knowledge/technology/bsd/FreeBSD.md

110 lines
44 KiB
Markdown
Raw Normal View History

2023-12-04 10:02:23 +00:00
---
website: https://www.freebsd.org
obj: os
2024-03-27 14:03:38 +00:00
rev: 2024-03-27
2023-12-04 10:02:23 +00:00
---
# FreeBSD
FreeBSD is an operating system used to power modern servers, desktops, and embedded platforms. A large community has continually developed it for more than thirty years. Its advanced networking, security, and storage features (using [ZFS](../linux/filesystems/ZFS.md) natively) have made FreeBSD the platform of choice for many of the busiest web sites and most pervasive embedded networking and storage devices.
2024-03-01 12:16:36 +00:00
## pkg
2024-03-27 14:03:38 +00:00
Pkg is the Package Manager on BSDs, offering a sophisticated set of tools for managing software installations, updates, and dependencies on FreeBSD systems.
- **Repositories**: FreeBSD supports multiple package repositories, including the official FreeBSD repository and third-party repositories like FreeBSD Ports Collection or custom repositories. Users can configure repositories using `/etc/pkg/FreeBSD.conf` or by creating their own repository configurations.
- **Dependency Resolution**: Pkg automatically resolves dependencies when installing or upgrading packages, ensuring that all required dependencies are installed or updated to compatible versions.
- **Version Pinning**: Users can pin specific package versions to prevent automatic upgrades. This feature is useful for maintaining compatibility with specific software configurations or ensuring stability in production environments.
- **Package Flags**: Pkg supports package flags to customize package installation behavior. Flags allow users to enable or disable specific features or dependencies for individual packages.
- **Audit and Security**: Pkg includes features for auditing installed packages to identify vulnerabilities and security issues. Users can run `pkg audit` to check for vulnerabilities in installed packages and take appropriate actions to mitigate risks.
- **Package Configuration**: Some packages require configuration during installation. Pkg provides tools to manage package configuration files, including merging changes during upgrades and managing configuration files for multiple package versions.
- **Package Downgrades**: In certain scenarios, users may need to downgrade packages to previous versions. Pkg supports downgrading packages while resolving dependencies and ensuring system integrity.
- **Package Locking**: Administrators can lock specific packages to prevent accidental modification or removal. Package locking is useful for critical system components or packages that should remain unchanged for stability reasons.
### Usage
- `pkg install <package>`: Installs the specified package and its dependencies.
- `pkg search <term>`: Searches for packages matching the given search term.
- `pkg update`: Updates the local package repository, ensuring access to the latest package information.
- `pkg upgrade`: Upgrades installed packages to their latest available versions.
- `pkg info`: Lists all installed packages on the system.
- `pkg remove <package>`: Uninstalls the specified package from the system.
- `pkg autoremove`: Removes orphaned packages, i.e., packages that were installed as dependencies but are no longer needed by any installed package.
- `pkg clean`: Cleans the local package cache, freeing up disk space by removing old package files.
- `pkg audit`: Checks installed packages for known vulnerabilities and security issues.
2024-03-01 12:16:36 +00:00
## mdconfig
`mdconfig` lets you create and control memory disks.
Usage: `mdconfig [OPTIONS]`
`mdconfig file` is provided for convenience as an abbreviation of `mdconfig -a -t vnode -f file`.
### Options
| Option | Description |
| --------------- | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- |
| `-a` | Attach a memory disk. This will configure and attach a memory disk with the parameters specified and attach it to the system. If the `-u unit` option is not provided, the newly created device name will be printed to stdout |
| `-d` | Detach a memory disk from the system and release all resources |
| `-r` | Resize a memory disk |
| `-t type` | Select the type of the memory disk:<br>- `malloc`: Storage for this type of memory disk is allocated with malloc<br>- `vnode`: A file specified with `-f file` becomes the backing store for this memory disk<br>- `swap`: Storage for this type of memory disk is allocated from buffer memory. Pages get pushed out to swap when the system is under memory pressure. Using is generally preferred over `malloc`<br>- `null`: Bitsink, all writes do nothing, all reads return zero |
| `-f file` | Filename to use for the vnode type memory disk |
| `-l` | List configured devices. Use with `-u` or `-v` for more details |
| `-n` | When printing md device names, print only the unit number without the md prefix |
| `-s size` | Size of the memory disk |
| `-S sectorsize` | Sectorsize to use for the memory disk |
| `-L label` | Associate a label with the new memory disk |
| -o OPTION | **\[no]option**: Set or reset options. <br><br> **\[no]async**: For vnode backed devices: avoid `IO_SYNC` for increased performance but at the risk of deadlocking the entire kernel. <br><br> **\[no]cache**: For vnode backed devices: enable/disable caching of data in system caches. The default is to not cache. Accesses via the device are converted to accesses via the vnode. The caching policy for the vnode is used initially. This is normally to cache. This caching policy is retained if the cache option is used. Otherwise, caching is limited by releasing data from caches soon after each access. The release has the same semantics as the `POSIX_FADV_DONTNEED` feature of posix_fadvise. The result is that with normal (non-zfs) caching, buffers are released from the buffer cache soon after they are constructed, but their data is kept in the page cache at lower priority. The cache option tends to waste memory by giving unwanted double caching, but it saves time if there is memory to spare. <br><br> **\[no]reserve**: Allocate and reserve all needed storage from the start, rather than as needed. <br><br> **\[no]cluster**: Enable clustering on this disk. <br><br> **\[no]compress**: Enable/disable compression features to reduce memory usage. <br><br> **\[no]force**: Disable/enable extra sanity checks to prevent the user from doing something that might adversely affect the system. This can be used with the `-d` flag to forcibly destroy an md disk that is still in use. <br><br> **\[no]mustdealloc**: For vnode backed devices: detect whether hole-punching is supported by the underlying file system. If the file system supports hole-punching, then to handle a `BIO_DELETE` request, some or all of the request's operation range may be turned into a hole in the file used for backing store. Any parts which are not turned into holes are zero-filled in the file. If the file system does not support hole-punching, `BIO_DELETE` requests to the device are not handled and will fail with `EOPNOTSUPP`. When mustdealloc is not specified or \[no]mustdealloc is specified, for a `BIO_DELETE` request, if the file system supports hole-punching, some or all of the request's operation range may be turned into a hole in the file used for backing store. Any parts which are not turned into holes are zero-filled in the file. If the file system of the vnode type memory disk does not support hole-punching, the request's operation range is zero-filled in the file. <br><br> **\[no]readonly**: Enable/disable readonly mode. <br><br> **\[no]verify**: For vnode backed devices: enable/disable requesting verification of the file used for backing store. The type of verification depends on which security features are available. One example of verification is testing file integrity with checksums or cryptographic signatures. |
| -u unit | Request a specific unit number or device name for the md device instead of automatic allocation. If a device name is specified, it must start with "md" followed by the unit number. |
### Examples
Create a disk with `/tmp/boot.flp` as backing storage. The name of the allocated unit will be printed on stdout, such as "md0":
```shell
mdconfig /tmp/boot.flp
```
Create a 1 gigabyte swap backed memory disk named "md3":
```shell
mdconfig -s 1g -u md3
```
Detach and free all resources used by `/dev/md3`:
```shell
mdconfig -du md3
```
Show detailed information on current memory disks:
```shell
mdconfig -lv
```
Resize the "md3" memory disk to 2 gigabytes:
```shell
mdconfig -rs 2g -u md3
```
Create a 1 gigabyte swap backed disk, initialize an ffs file system on it, and mount it on `/tmp`:
```shell
mdconfig -s 1g -u md10
newfs -U /dev/md10
mount /dev/md10 /tmp
chmod 1777 /tmp
```
Create a memory disk out of an ISO 9660 CD image file, using the first available md device, and then mount it:
```shell
mount -t cd9660 /dev/`mdconfig -f cdimage.iso` /mnt
```
Create a file-backed device from a hard disk image that begins with 512K of raw header information. gnop is used to skip over the header information, positioning md1.nop to the start of the filesystem in the image.
```shell
mdconfig -u md1 -f diskimage.img
gnop create -o 512K md1
mount /dev/md1.nop /mnt
```