FreeBSD from scratch --- configuration after installation (1)

 

See http://www.bkjia.com/ OS /201111/110222.html http://www.bkjia.com/ OS /201111/110221.html http://www.bkjia.com/ OS /201111/110220.html for Installation

 

1. Configuration after installation

 

 

 

The last time we talked about FreeBSD installation, this time we talked about the configuration and simple optimization methods after FreeBSD installation.

 

 

After BSD is installed, it is only the beginning of the long journey for servers to provide services. Some basic settings and optimization are also required. But in fact, even if it is not optimized, FreeBSD can now provide services securely, and the decision is yours.

 

 

1. Install and update the ports tree

 

 

Some people who have been familiar with FreeBSD must know portsnap, which is a powerful tool for software updates in freebsd. Or the only way. Ports is a large list of Application Software maintained by FreeBSD. Almost all the required and unnecessary software can be found in this list. Portsnap, as its name implies, is a port snapshot. Running portsnap will include the latest remote ports tree structure and the latest stable version of all software under the tree in the server's ports tree. How to Use ports. Let's talk about how to use portsnap first. First, complete the following steps and you will find that ports will be faster and software installation will be faster.

 

 

# Cd/etc

# Vi portsnap. conf

 

Find portsnap.FreeBSD.org

 

Change it to portsnap3.hshh.org

 

Save and exit

 

 

I am a China Netcom user, so I use image 3. The image list is as follows:

Portsnap.hshh.org (China Telecom)

Portsnap2.hshh.org (China Telecom)

Portsnap3.hshh.org (China Netcom)

Portsnap4.hshh.org (China Telecom)

 

 

This is a domestic portsnap image, and the update speed will be faster. I have seen countless linux installation and will not be updated any more, resulting in a large number of vulnerabilities, not all of which are caused by system administrators. This is also related to the maintenance of yum or apt packages. FreeBSD does not have to worry about this. As long as you set portsnap and upgrade automatically, your software will be up to date even if you have been there for a year. However, this is generally not recommended. I will talk about it later.

 

 

Then, execute the following command

 

 

# Portsnap fetch extract

 

 

Update your ports tree. Domestic images are fast. The port package of 63-64M will be downloaded. Then, wait until the decompression is complete. Now, your ports tree is the latest. Compile and install the software. To update, run the following command:

 

 

# Portsnap fetch update

 

 

Portsnap adopts the incremental update method. fetch extract needs to be executed for the first time. In the future, only fetch update is required. The incremental update volume is small and fast.

 

 

2. Update FreeBSD system files

 

 

No one can ensure that the operating system is perfect, even the release version is not, but it is the best practice to promptly add patches after discovery. FreeBSD is also quite human. Before updating the system file, we also need to change the configuration file to make it faster.

 

 

# Cd/etc

# Vi freebsd-update.conf

 

Find ServerName update.FreeBSD.org

 

Set update.freebsd.org

Change to freebsd-updates.mirrors.163.com

 

Save and exit

 

 

Then, run the following command to update the file. Before updating the file, you can check uname-a. For example, 8.2 will display FreeBSD 8.2-RELEASE.

 

 

# Freebsd-update fetch

# Freebsd-update install

 

 

After the update is complete, restart, and then uname-a, will display FreeBSD 8.2-RELEASE-p4, show that the system patch has been installed.

 

 

You can add these commands to the crontab to automatically run them on a regular basis.

 

 

3. Software Installation source configuration

Edit a file. This file does not exist in the newly installed freebsd system. It is not generated unless you have installed software with ports. Therefore, manually create this file in the new installation system.

 

 

# Vi/etc/make. conf

 

Enter the following content

MASTER_SITE_BACKUP? = Http://mirrors.163.com/freebsd/distfiles/?#dist_subdir= }/

MASTER_SITE_OVERRIDE? =$ {MASTER_SITE_BACKUP}

 

 

Save and exit, so that you will directly connect to the 163 image when using ports for installation, and the speed will be faster. However, one drawback is that the latest software release package is usually not updated in a timely manner. It may take 3-4 days or longer to synchronize the 163 image with freebsd. however, however, domestic images are always better than none.

 

 

We do not recommend using pkg_add to directly install binary files, which is not optimized. It is best to compile and install binary files through the ports tree. Unless there are special requirements, I will not write the PACKAGESITE variable settings first.

 

 

4. Software Installation

 

 

This is one of my favorite advantages of freebsd. It provides comprehensive software collection, clear classification, easy installation, and sufficient compilation and installation methods to adapt to the system and optimize it. Centralized management of configuration files will definitely save human time, which is much better than searching for compiled files in LINUX.

 

 

For example, if you want to install nginx, I suppose you have updated the ports tree. When I write this article, the latest frebbsd nginx version is 1.0.8 and 1.

 

 

Run the following command to install

# Cd/usr/ports/www/nginx

# Make install clean

 

 

The option will pop up, select as needed, and then OK, wait for the compilation to complete, the software will be installed. During the installation process, dependencies are automatically detected and dependent software compilation is automatically downloaded. This is several times better than the worst-off yum, and no matter whether yum is a binary file installed or the dependent package cannot be found, you need to find the configuration file after installation, which is a waste of time! Freebsd configuration files are all centrally managed. No matter what software you install through ports, if the configuration file exists, go to the path below to find

 

 

# Cd/usr/local/etc

 

 

Ubuntu also seems to be in this path, but after I install it with apt-get, there is basically nothing in this path.

 

 

4. Run the software you installed

 

 

It is a little troublesome, but it is definitely not big. It only takes less than 30 seconds. If you have installed the application software, such as nginx, follow these steps:

 

 

# Vi/etc/rc. conf

 

Start a new row and enter

 

Nginx_enable = "YES"

 

Save and exit

 

 

Then run the following command

 

 

# Cd/usr/local/etc/rc. d

#./Nginx start

 

 

Your nginx is started. Visit your server and check if you want to use welcome to nginx.

 

 

Security Configuration and Optimization Configuration