This shows you the differences between two versions of the page.
Both sides previous revisionPrevious revisionNext revision | Previous revision | ||
fuss:freebsd [2016/11/12 12:45] – [Remove ACL Entries] office | fuss:freebsd [2022/04/19 08:28] (current) – external edit 127.0.0.1 | ||
---|---|---|---|
Line 1: | Line 1: | ||
+ | ====== Launching a Process on Boot ====== | ||
+ | |||
+ | On Unix systems, when a user logs on, their default shell which is set when the account is first created, is spawned for them automatically. We use that to spawn a program instead of a shell by creating a user, in this case named '' | ||
+ | |||
+ | A new user should be added using the '' | ||
+ | |||
+ | <code sh> | ||
+ | wiz: | ||
+ | </ | ||
+ | |||
+ | We duplicate the Pc console in ''/ | ||
+ | |||
+ | <code sh> | ||
+ | P|Pc|Pc console:\ | ||
+ | : | ||
+ | |||
+ | P|Pa|Pa console:\ | ||
+ | : | ||
+ | </ | ||
+ | |||
+ | Then, we add the terminal to the ''/ | ||
+ | |||
+ | <code sh> | ||
+ | ttyv0 "/ | ||
+ | # Virtual terminals | ||
+ | ttyv1 "/ | ||
+ | </ | ||
+ | |||
+ | ====== Passing Arguments to Autoconf ====== | ||
+ | |||
+ | There are instances where certain options from ports are not configurable using the port system. For example, there is a bug in FreeBSD 10.1 that prevents '' | ||
+ | <code bash> | ||
+ | CONFIGURE_ARGS= --disable-csharp | ||
+ | </ | ||
+ | |||
+ | where all the parameters passed to the '' | ||
+ | |||
+ | ====== Updating Ports ====== | ||
+ | |||
+ | A good idea is to keep ports updated and that can be achieved using the '' | ||
+ | <code bash> | ||
+ | portsnap fetch extract | ||
+ | </ | ||
+ | and then any time you wish to update the ports, issue: | ||
+ | <code bash> | ||
+ | portsnap fetch update | ||
+ | </ | ||
+ | |||
+ | ====== Updating Packages ====== | ||
+ | |||
+ | In order to update packages, you can use '' | ||
+ | <code bash> | ||
+ | portmaster -L --index-only| egrep ' | ||
+ | </ | ||
+ | |||
+ | and, in order to update a package - say '' | ||
+ | <code bash> | ||
+ | portmaster bash | ||
+ | </ | ||
+ | |||
+ | Alternatively, | ||
+ | <code bash> | ||
+ | portmaster -a | ||
+ | </ | ||
+ | |||
+ | ====== Setting Time-Zome ====== | ||
+ | |||
+ | Some packages depend heavily on a time-zone being set. FreeBSD by default assumes UTC, in which case, it considers that no timezone setting is necessary. What happens is that if there is no ''/ | ||
+ | |||
+ | In order to install a time-zone, copy a file (don't copy a directory) from ''/ | ||
+ | <code bash> | ||
+ | cp / | ||
+ | </ | ||
+ | |||
+ | ====== Reinstalling Ports ====== | ||
+ | |||
+ | In order to rebuild a port and the ports it depends on, issue: | ||
+ | <code bash> | ||
+ | portupgrade -Rf < | ||
+ | </ | ||
+ | or | ||
+ | <code bash> | ||
+ | portmaster -f < | ||
+ | </ | ||
+ | |||
+ | In order to rebuild a port and the ports that depend on it, issue: | ||
+ | <code bash> | ||
+ | portupgrade -rf < | ||
+ | </ | ||
+ | or | ||
+ | <code bash> | ||
+ | portmaster -rf < | ||
+ | </ | ||
+ | |||
+ | where ''< | ||
+ | |||
+ | ====== Add User to Wheel Group ====== | ||
+ | |||
+ | In order for an user to be able to elevate its privileges, the user needs to be part of the '' | ||
+ | <code bash> | ||
+ | pw user mod USER -G wheel | ||
+ | </ | ||
+ | |||
+ | as root in order to add '' | ||
+ | |||
+ | ====== Initialize GeoIP Databases ====== | ||
+ | |||
+ | First, install the '' | ||
+ | <code bash> | ||
+ | cd / | ||
+ | make config-recursive | ||
+ | make install clean | ||
+ | </ | ||
+ | |||
+ | then change directory to ''/ | ||
+ | <code bash> | ||
+ | cd / | ||
+ | </ | ||
+ | |||
+ | and download the [[http:// | ||
+ | <code bash> | ||
+ | curl -O http:// | ||
+ | curl -O http:// | ||
+ | curl -O http:// | ||
+ | </ | ||
+ | |||
+ | and extract them: | ||
+ | <code bash> | ||
+ | gunzip GeoIP.dat.gz | ||
+ | gunzip GeoIPASNum.dat.gz | ||
+ | gunzip GeoLiteCity.dat.gz | ||
+ | </ | ||
+ | |||
+ | which should cover the installation of the databases. | ||
+ | |||
+ | In order to check that they are working correctly, issue, for instance: | ||
+ | < | ||
+ | / | ||
+ | </ | ||
+ | |||
+ | which should yield: | ||
+ | < | ||
+ | GeoIP City Edition, Rev 1: US, CA, California, Mountain View, 94040, 37.386002, -122.083801, | ||
+ | </ | ||
+ | |||
+ | ====== Ports Cheat-Sheet ====== | ||
+ | |||
+ | ^ Command ^ Purpose ^ | ||
+ | | '' | ||
+ | | '' | ||
+ | | '' | ||
+ | | '' | ||
+ | | '' | ||
+ | | '' | ||
+ | | '' | ||
+ | |||
+ | ====== Automatically Repair Filesystem on Boot ====== | ||
+ | |||
+ | The option: | ||
+ | < | ||
+ | fsck_y_enable=" | ||
+ | </ | ||
+ | |||
+ | can be added to ''/ | ||
+ | |||
+ | Additionally, | ||
+ | < | ||
+ | background_fsck=" | ||
+ | </ | ||
+ | in ''/ | ||
+ | |||
+ | ====== Adding and Removing Users from Groups ====== | ||
+ | |||
+ | In order to remove a user named '' | ||
+ | <code bash> | ||
+ | pw mod group GROUP -d USER | ||
+ | </ | ||
+ | |||
+ | In order to add a user named '' | ||
+ | <code bash> | ||
+ | pw mod user USER -G GROUP | ||
+ | </ | ||
+ | |||
+ | ====== Remove ACL Entries ====== | ||
+ | |||
+ | This can be achieved using the command: | ||
+ | <code bash> | ||
+ | setfacl -bn PATH | ||
+ | </ | ||
+ | |||
+ | where '' | ||
+ | |||
+ | ====== i2p on FreeBSD 10 ====== | ||
+ | |||
+ | '' | ||
+ | |||
+ | < | ||
+ | i2p_enable=" | ||
+ | i2p_user=" | ||
+ | </ | ||
+ | |||
+ | where '' | ||
+ | |||
+ | After that, you would issue: | ||
+ | <code bash> | ||
+ | / | ||
+ | </ | ||
+ | |||
+ | which will install the service files to the home directory of the '' | ||
+ | |||
+ | Then, if you attempt to start the service: | ||
+ | <code bash> | ||
+ | / | ||
+ | </ | ||
+ | |||
+ | and monitor '' | ||
+ | < | ||
+ | Launching a JVM... | ||
+ | javavm: warning: The use of ' | ||
+ | JVM exited while loading the application. | ||
+ | Error: Could not find or load main class org.tanukisoftware.wrapper.WrapperSimpleApp | ||
+ | The value of wrapper.java.command does not appear to be a java binary. | ||
+ | The use of scripts is not supported. Trying to continue, but some features may not work correctly.. | ||
+ | </ | ||
+ | |||
+ | Which is obviously a class-path problem. The officially suggested workaround is to install '' | ||
+ | <code bash> | ||
+ | cd $HOME/i2p | ||
+ | cp / | ||
+ | cp / | ||
+ | cp / | ||
+ | </ | ||
+ | |||
+ | Unfortunately, | ||
+ | |||
+ | You need to edit '' | ||
+ | < | ||
+ | $INSTALL_PATH | ||
+ | </ | ||
+ | |||
+ | and replace that variable with the hard-coded path to where you installed i2p. Apparently the install script does not set the environment variable properly such that you will have to hard-code it this way in order for i2p to start. | ||
+ | |||
+ | ====== Set Default ACLs for Newly Created Files ====== | ||
+ | |||
+ | In order to have the ACLs applied to new files and folders created under a directory, default ACLs can be used. | ||
+ | |||
+ | The first step is to set the default ACL for the directory: | ||
+ | <code bash> | ||
+ | setfacl -dm u:: | ||
+ | </ | ||
+ | |||
+ | where: | ||
+ | * '' | ||
+ | |||
+ | This step is necessary before setting default ACLs that grant other users permissions, | ||
+ | < | ||
+ | setfacl: DIRECTORY: acl_calc_mask() failed: Invalid argument | ||
+ | setfacl: DIRECTORY: failed to set ACL mask | ||
+ | </ | ||
+ | |||
+ | The final step is to set the default ACLs for the users you want: | ||
+ | <code bash> | ||
+ | setfacl -dm u: | ||
+ | </ | ||
+ | where: | ||
+ | * '' | ||
+ | * '' | ||
+ | * '' | ||
+ | |||
+ | To set these permissions recursively (note that only directories may have default ACLs), you would have to use '' | ||
+ | <code bash> | ||
+ | find . -type d -exec setfacl -dm u: | ||
+ | </ | ||
+ | |||
+ | which will set default permissions for all directories and sub-directories starting from the current directory. | ||
+ | |||
+ | |||