FreeBSD tips : Setting time and date

It’s definitely a good thing to have your system clock sync itself each time you reboot using a public NTP Timeserver. FreeBSD makes this a piece of cake.

First, you’ll want to make sure your timezone is set correctly. Check /usr/share/zoneinfo for the correct time zone file, and copy it to /etc/localtime. I.e.:

bash-2.05b# mv /usr/share/zoneinfo/zonefilehere /etc/localtime

Once you’ve done that, you will need to make sure your date and time are set within at least a few minutes of the current date and time. To do this, use the date command:

bash-2.05b# date 0408290000

The date is in YYMMDDHHMM format, the clock being a 24 hour and not 12 hour clock. To make sure the date looks correct before moving on, just type date in again:

bash-2.05b# date
Sun Aug 29 00:00:33 MDT 2004

Now that our timezone, date, and time are all set correctly, lets setup the NTP daemon to keep the system time synced-up.To do this, open /etc/rc.conf in your editor of choice, and add these lines:

ntpdate_enable=”YES”
ntpdate_program=”ntpdate”
ntpdate_flags=”-b timeserver.org”

Replace timeserver.org with a server from a public NTP timeserver list which is near you (by number of network hops, not necessarily physical location). You’ll need to Google for a list of these yourself. Voila!

Installing ports collection

http://www.freebsd.org/doc/en/books/handbook/ports-using.html”>http://www.freebsd.org/doc/en/books/handbook/ports-using.html

== CVSup Method ==

This is a quick method for getting and keeping your copy of the Ports Collection up to date using CVSup protocol. If you want to learn more about CVSup, see Using CVSup.

Note: The implementation of CVSup protocol included with the FreeBSD system is called csup. It first appeared in FreeBSD 6.2. Users of older FreeBSD releases can install it via the net/csup port/package.

Make sure /usr/ports is empty before you run csup for the first time! If you already have the Ports Collection present, obtained from another source, csup will not prune removed patch files.

I. Run csup:

# csup -L 2 -h cvsup.FreeBSD.org /usr/share/examples/cvsup/ports-supfile

Change cvsup.FreeBSD.org to a CVSup server near you. See CVSup Mirrors (Section A.5.7) for a complete listing of mirror sites.

Note: One may want to use his own ports-supfile, for example to avoid the need of passing the CVSup server on the command line. 1. In this case, as root, copy /usr/share/examples/cvsup/ports-supfile to a new location, such as /root or your home directory.
2. Edit ports-supfile.
3. Change CHANGE_THIS.FreeBSD.org to a CVSup server near you. See CVSup Mirrors (Section A.5.7) for a complete listing of mirror sites.
4. And now to run csup, use the following:

# csup -L 2 /root/ports-supfile

II.
Running the csup(1) command later will download and apply all the recent changes to your Ports Collection, except actually rebuilding the ports for your own system.

== Portsnap Method ==

Portsnap is an alternative system for distributing the Ports Collection. It was first included in FreeBSD 6.0. On older systems, you can install it from ports-mgmt/portsnap package:

# pkg_add -r portsnap

Please refer to Using Portsnap for a detailed description of all Portsnap features.

1. Since FreeBSD 6.1-RELEASE and with recent versions of the Portsnap port or package, you can safely skip this step. The /usr/ports will be created automatically at first use of the portsnap(8) command. With previous versions of Portsnap, you will have to create an empty directory /usr/ports if it does not exists:

# mkdir /usr/ports

2. Download a compressed snapshot of the Ports Collection into /var/db/portsnap. You can disconnect from the Internet after this step, if you wish.

# portsnap fetch

3. If you are running Portsnap for the first time, extract the snapshot into /usr/ports:

# portsnap extract

If you already have a populated /usr/ports and you are just updating, run the following command instead:

# portsnap update

== Sysinstall Method ==

This method involves using sysinstall to install the Ports Collection from the installation media. Note that the old copy of Ports Collection from the date of the release will be installed. If you have Internet access, you should always use one of the methods mentioned above.

1. As root, run sysinstall (/stand/sysinstall in FreeBSD versions older than 5.2) as shown below:

# sysinstall

2. Scroll down and select Configure, press Enter.
3. Scroll down and select Distributions, press Enter.
4. Scroll down to ports, press Space.
5. Scroll up to Exit, press Enter.
6. Select your desired installation media, such as CDROM, FTP, and so on.
7. Scroll up to Exit and press Enter.
8. Press X to exit sysinstall.

== Removing Installed Ports ==

Now that you know how to install ports, you are probably wondering how to remove them, just in case you install one and later on decide that you installed the wrong port. We will remove our previous example (which was lsof for those of you not paying attention). Ports are being removed exactly the same as the packages (discussed in the Packages section), using the pkg_delete(1) command:

# pkg_delete lsof-4.57

== Upgrading Ports ==

First, list outdated ports that have a newer version available in the Ports Collection with the pkg_version(1) command:

# pkg_version -v

== Upgrading Ports using Portupgrade ==

The portupgrade utility is designed to easily upgrade installed ports. It is available from the ports-mgmt/portupgrade port. Install it like any other port, using the make install clean command:

# cd /usr/ports/ports-mgmt/portupgrade
# make install clean

Scan the list of installed ports with the pkgdb -F command and fix all the inconsistencies it reports. It is a good idea to do this regularly, before every upgrade.

When you run portupgrade -a, portupgrade will begin to upgrade all the outdated ports installed on your system. Use the -i flag if you want to be asked for confirmation of every individual upgrade.

# portupgrade -ai

If you want to upgrade only a certain application, not all available ports, use portupgrade pkgname. Include the -R flag if portupgrade should first upgrade all the ports required by the given application.

# portupgrade -R firefox

To use packages instead of ports for installation, provide -P flag. With this option portupgrade searches the local directories listed in PKG_PATH, or fetches packages from remote site if it is not found locally. If packages can not be found locally or fetched remotely, portupgrade will use ports. To avoid using ports, specify -PP.

# portupgrade -PP gnome2

To just fetch distfiles (or packages, if -P is specified) without building or installing anything, use -F. For further information see portupgrade(1).

== Upgrading Ports using Portmanager ==

Portmanager is another utility for easy upgrading of installed ports. It is available from the ports-mgmt/portmanager port:

# cd /usr/ports/ports-mgmt/portmanager
# make install clean

All the installed ports can be upgraded using this simple command:

# portmanager -u

You can add the -ui flag to get asked for confirmation of every step Portmanager will perform. Portmanager can also be used to install new ports on the system. Unlike the usual make install clean command, it will upgrade all the dependencies prior to building and installing the selected port.

# portmanager x11/gnome2

If there are any problems regarding the dependencies for the selected port, you can use Portmanager to rebuild all of them in the correct order. Once finished, the problematic port will be rebuilt too.

== Upgrading Ports using Portmaster ==

Portmaster is another utility for upgrading installed ports. Portmaster was designed make use of the tools found in the “base” system (it does not depend upon other ports) and uses the information in /var/db/pkg/ to determine which ports to upgrade. It is available from the ports-mgmt/portmaster port:

# cd /usr/ports/ports-mgmt/portmaster
# make install clean

Portmaster groups ports into four categories:

*

Root ports (no dependencies, not depended on)
*

Trunk ports (no dependencies, are depended on)
*

Branch ports (have dependencies, are depended on)
*

Leaf ports (have dependencies, not depended on)

You can list all the installed ports and search for updates using the -L option:

# portmaster -L
===>>> Root ports (No dependencies, not depended on)
===>>> ispell-3.2.06_18
===>>> screen-4.0.3
===>>> New version available: screen-4.0.3_1
===>>> tcpflow-0.21_1
===>>> 7 root ports

===>>> Branch ports (Have dependencies, are depended on)
===>>> apache-2.2.3
===>>> New version available: apache-2.2.8

===>>> Leaf ports (Have dependencies, not depended on)
===>>> automake-1.9.6_2
===>>> bash-3.1.17
===>>> New version available: bash-3.2.33

===>>> 32 leaf ports

===>>> 137 total installed ports
===>>> 83 have new versions available

All the installed ports can be upgraded using this simple command:

# portmaster -a

Note: By default, Portmaster will make a backup package before deleting the existing port. If the installation of the new version is successful, Portmaster will delete the backup. Using the -b will instruct Portmaster not to automatically delete the backup. Adding the -i option will start Portmaster in interactive mode, prompting you before upgrading each port.

If you encounter errors during the upgrade process, you can use the -f option to upgrade/rebuild all ports:

# portmaster -af

You can also use Portmaster to install new ports on the system, upgrading all dependencies before building and installing the new port:

# portmaster shells/bash

Please see portmaster(8) from more information.

== Ports and Disk Space ==

Using the Ports Collection will use up disk space over time. After building and installing software from the ports, you should always remember to clean up the temporary work directories using the make clean command. You can sweep the whole Ports Collection with the following command:

# portsclean -C

You will accumulate a lot of old source distribution files in the distfiles directory over time. You can remove them by hand, or you can use the following command to delete all the distfiles that are no longer referenced by any ports:

# portsclean -D

Or to remove all distfiles not referenced by any port currently installed on your system:

# portsclean -DD

Note: The portsclean utility is part of the portupgrade suite.

Do not forget to remove the installed ports once you no longer need them. A nice tool to help automate this task is available from the ports-mgmt/pkg_cutleaves port.

FreeBSD: GRE Tunnels

And that was that!

or Lan :

FreeBSD : Install and configure Tripwire

ADD THE TRIPWIRE SECURITY COMPONENT

Setup Tripwire (ref: http://www.redhat.com/docs/manuals/linux/RHL-9-Manual/ref-guide/ch-tripwire.html)
Edit the /etc/tripwire/twcfg.txt file to reflect the following:

EDITOR =/usr/bin/pico

Edit the /etc/tripwire/twpol.txt file to reflect the following:

Install/Setup (only once):

Initialize: