usage: (1) start or stop a service #/etc/rc. d/sshd
Start; (2) to enable the network service when the system starts, you can
To enable the network address translation service when the system starts, add natd_enable = "yes" to/etc/rc. conf ". (3) Whether or not a service is started,
You can add the "one" prefix before the command, such as #/etc/rc. d/sshd onerestart.
Line. (4) The option rcvar can be used to easily check/etc/rc. conf using the appropriate rc. d.
Whether the script-enabled service is enabled. The administrator can run such a program to check whether sshd is actually started in/etc/rc. conf, for example :#
/Etc/rc. d/sshd rcvar ;#
Sshd; # sshd_enable = Yes, indicating that it is enabled in RC. conf. (5) to determine whether a service is running, you can use status
. For example, verify that sshd has actually started: #/etc/rc. d/sshd status.

98. Some services, such as POP3 servers and IMAP, can be started through inetd (8) (of course, the inetd service must be started first ). In some cases
Cron (8) is also a feasible option to start system services. This method has many advantages, because cron will execute those processes as the crontab file owner.
This allows common users to execute their applications. The cron tool provides a unique function to specify the time with @ reboot. This setting will be performed in cron (8)
Run at startup, usually during system initialization.

99. The Cron software runs in the background and often checks the/etc/crontab file. Cron software also checks/var/cron/tabs
Directory to search for the new crontab file. These crontab files store information about cron tasks executed at specific times.
Cron
The program uses two different types of configuration files: System crontab and user crontabs. The only difference between the two formats is the sixth field. In the system crontab
The sixth field is the user name used to execute the command. This gives the system crontab the ability to execute commands as any user. In the user crontab,
The sixth field is the command to be executed. All commands are executed as the user. This is an important security function. Like other users, root users can have their own
Crontab. It is different from/etc/crontab (that is, the system crontab ). Because there is a system crontab
Root creates a separate user crontab.

 

100 FreeBSD supports many types of PCI and ISA NICs.
You can view the hardware compatibility list of this version to check whether the NIC is supported. After confirming that the system supports the NIC, you also need to select the appropriate driver for it.
/Usr/src/sys/CONF/notes and/usr/src/sys/ARCH/CONF/Notes
Some supported Nic and chipset information is provided. If your Nic does not appear in generic, manually load the appropriate driver.
To do this, you can use one of the following two methods: 1) the simplest method is to use kldload (8) to load the kernel module corresponding to the NIC (in/boot/kernel ).
In addition, you can add appropriate settings to the/boot/loader. conf file to enable the system to automatically load these modules during boot.
However, not all NICs can be supported using this method; ISA Nic is a typical example. 2) supports static connection of NICs into the kernel.
View/usr/src/sys/CONF/notes,/usr/src/sys/ARCH/CONF/Notes
And the driver's online manual to learn what needs to be added to your Kernel configuration file.

101. Many system services depend on the functions provided by other services. For example, NIS and other RPC-based services may be started in rpcbind
An error occurred while starting the service. To solve this problem, the dependency information and other header information are included as comments before each STARTUP script file. The program analyzes these annotations during system initialization to decide to call other systems.
System service to satisfy dependencies.

102. Provide: specify the name of the service provided by this file; require:
List other services required before the service starts. The services provided by this script will be started after the Specified Services; before:
List other services that depend on this service. The services provided by this script will be started before the Specified Services.

 

103. Since FreeBSD 5.3-release, you can "directly" support the Network Driver Interface Standard (NDIS, Network
Driver Interface Specification. FreeBSD ndisulator (also known as Project edevil)
It supports binary windows drivers and makes it believe that Windows is running. Because the NDIS (4) driver is used for Windows
So it can only be used on i386 and amd64 systems. The NDIS (4) driver mainly provides PCI, cardbus
And PCMCIA devices, while USB devices are not currently supported.

104 use Windows NDIS
Driver: (1) Prepare the binary driver file (Sys File) and driver configuration file (INF file) in windows; (2) assemble the binary driver into the kernel model
Block: # ndisgen w32driver. inf w32driver. SYS. After the task is completed, it will generate a kernel module file in the current directory,
This file can be loaded using the following command: # kldload./w32driver. Ko. In addition to this kernel module, NDIS. Ko and
If_ndis.ko: These two kernel modules are usually automatically executed by the system. To manually load them, run the following command: # kldload NDIS #
Kldload if_ndis
. (3) like any other module, you can configure the system to automatically load the NDIS module at startup. First, the generated module *. Ko
Copy to the/boot/modules directory. Add the module name _ load = "yes" to/boot/loader. conf ".

105 Nic configuration can be completed by using the ifconfig (8) command line, but it should be done once each startup. The file where the NIC configuration letter is placed is
/Etc/rc. conf. Example: ifconfig_dc0 = "Inet 192.168.1.3 netmask 255.255.255.0"
; Ifconfig_dc1 = "Inet 10.0.0.1 netmask 255.255.255.0 Media
10 BaseT/UTP "; ifconfig_dc2 =" DHCP ", replace dc0, DC1 In the example with the correct device name and address
. To configure the NIC, you need the root permission.

106. Notes For nic debugging in section 11.8.3.2.

107. FreeBSD
A common purpose is a virtual host site. A server virtualizes many servers to provide network services. This is achieved by binding multiple network addresses to an interface. A specific network interface has
"Real" addresses may also have some "alias" addresses. These aliases are usually added using records in/etc/rc. conf. One fxp0
The alias record of is similar to: ifconfig_fxp0_alias0 = "Inet XXX. XXX netmask
XXX. XXX ", alias records must start from alias0 and increase sequentially (for example, _ alias1,
_ Alias2 ). The provisioner stops at the first missing number. It is very important to calculate the subnet mask of an alias. Fortunately, it is very simple. An interface must have a description subnet.
The address of the mask. Any address in this CIDR block must have a subnet mask (usually expressed as 255.255.255.255.255 or
0 xffffffff. For example, assume that fxp0 is used to connect to two networks: 10.1.1.0 and the subnet mask is 255.255.255.0,
And 202.0.75.16, whose subnet mask is 255.255.255.255.255.240. From 10.1.1.1 to 10.1.1.5 and
Addresses from 202.0.75.17 to 202.0.75.20 can access each other. As mentioned above, only the first address of the two CIDR blocks (in this example, 10.0.1.1 and
202.0.75.17) the actual subnet mask should be used; the remaining (10.1.1.2 to 10.1.1.5 and 202.0.75.18
202.0.75.20) You must use 255.255.255.255 as the subnet mask:
Ifconfig_fxp0 = "inet
10.1.1.1 netmask 255.255.255.0"
Ifconfig_fxp0_alias0 = "Inet 10.1.1.2
Netmask 255.255.255.255"
Ifconfig_fxp0_alias1 = "Inet 10.1.1.3 netmask
255.255.255.255"
Ifconfig_fxp0_alias2 = "Inet 10.1.1.4 netmask
255.255.255.255"
Ifconfig_fxp0_alias3 = "Inet 10.1.1.5 netmask
255.255.255.255"
Ifconfig_fxp0_alias4 = "Inet 202.0.75.17 netmask
2017100000000240"
Ifconfig_fxp0_alias5 = "Inet 202.0.75.18 netmask
255.255.255.255"
Ifconfig_fxp0_alias6 = "Inet 202.0.75.19 netmask
255.255.255.255"
Ifconfig_fxp0_alias7 = "Inet 202.0.75.20 netmask
255.255.255.255"

108 enable/etc/rc. conf to take effect immediately: #/etc/netstart.

109./etc layout:
/Etc general system configuration information. The data here is related to a specific system.
/Etc/defaults
The default version of the system configuration file.
/Etc/mail additional Sendmail (8) configuration information, other MTA configuration files.
/Etc
/PPP is used for user-level and kernel-level PPP program configuration.
The default location of/etc/namedb named (8) data. Usually named. conf
And region files are stored here.
/Usr/local/etc is the application configuration file installed. See the subdirectories of each application.
/Usr/local/etc/rc. d
The start/stop script of the installed program.
/Var/database files automatically generated by a specific database system, such as the package database and the location database.

110./etc/resolv. conf indicates how FreeBSD accesses the Domain Name System (DNS ). Resolv. conf
The most common record is: the IP address of the name server to be queried by nameserver in order, up to three. Search
Search for the list of machine names. This is usually determined by the domain of the Local Machine name. Domain Local Domain Name. A typical resolv. conf file:
Search
Example.com
Nameserver 147.11.1.11
Nameserver 147.11.100.30
Note
Meaning: Only one search and domain option can be used. If you are using DHCP, dhclient (8) is often used from DHCP
The information received by the server is overwritten by resolv. conf.

111 modify
/Sbin/dhclient-script, which enables dhclient not to update/etc/resolv. conf when obtaining the IP address; or chflags
Schg/etc/resolv. conf; or add the following settings in/etc/dhclient. conf: prepend
Domain-Name-servers <IP1>, <ip2>. IP1 and ip2 are your DNS servers.

112. ETC/hosts format: [Internet address] [Official hostname] [alias1]
[Alias2]... example: 10.0.0.1 myrealhostname.example.com myrealhostname
Foobar1 foobar2

113, sysctl. conf, and RC. conf are very similar in style. The configuration is variable = Value
This form. The values configured in this file will be modified after the system enters the multi-user mode.
Note that not all variables can be modified in multi-user mode. If you want to disable recording processes that receive a fatal signal and prevent normal users from seeing other users' processes,
You can configure the following in sysctl. conf: # do not record the process exited due to the fatal signal (such as the signal
11. Access out of bounds) Kern. logsigexit = 0 # prevent the user from seeing the UID as another user
Identity. Security. BSD. see_other_uids = 0

114 syslog. conf is the configuration file of syslogd (8) program. It specifies the syslog
Which information type is stored in a specific log file. Newsyslog. conf is a newsyslog (8) that is usually scheduled to run with CRON (8)
Program configuration file. Newsyslog (8) indicates when the log files need to be packaged or reorganized. For example, if logfile is moved
Logfile.0 and logfile.0 are moved to logfile.1. In addition, log files can be compressed using gzip (1). They are named in the following format:
Logfile.0.gz, logfile.1.gz, and so on.

115. sysctl (8) is an interface that allows you to change the running FreeBSD system. It contains some TCP/IP
Advanced options for Stack and virtual memory systems, which allows experienced administrators to improve compelling system performance. Use sysctl (8)
You can read more than five hundred system variables. Based on this, sysctl (8) provides two functions: Read and modify system settings. View All readable variables: % sysctl
-A; read a specified variable, such as Kern. maxproc: % sysctl Kern. maxproc Kern. maxproc:
1044; To set a specified variable, use the syntax variable = value: # sysctl Kern. maxfiles = 5000
Kern. maxfiles: 2088-> 5000. The sysctl variable is usually set as a string, number, or Boolean. (Boolean with 1
To 'yes', and 0 to 'no '). If you want to automatically set certain variables every time the machine starts, you can add them to the file/etc/sysctl. conf.
.

116. "11.12" section describes parameters for using sysctl to adjust disks.

117 and 11.13 adjust the kernel restrictions; 11.13.1 file/process restrictions; 11.13.1.1 Kern. maxfiles;
Kern. maxusers;

118. The Kern. IPC. somaxconn sysctl variable limits the receipt of new TCP
The size of the listening queue. For a high-load web service environment that often processes new connections, the default 128 is too small. We recommend that you increase this value to 1024 in most environments.
Or more. The service process limits the size of the listening Queue (such as Sendmail (8) or Apache) by itself ),
The queue size is usually set in their configuration files. Large listening queues can also help prevent DoS attacks.

119. 11.13.2 network restrictions: Kern. IPC. nmbclusters
; Net. inet. IP. portrange. *; net. inet. tcp. inflight. Enable

120 create a swap file in FreeBSD: 1. confirm that your Kernel configuration includes the virtual disk (memory disk) Driver (MD (4 )). It is in
The default value is used in the generic kernel. Device MD # Memory "disks"; 2. Create an swap file (/usr/swap0 ):#
Dd If =/dev/Zero of =/usr/swap0 BS = 1024 K
Count = 64; 3. grant it a proper permission (/usr/swap0): # chmod 0600/usr/swap0; 4.
Enable swap file in/etc/rc. conf: swapfile = "/usr/swap0" # Set to name of swapfile
If aux swapfile desired; 5. Restart the machine or the following command to make the swap file take effect immediately: # mdconfig-a-t vnode
-F/usr/swap0-u 0 & Swapon/dev/md0

121, 11.15 power supply and Resource Management: Configure ACPI; 11.16: Use and debug FreeBSD ACPI.