See http://www.bkjia.com/ OS /201111/110222.html http://www.bkjia.com/ OS /201111/110221.html http://www.bkjia.com/ OS /201111/110220.html for Installation
1. Configuration after installation
The last time we talked about FreeBSD installation, this time we talked about the configuration and simple optimization methods after FreeBSD installation.
After BSD is installed, it is only the beginning of the long journey for servers to provide services. Some basic settings and optimization are also required. But in fact, even if it is not optimized, FreeBSD can now provide services securely, and the decision is yours.
1. Install and update the ports tree
Some people who have been familiar with FreeBSD must know portsnap, which is a powerful tool for software updates in freebsd. Or the only way. Ports is a large list of Application Software maintained by FreeBSD. Almost all the required and unnecessary software can be found in this list. Portsnap, as its name implies, is a port snapshot. Running portsnap will include the latest remote ports tree structure and the latest stable version of all software under the tree in the server's ports tree. How to Use ports. Let's talk about how to use portsnap first. First, complete the following steps and you will find that ports will be faster and software installation will be faster.
# Cd/etc
# Vi portsnap. conf
Find portsnap.FreeBSD.org
Change it to portsnap3.hshh.org
Save and exit
I am a China Netcom user, so I use image 3. The image list is as follows:
Portsnap.hshh.org (China Telecom)
Portsnap2.hshh.org (China Telecom)
Portsnap3.hshh.org (China Netcom)
Portsnap4.hshh.org (China Telecom)
This is a domestic portsnap image, and the update speed will be faster. I have seen countless linux installation and will not be updated any more, resulting in a large number of vulnerabilities, not all of which are caused by system administrators. This is also related to the maintenance of yum or apt packages. FreeBSD does not have to worry about this. As long as you set portsnap and upgrade automatically, your software will be up to date even if you have been there for a year. However, this is generally not recommended. I will talk about it later.
Then, execute the following command
# Portsnap fetch extract
Update your ports tree. Domestic images are fast. The port package of 63-64M will be downloaded. Then, wait until the decompression is complete. Now, your ports tree is the latest. Compile and install the software. To update, run the following command:
# Portsnap fetch update
Portsnap adopts the incremental update method. fetch extract needs to be executed for the first time. In the future, only fetch update is required. The incremental update volume is small and fast.
2. Update FreeBSD system files
No one can ensure that the operating system is perfect, even the release version is not, but it is the best practice to promptly add patches after discovery. FreeBSD is also quite human. Before updating the system file, we also need to change the configuration file to make it faster.
# Cd/etc
# Vi freebsd-update.conf
Find ServerName update.FreeBSD.org
Set update.freebsd.org
Change to freebsd-updates.mirrors.163.com
Save and exit
Then, run the following command to update the file. Before updating the file, you can check uname-a. For example, 8.2 will display FreeBSD 8.2-RELEASE.
# Freebsd-update fetch
# Freebsd-update install
After the update is complete, restart, and then uname-a, will display FreeBSD 8.2-RELEASE-p4, show that the system patch has been installed.
You can add these commands to the crontab to automatically run them on a regular basis.
3. Software Installation source configuration
Edit a file. This file does not exist in the newly installed freebsd system. It is not generated unless you have installed software with ports. Therefore, manually create this file in the new installation system.
# Vi/etc/make. conf
Enter the following content
MASTER_SITE_BACKUP? = Http://mirrors.163.com/freebsd/distfiles/?#dist_subdir= }/
MASTER_SITE_OVERRIDE? =$ {MASTER_SITE_BACKUP}
Save and exit, so that you will directly connect to the 163 image when using ports for installation, and the speed will be faster. However, one drawback is that the latest software release package is usually not updated in a timely manner. It may take 3-4 days or longer to synchronize the 163 image with freebsd. however, however, domestic images are always better than none.
We do not recommend using pkg_add to directly install binary files, which is not optimized. It is best to compile and install binary files through the ports tree. Unless there are special requirements, I will not write the PACKAGESITE variable settings first.
4. Software Installation
This is one of my favorite advantages of freebsd. It provides comprehensive software collection, clear classification, easy installation, and sufficient compilation and installation methods to adapt to the system and optimize it. Centralized management of configuration files will definitely save human time, which is much better than searching for compiled files in LINUX.
For example, if you want to install nginx, I suppose you have updated the ports tree. When I write this article, the latest frebbsd nginx version is 1.0.8 and 1.
Run the following command to install
# Cd/usr/ports/www/nginx
# Make install clean
The option will pop up, select as needed, and then OK, wait for the compilation to complete, the software will be installed. During the installation process, dependencies are automatically detected and dependent software compilation is automatically downloaded. This is several times better than the worst-off yum, and no matter whether yum is a binary file installed or the dependent package cannot be found, you need to find the configuration file after installation, which is a waste of time! Freebsd configuration files are all centrally managed. No matter what software you install through ports, if the configuration file exists, go to the path below to find
# Cd/usr/local/etc
Ubuntu also seems to be in this path, but after I install it with apt-get, there is basically nothing in this path.
4. Run the software you installed
It is a little troublesome, but it is definitely not big. It only takes less than 30 seconds. If you have installed the application software, such as nginx, follow these steps:
# Vi/etc/rc. conf
Start a new row and enter
Nginx_enable = "YES"
Save and exit
Then run the following command
# Cd/usr/local/etc/rc. d
#./Nginx start
Your nginx is started. Visit your server and check if you want to use welcome to nginx.
Security Configuration and Optimization Configuration