--- website: https://www.freebsd.org obj: os rev: 2024-03-27 --- # FreeBSD FreeBSD is an operating system used to power modern servers, desktops, and embedded platforms. A large community has continually developed it for more than thirty years. Its advanced networking, security, and storage features (using [ZFS](../linux/filesystems/ZFS.md) natively) have made FreeBSD the platform of choice for many of the busiest web sites and most pervasive embedded networking and storage devices. ## pkg Pkg is the Package Manager on BSDs, offering a sophisticated set of tools for managing software installations, updates, and dependencies on FreeBSD systems. - **Repositories**: FreeBSD supports multiple package repositories, including the official FreeBSD repository and third-party repositories like FreeBSD Ports Collection or custom repositories. Users can configure repositories using `/etc/pkg/FreeBSD.conf` or by creating their own repository configurations. - **Dependency Resolution**: Pkg automatically resolves dependencies when installing or upgrading packages, ensuring that all required dependencies are installed or updated to compatible versions. - **Version Pinning**: Users can pin specific package versions to prevent automatic upgrades. This feature is useful for maintaining compatibility with specific software configurations or ensuring stability in production environments. - **Package Flags**: Pkg supports package flags to customize package installation behavior. Flags allow users to enable or disable specific features or dependencies for individual packages. - **Audit and Security**: Pkg includes features for auditing installed packages to identify vulnerabilities and security issues. Users can run `pkg audit` to check for vulnerabilities in installed packages and take appropriate actions to mitigate risks. - **Package Configuration**: Some packages require configuration during installation. Pkg provides tools to manage package configuration files, including merging changes during upgrades and managing configuration files for multiple package versions. - **Package Downgrades**: In certain scenarios, users may need to downgrade packages to previous versions. Pkg supports downgrading packages while resolving dependencies and ensuring system integrity. - **Package Locking**: Administrators can lock specific packages to prevent accidental modification or removal. Package locking is useful for critical system components or packages that should remain unchanged for stability reasons. ### Usage - `pkg install `: Installs the specified package and its dependencies. - `pkg search `: Searches for packages matching the given search term. - `pkg update`: Updates the local package repository, ensuring access to the latest package information. - `pkg upgrade`: Upgrades installed packages to their latest available versions. - `pkg info`: Lists all installed packages on the system. - `pkg remove `: Uninstalls the specified package from the system. - `pkg autoremove`: Removes orphaned packages, i.e., packages that were installed as dependencies but are no longer needed by any installed package. - `pkg clean`: Cleans the local package cache, freeing up disk space by removing old package files. - `pkg audit`: Checks installed packages for known vulnerabilities and security issues. ## mdconfig `mdconfig` lets you create and control memory disks. Usage: `mdconfig [OPTIONS]` `mdconfig file` is provided for convenience as an abbreviation of `mdconfig -a -t vnode -f file`. ### Options | Option | Description | | --------------- | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | | `-a` | Attach a memory disk. This will configure and attach a memory disk with the parameters specified and attach it to the system. If the `-u unit` option is not provided, the newly created device name will be printed to stdout | | `-d` | Detach a memory disk from the system and release all resources | | `-r` | Resize a memory disk | | `-t type` | Select the type of the memory disk:
- `malloc`: Storage for this type of memory disk is allocated with malloc
- `vnode`: A file specified with `-f file` becomes the backing store for this memory disk
- `swap`: Storage for this type of memory disk is allocated from buffer memory. Pages get pushed out to swap when the system is under memory pressure. Using is generally preferred over `malloc`
- `null`: Bitsink, all writes do nothing, all reads return zero | | `-f file` | Filename to use for the vnode type memory disk | | `-l` | List configured devices. Use with `-u` or `-v` for more details | | `-n` | When printing md device names, print only the unit number without the md prefix | | `-s size` | Size of the memory disk | | `-S sectorsize` | Sectorsize to use for the memory disk | | `-L label` | Associate a label with the new memory disk | | -o OPTION | **\[no]option**: Set or reset options.

**\[no]async**: For vnode backed devices: avoid `IO_SYNC` for increased performance but at the risk of deadlocking the entire kernel.

**\[no]cache**: For vnode backed devices: enable/disable caching of data in system caches. The default is to not cache. Accesses via the device are converted to accesses via the vnode. The caching policy for the vnode is used initially. This is normally to cache. This caching policy is retained if the cache option is used. Otherwise, caching is limited by releasing data from caches soon after each access. The release has the same semantics as the `POSIX_FADV_DONTNEED` feature of posix_fadvise. The result is that with normal (non-zfs) caching, buffers are released from the buffer cache soon after they are constructed, but their data is kept in the page cache at lower priority. The cache option tends to waste memory by giving unwanted double caching, but it saves time if there is memory to spare.

**\[no]reserve**: Allocate and reserve all needed storage from the start, rather than as needed.

**\[no]cluster**: Enable clustering on this disk.

**\[no]compress**: Enable/disable compression features to reduce memory usage.

**\[no]force**: Disable/enable extra sanity checks to prevent the user from doing something that might adversely affect the system. This can be used with the `-d` flag to forcibly destroy an md disk that is still in use.

**\[no]mustdealloc**: For vnode backed devices: detect whether hole-punching is supported by the underlying file system. If the file system supports hole-punching, then to handle a `BIO_DELETE` request, some or all of the request's operation range may be turned into a hole in the file used for backing store. Any parts which are not turned into holes are zero-filled in the file. If the file system does not support hole-punching, `BIO_DELETE` requests to the device are not handled and will fail with `EOPNOTSUPP`. When mustdealloc is not specified or \[no]mustdealloc is specified, for a `BIO_DELETE` request, if the file system supports hole-punching, some or all of the request's operation range may be turned into a hole in the file used for backing store. Any parts which are not turned into holes are zero-filled in the file. If the file system of the vnode type memory disk does not support hole-punching, the request's operation range is zero-filled in the file.

**\[no]readonly**: Enable/disable readonly mode.

**\[no]verify**: For vnode backed devices: enable/disable requesting verification of the file used for backing store. The type of verification depends on which security features are available. One example of verification is testing file integrity with checksums or cryptographic signatures. | | -u unit | Request a specific unit number or device name for the md device instead of automatic allocation. If a device name is specified, it must start with "md" followed by the unit number. | ### Examples Create a disk with `/tmp/boot.flp` as backing storage. The name of the allocated unit will be printed on stdout, such as "md0": ```shell mdconfig /tmp/boot.flp ``` Create a 1 gigabyte swap backed memory disk named "md3": ```shell mdconfig -s 1g -u md3 ``` Detach and free all resources used by `/dev/md3`: ```shell mdconfig -du md3 ``` Show detailed information on current memory disks: ```shell mdconfig -lv ``` Resize the "md3" memory disk to 2 gigabytes: ```shell mdconfig -rs 2g -u md3 ``` Create a 1 gigabyte swap backed disk, initialize an ffs file system on it, and mount it on `/tmp`: ```shell mdconfig -s 1g -u md10 newfs -U /dev/md10 mount /dev/md10 /tmp chmod 1777 /tmp ``` Create a memory disk out of an ISO 9660 CD image file, using the first available md device, and then mount it: ```shell mount -t cd9660 /dev/`mdconfig -f cdimage.iso` /mnt ``` Create a file-backed device from a hard disk image that begins with 512K of raw header information. gnop is used to skip over the header information, positioning md1.nop to the start of the filesystem in the image. ```shell mdconfig -u md1 -f diskimage.img gnop create -o 512K md1 mount /dev/md1.nop /mnt ```