Tag Archives: laptop

FreeBSD Desktop – Part 26 – Configuration – Conferencing and Meetings

For years I thought that online video conferencing and/or meetings would not be possible on FreeBSD. One of the first things I done on each of my laptops was to disable Camera and Microphone (along with Bluetooth) to save some battery time. While the Microphone would probably work I did not even tried to use it – did not had such needs to record anything with my laptop.

As time passed by I thought that maybe I will try what is the state of using Camera on FreeBSD and also how it is doing in the video conferencing/meetings space.


I was really astonished by the results … at least on my ThinkPad W520.

The Table of Contents for the article:

  • Camera Setup
  • Microphone Setup
    • ThinkPad Microphone Easter Egg
  • Meetings
  • Closing Thoughts

You may want to check other articles in the FreeBSD Desktop series on the FreeBSD Desktop โ€“ Global Page where you will find links to all episodes of the series along with table of contents for each episodeโ€™s contents.

Camera Setup

I enabled Camera and Microphone in the BIOS (leaving Bluetooth disabled) and booted up my FreeBSD 13.0 as usual.

I then installed needed packages which are:

  • multimedia/v4l-utils – Video4Linux utilities
  • multimedia/v4l_compat – Video4Linux IOCTL header files
  • multimedia/pwcview – Video4Linux PWC webcam viewer
  • multimedia/webcamd – port of Linux USB webcam and DVB drivers

We will also need to load cuse.ko kernel module at each boot. We will use /etc/rc.conf for that.

# pkg install v4l-utils v4l_compat webcamd pwcview

# vi /etc/rc.conf

  kld_list="${kld_list} cuse"


My Camera is listed at the end of the usbconfig(8) command.

% usbconfig 
ugen1.1: <0x1912 XHCI root HUB> at usbus1, cfg=0 md=HOST spd=SUPER (5.0Gbps) pwr=SAVE (0mA)
ugen2.1: <0x1033 XHCI root HUB> at usbus2, cfg=0 md=HOST spd=SUPER (5.0Gbps) pwr=SAVE (0mA)
ugen3.1: <intel ehci="" root="" hub=""> at usbus3, cfg=0 md=HOST spd=HIGH (480Mbps) pwr=SAVE (0mA)
ugen0.1: <intel ehci="" root="" hub=""> at usbus0, cfg=0 md=HOST spd=HIGH (480Mbps) pwr=SAVE (0mA)
ugen3.2: <vendor 0x8087="" product="" 0x0024=""> at usbus3, cfg=0 md=HOST spd=HIGH (480Mbps) pwr=SAVE (0mA)
ugen0.2: <vendor 0x8087="" product="" 0x0024=""> at usbus0, cfg=0 md=HOST spd=HIGH (480Mbps) pwr=SAVE (0mA)
ugen0.3: <vendor 0x0765="" product="" 0x5001=""> at usbus0, cfg=0 md=HOST spd=LOW (1.5Mbps) pwr=ON (100mA)
ugen0.4: <logitech usb="" receiver=""> at usbus0, cfg=0 md=HOST spd=FULL (12Mbps) pwr=ON (98mA)
ugen0.5: <chicony electronics="" co.,="" ltd.="" integrated="" camera=""> at usbus0, cfg=0 md=HOST spd=HIGH (480Mbps) pwr=ON (200mA)

We can also use webcamd(8) to list available cameras in the system.

% webcamd -l
Available device(s):
webcamd [-d ugen1.1] -N 0x1912-XHCI-root-HUB -S unknown -M 0
webcamd [-d ugen2.1] -N 0x1033-XHCI-root-HUB -S unknown -M 0
webcamd [-d ugen3.1] -N Intel-EHCI-root-HUB -S unknown -M 0
webcamd [-d ugen0.1] -N Intel-EHCI-root-HUB -S unknown -M 1
webcamd [-d ugen3.2] -N vendor-0x8087-product-0x0024 -S unknown -M 0
webcamd [-d ugen0.2] -N vendor-0x8087-product-0x0024 -S unknown -M 1
webcamd [-d ugen0.3] -N vendor-0x0765-product-0x5001 -S unknown -M 0
webcamd [-d ugen0.4] -N Logitech-USB-Receiver -S unknown -M 0
webcamd [-d ugen0.5] -N Chicony-Electronics-Co---Ltd--Integrated-Camera -S unknown -M 0
Show webcamd usage:
webcamd -h

We will use above webcamd(8) output to add needed webcamd_0_flags in the /etc/rc.conf file.

# vi /etc/rc.conf

  webcamd_0_flags="-d ugen0.5"


We also need to add ourselves to the webcamd group.

# pw groupmod webcamd -m vermaden

# grep webcamd /etc/group 

We can now start the webcamd(8) daemon.

# service webcamd start
Starting webcamd.
webcamd 99884 - - Attached to ugen0.5[0]

# ls -l /dev/video*
crw-rw---- 1 webcamd operator 2, 5 2021-05-09 11:36 /dev/video0
crw-rw---- 1 webcamd operator 2, 6 2021-05-09 11:36 /dev/video1

We will now use pwcview(1) to check how the Camera works.

% pwcview
Webcam set to: 320x240 (sif) at 5 fps

Here is how it looks.


Works! I pixelised the output as I do not have an instagrammer soul …

You can start pwcview(1) with larger resolution when needed.

Camera at mine ThinkPad W520 tops at 1280×720 resolution (HD) and 30 fps for refresh rate.

% pwcview -d /dev/video0 -f 30 -s uxga
Webcam set to: 1280x720 (uxga) at 30 fps

Here is the list of most popular resolutions.

========= ========== ===============
CGA        320x200
SIF        352x240
CIF        352x288
EGA        640x350
VGA        640x480
4SIF/QSIF  704x480   (Quad SIC)
4CIF/QCIF  704x576   (Quad CIF)
SVGA       800x600
XGA       1024x768
720p      1280x720   (HD)
SXGA      1280x1024  (1.3 Megapixel)
WXGA      1366x768   (HD+)
SXGA+     1400x1050
16CIF 	  1408x1152 
WSXGA     1600x1024
UXGA      1600x1200  (2.0 Megapixel)
WSXGA+    1680x1050
1080p     1920x1080  (FullHD)
WUXGA     1920x1200
QXGA      2048x1536  (3.0 Megapixel)
QSXGA     2560x2048  (5.0 Megapixel)
WQSXGA    3200x2048
QUXGA     3200x2400
2160p     3840x2160  (4K)
WQUXGA	  3840x2400

You may also try multimedia/cheese which has more ‘desktop’ interface when plain and simple pwcview(1) tool.

# pkg install multimedia/cheese
% cheese


You may also test your camera online – https://www.onlinemictest.com/webcam-test/ – for example here.


Microphone Setup

You may test your microphone with audio/audacity or multimedia/ffmpeg for example.

You as well use the – https://www.onlinemictest.com/ – online test for your mic.


You can also use audio/sox to record your sound in the terminal.

# pkg install sox celluloid

% pkg which -o $( which rec )
/usr/local/bin/rec was installed by package audio/sox

% rec test.wav

Input File     : 'default' (ossdsp)
Channels       : 2
Sample Rate    : 48000
Precision      : 16-bit
Sample Encoding: 16-bit Signed Integer PCM

In:0.00% 00:00:06.66 [00:00:00.00] Out:315k  [ =====|===== ] Hd:1.9 Clip:0    ^C

% celluloid test.wav

You hear your recording for example in the celluloid(1) player.


ThinkPad Microphone Easter Egg

After I successfully tested the Camera on my ThinkPad W520 I then moved to Microphone testing … to just find out that my microphone is totally deaf. I could not record any sound with audacity(1) or ffmpeg(1).

At the beginning I first suspected it was a FreeBSD problem … unjustifiably fortunately.

Switching Microphone to [Enabled] in the ThinkPad W520 BIOS requires special procedure as shown on the BIOS screenshot below ๐Ÿ™‚


1. Set the Microphone to [Enabled].
2. Select Save and Exit option in BIOS.
3. Power off laptop.
4. Disconnect AC power for at least 10 seconds (battery can be attached).
5. Power on laptop.
6. Boot FreeBSD as usual and now recording on Microphone works like a charm ๐Ÿ™‚

Why so strange enabling procedure? Some people suggested that it needs to be that complicated to make sure that any third party will not enable your Microphone without your knowledge. Security concerns. Makes sense.


I was able to successfully start/join Google Meet and Zoom and also Teams meetings with this setup. I have also tested and added Jitsi Meet.

Sometimes it just required to use www/chromium instead of my default www/firefox browser.

Here is the detailed list of what works where.

Closing Thoughts

Hope that will helps some of you to use join your meetings on FreeBSD system.


FreeBSD Desktop – Part 24 – Configuration – Universal File Opener

More then a decade ago when I started to use X11 as a desktop – on Linux then with KDE3 and later with Fluxbox. At first I thought that files are opened by appropriate applications not by their extension as in Windows systems but according to their Magic Numbers. I do not have to tell you how much disappointed I was when I learned the truth ๐Ÿ™‚

You may want to check other articles in the FreeBSD Desktop series on the FreeBSD Desktop – Global Page where you will find links to all episodes of the series along with table of contents for each episodeโ€™s contents.


Its a short story about cleaning the mess that XDG does and also using custom *.desktop handlers to open the files in the way you want. It know its in the FreeBSD Desktop series but actually it will work on any X11 desktop like Linux or Illumos.

The Table of Contents for the article is right below here.

  • XDG Utils
  • Now You See Me
  • Mime Apps Handlers
  • Generation of Handlers
  • Alternatives

Lets start then.

XDG Utils

After years of using X11 on FreeBSD now with Openbox as my daily driver I used so called xdg-utils package with its *.desktop files. That sometimes driven me nuts. Mess everywhere with doubled ‘the same’ applications listed as possible choices to open a file … almost randomly generated new *.desktop handlers with ‘new’ applications specified to open some files … another dozen of generated *.desktop files from WINE installations … it can only challenge the bullshit and mess of Windows Registry … not sure which one is more messed up (of course its Windows Registry but still).

The xdg-mime(1) is often not useful at all then determining the file type.

$ xdg-mime query filetype FILE.pdf

$ xdg-mime query default application/pdf

If minimalistic mupdf approach is not for you then you can select Atril for example … but you first need to know that is the handler name for the Atril application. You can find that out fast like that.

% find ~/.local/share/applications /usr/local/share/applications | grep atril

We now have the Atril handler name. To set it as new default application for PDF files type the following.

$ xdg-mime default atril.desktop application/pdf

$ xdg-mime query default application/pdf

But this is rather unique moment when XDG works as designed. More often it looks like that.

$ xdg-mime query filetype FILE.doc

$ xdg-mime query filetype FILE.docx

$ xdg-mime query filetype FILE.xls

$ xdg-mime query filetype FILE.xlsx

So when you now ask for application/zip type then what should pop up? LibreOffice for Word/Excel documents or Engrampa for ZIP files?

% xdg-mime query default application/zip                                     

Not very helpful …

Now You See Me

After almost accepting the current ‘tragic’ state of it I came with other idea – to create mine simplified launcher for many of these file types. It started small and is still quite small. The only thing I do now is that I only add new apps for file extensions that are not yet defined.

Its called see.sh and its function is dual:
– to easily replace XDG settings in one place as file opener
– as command line opener for single or multiple files

The construction of see.sh is really simple. It utilizes the idea behind the quote of Antoine de Saint-Exupery which goes like that – “Perfection is achieved, not when there is nothing more to add, but when there is nothing left to take away.โ€ – its really simple and has nothing to remove from it.

I really appreciate that idea that I now do not have to remember which application is needed (and how its spelled besides the zsh(1) TAB completion) to open any file in command line. Its also faster to type then xdg-open(1) and I am sure that its settings were not modified by some third party app that I just installed because its hardcoded in it.

I also really like see.sh for being very elastic for the environment variables with which the needed application can be started. For example my default DPI for X11 session since more then a decade is 75. That makes fonts little smaller – more information fits on the available screen space. The GTK2/GTK3 applications do not need any tweaks and always look decent or even great but QT5 (and QT4 not so long ago) apps are real bitches when you want to force them to look the way you want (look nice) – especially when run without fully fledged KDE or PLASMA environment. One of such applications is LibreOffice. It looked great when it used GTK framework but after they moved to QT it started to look very ugly with my 75 DPI setting. This is how it looks with its environment unmodified.

Thanks to see.sh I can start LibreOffice with different DPI environment setting then 75 and it looks little better with DPI set to 80. LibreOffice started with QT_FONT_DPI=80 option does not look that bad now – its fonts are not that small and ugly anymore.

Now the text labels on LibreOffice menus are more readable but also not too large.

You may also customize see.sh to first create a backup copy before editing certain files or email them – only your imagination limits you here.

I also wanted its see.sh name to be short and fast to type so with completions its just see[TAB] and then a filename. Of course you may want to rename it to shorter version (or create alias) as see without extension but i like to keep my scripts with extension to distinguish them from native commands – but that is me.

First see.sh detects if one or multiple arguments (files) have been passed to it. If its just a single file then see.sh detects its extension and launches the configured application for it.

If file does not have extension then it checks file’s Magic Number. Currently only detection for plain text files is implemented with file(1) command.

If you pass multiple arguments (files) to see.sh then separate see.sh processes will be launched against each given file in parallel. Recursion generally.

Every time you select new application in graphical mode the new *.desktop file is created as a result with userapp-${APPNAME}-${RANDOM_STRING}.desktop name under ~/.local/share/applications directory. I am not sure that its the tidiest way possible. Often very ugly and strange handler filenames are generated – with spaces or quotation marks. Its really far from UNIX way of doing things and its philosophy.

This is how ~/.local/share/applications directory looked on my machine after some time. Notice the selected file.

After some cleanup and modifications it looks little better.

The XDG keeps its associations in the ~/.config/mimeapps.list file. Have a look how messed it gets after some usage.

After some more cleanup and removal of all unneeded userapp-${APPNAME}-${RANDOM_STRING}.desktop entries it starts to look more organized.

Every time see.sh will find out that it does not have handler for a file it will gracefully remind one to configure it.

Mime Apps Handlers

Many of these *.desktop handlers are not present anymore … but which one? Here is a handy one liner that will either show you the full path of the handler or ‘NOPE’ when one does not exists. This will also tell you if its your ‘custom’ handlers at ~/.local/share/applications or the ‘default’ ones that come with packages and installed software located at /usr/local/share/applications location.

% awk -F'=' '{print $2}' ~/.config/mimeapps.list \
    | tr ';' '\n' \
    | sort -u \
    | sed 1d \
    | while read I
        echo ${I}
        find \
          ~/.local/share/applications \
          /usr/local/share/applications \
            | grep "/${I}" || echo NOPE

Well … maybe not exactly ONE liner but a useful command that will do it ๐Ÿ™‚

Here is its output.









If you just want to check which ones are missed then add grep -B 1 NOPE at the end.

% awk -F'=' '{print $2}' ~/.config/mimeapps.list \
    | tr ';' '\n' \
    | sort -u \
    | sed 1d \
    | while read I
        echo ${I}
        find \
          ~/.local/share/applications \
          /usr/local/share/applications \
            | grep "/${I}" || echo NOPE
      done | grep -B 1 NOPE

Here is the (un)expected output.

You can safely remove all missing *.desktop handlers from the ~/.config/mimeapps.list file. You may use sed(1) or graphical editor if that suits you better. The logic behind it is to remove all instances of for example presentations-free18.desktop and then find and replace all instances of doubled semicolons ‘;;‘ into single one ‘;‘.

Generation of Handlers

To generate new *.desktop handlers in orderly fashion you can use mine generate-desktop-handler.sh script. It will create new handler in the ~/.local/share/applications directory and it will make sure you are creating one with an application that actually exists. Here is how it works. I have created new handler for my random-wallpaper-always.sh for setting up random wallpaper from specified directory or to set wallpaper from exact specified file as argument.

% generate-desktop-handler.sh                                       
usage: generate-desktop-handler.sh FILE

% generate-desktop-handler.sh non-existing-executable
NOPE: executable 'non-existing-executable' not found in ${PATH}

% generate-desktop-handler.sh random-wallpaper-always.sh 
INFO: handler '~/.local/share/applications/random-wallpaper-always.sh.desktop' was successfully generated

% cat ~/.local/share/applications/random-wallpaper-always.sh.desktop
[Desktop Entry]
Exec=random-wallpaper-always.sh %f

After you have created new random-wallpaper-always.sh.desktop handler you may want to add it to some image file type like JPG or PNG. In the example below I will add it to JPG file.

First right click on a JPG file with mouse and select Open With and then Other Application….

The select random-wallpaper-always.sh.desktop handler on the list. Make sure to UNCHECK the Remember this application for … files option. If you do not do that it will be the DEFAULT application from now and everytime you would want to open JPG file you will set it as wallpaper ๐Ÿ™‚

You may verify that new option is added by right clicking the JPG file and selecting Properties and then go to Open With tab. The random-wallpaper-always.sh.desktop handler will be one of the configured handlers for JPG files – but not the default one.

Now you can see that random-wallpaper-always.sh.desktop handler is available to use when selecting the Open With submenu.

As simple as that – and with tidiness as well.


There are some other alternatives to XDG but I am more then sure that most or all X11 applications support XDG way of doing things while not support the other alternative ones. Thus its far less hustle with just making XDG work as desired by generating needed handlers and using see.sh instead of using them and wasting even more time on the topic – at least that is my current experience.

Feel free to share your thoughts on the topic – maybe you will show me even better approach to this.


FreeBSD Desktop – Part 23 – Configuration – Herbe Notifications

I do not use notifications. Dunno really why – seems I just did not needed them. The idea of Do Not Disturb Mode on the desktop/laptop is very strange to me as I ALWAYS work in the Do Not Disturb Mode since I do not use any notifications. Today I came across very small and compact solution for notifications on X11 desktop – herbe – as its author describes it – its daemon-less notifications without D-Bus. Minimal and lightweight.

I was curious if it works on FreeBSD and apparently it is ๐Ÿ™‚

Today I will show you how to build, configure and use herbe as part of FreeBSD Desktop series.

You may want to check other articles in the FreeBSD Desktop series on the FreeBSD Desktop โ€“ Global Page where you will find links to all episodes of the series along with table of contents for each episodeโ€™s contents.


We will use the compact git-lite package from FreeBSD which has less dependencies then the default git package. Then we will clone the herbe repository.

# pkg install git-lite
% git clone https://github.com/dudik/herbe
Cloning into 'herbe'...
remote: Enumerating objects: 228, done.
remote: Counting objects: 100% (42/42), done.
remote: Compressing objects: 100% (38/38), done.
remote: Total 228 (delta 21), reused 11 (delta 4), pack-reused 186
Receiving objects: 100% (228/228), 152.95 KiB | 272.00 KiB/s, done.
Resolving deltas: 100% (118/118), done.
$ cd herbe
% ls -l
total 23K
-rw-r--r-- 1 vermaden vermaden  650 2021-04-18 19:18 config.def.h
-rw-r--r-- 1 vermaden vermaden 5268 2021-04-18 19:18 herbe.c
-rw-r--r-- 1 vermaden vermaden 1070 2021-04-18 19:18 LICENSE
-rw-r--r-- 1 vermaden vermaden  425 2021-04-18 19:18 Makefile
-rw-r--r-- 1 vermaden vermaden 5578 2021-04-18 19:18 README.md


We will need a tiny one line patch to make it build on FreeBSD.

This FreeBSD patch for Makefile file is available here:

… or diff(1) directly here:

We will now apply that patch.

% fetch https://patch-diff.githubusercontent.com/raw/dudik/herbe/pull/16.diff
% patch < 16.diff 
Hmm...  Looks like a unified diff to me...
The text leading up to this was:
|diff --git a/Makefile b/Makefile
|index 3225e36..69c8efc 100644
|--- a/Makefile
|+++ b/Makefile
Patching file Makefile using Plan A...
Hunk #1 succeeded at 1.

The herbe is now buildable on FreeBSD.

There are also other available patches – herbe patches – available here.

From all of them I find Vertical Stacking patch the most interesting. We will also apply it.

% fetch https://patch-diff.githubusercontent.com/raw/dudik/herbe/pull/19.diff
% patch < 19.diff 
Hmm...  Looks like a unified diff to me...
The text leading up to this was:
|diff --git a/herbe.c b/herbe.c
|index 51d3990..8bfdbc1 100644
|--- a/herbe.c
|+++ b/herbe.c
Patching file herbe.c using Plan A...
Hunk #1 succeeded at 7.
Hunk #2 succeeded at 80.
Hunk #3 succeeded at 162.
Hunk #4 succeeded at 188.
Hunk #5 succeeded at 218.
Hunk #6 succeeded at 230.


You can additionally patch herbe so it will be configurable by using ~/.Xresources or ~/.Xdefaults files. IMHO its so small and compiles in second that its not needed but if you would like to also apply it then its available here – Xresources – in the patches section.

I have chosen to configure it using the config.def.h file. Here are my values.

% cat config.def.h
static const char *background_color    = "#222222";
static const char *border_color        = "#666666";
static const char *font_color          = "#eeeeee";
static const char *font_pattern        = "Ubuntu Mono:size=10";
static const unsigned line_spacing     = 5;
static const unsigned int padding      = 15;

static const unsigned int width       = 550;
static const unsigned int border_size = 4;
static const unsigned int pos_x       = 15;
static const unsigned int pos_y       = 45;

enum corners corner = TOP_RIGHT;

static const unsigned int duration = 5; /* in seconds */

#define DISMISS_BUTTON Button1
#define ACTION_BUTTON Button3


The build process could not be simpler. Just type make and you are done.

% make 
cp config.def.h config.h
cc herbe.c -Wall -Wextra -pedantic -I/usr/local/include -L/usr/local/lib -lX11 -lXft -I/usr/local/include/freetype2 -pthread -o herbe

% file -s herbe | tr ',' '\n'
herbe: ELF 64-bit LSB executable
 version 1 (FreeBSD)
 dynamically linked
 interpreter /libexec/ld-elf.so.1
 for FreeBSD 13.0 (1300139)
 with debug_info
 not stripped

% ./herbe 
Usage: ./herbe body


I did not yet implemented herbe anywhere on my scripts so I will use this simple ‘mockup’ to show you what to expect.

% \
  herbe "Wifi connection 'wireless' is not connected." \
& herbe "Removable storage /dev/da0 automounted at /media/da0 with exFAT filesystem." \

Here is how it looks in real life X11 session.

As you can see it works very well and its ultra fast. Its also very light on system resources.

% ps aux | grep -e RSS -e herbe -e sshd
vermaden 41909   0.0  0.1    19568    9128  3  S+   20:22       0:00.02 herbe Message.
root        38   0.0  0.1    20948    8340  -  Is   Thu23       0:00.00 /usr/sbin/sshd

As you can see its RAM usage is very little – as little as sshd daemon.


FreeBSD Desktop โ€“ Part 22 โ€“ Configuration โ€“ Aero Snap Extended

I like to post new articles and solutions when I think they are ready. Production tested and stable. Well thought and tested … or at least trying to make things as good as possible in the available time window. Perfectionism definitely does not help making often articles on the blog.

Today’s solution is not perfect but I will ‘ship it’ anyway because good and done is better then perfect. I wanted to rework it so many times that I stopped counting … and I really would like to continue the series – thus I have made a conscious decision to finally release it and hope that maybe someone else will have better ideas to make it better. I really wanted to provide pixel perfect solution with as much screen space used as possible but to deliver it as it is I tested it only on the resolution I use the most – the FullHD one with 1920×1080 pixels.

You may want to check other articles in the FreeBSD Desktop series on the FreeBSD Desktop โ€“ Global Page where you will find links to all episodes of the series along with table of contents for each episodeโ€™s contents.

Aero Snap

Today I would like to share with You what I call Aero Snap Extended. The original Aero Snap was introduced in Windows 7 and this is how it is described in the Wikipedia page – “Dragging a window to the right or left side of the desktop causes the window to fill the respective half of the screen. Snapping a window to the top of the screen maximizes it. Windows can be resized by stretching them to touch the top or bottom of the screen, which fully increases their vertical screen estate, while retaining their width, these windows can then slide horizontally if moved by the title bar, or pulled off, which returns the window to its original height. In spite of the “Aero” moniker, this feature is available if one uses the Classic theme. This feature is also available on Windows 10.”

This is like the original Aero Snap looks like.


The idea behind original Aero Snap was pretty simple. Its basically these four shortcuts.

[WIN] + [LEFT] – will place window on the left half of the screen.
[WIN] + [RIGHT] – will place window on the right half of the screen.
[WIN] + [UP] – will maximize the window.
[WIN] + [DOWN] – will minimize the window.

Aero Snap Extended

Mine Aero Snap Extended is … well more extended ๐Ÿ™‚

As usual its just a small POSIX /bin/sh compatible shell script. There are only two dependencies for it – the /usr/local/bin/xdpyinfo from xdpyinfo package and /usr/local/bin/wmctrl from wmctrl package. At the beginning of the script you will find several ‘settings’ that you may find needed to be tuned to your needs. Most important ones are MARGIN_TOP/MARGIN_LEFT/MARGIN_RIGHT options. Unfortunately MARGIN_BOTTOM is not implemented. Sorry.


Here are the shortcuts that I use for mine version but You may of course use other key then [WIN] for it.

(L) [WIN] + [LEFT] – will place window on the left half of the screen.
(R) [WIN] + [RIGHT] – will place window on the right half of the screen.
(U) [WIN] + [UP] – will place window on the upper half of the screen.
(D) [WIN] + [DOWN] – will place window on the lower half of the screen.

Here is ASCII diagram for its graphical visualization.

+------+------+  +-------------+
|      |      |  |     (U)     |
|      |      |  |             |
| (L)  |  (R) |  +-------------+
|      |      |  |             |
|      |      |  |     (D)     |
+------+------+  +-------------+

… and also a live screenshots.



(SL) [WIN] + [SHIFT] + [LEFT] – will place window on the left half of the screen taking 2/3 space of the screen.
(SR) [WIN] + [SHIFT] + [RIGHT] – will place window on the right half of the screen taking 1/3 space of the screen.
(SU) [WIN] + [SHIFT] + [UP] – will place window on the upper half of the screen taking 2/3 space of the screen.
(SD) [WIN] + [SHIFT] + [DOWN] – will place window on the lower half of the screen taking 1/3 space of the screen.

Here is ASCII diagram for its graphical visualization.

+--------+----+  +-------------+
|        |    |  |    (SU)     |
|        |    |  |             |
|  (SL)  |(SR)|  |             |
|        |    |  +-------------+
|        |    |  |    (SD)     |
+--------+----+  +-------------+

… and also a live screenshots.



The above shortcuts are quite simple and easy to remember.

Now here comes when this is more interesting.

Most keyboards – at least those with the best possible keyboard layout in the world – the ANSI standard keyboard (includes 7-row ThinkPad keyboards – have these three keys one next to another – [CTRL] [WIN] [ALT] – some call the [WIN] key as [SUPER] instead. I use [WIN] as it takes shorter to write and it shows where this key came from.

The 87 keys ANSI stand alone keyboard.


The ThinkPad T420s keyboard.


Now back to topic.

How to use these three keys to send windows to various places of the screen to make it easy to memorize and also not to break existing shortcuts … I think I found a way.

{ [CTRL] [WIN] } [ALT] – these two will send windows to the left side of the screen.

[CTRL] { [WIN] [ALT] } – these two will send windows to the right side of the screen.

Now to the point …

(Q1) [CTRL] + [WIN] + [UP] – will take window to the left and upper part of the screen – taking 1/4 of its space.
(Q2) [CTRL] + [WIN] + [DOWN] – will take window to the left and lower part of the screen – taking 1/4 of its space.
(Q3) [WIN] + [ALT] + [UP] – will take window to the right and upper part of the screen – taking 1/4 of its space.
(Q4) [WIN] + [ALT] + [DOWN] – will take window to the right and lower part of the screen – taking 1/4 of its space.

Now for some the exact 1/4 screen for each of these windows may be not suitable.

Thus I also added a modified versions with [SHIFT] key.

(S1) [SHIFT] + [CTRL] + [WIN] + [UP] – will take window to the left and upper part of the screen – taking 2/3 of horizontal and 2/3 vertical space of the screen.
(S2) [SHIFT] + [CTRL] + [WIN] + [DOWN] – will take window to the left and lower part of the screen – taking 2/3 of horizontal and 1/3 vertical space of the screen.
(S3) [SHIFT] + [WIN] + [ALT] + [UP] – will take window to the right and upper part of the screen – taking 1/3 of horizontal and 2/3 vertical space of the screen.
(S4) [SHIFT] + [WIN] + [ALT] + [DOWN] – will take window to the right and lower part of the screen – taking 1/3 of horizontal and 1/3 vertical space of the screen.

Here is ASCII diagram for its graphical visualization.

+------+------+  +--------+----+
| (Q1) | (Q3) |  |  (S1)  |(S3)|
|      |      |  |        |    |
+------+------+  |        |    |
|      |      |  +--------+----+
| (Q2) | (Q4) |  |  (S2)  |(S4)|
+------+------+  +--------+----+

… and also a live screenshots.



Now you have about 95% variations of needed windows places in the keyboard shortcuts.

There are also several complementary addons like making the window centered on the screen but without making it cover the whole screen. As I already use other originated from Windows [ALT] + [ESC] shortcut to send the current windows to the ‘back’ I also added [WIN] + [ESC] for this feature.

(C) [WIN] + [ESC] – place current window centered on screen covering about 2/3 of its space.

As it was relatively easy and fast I also added fullscreen option.

(F) [CTRL] + [ALT] + [F] – make current window go fullscreen

+-------------+  +-------------+
|             |  | +---------+ |
|             |  | |         | |
|     (F)     |  | |   (C)   | |
|             |  | |         | |
|             |  | +---------+ |
+-------------+  +-------------+

… and also a live screenshot.



The Aero Snap Extended has the following options.

% aero-snap.sh

  aero-snap.sh OPTION


  L - place window on left  half of screen
  R - place window on right half of screen
  T - place window on upper half of screen
  B - place window on lower half of screen

  SHIFT-L - place window on left  half of screen taking 2/3 space
  SHIFT-R - place window on right half of screen taking 1/3 space
  SHIFT-T - place window on upper half of screen taking 2/3 space
  SHIFT-B - place window on lower half of screen taking 1/3 space

  TL - place window to left/upper  part of screen
  TR - place window to left/lower  part of screen
  BL - place window to right/upper part of screen
  BR - place window to right/lower part of screen

  SHIFT-TL - use left/upper  part with 2/3 of H. and 2/3 V. space
  SHIFT-TR - use left/lower  part with 2/3 of H. and 1/3 V. space
  SHIFT-BL - use right/upper part with 1/3 of H. and 2/3 V. space
  SHIFT-BR - use right/lower part with 1/3 of H. and 1/3 V. space

  C - center window covering about 2/3 of screen
  F - make current window go fullscreen
  Q - remove fullscreen property from window

The Aero Snap Extended can be downloaded from here – aero-snap.sh – the usual place for my scripts.

Openbox Integration

Because of WordPress limitation I will not post Openbox configuration here but You will also find a link to that content in the text form below.


Here is this configuration in text form – rc.xml.openbox.aero.config – from the same location.

More then a year after I implemented this way of tiling on Openbox I found out that its also possible to use that ‘natively’ on Openbox using ‘direct’ Openbox configuration rules.


It definitely should be faster and easier to implement – not to mention that external dependencies will not be available – but a script allows more tuning and flexibility.

Other Window Managers

If you are not into Openbox then you may create these shortcuts using xbindkeys for example.

Future Work

Mine Aero Snap Extended could use some polish and especially testing in the other resolutions the the well tested 1920×1080.



Realtek RTL8188CUS – USB 802.11n WiFi Review

When using FreeBSD on a new laptop you sometimes find out that the WiFi chip that it came with is not supported … or not yet supported in RELEASE version and support exists in CURRENT development version that you do not want to use.

This is where Realtek RTL8188CUS chip comes hand.


Its used in many appliances and products but we are interested in its small USB WiFi version that is really small.

The Realtek company even got Taiwan Green Classics Award 2011 for their 802.11b/g/n 2.4GHz 1T1R WLAN Single Chip Controller (RTL8188CE/RTL8188CUS) on 2011 year when it was introduced.



Its not very powerful as it comes with 1×1 antennas and 802.11n support – yes only single antenna. 150Mbps at most.

Its also very small and almost does not stick out of the laptop.


When connected it also gives subtle little dim light.



I will now show you how it works on FreeBSD. This is for 12.2-RELEASE version but it worked the same for 11.1-RELEASE 3 years ago.

My ThinkPad W520 laptop already has Intel 6300 with 3×3 antennas and 802.11n standard WiFi card supported by iwn(4) driver.

# sysctl net.wlan.devices
net.wlan.devices: iwn0

We will now attach Realtek RTL8188CUS chip and will check whats coming in dmesg(8) command.

# dmesg
ugen2.3:  at usbus2
rtwn0 on uhub4
rtwn0:  on usbus2
rtwn0: MAC/BB RTL8188CUS, RF 6052 1T1R

… and some more information from usbconfig(8) command.

# usbconfig
ugen2.3:  at usbus2, cfg=0 md=HOST spd=HIGH (480Mbps) pwr=ON (500mA)

# usbconfig -d 2.3 show_ifdrv
ugen2.3:  at usbus2, cfg=0 md=HOST spd=HIGH (480Mbps) pwr=ON (500mA)
ugen2.3.0: rtwn0: 

Its now listed as rtwn0 as its supported by the rtwn(4) driver on FreeBSD.

# sysctl net.wlan.devices
net.wlan.devices: rtwn0 iwn0

Lets connect to some wireless network with this Realtek chip. I will create wlan1 device as wlan0 is already taken by the other Intel 6300 card.

# ifconfig wlan1 create wlandev rtwn0

# ifconfig wlan1
wlan1: flags=8802<broadcast,simplex,multicast> metric 0 mtu 1500
        ether 00:1d:43:21:2d:1c
        groups: wlan
        ssid "" channel 1 (2412 MHz 11b)
        regdomain FCC country US authmode OPEN privacy OFF txpower 30 bmiss 7
        scanvalid 60 wme bintval 0
        parent interface: rtwn0
        media: IEEE 802.11 Wireless Ethernet autoselect (autoselect)
        status: no carrier
        nd6 options=21<performnud,auto_linklocal>

# wpa_supplicant -i wlan1 -c /etc/wpa_supplicant.conf
Successfully initialized wpa_supplicant
wlan1: Trying to associate with d8:07:b8:b8:f4:81 (SSID='wireless' freq=2442 MHz)
wlan1: Associated with d8:07:b6:b8:f4:81
wlan1: WPA: Key negotiation completed with d8:07:b6:b8:f4:81 [PTK=CCMP GTK=CCMP]
wlan1: CTRL-EVENT-CONNECTED - Connection to d8:07:b6:b8:f4:81 completed [id=40 id_str=]
zsh: suspended  wpa_supplicant -i wlan1 -c /etc/wpa_supplicant.conf
# bg
[1]  + continued  wpa_supplicant -i wlan1 -c /etc/wpa_supplicant.conf

We should now have network LAYER 2 connected and wpa_supplicant(8) should be running in a background and wlan1 interface should have associated status.

# ps ax | grep wpa_supplicant
48693  4  S        0:00.43 wpa_supplicant -i wlan1 -c /etc/wpa_supplicant.conf
50687  4  S+       0:00.00 grep --color wpa_supplicant

# ifconfig wlan1
wlan1: flags=8843<up,broadcast,running,simplex,multicast> metric 0 mtu 1500
        ether 00:1d:43:21:2d:1c
        groups: wlan
        ssid wireless channel 7 (2442 MHz 11g ht/20) bssid d8:07:b6:b8:f4:81
        regdomain FCC country US authmode WPA2/802.11i privacy ON
        deftxkey UNDEF AES-CCM 2:128-bit txpower 30 bmiss 7 scanvalid 60
        protmode CTS ht20 ampdulimit 64k ampdudensity 4 shortgi -stbc -ldpc
        -uapsd wme roaming MANUAL
        parent interface: rtwn0
        media: IEEE 802.11 Wireless Ethernet MCS mode 11ng
        status: associated
        nd6 options=29<performnud,ifdisabled,auto_linklocal>


Lets add LAYER 3 with IP address using dhclient(8) command.

# dhclient wlan1
DHCPDISCOVER on wlan1 to port 67 interval 3
DHCPREQUEST on wlan1 to port 67
bound to -- renewal in 3600 seconds.

We just got the IP address.

One last step with DNS and we will test the connection with ping(8) command.

# echo nameserver > /etc/resolv.conf

# ping -c 3 freebsd.org
PING freebsd.org ( 56 data bytes
64 bytes from icmp_seq=0 ttl=50 time=119.870 ms
64 bytes from icmp_seq=1 ttl=50 time=119.371 ms
64 bytes from icmp_seq=2 ttl=50 time=119.128 ms

--- freebsd.org ping statistics ---
3 packets transmitted, 3 packets received, 0.0% packet loss
round-trip min/avg/max/stddev = 119.128/119.456/119.870/0.309 ms


FreeBSD Benchmark

I next tested the performance of this simple single antenna Realtek chip using NFS large file transfer in thunar(1) file manager.


The results are not that bad but not great either.

The file copy from LAN server attached directly to WiFi router to my laptop was about 2.9 MB/s fast. I was 5 meters away from the router.

server  ==LAN==>  router  ==WiFi==>  laptop  @  2.9 MB/s

The file copy from laptop using WiFi to LAN server attached directly to WiFi router was about 2.6 MB/s fast. Still about 5 meters away from the router.

laptop  ==WiFi==>  router  ==LAN==>  server  @  2.6 MB/s

That is 23.2 Mbps and 20.8 Mbps respectively. Really far from theoretical single antenna 802.11n 150 Mbps transfer … its probably fault of the FreeBSD wireless stack.

I would say that its sufficient for Internet browsing but using local LAN resources over NFS can be painful.

On the contrary my Intel 6300 WiFi card does 5.5 MB/s on the laptop-to-router-to-server copy and 10.5 MB/s on the server-to-router-to-laptop road. That is 44 Mbps and 84 Mbps respectively instead of 450 Mbps theoretical maximum. Both the Intel 6300 and my router have 3×3 antennas.

Would love to see these number closer to 30 MB/s …

Raspberry Pi

One of the other benefit of the Realtek RTL8188CUS chip is that it works very well on small Raspberry Pi boxes. Personally I have tested it on the Raspberry Pi 2B and it worked like a charm.



This chip is also great when it comes to price. Products based on this chip are available everywhere. They are on EBAY. They are on ALIEXPRESS. And it costs as low as $2.50 in many cases.

Sometimes the delivery costs more then the product itself ๐Ÿ™‚


UPDATE 1 – Middle Ages

Reddit user Yaazkal user from Reddit just reminded me thatย  rtwn(4) driver on FreeBSD still does not support 802.11n protocol.

It’s still in the middle ages of 802.11g transfers.

FreeBSD GNOME 3 Fast Track

This article is dedicated to Abraham Joseph who recently asked me if I could make an article on how to configure GNOME 3 on FreeBSD 12.2. At the moment 12.2-RC3 version is available so that is what I used but it will be the same on FreeBSD 12.2-RELEASE (or 12-STABLE). All commands here are executed as root user.

Here is the Table of Contents for this article.

  • Install
  • Connection to Internet
    • LAN with DHCP
    • LAN with Static IP Address
    • WIFI
    • DNS
  • Packages
  • Settings
  • GNOME 3
  • Fix the Icons
  • Rest of the Setup
  • UPDATE 1 – GDM Icons Fixed


First you will have to install FreeBSD. You may use FreeBSD Handbook or one of my guides – Install FreeBSD 12 – available here.

Connection to Internet

Then after booting to new system you need to get connectivity to the Internet. If its LAN connection then its pretty fast. Its for em0 interface.


# ifconfig em0 up
# dhclient em0

… assuming that you are on the LAN network with DHCP enabled.

To make it permanent put below line to the /etc/rc.conf file.


LAN with Static IP Address

If not then execute these for static IPv4 connection on your em0 interface.

First add these two lines to the /etc/rc.conf file.

ifconfig_em0="inet up"

This is how you /etc/rc.conf file should look like now assuming that you want IP address and gateway.

# grep -A 1 ifconfig /etc/rc.conf
ifconfig_em0="inet up"

Then restart the netif and routing services.

# /etc/rc.d/netif restart
# /etc/rc.d/routing restart


If you want to use WiFi to connect to the Internet then its slightly more typing. On my system I have iwn0 wireless card so that is what I will use here. The SSID is the name of your WiFi network and PSK is password for that network.

# sysctl -n net.wlan.devices
# ifconfig wlan0 create wlandev iwn0
# wpa_passphrase SSID PSK >> /etc/wpa_supplicant.conf
# wpa_supplicant -i wlan0 -c /etc/wpa_supplicant.conf
// wait for CONNECTED state and hit [CTRL]-[Z]
# bg
# dhclient wlan0

To make it permanent across reboots add these to /etc/rc.conf file. I assume that information about your network is already in the /etc/wpa_supplicant.conf file generated by the wpa_passphrase(8) command above.

ifconfig_wlan0="WPA SYNCDHCP"


Last but not least you also need DNS. Put your favorite here or just paste the one below.

# echo nameserver > /etc/resolv.conf


We will now switch to the latest branch or pkg(8) repository and install needed gnome3 and xorg packages.

# sed -i '' s/quarterly/latest/g /etc/pkg/FreeBSD.conf

# grep /latest /etc/pkg/FreeBSD.conf
  url: "pkg+http://pkg.FreeBSD.org/${ABI}/latest",

# pkg install -y gnome3 xorg

# pkg stats | head -3
Local package database:
        Installed packages: 523
        Disk space occupied: 3 GiB


Now you need to add ‘yourself’ to wheel and video groups.

# pw groupmod video -m yourself

# pw groupmod wheel -m yourself

GNOME 3 can not live without the /proc filesystem.

# cat << EOF >> /etc/fstab
proc  /proc  procfs  rw  0  0

Enable needed services.

# sysrc dbus_enable=YES

# sysrc hald_enable=YES

# sysrc gdm_enable=YES

# sysrc gnome_enable=YES

Enable EVDEV support.

# cat << EOF >> /etc/sysctl.conf

Make the boot process faster and more clean.

# cat << EOF >> /boot/loader.conf

Done. Now you can reboot into your new GNOME 3 system on FreeBSD.

# reboot


Your GNOME 3 desktop is now ready and you can login. For the purpose of this article I used asd user.






The default font sizes on GNOME 3 are way too big for me so I tweaked them to 0.8 scale as shown on last screenshot. I also set the font in Terminal app to Monospaced.

Fix the Icons

As you probably saw on the screenshots above the buttons on the windows are broken. There is very simple fix for that. Like shown below on the screenshots first open the Tweak Tool. Then go to Appearance page. The 3rd item from top on the right panel (under the Themes sign) is Icons – please set it to Gnome.





Viola! Now all icons look properly now.

Rest of the Setup

Now there are some things that will need be addressed.

Like with the drawing below, you have just drawn the circles ๐Ÿ™‚


Just kidding ๐Ÿ™‚

Add your favorite applications with pkg(8) like LibreOffice or Firefox for example.

If you run GNOME 3 on a laptop, then I would suggest adding net-mgmt/networkmgr package to get Networkmgr networking manager from GhostBSD.

I would also suggest using some of the FreeBSD Desktop series articles for the completeness of your GNOME 3 setup. If you need to tweak X11 then check X11 Window System part. I would also suggest visiting Configuration – Fonts & Frameworks for fonts fine tuning. If you want to have automatic mounting of removable media (and you probably do) then check Configuration – Automount Media part. If its laptop then tuning the power management will give you extra battery time. Check the details at The Power to Serve – FreeBSD Power Management part. As you are using GNOME 3 you may want to check Dash to Dock plugin or use Plank described in the Configuration – Plank – Skippy-XD part. If you did not liked the net-mgmt/networkmgr package (Networkmgr from GhostBSD) you may want to try my network.sh solution – FreeBSD Network Management with network.sh – described here.

Not sure what else I can add here as I do not use GNOME 3 daily.

UPDATE 1 – GDM Icons Fixed

Thanks to Romain Tartiere from bsd.network the icons in GDM are now also fixed. The package graphics/ligvrsvg2-rust is now preferred instead of the graphics/librsvg2 package which was used previously.

Here is how now the GDM login page looks like.



Quare FreeBSD?

I really wanted to make this article short … but I failed miserably. At least I tried to organize it well so one may get back to it after ‘some’ reading because its not a short lecture. I wanted to title it Why FreeBSD? but when you type that into your favorite duck.com search engine there are so many similar articles. I wanted it to have distinguished and unique name so I used Latin word for ‘why‘ which is ‘quare‘.


What FreeBSD can offer you that other operating systems does not? From all of the operating systems I used I find FreeBSD to suck the least. This post is not here to convince you to use or try FreeBSD – this you will have to do by yourself. This article will show you why FreeBSD is valuable or better alternative to other operating systems and is definitely not dying.

This is the Table of Contents for this article.

  • Base System
  • ZFS Boot Environments
  • Rescue
  • Audio
  • Jails
  • FreeBSD Ports Infrastructure
  • Updating/Building from Source
  • Storage
  • Init System
  • Linux Binary Compatibility
  • Simplicity
  • Evolution Instead Rewriting
  • Documentation
  • Community
  • Closing Thoughts
  • External Discussions

Base System

When you install a Linux system its just a bunch of RPM or DEB packages. For example of you install CentOS 7.8 Minimal variant you end up with several hundred RPM packages installed. After a week or month many of these packages will get updates sometimes making this CentOS system unusable or even unbootable (recent GRUB Boothole problem for example). On the contrary FreeBSD comes with a Base System concept. This means that when you install FreeBSD you install a minimal system as a whole. No packages or subsystems to be separately updated. Just whole Base System. That means that /boot /bin /sbin /usr /etc /lib /libexec /rescue directories are untouchable by any packages. When you decide to install packages (or build them using FreeBSD Ports) they will all fall into the /usr/local prefix. That means /usr/local/etc for configuration. The /usr/local/bin and /usr/local/sbin directories for binaries. The /usr/local/lib and /usr/local/libexec for libraries and so on. The FreeBSD Base System kernel modules are kept in the same dir along with the kernel in the /boot/kernel directory. To make things tidy all kernel modules that are provided by packages go into the /boot/modules dir. Everything has its place and its separated.

That is separation between Base System binaries (at /bin /sbin /usr/bin /usr/sbin dirs) and Third Party Packages maintained by pkg(8) and are located at /usr/local/bin and /usr/local/sbin dirs. We all know differences between bin (user) and sbin (root) binaries but in FreeBSD there is also another more UFS related separation. When there was only UFS filesystem in the FreeBSD world the /bin and /sbin binaries were available at boot after the root (/) filesystem was mounted and yet before /usrย  filesystem was mounted – this is historical (and still useful in the UFS setups) distinction dating to old UNIX days. In ZFS setups it does not matter as all files are on ZFS pool anyway.

The FreeBSD Base System separation also helps with another thing – if any package gets the ‘great’ idea to install new compiler named cc and override the default system compiler … or to add libraries/includes in such a way that makes it super hard to get back into a working system. If some random FreeBSD package would add libc.so to /usr/local/lib dir then you are covered and not prevented from running programs as usual because FreeBSD system binaries are linked to stuff in /usr/lib dir. This is why there is PATH variable on UNIX systems (and FreeBSD as well) to set which directories should be searched for binaries first. On FreeBSD by default its set search Base System binaries dirs first and then Third Party Packages later.

You can update (or not) the Base System separately from the installed packages with freebsd-update(8) command when using RELEASE or by recompiling with make buildworld and make installworld commands when using STABLE/CURRENT systems. When it comes to packages you can update them using the pkg(8) tool or portmaster when building from FreeBSD Ports tree under /usr/ports dir. That means that any packages updates will not touch your FreeBSD Base System at all. For example when you mess up (and I have done that in the beginning of my FreeBSD journey) the compiled ports and packages and you want to start over the only thing you have to do is remove /usr/local and /boot/modules and /var/db/pkg directories. That’s it. You are just reverted to your Base System and can start over. This is just not possible when using Linux system. Even with Gentoo that many concepts are based on FreeBSD ideas does not have Base System feature. This Base System also have additional feature. Because its separated from packages version no one stops you from running oldshool FreeBSD 9.0 from 2012 and install there latest Firefox 80 or LibreOffice 7.0. You can not install latest Firefox on Ubuntu from 2012 …

One may be ‘afraid’ that such Base System independent from installed packages would take more space but nothing far more from the truth. The fresh installed FreeBSD 12.1 system uses less then 1 GB of disk space and takes less then 75 MB of RAM with sshd(8) running. For the comparison fresh CentOS 7.8 install with ‘Minimal’ set chosen takes 1.1 GB of disk space and uses more then 100 MB RAM with sshd(8) running. Such CentOS system is really naked and really needs more packages to be usable while FreeBSD with its Base System is far more capable and powerful and comes along with builtin latest version of LLVM/CLANG compiler suite for example.

More on the Base System topic:

ZFS Boot Environments

I have talked about this many times and probably one time too less because Linux world still ignores this bless. Having ZFS Boot Environments its such a game changer that once you realize how powerful it is you will never want to use a system that does not support it. The idea is that you can snapshot a running system at any moment of time and then reboot into that moment (or snapshot) if something happened. Its perfect solution for upgrade or changes to the system. The FreeBSD systems are already well ‘protected’ from problems arising after updating the packages but ZFS Boot Environments takes this to a whole new level.


Like in the movie Groundhog Day (1993) with ZFS Boot Environments you will have limitless chances to get your shit together. Even the Base System updates and changes are protected by it. You can even transport that Boot Environment by using zfs send and zfs recv commands to other system … or propagate it on many systems. You can create Jails containers from it … or install new version of FreeBSD in the new Boot Environment and reboot into it while still having your older ‘production’ system untouched.

More on the ZFS Boot Environments topic:


When you really mess up to the point that even Base System concept or ZFS Boot Environments feature did not stopped you from killing your FreeBSD installation then there is one more level of rescue … the Rescue subsystem.


You have about 150 statically linked binaries available at your disposal for the rescue mission of that FreeBSD installation. You probably think now that if its so many binaries then it probably takes a lot of space … nothing far more from the truth. Its actually one static binary with hardlinks … and it takes whooping 11 MB of disk space.

# ls -lh /rescue | head -5
total 1118446
-r-xr-xr-x  146 root  wheel    11M 2020.02.19 21:10 [
-r-xr-xr-x  146 root  wheel    11M 2020.02.19 21:10 bectl
-r-xr-xr-x  146 root  wheel    11M 2020.02.19 21:10 bsdlabel
-r-xr-xr-x  146 root  wheel    11M 2020.02.19 21:10 bunzip2

They Rescue subsystem even contains such binaries as bectl(8) for ZFS Boot Environments management or zfs(8) and zpool(8) commands for the ZFS filesystem. Here is complete list of these binaries.

# ls /rescue
[           dd               fsck_ffs      init       mdmfs          ping      rtsol        unlink
bectl       devfs            fsck_msdosfs  ipf        mkdir          ping6     savecore     unlzma
bsdlabel    df               fsck_ufs      iscsictl   mknod          pkill     sed          unxz
bunzip2     dhclient         fsdb          iscsid     more           poweroff  setfacl      unzstd
bzcat       dhclient-script  fsirand       kenv       mount          ps        sh           vi
bzip2       disklabel        gbde          kill       mount_cd9660   pwd       shutdown     whoami
camcontrol  dmesg            geom          kldconfig  mount_msdosfs  rcorder   sleep        xz
cat         dump             getfacl       kldload    mount_nfs      rdump     spppcontrol  xzcat
ccdconfig   dumpfs           glabel        kldstat    mount_nullfs   realpath  stty         zcat
chflags     dumpon           gpart         kldunload  mount_udf      reboot    swapon       zdb
chgrp       echo             groups        ldconfig   mount_unionfs  red       sync         zfs
chio        ed               gunzip        less       mt             rescue    sysctl       zpool
chmod       ex               gzcat         link       mv             restore   tail         zstd
chown       expr             gzip          ln         nc             rm        tar          zstdcat
chroot      fastboot         halt          ls         newfs          rmdir     tcsh         zstdmt
clri        fasthalt         head          lzcat      newfs_msdos    route     tee          
cp          fdisk            hostname      lzma       nextboot       routed    test         
csh         fsck             id            md5        nos-tun        rrestore  tunefs       
date        fsck_4.2bsd      ifconfig      mdconfig   pgrep          rtquery   umount   

More on the Rescue topic:


Not many people expect from FreeBSD to shine in that department but it shines a lot here and not from yesterday but from decades. Remember when Linux got rid of the old OSS subsystem with one channel and came up with ‘great’ idea to write ALSA? I remember because I used Linux back then. Disaster is very polite word to describe Linux audio stack back then … and then PulseAudio came and whole Linux audio system got much worse. Back then because of that one OSS channel and many ALSA channels meant that ONLY ONE application with OSS backend could do the sound (for example WINE). But if another application would want to ‘make’ sound using OSS and you already have WINE started then it will be soundless because that one and only OSS channel was already taken. And remember that ALSA was so bad back then that KDE or GNOME made their own sound daemons mixing audio in userspace that were incompatible with each other. That means if you used KDE and GNOME apps back then you could have sound from GNOME apps but not from KDE apps or vice versa. One big fucking audio hell on Linux.


Lets get back to FreeBSD audio then. What FreeBSD offered? A whooping 256 OSS channels mixed live in kernel for low latency. Everything audio related just worked out of the box – and still works today. You could have WINE or KDE/GNOME sound backends attached to their OSS channels and also ALSA apps getting their sound device without a problem. Even when you plugged a 5.1 surround system into FreeBSD it worked out of the box without any configuration and applications were able to use it immediately. That FreeBSD audio supremacy remains today as PulseAudio sound mixing in userspace while generally working incorporates large latency on Linux compared to in kernel FreeBSD mixing with low latency.

Comrade meka suggested that FreeBSD is also the only OS which has virtual_oss that allows mixing/resampling/compressing in user space and allows one to have Bluetooth headphones and USB microphone represented as single sound card.

More on the Audio topic:


The FreeBSD Jails are one of the oldest OS Level Virtualization implementations dating back to 1999. Even the Solaris Zones/Containers came five years later in 2004.


After Docker was introduced in Linux the term OS Level Virtualization became less used to the Containers term and now the FreeBSD Jails along with Solaris Zones/Containers are named 1st generation containers. But that naming nomenclature change does not make FreeBSD Jails less powerful. They are also really brain dead simple to use. You just need a directory – for example /jail/nextcloud – where you will extract the FreeBSD Base System for desired release version – for example base.txz from 12.1-RELEASE and create the Jail config in the /etc/jail.conf file as shown below.

# mkdir -p /jail/nextcloud
# fetch -o - http://ftp.freebsd.org/pub/FreeBSD/releases/amd64/12.1-RELEASE/base.txz | tar --unlink -xpJf - -C /jail/nextcloud
# cat /etc/jail.conf
nextcloud {
  host.hostname = nextcloud.local;
  ip4.addr =;
  path = /jail/nextcloud;

Now you can start you Jail right away.

# service jail onestart nextcloud
Starting jails: nextcloud.

Voila! Your FreeBSD Jail is already running.

# jls
   JID  IP Address      Hostname                      Path
     1      nextcloud.local               /jail/nextcloud

You can of course have a trimmed down version of FreeBSD Base System in the Jail if that is needed. The ZFS filesystem also helps here greatly because with zfs clone only your ‘base’ Jail will take space and only the changes you make to Jails created from it. Thanks to other FreeBSD subsystem – the Linux Binary Compatibility – you can also create a Linux Jail – for example running Devuan or Ubuntu Jail.

The FreeBSD Jails are also very lightweight. You can boot and use about 1000 FreeBSD Jails on a single FreeBSD system with 4 GB RAM.

They are also very easy to debug and troubleshoot comparing even to plain Docker – not to even mention Kubernetes which requires whole team of highly skilled people to maintain.

The FreeBSD Jails may be configured/managed only by the Base System utilities such as jls(8)/jexec(8) but you can also select from many third party Jail management frameworks. From all available ones I would choose BastilleBSD because of their modern approach and many ready to use templates for all needed use cases.

More on the Jails topic:

FreeBSD Ports Infrastructure

This is one of another examples why FreeBSD rocks that much. When you install Ubuntu or CentOS in some version there is chance that you will end up with not latest versions of packages but with versions that were quite up-to-date when this distribution version was released. Its especially visible in the CentOS world (and its upstream enterprise source system from Red Hat) where packages are quite up-to-date when .0 (dot zero) release is published but are VERY outdated when .8 or .9 incarnation of that release is available. Not to even mention that Firefox for example is released every month …


As I said before when describing the FreeBSD Base System the FreeBSD Ports (and packages built from it available through pkg(8)) are independent. That means that third party software from FreeBSD Ports is almost always up-to-date (or very close to it). You can even check it on the repology.org site for the details. Below you will find a ‘snapshot’ of the repology.org stats from time of writing this article. The ‘online’ table is very long so I copy/pasted just the systems relevant to the article.


One of the other advantages of FreeBSD Ports is that it offers really MASSIVE amount of software counting 40354 ports when writing this article and still rising. Amount of ready to be installed packages are little smaller with more then 32000 available.

I once migrated for a while to OpenSolaris in 2009 on my Dell Latitude D630 laptop because I really liked all the Solaris features (including ZFS and ZFS Boot Environments that were not available on FreeBSD back then) and the OpenSolaris GNOME based desktop was pretty nice back then even with Time Slider feature for ZFS snapshots in the Nautilus file manager. I got working WiFi connection, sound was working, generally everything on my laptop was supported and working with OpenSolaris … but there was no software. Of course ‘large’ projects like GIMP or OpenOffice was available even in the default pkg(8) repository but not much else. There was less then 4000 packages back then on OpenSolaris while about 25000 packages on FreeBSD if I recall correctly.

You can also easily browse available FreeBSD Ports (and its options) on the web by using the https://freshports.org/ page.


The count of FreeBSD Ports is one thing, the features is another. No matter which Linux distribution you are using you will find a software that was compiled and shipped without that needed flag that you desperately need. If you find such software on FreeBSD it ‘hurts’ only for a moment because you can VERY EASILY recompile that software with needed options and replace that ‘default’ package with yours. For example the FreeBSD project is afraid to provide packages of Lame because of existing MP3 patents, so multimedia/ffmpeg package is built without MP3 support (with --disable-libmp3lame flag). That is why I have my own audio/lame and multimedia/ffmpeg packages built with my configure options and that is very easy to achieve. You need to go to the /usr/ports/multimedia/ffmpeg dir type make config and select [x] LAME at the ncurses dialog. Your chosen options will be saved as plain /var/db/ports/multimedia_ffmpeg/options file. If you remove that file (or type make rmconfig) then these custom options will reset to defaults. Then you type make build deinstall install clean and your port with new options is ready and installed as package. Nothing more is needed. You can even lock that package from the pkg(8) upgrades with pkg lock -y ffmpeg command so it will not be modified later but its better to rebuild such packages everytime you do a pkg upgrade procedure because of libraries versions bump and changes. While its very easy and fast to create a script with these commands to make it more automated you can also use other parts of the FreeBSD Ports infrastructure – enter Poudriere (or Synth) – more on that in the next part.

You also do not have to configure each port that way (which could be PITA for large amount of ports) but you may specify your needed (OPTIONS_SET) or unwanted (OPTIONS_UNSET) parameters only once globally using the /etc/make.conf file. You can also specify which default versions of software you want to use, for example Apache 2.2 instead of 2.4 and PHP 7.0 instead of 7.2. You can find all default versions in the /usr/ports/Mk/bsd.default-versions.mk file. Once you setup these options you can build/rebuild or update your packages from FreeBSD Ports by portmaster(8) tool. Like on Gentoo Linux with USE flags. But this is the original. Gentoo took all/most of its ideas from FreeBSD system and its Ports infrastructure.

The Poudriere is a build framework that uses FreeBSD Ports and FreeBSD Jails to build requested packages in clean reproducible way. You can create whole new binary package repository for pkg(8) command to use with it. I mentioned Synth because while Poudriere is often used to produce whole package repository the Synth is usually used just to rebuild several packages that does not fit your needs.

There is one important things about FreeBSD Ports that is often misunderstood by newcomers. What is the difference between the Ports and packages that are fetched and installed by pkg(8) tool? Its quite simple. A package is just a build and installed port. Nothing more or less. When you use the binary packages using pkg(8) command you are using packages that someone (the FreeBSD project in that case) built for you from the FreeBSD Ports in some point in time. While FreeBSD strives to maintain as up-to-date built packages as possible its the nature of FreeBSD Ports that they are always more up-to-date then the built packages. That is why you may build and install a new version of needed packages by yourself using FreeBSD Ports. One may think of such usage when it comes to security holes. When some locally executed commands (like file(1) for example) has a security hole then its not critical for you to update it as fast as possible because that security hole can be harmless for you, but when new version of Firefox fixes very important security hole then its better to update from FreeBSD Ports version faster because waiting 2 days for the package to be built (along with other packages) can be too long.

More on the FreeBSD Ports topic:

Updating/Building from Source

While the FreeBSD Ports infrastructure is for third party software the FreeBSD Base System (or its parts) also can be easily and convenient build from source. The FreeBSD kernel config is also very small and simple. While Linux kernel config contains thousands of options – 4432 for example in the default CentOS 8.2 install the FreeBSD GENERIC config has about 20 times options less – only 260 options. But that does not saturate the topic. You can start with MINIMAL FreeBSD kernel config which has only 75 options specified.

Linux # grep -c '^CONFIG' /boot/config-$( uname -r )

FreeBSD # grep -c -E '^(device|options)' /usr/src/sys/amd64/conf/GENERIC

FreeBSD # grep -c -E '^(device|options)' /usr/src/sys/amd64/conf/MINIMAL

… and its not only about smaller amount of options. Can you tell my how many steps (and which ones are required) to rebuild CentOS or Ubuntu for example without Bluetooth support?


On the contrary its very simple (and fast) on the FreeBSD side. While /etc/make.conf file is used to enable/disable Ports options the /etc/src.conf file is used to enable/disable FreeBSD Base System options while building it from source. To build FreeBSD without Bluetooth support just add WITHOUT_BLUETOOTH=yes to the /etc/src.conf file and type these to build it:

# beadm create safe
# cd /usr/src
# make buildworld kernel
# reboot
# cd /usr/src
# make installworld
# mergemaster -iU
# reboot

Voila! You now have FreeBSD without Bluetooth support … and if any of the steps failed or because of your lack of experience/expertise your FreeBSD system does not boot or is broken you can use tools from /rescue to try to fix it (or at least figure out what is broken) and when you do not want to cope with this jest select safe ZFS Boot Environment at the FreeBSD loader(8) to boot to the system before you started building modified version of FreeBSD. Yes, You are bulletproof here. While having 294 WITHOUT_X options and 125 WITH_X options you can really tune FreeBSD Base System to your needs.

# zgrep -c WITHOUT_ /usr/share/man/man5/src.conf.5.gz

# zgrep -c WITH_ /usr/share/man/man5/src.conf.5.gz

The big downside of updating FreeBSD by source is that you can not use the freebsd-update tools to do it … but nothing stops you from creating your own FreeBSD Update Server so you will be able to use freebsd-update by adding updates using a CURRENT or STABLE system instead of RELEASE. That process is described in the Build Your Own FreeBSD Update Server article of official FreeBSD documentation.

More on the FreeBSD Source Updates/Builds topic:


Storage is one of the parts where FreeBSD really shines. Lots of people adore FreeBSD for well integrated ZFS filesystem and its really true. ZFS in FreeBSD has always been first class citizen. Lately OpenZFS 2.0 has been also integrated from the upstream joint FreeBSD and Linux repository. More and more FreeBSD features and solutions are using ZFS features.


Most of these people that like integrated ZFS in FreeBSD do not know about the FreeBSD GEOM modular disk transformation framework which provides various storage related features and utilities like software RAID0/RAID1/RAID10/RAID3/RAID5 configurations or transparent encryption of underlying devices with GELI/GDBE (like LUKS on Linux). It also allows transparent filesystem journaling for ANY filesystem with GJOURNAL (yes also for FAT32 or exFAT) or allows one to export block devices over network with GEOM GATE devices (like NFS for block devices).


FreeBSD also has its own FUSE implementation which allows all these FUSE based filesystems to work natively on FreeBSD. While lots of Linux folks know DRBD probably very few of them knew that FreeBSD comes with its own DRBD like solution called HAST – which does exactly the same thing. While ZFS has a lot features and possibilities FreeBSD still maintains and develops fast and small memory footprint UFS filesystem which today is used either with Soft Updates (SU) or Journaled Soft Updates (SUJ) depending on the use case. For example 10 TB data on UFS filesystem with Journaled Soft Updates (SUJ) takes about 1 minute under fsck(8). These storage solutions are available from FreeBSD Base System alone. The FreeBSD Ports offers much more with distributed filesystems solutions such as CEPH, LeoFS, LizardFS or Minio for Amazon S3 compatible storage.

More on the Storage topic:

Init System

FreeBSD offers really simple yet very powerful init system. It has system wide config under /etc/rc.conf file when you can enable/disable needed services with service_enable=YES and service_enable=NO stanzas. You do not even need to launch vi(1) to add them – just type sysrc service_enable=YES and they are added to the /etc/rc.conf file. There are also default values and services that are enabled and you will find them – along with many comments – in the /etc/defaults/rc.conf file. Each FreeBSD service file has PROVIDE/REQUIRE stanzas which are then used to automatically order the services to start. Services that can be run in parallel are started in parallel to save time. For example its pointless to start sshd(8) daemon without network. To start or stop the service you need to type service sshd start or service sshd stop command. But when a service is not enabled in the /etc/rc.conf file then you need to used add onestart and onestop instead. The Base System separation remains here as FreeBSD Base System services are located at /etc/rc.d directory and third party applications from ports/packages are kept under /usr/local prefix which means /usr/local/etc/rc.d dir.

When using systemd(1) you never know how the services gonna start because it will be different each time. Zero determinism. On FreeBSD you know exactly which services will start when because they are always ordered in the same state according to the PROVIDE/REQUIRE stanzas. FreeBSD also offers tools that will tell you the exact order – rcorder(8) – which can be used for all services, Base System services or third party services separately. There is also service -r command that will show you what was the orfer at the boot time.

# rcorder /etc/rc.d/* | head

# rcorder /usr/local/etc/rc.d/* | tail

# rcorder /etc/rc.d/* /usr/local/etc/rc.d/* 2> | grep -C 3 sshd

Adding new service to FreeBSD is also very easy as template for new service is very small and simple.


. /etc/rc.subr



load_rc_config $name
: ${dummy_enable:=no}
: ${dummy_msg="Nothing started."}

	echo "$dummy_msg"

run_rc_command "$1"

If its not simple enough for you there is dedicated FreeBSD article about writing them – Practical rc.d Scripting in BSD – available here.

More on the Init System topic:

Linux Binary Compatibility

While Linux can not be FreeBSD – the FreeBSD can be Linux – and its not some slow emulation – its implementation of Linux system calls. There was time when enterprises used to work with Linux only applications (not available on FreeBSD by then) using the Linux Binary Compatibility on FreeBSD because it was faster then running them natively on Linux – FreeBSD Used to Generate Spectacular Special Effects – an official FreeBSD Press Release about FreeBSD being used to generate spacial effects to the one of the best movies of all time – The Matrix (1999).


Today the LINUX_COMPAT is also natively fast and allows one to run Linux applications – even Linux games in X11 with hardware acceleration for graphics. Think of it as WINE but for Linux applications. It lives under /compat/linux directory. It even implements Linux /proc virtual filesystem which can be mounted at the /compat/linux/proc dir but its not mandatory. For any software that does not come with source code and works on Linux the Linux Binary Compatibility saves the day. For example the f.lux project. Before I got to know Redshift I used f.lux Linux binary using LINUX_COMPAT to suppress blue spectrum light from my FreeBSD screen. The Linux Binary Compatibility subsystem can also be used to run Linux bases FreeBSD Jails – with Devuan for example.

More on the Linux Binary Compatibility topic:


FreeBSD is simple but not coarse/ornery. For example as Linux the FreeBSD system also supports the /proc virtual filesystem but on FreeBSD its optional and not used by default while Linux could not live without it. But while Linux has mandatory /proc it also has another virtual filesystem residing under /sys … but why Linux people need two different virtual filesystems with similar purposes? Why they could not create everything under /proc as it already existed. That is big enigma for my sanity.

But /sys is not the end of that madness. Its just a beginning.

What about these?

  • securityfs
  • devpts
  • cgroup
  • pstore
  • bpf
  • configfs
  • selinuxfs
  • systemd-1
  • mqueue
  • debugfs
  • hugetlbfs

Take a look at the FreeBSD mount(8) output after the default install on ZFS.

FreeBSD # mount
zroot/ROOT/12.1 on / (zfs, local, noatime, nfsv4acls)
devfs on /dev (devfs, local, multilabel)
zroot/tmp on /tmp (zfs, local, noatime, nosuid, nfsv4acls)
zroot/var/mail on /var/mail (zfs, local, nfsv4acls)
zroot/usr/home on /usr/home (zfs, local, noatime, nfsv4acls)
zroot/var/crash on /var/crash (zfs, local, noatime, noexec, nosuid, nfsv4acls)
zroot/var/log on /var/log (zfs, local, noatime, noexec, nosuid, nfsv4acls)
zroot/var/audit on /var/audit (zfs, local, noatime, noexec, nosuid, nfsv4acls)
zroot/var/tmp on /var/tmp (zfs, local, noatime, nosuid, nfsv4acls)
zroot/usr/src on /usr/src (zfs, local, noatime, nfsv4acls)
zroot/usr/ports on /usr/ports (zfs, local, noatime, nosuid, nfsv4acls)

Several ZFS datasets and one virtual devfs filesystem for /dev directory. With install on UFS it would be similar with several UFS partitions mounted instead of ZFS datasets.

Take a look at the CentOS 8.2 installation with just one physical root (/) XFS filesystem.

[root@centos8 ~]# mount
sysfs on /sys type sysfs (rw,nosuid,nodev,noexec,relatime,seclabel)
proc on /proc type proc (rw,nosuid,nodev,noexec,relatime)
devtmpfs on /dev type devtmpfs (rw,nosuid,seclabel,size=919388k,nr_inodes=229847,mode=755)
securityfs on /sys/kernel/security type securityfs (rw,nosuid,nodev,noexec,relatime)
tmpfs on /dev/shm type tmpfs (rw,nosuid,nodev,seclabel)
devpts on /dev/pts type devpts (rw,nosuid,noexec,relatime,seclabel,gid=5,mode=620,ptmxmode=000)
tmpfs on /run type tmpfs (rw,nosuid,nodev,seclabel,mode=755)
tmpfs on /sys/fs/cgroup type tmpfs (ro,nosuid,nodev,noexec,seclabel,mode=755)
cgroup on /sys/fs/cgroup/systemd type cgroup (rw,nosuid,nodev,noexec,relatime,seclabel,xattr,release_agent=/usr/lib/systemd/systemd-cgroups-agent,name=systemd)
pstore on /sys/fs/pstore type pstore (rw,nosuid,nodev,noexec,relatime,seclabel)
bpf on /sys/fs/bpf type bpf (rw,nosuid,nodev,noexec,relatime,mode=700)
cgroup on /sys/fs/cgroup/cpuset type cgroup (rw,nosuid,nodev,noexec,relatime,seclabel,cpuset)
cgroup on /sys/fs/cgroup/memory type cgroup (rw,nosuid,nodev,noexec,relatime,seclabel,memory)
cgroup on /sys/fs/cgroup/blkio type cgroup (rw,nosuid,nodev,noexec,relatime,seclabel,blkio)
cgroup on /sys/fs/cgroup/hugetlb type cgroup (rw,nosuid,nodev,noexec,relatime,seclabel,hugetlb)
cgroup on /sys/fs/cgroup/net_cls,net_prio type cgroup (rw,nosuid,nodev,noexec,relatime,seclabel,net_cls,net_prio)
cgroup on /sys/fs/cgroup/cpu,cpuacct type cgroup (rw,nosuid,nodev,noexec,relatime,seclabel,cpu,cpuacct)
cgroup on /sys/fs/cgroup/freezer type cgroup (rw,nosuid,nodev,noexec,relatime,seclabel,freezer)
cgroup on /sys/fs/cgroup/perf_event type cgroup (rw,nosuid,nodev,noexec,relatime,seclabel,perf_event)
cgroup on /sys/fs/cgroup/rdma type cgroup (rw,nosuid,nodev,noexec,relatime,seclabel,rdma)
cgroup on /sys/fs/cgroup/pids type cgroup (rw,nosuid,nodev,noexec,relatime,seclabel,pids)
cgroup on /sys/fs/cgroup/devices type cgroup (rw,nosuid,nodev,noexec,relatime,seclabel,devices)
configfs on /sys/kernel/config type configfs (rw,relatime)
/dev/sda1 on / type xfs (rw,relatime,seclabel,attr2,inode64,noquota)
selinuxfs on /sys/fs/selinux type selinuxfs (rw,relatime)
systemd-1 on /proc/sys/fs/binfmt_misc type autofs (rw,relatime,fd=34,pgrp=1,timeout=0,minproto=5,maxproto=5,direct,pipe_ino=17309)
mqueue on /dev/mqueue type mqueue (rw,relatime,seclabel)
debugfs on /sys/kernel/debug type debugfs (rw,relatime,seclabel)
hugetlbfs on /dev/hugepages type hugetlbfs (rw,relatime,seclabel,pagesize=2M)
tmpfs on /run/user/0 type tmpfs (rw,nosuid,nodev,relatime,seclabel,size=187088k,mode=700)

Fuck me. Its even really hard to just find any REAL filesystem there … fortunately we can ask for only XFS filesystems to display.

[root@centos8 ~]# mount -t xfs
/dev/sda1 on / type xfs (rw,relatime,seclabel,attr2,inode64,noquota)

Lets get on the networking now. Lets assume that you want to make standard enterprise networking setup on a physical server with two interfaces aggregated together into highly available interface bond0 (lagg0 on FreeBSD) and then you want to put VLAN tag and IP address on that VLAN. The CentOS 7.x/8.x installer (Anaconda) will welcome you with this mess.

[root@centos7 ~]# ls -1 /etc/sysconfig/network-scripts/ifcfg-*

[root@centos7 ~]# cat /etc/sysconfig/network-scripts/ifcfg-Bond_connection_1
BONDING_OPTS="miimon=1 updelay=0 downdelay=0 mode=active-backup"
NAME="Bond connection 1"

[root@centos7 ~]# cat /etc/sysconfig/network-scripts/ifcfg-eno49

[root@centos7 ~]# cat /etc/sysconfig/network-scripts/ifcfg-eno49-1

[root@centos7 ~]# cat /etc/sysconfig/network-scripts/ifcfg-eno50

[root@centos7 ~]# cat /etc/sysconfig/network-scripts/ifcfg-eno50-1

[root@centos7 ~]# cat/etc/sysconfig/network-scripts/ifcfg-VLAN_connection_1
NAME="VLAN connection 1"

For the record – I have chosen ‘STATIC’ IPv4 address but installer made these interfaces to use DHCP and that STATIC address. That could be a bug but lets get to the point.

After manual fixing with vi(1) (and hour later) this is how it supposed to look.

[root@centos7 ~]# cat /etc/sysconfig/network

[root@centos7 ~]# ls -1 /etc/sysconfig/network-scripts/ifcfg-*

[root@centos7 ~]# cat /etc/sysconfig/network-scripts/ifcfg-bond0
BONDING_OPTS="miimon=1 updelay=0 downdelay=0 mode=active-backup"

[root@centos7 ~]# cat /etc/sysconfig/network-scripts/ifcfg-bond0.601

[root@centos7 ~]# cat /etc/sysconfig/network-scripts/ifcfg-eno49

[root@centos7 ~]# cat /etc/sysconfig/network-scripts/ifcfg-eno50

Better … but still takes A LOT OF SPACE and several files to cover that quite simple setup. Not to mention its level of complication and making that very error prone way. The same configuration on FreeBSD would take just 7 lines within single /etc/rc.conf file as shown below.

ifconfig_lagg0="laggproto failover laggport fxp0 laggport fxp1"

What about the boot process? FreeBSD boots from root on ZFS partition with just small 512 KB not mountable partition. No separate /boot device is needed. On the other side Linux always needs that separate /boot partition filled with GRUB modules. No matter if its ZFS or LVM. That is why implementation of ZFS Boot Environments is quite complicated on Linux bacause even if you have root on ZFS on a Linux system there is still unprotected /boot filesystem that can not be snapshoted with ZFS and has to be protected in old classic way which kill the idea of ZFS Boot Environments or Linux.

FreeBSD is really simple and well thought operating system. But also a very underestimated one.

Evolution Instead Rewriting

How many Linux tools or subsystems are abandoned or superseeded by new ones? Why the ifconfig(8) command was not updated with new options and instead a new ip(8) command was introduced? Same with netstat(8) being replaced by ss(8). Same with arp(8)/iwconfig/route(8) and many more. What about whole init system? The Linux world has been taken over by systemd(1) whenever you like it or not. Even distributions that have grown their mature init systems like Ubuntu with its Upstart has moved to systemd(1) altogether. The distributions that do not use it are very few and considered a niche today.


In the FreeBSD land on the countary such things happen only if there is no other way to implement new things. Its the last thing wanted in the FreeBSD. FreeBSD evolves and is developed with stability and backward compatibility in mind. Userland tools are grown and updated with new options instead of rewriting them over and over again. Not to mention how many new bugs are introduced by changing one tool to another.

More on the Evolution Instead Rewriting topic:


Having system that can do almost anything but not knowing how to do that makes that system pretty useless (or at least pretty PITA to use). FreeBSD offers second to none documentation that is actively maintained and updated. Along with its legendary FreeBSD Handbook and FreeBSD FAQ the FreeBSD project also offers official FreeBSD Articles about various FreeBSD topics. The Man Pages are also very detailed and contain many examples. There is also FreeBSD Wiki page for work in progress documentation and ideas related to FreeBSD development and if you have any problems or questions related to FreeBSD there are official FreeBSD Forums and oldschool Mailing Lists available.


These were only the official project knowledge sources but there are also lots of FreeBSD books. Here are the best and up-to-date ones.

  • Absolute FreeBSD – Complete Guide to FreeBSD – 3nd Edition (2019)
  • Beginning Modern Unix (2018)
  • Book of PF – 3rd Edition (2015)
  • Design and Implementation of FreeBSD 11 Operating System – 2nd Edition (2015)
  • FreeBSD Device Drivers (2012)
  • FreeBSD Mastery – ZFS (2015)
  • FreeBSD Mastery – Advanced ZFS (2016)
  • FreeBSD Mastery – Storage Essentials (2014)
  • FreeBSD Mastery – Specialty Filesystems (2015)
  • FreeBSD Mastery – Jails (2019)

There are also two magazines that are dedicated to BSD and FreeBSD systems. Both are free and cover lots of interesting topics regarding FreeBSD.

With all this knowledge and support its really hard not to achieve what you need/want with FreeBSD system.


Last but not least and I would say its even more important then good documentation (which FreeBSD has awesome). People that use FreeBSD do that conciously and are often experienced not only in FreeBSD land but also in topics related to other UNIX systems. Often they took long road of first using the Linux systems before finally setting on the FreeBSD land or they still do Linux adminitration for a living while resting using far more reasonable and sensible FreeBSD solution. I always find FreeBSD Community helpful and friendly. Always willingly helpful – especially towards newcommers. Even when you try to ‘force’ FreeBSD people to ‘fight’ in unjust/doubtful discussion they will reply with dignity and technical arguments instead of yelling at you.

The FreeBSD project even made several articles and Handbook chapters especially for Linux newcommers (or sometimes called systemd(1) refugees).

Closing Thoughts

I tried really hard to not make it a Linux rant but some may feel it that way – if so please remember that this was not my intention. FreeBSD like Linux and like any other operating system has its ups and downs. Hope that I showed you most interesting FreeBSD parts. I may add new sections here without a warning in the future ๐Ÿ™‚

External Discussions

Discussions and comments from ‘external’ sources are available here:


FreeBSD Desktop โ€“ Part 21 โ€“ Configuration โ€“ Compton

In this article of the FreeBSD Desktop series I will talk Compton setup – the one that does not breaks, displays everything properly and does not consume 100% of your CPU time, as unfortunately Compton is a real bitch when it comes to proper setup.

The Compton is X11 compositor.

It allows the following features on X11 desktop:

  • transparent windows/menus/titlebars/borders
  • shadows and colored shadows
  • fading effects
  • background bluring

You may want to check other articles in the FreeBSD Desktop series on the FreeBSD Desktop – Global Page where you will find links to all episodes of the series along with table of contents for each episode’s contents.

Here is how example Compton looks in action.


To install Compton on FreeBSD just use the default packages as shown below.

# pkg install compton

X11 Configuration

This is the graphics card configuration I have for X11:

% cat /usr/local/etc/X11/xorg.conf.d/card.conf
Section "Device"
  Identifier "Card0"
  Driver "modesetting"
  Option "DPMS"
  Option "AccelMethod" "glamor"

… and the meritum of this article – the Compton config file:

% cat ~/.config/compton.conf
backend = "glx";
shadow = true;
no-dock-shadow = true;
clear-shadow = true;
shadow-radius = 12;
shadow-offset-x = -15;
shadow-offset-y = -15;
shadow-opacity = 0.7;
shadow-exclude = [
    "! name~=''",
    "name = 'Notification'",
    "name = 'Plank'",
    "name = 'Docky'",
    "name = 'Kupfer'",
    "name = 'xfce4-notifyd'",
    "name *= 'VLC'",
    "name *= 'compton'",
    "name *= 'Chromium'",
    "name *= 'Chrome'",
    "name *= 'Firefox'",
    "class_g = 'Conky'",
    "class_g = 'dzen'",
    "class_g = 'dzen2'",
    "class_g = 'Kupfer'",
    "class_g = 'Synapse'",
    "class_g ?= 'Notify-osd'",
    "class_g ?= 'Cairo-dock'",
    "class_g ?= 'Xfce4-notifyd'",
    "class_g ?= 'Xfce4-power-manager'"
shadow-ignore-shaped = false;
menu-opacity = 1;
inactive-opacity = 0.9;
active-opacity = 1;
frame-opacity = 0.9;
inactive-opacity-override = false;
alpha-step = 0.06;
blur-background-fixed = false;
blur-background-exclude = [
    "window_type = 'dock'",
    "window_type = 'desktop'"
fading = true;
fade-delta = 4;
fade-in-step = 0.03;
fade-out-step = 0.03;
fade-exclude = [ ];
mark-wmwin-focused = true;
mark-ovredir-focused = true;
use-ewmh-active-win = true;
detect-rounded-corners = true;
detect-client-opacity = true;
refresh-rate = 0;
vsync = "opengl-swc";
dbe = false;
paint-on-overlay = true;
sw-opti = false;
unredir-if-possible = true;
focus-exclude = [ ];
detect-transient = true;
detect-client-leader = true;
    tooltip =
        fade = true;
        shadow = false;
        opacity = 0.85;
        focus = true;

While the above config works very well I will also add same Compton configuration file but with comments.

% cat ~/.config/compton.conf
# Backend

# Backend to use: "xrender" or "glx".
# GLX backend is typically much faster but depends on a sane driver.
backend = "glx";

# GLX Backend

# GLX backend: Copy unmodified regions from front buffer instead of redrawing them all.
# Tests with nvidia-drivers show 10% decrease in performance when whole screen
# is modified but 20% increase when only 1/4 is modified.
# Tests on nouveau show terrible slowdown.
# Useful with --glx-swap-method as well.
# glx-copy-from-front = false;

# GLX backend: Use MESA_copy_sub_buffer to do partial screen update.
# Tests on nouveau shows 200% performance boost when only 1/4 of screen is updated.
# May break VSync and is not available on some drivers.
# Overrides --glx-copy-from-front.
# glx-use-copysubbuffermesa = true;

# GLX backend: Avoid rebinding pixmap on window damage.
# Probably could improve performance on rapid window content changes
# but is known to break things on some drivers (LLVMpipe).
# Recommended if it works.
# glx-no-rebind-pixmap = true;

# GLX backend: GLX buffer swap method we assume.
# Could be:
# - undefined (0)
# - copy (1)
# - exchange (2)
# - buffer-age (-1)
# The undefined is slowest and safest (default value).
# Copy is fastest but may fail on some drivers.
# buffer-age means auto-detect using GLX_EXT_buffer_age supported by some drivers.
# Useless with --glx-use-copysubbuffermesa.
# Partially breaks --resize-damage.
# Defaults to undefined.
# glx-swap-method = "undefined";

# Shadows

# Enabled client-side shadows on windows.
shadow = true;

# Do not draw shadows on DND windows.
# no-dnd-shadow = true;

# Avoid drawing shadows on dock/panel windows.
no-dock-shadow = true;

# Zero part of shadow's mask behind window. Fix some weirdness with ARGB windows.
clear-shadow = true;

# The blur radius for shadows. (default 12)
shadow-radius = 12;

# The left offset for shadows. (default -15)
shadow-offset-x = -15;

# The top offset for shadows. (default -15)
shadow-offset-y = -15;

# The translucency for shadows. (default .75)
shadow-opacity = 0.7;

# Set if you want different colour shadows
# shadow-red = 0.0;
# shadow-green = 0.0;
# shadow-blue = 0.0;

# The shadow exclude options are helpful if you have shadows enabled.
# Due to way compton draws its shadows certain applications will have
# visual glitches (most applications are fine - only apps that do weird
# things with xshapes or argb are affected).
# The "! name~=''" part excludes shadows on any "Unknown" windows.
# This prevents visual glitch with XFWM alt-tab switcher.
shadow-exclude = [
    "! name~=''",
    "name = 'Notification'",
    "name = 'Plank'",
    "name = 'Docky'",
    "name = 'Kupfer'",
    "name = 'xfce4-notifyd'",
    "name *= 'VLC'",
    "name *= 'compton'",
    "name *= 'Chromium'",
    "name *= 'Chrome'",
    "name *= 'Firefox'",
    "class_g = 'Conky'",
    "class_g = 'dzen'",
    "class_g = 'dzen2'",
    "class_g = 'Kupfer'",
    "class_g = 'Synapse'",
    "class_g ?= 'Notify-osd'",
    "class_g ?= 'Cairo-dock'",
    "class_g ?= 'Xfce4-notifyd'",
    "class_g ?= 'Xfce4-power-manager'"

# Avoid drawing shadow on all shaped windows (see also: --detect-rounded-corners)
shadow-ignore-shaped = false;

# Opacity

# Opacity for menu items.
menu-opacity = 1;

# Opacity for inactive windows.
inactive-opacity = 0.9;

# Opacity for active windows.
active-opacity = 1;

# Opacity for active frame of windows.
frame-opacity = 0.9;

# Opacity for inactive frame of windows.
inactive-opacity-override = false;

# Alpha step.
alpha-step = 0.06;

# Dim inactive windows. (0.0 - 1.0)
# inactive-dim = 0.2;

# Do not let dimness adjust based on window opacity.
# inactive-dim-fixed = true;

# Blur background of transparent windows. Bad performance with X Render backend.
# GLX backend is preferred.
# blur-background = true;

# Blur background of opaque windows with transparent frames as well.
# blur-background-frame = true;

# Do not let blur radius adjust based on window opacity.
blur-background-fixed = false;

# Blue exclude list.
blur-background-exclude = [
    "window_type = 'dock'",
    "window_type = 'desktop'"

# Fading

# Fade windows during opacity changes.
fading = true;

# The time between steps in fade in milliseconds (default 10).
fade-delta = 4;

# Opacity change between steps while fading in (default 0.028).
fade-in-step = 0.03;

# Opacity change between steps while fading out (default 0.03).
fade-out-step = 0.03;

# Fade windows in/out when opening/closing
# no-fading-openclose = true;

# Specify a list of conditions of windows that should not be faded.
fade-exclude = [ ];

# Other

# Try to detect WM windows and mark them as active.
mark-wmwin-focused = true;

# Mark all non-WM but override-redirect windows active (e.g. menus).
mark-ovredir-focused = true;

# Use EWMH _NET_WM_ACTIVE_WINDOW to determine which window is focused instead of
# using FocusIn/Out events. Usually more reliable but depends on EWMH-compliant WM.
use-ewmh-active-win = true;

# Detect rounded corners and treat them as rectangular when --shadow-ignore-shaped is on.
detect-rounded-corners = true;

# Detect _NET_WM_OPACITY on client windows useful for window managers not passing
# _NET_WM_OPACITY of client windows to frame windows. This prevents opacity ignore
# for some apps. Without this enabled xfce4-notifyd is 100% opacity no matter what.
detect-client-opacity = true;

# Specify refresh rate. With 0 compton will detect this with X RandR extension.
refresh-rate = 0;

# Set VSync method. VSync methods currently available:
# - none: No VSync
# - drm: VSync with DRM_IOCTL_WAIT_VBLANK. May only work on some drivers.
# - opengl: VSync with SGI_video_sync OpenGL extension. Only on some drivers.
# - opengl-oml: VSync with OML_sync_control OpenGL extension. Only on some drivers.
# - opengl-swc: VSync with SGI_swap_control OpenGL extension. Only on some drivers.
#               Works with GLX backend. Known to be most effective on many drivers.
#               Does not control paint timing - only buffer swap is affected.
#               Does not have effect of --sw-opti unlike other methods. Experimental.
# - opengl-mswc: Try to VSync with MESA_swap_control OpenGL extension.
#                Basically same as opengl-swc above except extension we use.
vsync = "opengl-swc";

# Enable DBE painting mode - use with VSync to (hopefully) eliminate tearing.
dbe = false;

# Painting on X Composite overlay window. Recommended.
paint-on-overlay = true;

# Limit repaint at most once every 1 / refresh_rate second to boost performance.
# This should not be used with --vsync drm/opengl/opengl-oml as they essentially does
# --sw-opti* job unless you wish to have lower refresh rate than actual value.
sw-opti = false;

# Unredirect all windows if full-screen window is detected to maximize performance
# for full-screen windows - like games. Known to cause flickering when
# redirecting/unredirecting windows. Paint-on-overlay may flicker less.
unredir-if-possible = true;

# Specify list of conditions of windows that should always be considered focused.
focus-exclude = [ ];

# Use WM_TRANSIENT_FOR to group windows in same group focused at same time.
detect-transient = true;

# Use WM_CLIENT_LEADER to group windows in same group focused at same time.
# WM_TRANSIENT_FOR has higher priority if --detect-transient is enabled too.
detect-client-leader = true;

# Window Type Settings

    tooltip =
        # fade: Fade particular type of windows.
        fade = true;
        # shadow: Give those windows shadow
        shadow = false;
        # opacity: Default opacity for type of windows.
        opacity = 0.85;
        # focus: Whether to always consider windows of this type focused.
        focus = true;

Not sure what else could I add here so this means the end of this article ๐Ÿ™‚


Run broot on FreeBSD

The broot file manager is quite fresh and nice approach to files and directories filtering/searching/view/manipulation/… and whatever else you call messing with files ๐Ÿ™‚

The broot tools is not yet available on the FreeBSD systems (as package or port).

This guide will show you how to built and install it on your FreeBSD system.

Here is how it looks in action.

Filter for jails.


Filter for zfs.


It has ‘size mode’ when started with -s option similar to ncdu(1) tool.


You can also check the Feature Showcase section on their GitHub page – https://github.com/Canop/broot – available here.


There are three steps to make it happen.

1. You need to install the rust package.

# pkg install rust

Then you need to type (as regular user) the cargo install broot command.

% cargo install broot

It will fail here:


You will need to apply this patch below:

% diff -u \
  /home/vermaden/.cargo/registry/src/github.com-1ecc6299db9ec823/crossterm-0.14.1/src/terminal/sys/unix.rs.ORG \
--- /home/vermaden/.cargo/registry/src/github.com-1ecc6299db9ec823/crossterm-0.14.1/src/terminal/sys/unix.rs.ORG  2020-01-10 23:41:29.825912000 +0100
+++ /home/vermaden/.cargo/registry/src/github.com-1ecc6299db9ec823/crossterm-0.14.1/src/terminal/sys/unix.rs      2020-01-10 23:41:07.703471000 +0100
@@ -33,7 +33,7 @@
         ws_ypixel: 0,
-    if let Ok(true) = wrap_with_result(unsafe { ioctl(STDOUT_FILENO, TIOCGWINSZ, &mut size) }) {
+    if let Ok(true) = wrap_with_result(unsafe { ioctl(STDOUT_FILENO, TIOCGWINSZ.into(), &mut size) }) {
         Ok((size.ws_col, size.ws_row))
     } else {
         tput_size().ok_or_else(|| std::io::Error::last_os_error().into())

Then type cargo install broot command again. It will now properly compile.

% cargo install broot
    Updating crates.io index
  Downloaded broot v0.11.6
  Downloaded 1 crate (1.6 MB) in 2.89s
  Installing broot v0.11.6
   Compiling libc v0.2.66
   Compiling cfg-if v0.1.10
   Compiling lazy_static v1.4.0
   Compiling autocfg v0.1.7
   Compiling semver-parser v0.7.0
   Compiling autocfg v1.0.0
   Compiling proc-macro2 v1.0.7
   Compiling log v0.4.8
   Compiling scopeguard v1.0.0
   Compiling unicode-xid v0.2.0
   Compiling bitflags v1.2.1
   Compiling syn v1.0.13
   Compiling memchr v2.2.1
   Compiling arc-swap v0.4.4
   Compiling slab v0.4.2
   Compiling smallvec v1.1.0
   Compiling serde v1.0.104
   Compiling unicode-width v0.1.7
   Compiling regex-syntax v0.6.13
   Compiling ansi_term v0.11.0
   Compiling strsim v0.8.0
   Compiling vec_map v0.8.1
   Compiling id-arena v2.2.1
   Compiling custom_error v1.7.1
   Compiling glob v0.3.0
   Compiling open v1.3.2
   Compiling umask v0.1.8
   Compiling thread_local v1.0.0
   Compiling minimad v0.6.3
   Compiling lazy-regex v0.1.2
   Compiling semver v0.9.0
   Compiling lock_api v0.3.3
   Compiling crossbeam-utils v0.7.0
   Compiling crossbeam-epoch v0.8.0
   Compiling num-traits v0.2.11
   Compiling num-integer v0.1.42
   Compiling textwrap v0.11.0
   Compiling rustc_version v0.2.3
   Compiling memoffset v0.5.3
   Compiling iovec v0.1.4
   Compiling net2 v0.2.33
   Compiling dirs-sys v0.3.4
   Compiling parking_lot_core v0.7.0
   Compiling signal-hook-registry v1.2.0
   Compiling time v0.1.42
   Compiling atty v0.2.14
   Compiling users v0.9.1
   Compiling quote v1.0.2
   Compiling aho-corasick v0.7.6
   Compiling mio v0.6.21
   Compiling dirs v2.0.2
   Compiling directories v2.0.2
   Compiling parking_lot v0.10.0
   Compiling clap v2.33.0
   Compiling crossbeam-queue v0.2.1
   Compiling crossbeam-channel v0.4.0
   Compiling toml v0.5.5
   Compiling term v0.6.1
   Compiling regex v1.3.3
   Compiling signal-hook v0.1.12
   Compiling chrono v0.4.10
   Compiling crossterm v0.14.1
   Compiling simplelog v0.7.4
   Compiling crossbeam-deque v0.7.2
   Compiling thiserror-impl v1.0.9
   Compiling crossbeam v0.7.3
   Compiling thiserror v1.0.9
   Compiling termimad v0.8.9
   Compiling broot v0.11.6
    Finished release [optimized] target(s) in 4m 56s
  Installing /home/vermaden/.cargo/bin/broot
   Installed package `broot v0.11.6` (executable `broot`)
warning: be sure to add `/home/vermaden/.cargo/bin` to your PATH to be able to run the installed binaries

% echo $?


Now go to the ~/.cargo/bin directory and copy the broot binary to some place that is set in your ${PATH} variable.

Then start new terminal (updated ${PATH} variable) and type broot command.

% cp ~/.cargo/bin/broot ~/scripts
% rehash
% broot

You will be asked if automatic setup of the br function should tool place. I agreed with y answer.


Here are things generated by this process.

% find ~/.config/broot

% find ~/.local/share/broot

As I use ZSH shell it also updates my ~/.zshrc file.

% tail -3 ~/.zshrc

source /home/vermaden/.config/broot/launcher/bash/br

Finished. You now have broot installed and ready to use.


UPDATE 1 – Now No Patches Are Needed

Thanks to the broot author any patches are now not needed.

It builds and works out of the box.


UPDATE 2 – Its in Ports/Packages Now

The broot file manager is now available via usual FreeBSD Ports and packages which makes this guide pointless ๐Ÿ™‚

Its available as misc/broot port.



FreeBSD Desktop – Part 20 – Configuration – Unlock Your Laptop with Phone

I really do not like the smart card ecosystem – probably because it will be a big PITA to setup such subsystem on FreeBSD to make it lock/unlock my laptop with a smart card – not to mention of it will be even possible because of probable lack of drivers for a laptop builtin smart card reader. I mention it because you can lock and unlock your laptop with such smart card in very fast way.

Some people use finger prints readers (for fast workstation/laptop unlock purpose) – but its the same case scenario as with smart card – the time needed to setup it properly. Not to mention that is not that fast anyway as I often see my colleagues swinging the finger over the fingerprint reader over and over again so it will finally work the 7th time …

… but you wan also lock and unlock your UNIX laptop with your phone – by just attaching it to your device – this is where the FreeBSD’s devd(8) subsystem come handy.

Today I will show you how to lock/unlock your laptop with your phone.

You may want to check other articles in the FreeBSD Desktop series on the FreeBSD Desktop – Global Page where you will find links to all episodes of the series along with table of contents for each episodeโ€™s contents.

Keep in mind that in order to make it work you need to attach the phone to laptop using cable that supports data transfer – it will not work with cables that only provide power for charging your phone.

Device Detection

First we need to detect what device will be your locker/unlocker.

Stop the devd(8) daemon.

# service devd stop
Stopping devd.
Waiting for PIDS: 71455.

Now start it in ‘foreground’ for debug purposes and then attach your phone. The command below with grep(1) will help you to find needed information.

# devd -d 2>&1 | grep --line-buffered 'Processing event' | grep --line-buffered DEVICE
Processing event '!system=USB subsystem=DEVICE type=ATTACH ugen=ugen2.3 cdev=ugen2.3 vendor=0x04e8 product=0x6860 devclass=0x00 devsubclass=0x00 sernum="31000e243eb5a12e" release=0x0400 mode=host port=2 parent=ugen2.2'

I have highlited the needed information.

Do not stop this process yet.

Now you know which device will be your locker/unlocker and what even the devd(8) daemon gets when you attach your phone.

Things to note hare are:


This data above is more then enough to unlock your workstation.

Now detach your phone from the computer. You will see the DETACH even similar to the one below.

Processing event '!system=USB subsystem=DEVICE type=DETACH ugen=ugen2.3 cdev=ugen2.3 vendor=0x04e8 product=0x6860 devclass=0x00 devsubclass=0x00 sernum="31000e243eb5a12e" release=0x0400 mode=host port=2 parent=ugen2.2'

Now you know the event that will be spawned when you detach your phone.

Stop the foreground devd(8) daemon and start the service traditionally.

# devd -d 2>&1 | grep --line-buffered 'Processing event' | grep --line-buffered DEVICE
Processing event '!system=USB subsystem=DEVICE type=ATTACH ugen=ugen2.3 cdev=ugen2.3 vendor=0x04e8 product=0x6860 devclass=0x00 devsubclass=0x00 sernum="31000e243eb5a12e" release=0x0400 mode=host port=2 parent=ugen2.2'
Processing event '!system=USB subsystem=DEVICE type=DETACH ugen=ugen2.3 cdev=ugen2.3 vendor=0x04e8 product=0x6860 devclass=0x00 devsubclass=0x00 sernum="31000e243eb5a12e" release=0x0400 mode=host port=2 parent=ugen2.2'
# service devd start
Starting devd.

Commands for Events

Now, what action or command should be executed when you attach or detach your phone? That depends on which screen locker you are using on your X11 setup.

I for example use the mate-screensaver for this purpose.

The ATTACH event in my case would be to kill the current process mate-screensaver which will unlock the screen and then start it again for the next lock purposes – below is the command that I will run for the ATTACH event.

pkill -9 mate-screensaver && su -l vermaden -c 'env DISPLAY=:0 mate-screensaver' &

The DETACH event will be notifying the mate-screensaver to lock the screen – here is the command that will be used for that purpose.

su -l vermaden -c 'env DISPLAY=:0 mate-screensaver-command --lock' &


Here is how the devd(8) config file for my phone would look like.

# cat /usr/local/etc/devd/phonelock.conf

notify 100 {
    match "system" "USB";
    match "subsystem" "DEVICE";
    match "type" "ATTACH";
    match "vendor" "0x04e8";
    match "product" "0x6860";
    match "sernum" "31000e243eb5a12e";
    action "pkill -9 mate-screensaver && su -l vermaden -c 'env DISPLAY=:0 mate-screensaver' &";

notify 100 {
    match "system" "USB";
    match "subsystem" "DEVICE";
    match "type" "DETACH";
    match "vendor" "0x04e8";
    match "product" "0x6860";
    match "sernum" "31000e243eb5a12e";
    action "su -l vermaden -c 'env DISPLAY=:0 mate-screensaver-command --lock' &";

Now restart the devd(8) daemon so it will read new configuration files.

# service devd restart
Stopping devd.
Waiting for PIDS: 1458.
Starting devd.

Viola! Now you can lock and unlock your screen just by attaching or detaching your phone. I do not have any fancy video on how it behaves but you must trust me that is less then a second to lock and unlock the laptop now – be sure to keep and additional eye on your phone now, as it can unlock the access to all your files now ๐Ÿ™‚

You can of course use any USB device or even network actions – any event that is supported by the devd(8) daemon.

You can of course create such lock/unlock config when you attach/detach your phone and additionally configure power down action when you detach other USB device.

I forgot to mention it, that method does not disables the ‘classic’ password authentication – it just adds automatic screen lock/unlock when you attach your phone – you can still login (unlock) using just password on the mate-screensaver lock screen.

UPDATE 1 – Better devd Sniffing – Better Unlock Method

As oh5nxo from Reddit suggested its not needed to stop devd and start it in ‘debug’ mode – its easier just to attach to its ‘pipe’ with nc(1) tool.

# nc -U /var/run/devd.pipe

There is also no need to kill(1) the mate-screensaver command, its more elegant to just send the mate-screensaver-command --unlock command.

Below is the updated /usr/local/etc/devd/phonelock.conf config file for the devd(8) daemon.

# cat /usr/local/etc/devd/phonelock.conf

notify 100 {
    match "system" "USB";
    match "subsystem" "DEVICE";
    match "type" "ATTACH";
    match "vendor" "0x04e8";
    match "product" "0x6860";
    match "sernum" "33000e343fb4a42d";
    action "su -l vermaden -c 'env DISPLAY=:0 mate-screensaver-command --unlock' &";

notify 100 {
    match "system" "USB";
    match "subsystem" "DEVICE";
    match "type" "DETACH";
    match "vendor" "0x04e8";
    match "product" "0x6860";
    match "sernum" "33000e343fb4a42d";
    action "su -l vermaden -c 'env DISPLAY=:0 mate-screensaver-command --lock' &";