Tag Archives: intel

FreeBSD Desktop – Part 2.1 – Install FreeBSD 12

This article is an update/rewrite to the already published FreeBSD Desktop – Part 2 – Install. With the upcoming introduction of the FreeBSD 12.0-RELESE version new possibilities arise when it comes to installation. I already talked/showed that method in my ZFS Boot Environments Reloaded at NLUUG presentation but to make it more available and obvious part of my FreeBSD Desktop series I write about it again in dedicated article entry.

You may want to check other articles in the FreeBSD Desktop series on the FreeBSD Desktop – Global Page where you will find links to all episodes of the series along with table of contents for each episode’s contents.

Now (in FreeBSD 12.x) it is possible to install FreeBSD on GELI encrypted root on ZFS pool without any additional partitions or filesystems. No longer separate UFS or ZFS boot pool /boot filesystem is needed. And what is even more appealing such setup is supported both on UEFI and BIOS (also refereed as Legacy or CSM) systems. Such setup is also compatible with both new bectl(8) utility and the old proven beadm(8) tool. It is also nice that to make such setup you only need to choose the Auto ZFS option from the bsdinstall(8) so you will not have to do it by hand. I advice using GPT (BIOS+UEFI) as it will support both system types so when you are running BIOS system now and will move the disk to other system that boots with UEFI it will also just work out of the box.

The FreeBSD 12.0 is currently at the RC1 stage so we will use that one for below examples of such setup. The 12.0-RELEASE is expected to arise before Christmas if no significant problems or bugs will be found on the road to RC2 and RC3 editions.

For the record here is the FreeBSD 12.0-RC1 Availability information page and aggregated FreeBSD 12.0-RELEASE Release Notes for the upcoming new major FreeBSD version, but it is not yet complete/ready.

I will only show one install process that will work for both UEFI and BIOS systems – the crucial option here is GPT (BIOS+UEFI) to select (which is also the default one). The other option that You need to select is Yes for the Encryption part and also select the SWAP size. You may as well do not use swap and enter ‘0‘ here which means that SWAP partition will not be created. You may as well create ZFS ZVOL partition for SWAP on ZFS pool later or just create a file like /SWAP and enable it as SWAP. No matter which SWAP option you will choose if your system swaps then you are too low on memory and neither of these methods are better or worse then.

freebsd-install-01.png

freebsd-install-02.png

freebsd-install-03.png

One last thing about the default FreeBSD (no matter if 11.x or 12.x) ZFS dataset/filesystem layout. I showed it on my ZFS Boot Environments/ZFS Boot Environments Reloaded presentations but without any text comment as I talked it live.

By default both /var and /usr filesystems are part of the Boot Environment. They are protected and snapshoted during the beadm create newbe process (or by bectl(8) also). Its appears that /var and /usr are separate processes when you type zfs list commend as shown on the slide below.

zroot-layout-01.png

… but when you check the canmount parameter for all ZFS datasets, then it become obvious that /usr and /var are ’empty’ datasets (not mounted).

zroot-layout-02.png

… and also confirmation from theΒ df(1) tool.

zroot-layout-03.png

I asked FreeBSD Developers what is the reason for such construct and its for the mountpoint inheritance purposes. For example when zroot/usr has mountpoint set to /usr then when you create zroot/usr/local dataset, then it will automatically get the /usr/local for the mountpoint parameter by inheritance. At the first sight it may be misleading (I also got caught) but it makes sense when you think about it.

The only filesystems that are NOT included for the Boot Environment protection are these:

  • /usr/home
  • /usr/ports
  • /usr/src
  • /var/audit
  • /var/crash
  • /var/log
  • /var/mail
  • /var/tmp

While in most cases it is not needed to protect these in the Boot Environment protection if you want to also protect these type these two comments to move all the /usr/* and /var/* datasets/filesystems into the Boot Environment pool/ROOT/dataset. It will work on a running system without need for reboot, just make sure you use -u flag.

# zfs rename -u zroot/usr zroot/ROOT/default/usr
# zfs rename -u zroot/var zroot/ROOT/default/var

Now grab that FreeBSD ISO and install it the best possible way up to date πŸ™‚

You will probably want to get amd64 version which is suitable for both 64-bit AMD and Intel systems.

EOF

Β 

Advertisements

Valuable News – 2018/08/25

UNIX

OpenBSD adds kcov(4) kernel code coverage tracing driver.
So far 8 distinct panics have been found and fixed.
https://marc.info/?l=openbsd-cvs&m=153467896308034&w=2

GCC 8.2 now packaged and available in Illumos/OpenIndiana.
https://bsd.network/@sehnsucht/100581557620270760
https://pkg.openindiana.org/hipster/info/0/developer%2Fgcc-8%408.2.0%2C5.11-2018.0.0.0%3A20180815T204704Z

FreeBSD arc4random is now based on ChaCha20 implementation from OpenBSD.
https://twitter.com/lattera/status/1031280553301925888
https://svnweb.freebsd.org/base?view=revision&revision=338059

Valve forked WINE into Proton as compatibility tool for Steam Play.
https://github.com/ValveSoftware/Proton/
https://steamcommunity.com/games/221410/announcements/detail/1696055855739350561

AMD Threadripper 2990WX 32-core/64-thread on DragonFly BSD.
http://apollo.backplane.com/DFlyMisc/threadripper.txt
http://lists.dragonflybsd.org/pipermail/users/2018-August/357858.html

Using 10GE Adapters with PowerVM SEA – Virtual Ethernet Considerations.
http://ibmsystemsmag.com/aix/administrator/virtualization/using-10gbit-ethernet-adapters/

Native ZFS Encryption on FreeBSD CFT on the road to 12.0-RELEASE.
https://lists.freebsd.org/pipermail/freebsd-current/2018-August/070832.html

Backup FreeNAS and TrueNAS to Backblaze B2 Cloud.
https://www.backblaze.com/blog/how-to-setup-freenas-cloud-storage/

Colin Percival heroic (I am not joking here) fight for removing unneeded sleeps during boot on FreeBSD.
https://twitter.com/cperciva/status/1031928231635677184
https://reviews.freebsd.org/D16723

Writing SYSTEMD service files.
https://twitter.com/mulander/status/1031908074733428736
https://obsd.pl/mfm/iptables/

Illumos/Tribblix packages of openjdk9 and openjdk10 available.
https://twitter.com/ptribble/status/1031650238266789893
https://twitter.com/ptribble/status/1031900360271491074
http://pkgs.tribblix.org/openjdk/

Difference between OpenBSD xenodm and regular xdm.
https://undeadly.org/cgi?action=article&sid=20160911231712

X.Org Security Advisory – 2018/08/21.
http://seclists.org/oss-sec/2018/q3/146

FreeBSD removes legacy DRM and DRM2 from its tree.
https://twitter.com/f0andrey/status/1032234624544583680
https://svnweb.freebsd.org/base?view=revision&revision=338172

OmniOS CE (Community Edition) r151026p/r151024ap/r151022bn with CVE-2018-15473 addressed.
https://omniosce.org/article/releases-026p-024ap-022bn.html

Running Mastodon on FreeBSD.
https://ftfl.ca/blog/2017-05-23-mastodon-freebsd.html

Upgrading Mastodon on FreeBSD.
https://ftfl.ca/blog/2017-05-27-mastodon-freebsd-upgrade.html

KDE Plasma 5.x on Pinebook Laptop.
https://twitter.com/SoftpediaLinux/status/1032262240437723137

FreeBSD – Raspberry Pi 3B+ – UART.
https://blackdot.be/2018/08/freebsd-uart-and-raspberry-pi-3-b/

FreeBSD – Raspberry Pi 3B+ – Remote Access Console.
https://blackdot.be/2018/08/remote-access-console-using-raspberry-pi-3b-and-freebsd/

FreeBSD 12.x has LUA loader enabled by default.
https://twitter.com/bsdimp/status/1031638933690441728

In Other BSDs for 2018/08/18.
https://www.dragonflydigest.com/2018/08/18/21609.html

Shared library load order randomization in HardenedBSD for use with Firefox/Chromium/Iridium.
https://twitter.com/lattera/status/1030823681843507202

Researchers Blame ‘Monolithic’ Linux Code Base for Critical Vulnerabilities.
https://threatpost.com/researchers-blame-monolithic-linux-code-base-for-critical-vulnerabilities/136785/

2018/08/23 is the End of Life for NetBSD 6.x tree.
https://www.netbsd.org/changes/#netbsd6eol

Carlos Neira ZCAGE is now able to create BHYVE Branded Zones on Illumos.
https://bsd.network/@sehnsucht/100599247272911030
https://www.npmjs.com/package/zcage
https://asciinema.org/a/QLnjO8J2NVVPQrs3jh0EKEGta

FreeNAS 11.1-U6 Available.
https://twitter.com/FreeBSD_News/status/1032666675194167297
https://www.ixsystems.com/blog/library/freenas-11-1-u6/

FreeBSD vs. DragonFly BSD vs. Linux on AMD Threadripper 2990WX.
https://www.phoronix.com/scan.php?page=article&item=bsd-threadripper-2990wx

Disable SMT/Hyperthreading in all Intel BIOSes – Theo de Raadt.
https://marc.info/?l=openbsd-tech&m=153504937925732&w=2

OpenSSH 7.8 Released.
https://www.openssh.com/releasenotes.html#7.8

TRIM Consolidation on UFS/FFS Filesystems on FreeBSD.
https://lists.freebsd.org/pipermail/freebsd-current/2018-August/070797.html

FreeBSD vt(4) will now cache most recently drawn text to not redraw it.
https://reviews.freebsd.org/D16723

What is New in Solaris 11.4?
https://www.oracle.com/a/ocom/docs/dc/sev100738019-ww-us-on-ce1-ie1a-ev.html

OpenBSD Foundation gets first 2018 Iridium ($100K+) donation.
https://undeadly.org/cgi?action=article;sid=20180824145543

How to Run a More Secure Browser.
https://www.dragonflybsd.org/docs/docs/handbook/RunSecureBrowser/

Hardware

IBM POWER9 E950 and E980 Servers Launched.
https://www.servethehome.com/ibm-power9-e950-and-e980-servers-launched/

Intel Microcode EULA Prohibits Benchmarking!
https://twitter.com/RaptorEng/status/1031919319909892096
https://pastebin.com/raw/J8MXpPdh

GIGABYTE Cavium ThunderX2 1U and 2U Systems.
https://www.anandtech.com/show/13234/gigabyte-starts-sales-of-cavium-thunderx2-to-general-customers

Fujitsu Presents Post-K arm64 A64FXβ„’ CPU CPU Specifications with 48 Computing Cores and 4 Assistant Cores.
http://www.fujitsu.com/global/about/resources/news/press-releases/2018/0822-02.html

A4000TX ATX Motherboard.
http://www.amibay.com/showthread.php?101477-A4000TX-ATX-Amiga-motherboard

IBM POWER9 Scale Up CPUs with Huge IO and Effective 32 Channel DDR4.
https://www.servethehome.com/ibm-power9-hc30/

Life

Why We Sleep by Matthew Walker review – how more sleep can save your life.
https://www.theguardian.com/books/2017/sep/21/why-we-sleep-by-matthew-walker-review
https://youtube.be/pwaWilO_Pig

Bullshit jobs and the yoke of managerial feudalism.
https://www.economist.com/open-future/2018/06/29/bullshit-jobs-and-the-yoke-of-managerial-feudalism

Why Garbagemen Should Earn More Than Bankers.
https://evonomics.com/why-garbage-men-should-earn-more-than-bankers/

Solitude.
https://www.pa-mar.net/Lifestyle/Solitude.html

Akrasia Effect – Why We Dont Follow Through on What We Set Out to Do and What to Do About It.
https://jamesclear.com/akrasia

Other

Move/migrate Oracle and MySQL databases to PostgreSQL.
http://www.ora2pg.com/start.html
https://github.com/darold/ora2pg/releases

LIDL Killed SAP Migration After Spending 500 Million Dollars.
https://it.toolbox.com/blogs/clintonjones/lidl-cans-sap-project-after-spending-half-a-billion-073118

All BlackHat 2018 Attendee Registration Data Hacked and Available via Unauthenticated API.
https://ninja.style/post/bcard/
https://twitter.com/binitamshah/status/1032084847345459204

GOG Launches FCKDRM to Promote DRM-Free Art and Media.
https://torrentfreak.com/gog-launches-fckdrm-to-promote-drm-free-art-and-media-180822/

EOF