INDEX
Symbols and Numbers
$ (cash symbol)
and log date format, 555
for username, 190
:: (double-colon substitution), in IPv6 addresses, 134
= or == (equal signs), 349
(line-continuation character), 306–307, 459
~ (tilde), for user’s home directory, 190
4K drives, 202
32-bit compatibility libraries, 33
32-bit Intel-style processor, 17
32-bit number, 129
64-bit Intel-style processor, 17
386BSD, xxxvi
A
ABI (application binary interface), 413–414
ACK packet, 464
ACPI (Advanced Configuration and Power Interface), 59
active memory, 535
active slices, 223
add-on software, 336
addr keyword, for CIFS configuration, 312
adduser(8) program, 171
administrative group, creating, 182–184
aesni(4) kernel module, 482, 526
agent, in SNMP, 557
aggregation protocols, 163
AIX, xli
alert log message, 547
aliased mailing lists, 504
aliases
for files, disabling, 237
for network card, 68
and outgoing connections, 148
for pkg(8) subcommands, 349
ALL EXCEPT keyword
for login restriction, 187
ALL keyword
for login restriction, 187
allow option, for TCP wrapper rule, 459
AllowGroups option, for SSH, 496
AllowTcpForwarding, 495
AllowUsers option, for SSH, 496
Amanda, 87
AMD, xlii
amd64, 17
“ancient crap,” 20
Ansible, 64
a.out binaries, 408
Apache web server
and httpd program, 456
packages, 341
Apple, macOS, xl
applications, boot environment and, 279
applications (of OSI), 126
apropos mount_, 282
archives
compression for, 91
list mode for, 90
ARP (Address Resolution Protocol), 141–142
ashift property, 268
AT&T, xxxiv
atime (access-time stamp), disabling, 236
attach rules, for devd(8), 299
attachments, building kernel and, 106–107
attackers. See intruders
authoritative nameservers, 150
autoboot_delay option, 58
AUTO_INSTALL, for mergemaster, 447
automounting, 318
autonegotiation, by switch, 141
autoremoval of software, 350–351
AUTO_UPGRADE, for mergemaster, 447
avail memory, 61
B
backslash (), for line continuation, 306–307, 459
backups
of jail, 564
system, 84
of working kernel, 107
Bacula, 87
bandwidth
and performance, 526
PF and, 467
Banner option, 495
base-dbg, 33
baseboard management controller (BMC), 76–77
BATCH environment variable, 374
BATCH_DELETE_OLD_FILES option, 445
beadm activate command, 278
beadm create command, 278
beadm destroy command, 279
beadm(8) program, 277
beastie_disable option, 58
begemotSnmpdCommunityString MIB, 561
Berkeley Software Distribution (BSD), xxxiv–xxxv, xxxvi
release of code, xxxvi
developers, xlix
binary branding, 414
binary files
compression and, 273
for logs, 556
binary math, 129
scheduling, 434
binary values, 99
BIOS (basic input/output system), 20, 50–51
bits, 129
blacklistctl dump command, 474
managing, 474
blacklisting, 454
blocking on disk, 532
blocks
in FFS, 232
fsck(8) program to verify, 246
$BLOCKSIZE, 250
Bluetooth, 319
bonding, 163
boot blocks, 51. See also loader
/boot/defaults/loader.conf file, 16, 57
boot environment, 259, 276–279
activating, 278
and applications, 279
at boot, 279
creating and accessing, 277–278
removing, 279
viewing, 277
/boot/kernel directory, 97, 107
/boot/kernel.good directory, 107
for boot disk, 226
and kernel, 96
/boot/loader file, 51
/boot/loader.conf file, 16, 57
boot messages file, 62
/boot/modules directory, 97
Boot Multi User loader option, 51
configuring VLANs, 165
on legacy hardware, 222
loading modules, 105
ntpd(8) in, 506
tmpfs(5) at, 289
testing, 103
BOOTP (Bootstrap Protocol), 588
bootstrap code, 223
boot_verbose="NO" option, 58
botnets, 169
bottlenecks, 545
analysis with vmstat(8), 528–532
brandel(1), 417
branding software binaries, 417–418
bridge module, 562
broadcast address, 133
broadcast domain, 140
broadcast protocol, Ethernet as, 140
BSD 4.4-Lite, xxxvi
BSD (Berkeley Software Distribution), xxxiv–xxxv, xxxvi
license, xxxv
BSD partitions, assigning specific letters, 228–229
bsdlabel(8), 215
BSDstats Project, xxxix
bsdtar, 88
bsnmpd(8), 557
loading modules, 562
buffer overflow, 168
actions after submitting, 605
speculation vs. evidence, 603
buses, building kernel and, 106–107
bytes, 130
bzip compression, 91
C
CA (Certificate Authorities), 478–479
cables, for Ethernet, 140
Capsicum security system, 319
carmount dataset property, 262
ca_root_nns package, 478
cash symbol ($), for username, 190
CDs
burning, 27
filesystem for, 283
“certificate signer is unknown” warning, 481
CFLAGS (compiler flags) options, 324–325
CHANGES file, in Ports Collection, 365
checksum, 372
SHA512/256, 486
chflags(1), 194
chrooting, 594
tftpd(8) support for, 520
CIFS (Common Internet File System), 301, 310–315
configuring, 311
file ownership, 315
kernel modules for support, 311
name resolution, 313
prerequisites, 310
ciphertext, 475
Cisco switches, 163
clean login, for jailed environment, 577
cleartext, 475
client list, for wrappers, 457–458
clients
access to NFS export, 307
configuring for blacklistd, 473–474
diskless, 588
MAC addresses for, 514
showing available mount for NFS, 309
clock synchronization at boot, 506
cloud-scale management, 586–587
clri(8) program, 247
clustering, disabling, 236–237
code freeze, 423
cold backup, 90
comconsole, 78
command line, xlvi
customization options, 374–375
commands
question mark for listing, 55
service support for, 73
becoming, 605
Common Access Method (CAM), 202–203
common name, for server, 480
communities, for SNMP security, 560
comparison operators, in /etc/syslog.conf file, 549
COMPAT_FREEBSD32 option, for kernel, 115
components, connections, 61
Components src world kernel option, for freebsd update, 429
compress(1) command, 91
compressed installation media, 26–27
compression
for archives, 91
for log files, 556
in ZFS, 273
Computer Systems Research Group (CSRG), xxxiv
/conf/base directory, for diskless farms, 593
/conf/base/etc/diskless_remount, 593
/conf/default directory, for diskless farms, 593
confidentiality, of cryptosystems, 475
configtest command, 73
configuration files, in packages, 337
connected protocol, 138
connectionless protocol, 137
connections, outgoing, and aliases, 148
console, 584
insecure, 585
consumer, for geoms, 206
context switch, 396
continuation line, (backslash) for, 306–307, 459
CONTRIBUTING.md file, in Ports Collection, 365
contributors, xxxviii
cookies, 379
Coordinated Universal Time, 504
COPTFLAGS, 325
copycenter, xxxv
copying files, over SSH, 498–499
COPYRIGHT file, in Ports Collection, 365
configuring, 46
cpio, 87
CPU
bottleneck analysis with vmstat(8), 531
and performance, 526
threads waiting for, 529
trimming kernel for type, 113
usage, 543
CPU core, 399
cpu entry, in kernel configuration file, 108
CPU package, 399
configuring, 608
swap partition for, 25
types, 610
crashinfo(8), 609
crit log message, 547
crontabs, 520
generating key, 597
CSRG (Computer Systems Research Group), xxxiv
CTM, 435
CUPS (Common Unix Printing System), 516
current resource limits, 190
customizable builds, xliii
customization files, 16
customization options
Ports Collection, for command line, 374–375
setting default versions, 376–377
CVS (CVSup), 435
CXXFLAGS, 325
D
daemon, name in wrapper, 456
DAEMON provider, 404
data integrity. See also integrity check
and lost data, 245
database files
backup process and, 90
changes, 88
updating for mergemaster, 447
database software, shutdown and, 74
datagram protocol. See UDP (User Datagram Protocol)
datalink layer (of OSI), 125, 127–128, 138
creating, 261
destroying and renaming, 261–262
inheritance, 261
unmounted parent, 262
date
ISO 8601 time format, 555
for password changes, 176
deadlock, 399
deadly embrace, 399
debug log message, 548
debugging symbols, 33
debug.kdb.panic sysctl, 609
DEBUG_LEVEL, in pkg.conf file, 340
decimal math, 129
for computing netmasks, 132
default accept vs. default deny, 454–455
default config, not copying, 17
default directory, 16
default GPT partitioning, 36
DEFAULTS file, 109
DEFAULT_VERSIONS variable, 376–377
Defense Advanced Research Projects Agency (DARPA), xxxiv
DEGRADED pool state, 275
deleting
shared libraries, 445
slices, 226
user accounts, 178
deny option, for TCP wrapper rule, 459
DenyGroups option, for SSH, 496
DenyUsers option, for SSH, 496
dependencies, 346
for jails, 575
packaged, 378
in poudriere, 392
removing, 350
desktop FreeBSD, xlvi
DESTDIR setting, 569
detach rules, for devd(8), 300
/dev/console, 584
/dev/esa0 device node, 85
/dev/nsa0 device node, 85
/dev/pts, 584
/dev/sa0 device node, 85
/dev/ttyu, 584
/dev/ufs file, 239
devd(8) daemon, 320
dynamic device management with, 299–300
devfs(5) program, 281, 295–300
in jail, 570
devfs.conf(5), 297
devfs_hide_all rule, 297
devfs.rules file, 297
“device busy” error, 217
device daemon, 320
device drivers, 5
Common Access Method (CAM), 202–203
in kernel, 115
loading, 105
man pages for, 61
for proprietary hardware, 19
device name, for root partition, 53
device nodes, 62
filesystem for managing, 295–300
permissions of, 296
for tape drives, 85
DEVICE_POLLING, 162
devices entry, in kernel configuration file, 108
DHCP (Dynamic Host Configuration Protocol), 41, 144, 149, 512–516
for diskless farms, 590
global settings for clients, 514–515
for IPv6, 42
rogue servers, 513
subnet settings, 515
dhcpd, 513
diagnostic messages, in boot process, 60
dial-up terminal, 584
diff mode, 89
digital certificates, 478. See also certificates
digital signatures, 476
directories
adding to shared library, 407–408
backups, 90
exporting multiple, in NFS, 306
hierarchies, 325
for unprivileged users, 452
dirty disks, forcing read-write mounts, 248
disable soft updates flag, 65
disaffected users, 169
disconnecting serial consoles, 80
disk controllers, SATA, 24
disk images, mounting, 292–293
disk partitioning schemes
removing, 217
disk space, for jails, 382
disklabel, 224
and MBR alignment, 225
diskless farms, DHCP for, 590
clients, 588
security for, 591
userland, NFS server and, 591–592
bottleneck analysis with vmstat(8), 530
installing files on new, 253–254
partitioning, 20, 23, 34–41, 252–253
as performance bottleneck, 532
distfile, 372
distfiles directory, in Ports Collection, 366
distinfo file, 370
DNS (Domain Name Service), 150–154
/etc/hosts, local names with, 151–152
host/IP information sources, 151
nameservice configuration, 152–153
domain, accessing in CIFS, 314–315
domain keyword, 152
download timing, 344
Dragonfly Mail Agent (DMA), 499, 500–503
forwarding mail beteen users, 503–504
drives. See also disks
reattaching and detaching, 276
replacing, 276
DTrace, xli
du(1) program, 251
dual console, 78
dual-stack setup, 130
DuckDuckGo, 11
dump partition, 37
dump(8) command, 87
backup level for, 210
and snapshots, 244
dumps. See crash dump
DVD images, 27
Dvorak keyboard layout, 69
dynamic device management, with devd(8), 299–300
E
ECC RAM, 21
ECDSA key, 493
ED25519 key, 493
$EDITOR environment variable, 175
EFI (Extensible Firmware Interface), 20
ejecting removable media, 285
ELF binaries, 408
attachments, 13
etiquette for requesting help, 12–13
email signatures, 13
emerg log message, 547
emergency disk space, 252
empty filesystem file, creating, 293–294
emulation, ABI reimplementation vs., 414
Encrypt Disks option, 39
Encrypt Swap option, 39
evaluating need for, 596
of partitions, 65
enterprise network, 580
environment variables, 356
cron and, 521
EoL (End of Life), of release, 26
epochal seconds, and real dates, 487–488
equal signs (= or ==), 349
erase command, 87
err log message, 547
error messages, xlvii
Escape to loader prompt option, 52
/etc/adduser.conf file, configuring, 172–173
/etc/amd.map file, 318
/etc/auto_master file, 318
/etc/blacklistd.conf file, 319, 471
/etc/bluetooth file, 319
/etc/casper directory, 319
/etc/cron.d, 319
/etc/csh.*, 319
/etc/ddb.conf file, 319
/etc/defaults/devfs.rules file, 320
/etc/defaults/periodic.conf, 327–328
/etc/defaults/rc.conf file, 62
/etc/devd.conf file, 320
/etc/devfs.conf file, 296–297, 320
/etc/devfs.rules file, 320
/etc/dhclient.conf file, 320
/etc/disktab file, 320
/etc/dma/dma.conf file, 501, 502
/etc/freebsd-update.conf file, 429–430, 579
configuring, 253
and file-backed filesystems, 294
for jail, 573
and memory disks, 292
mounting partitions listed, 234
/etc/ftp.* file, 321
/etc/group file, 180–181, 441–442
/etc/hostid file, 321
/etc/hosts file, 151
/etc/hosts.allow file, 456–462
example, 462
/etc/hosts.equiv file, 321
/etc/hosts.lpd file, 322
/etc/jail.conf file, 568, 569–573, 574
/etc/localtime file, 322
/etc/locate.rc file, 323
/etc/login.*, 323
/etc/login.access file, 185
/etc/login.conf file, 188, 189
/etc/mail/aliases file, 503–504
/etc/mail/mailer.conf file, 500
/etc/make.conf file, 324–325, 375, 439, 448–449
and single ports, 376
WRKDIRPREFIX option, 380
/etc/master.passwd file, 173–174
/etc/motd file, 325
/etc/mtree directory, 325
/etc/netstart shell script, 54, 326
/etc/network.subr shell script, 326
/etc/newsyslog.conf file, 553
sample entry, 557
/etc/newsyslog.conf.d/ directory, 553
/etc/nscd.conf file, 326
/etc/nsmb.conf file, 311
/etc/nsswitch.conf file, 151, 507
/etc/pam.d/*, 327
/etc/pccard_ether script, 327
/etc/periodic.conf file, 327–328, 355
/etc/pf.conf file, 328, 465–467
/etc/pf.os file, 328
/etc/phones file, 328
/etc/pkg file, 356
/etc/pkg/FreeBSD.conf file, 356–357
/etc/printcap file, 329, 517–518
/etc/profile file, 329
/etc/pwd.db file, 173–174, 329
/etc/rc script, 62–63, 71–74, 380, 539
debugging custom, 405
REQUIRE statement in, 405
and securelevel, 197
/etc/rc.conf file, 62, 145–146, 568
changing from command line, 63–64
cloned_interfaces, 164
to enable sshd at boot, 492
frozen with schg, 198
ifconfig statements in, 148
for jail, 574
to enable blacklistd, 471
kern_securelevel_enable, 195
network routing options, 68–69
/etc/rc.d/sendmail script, 503
/etc/rc.subr file, 404
/etc/regdomain.xml file, 330
/etc/resolv.conf file, 152, 153
/etc/rpc, 330
/etc/sc.d/localpkg, 405
/etc/security/ directory, 330
/etc/shells file, 179
/etc/skel file, 331
/etc/snmpd.config file, 560
/etc/src.conf file, 331, 439, 448–449
SVN-UPDATE, 437
/etc/ssh, 331
/etc/ssh/sshd.config file, 473, 494
/etc/ssl/ directory, 331
/etc/ssl/openssl.cnf file, 477
/etc/sysctl.conf file, 160
/etc/syslog.conf file, 548
comparison operators, 549
space or tabs, 551
/etc/syslog.d/ directory, 548
/etc/termcap, 332
/etc/termcap.small, 332
console entry, 585
/etc/unbound/, 332
/etc/wall_cmos_clock file, 332
/etc/zfs/ directory, 333
speed, 141
evaluations, in queries, 348–349
exec.clean option, for jail(8), 570
exec.stop command, 571
exports, mounting, 309
EXT filesystem, 283
Extensible Firmware Interface (EFI), 20
extracommands command, 73
extract mode, for tar, 90
extracted files, permissions for, 91
ezjail, 581
F
failover, 163
fallback brand, sysctls to set, 418
FAQ (Frequently Asked Questions), 7–8, 9
Fast EtherChannel (FEC), 163
Fast File System (FFS), xxxiv, 232–233
for kernel, 114
FAT (MS-DOS), 283
FAT32, formatting media, 286
FAULTED pool state, 275
faults, bottleneck analysis with vmstat(8), 531
FCODES variable, 323
fdesc(5), 301
fdisk(8), 215
FETCH_RETRY option, 344
FETCH_TIMEOUT option, 344
FFS. See Fast File System (FFS)
file-backed filesystems, and /etc/fstab, 294
file descriptor filesystem, 301
limitations, 197
setting and viewing, 194
files, xlviii
aliases for, disabling, 237
autoupdate unchanged, 447
backups to, 90
checking for obsolete, 444–445
customization, 16
installing on new disks, 253–254
moving to new dataset, 262–263
in CIFS, 315
tftpd and, 519
filesystems, xliii, 20–25. See also foreign filesystems
coherence, 88
file-backed, and /etc/fstab, 294
jailed access to part, 564
mount(8) to view mounted, 210–211
mounting and unmounting, 233–237
problems, 66
selecting, 34
size for, 243
user mounting of, 284
viewing current settings, 241–242
FILESYSTEMS provider, 404
FILESYSTEMS variable, 323
find(1) program, 244
finding
man pages, 5
snapshots, 244
blacklistd(8) and, 470
NFS and, 308
flags, for log rotation, 556
flash drives, foreign filesystems for, 284
flash (.img) format, 26
fonts, on console, 69
fortune(6), 511
old information, 336
posting to, 14
searching, 11
fragments, 249
in FFS, 232
PF and, 466
FreeBSD. See also upgrading FreeBSD
problem-solving resources, 9–11
resources for troubleshooting, 601–602
security announcements, 170–171
support model, 426
snapshots, 425
which to use, 427
FreeBSD attitude, 2
freebsd-boot partition, 36
reasons for volunteers, 615
FreeBSD Foundation, 9
diskless farm configuration, 592–594
FreeBSD Journal, 9
FreeBSD Porter’s Handbook, 393
FreeBSD Project
leadership, 614
submitting improvements to, 600
FreeBSD-specific time, 555
freebsd-update cron command, 434
freebsd-update install command, 433–434
freebsd-update rollback command, 434
freebsd-update upgrade command, 431
FreeBSD.conf file, 390
FREEBSD_HOST variable, 383
FREEBSD_ID option, for mergemaster, 447
FreeNAS, xl
Frequently Asked Questions (FAQ), 7–8, 9
fsck(8) program, 52, 246–248, 608
-y flag, 247
fsdn(8) program, 247
fstyp(8) program, 284
ftpd(8) daemon, 321
and user login, 179
full dump, 610
fully qualified domain name, 67
G
GBDE (GEOM-Based Disk Encryption), 22, 65, 595–596
geli init, 597
GENERIC install, 105
GENERIC kernel, 420
GENERIC.hints file, 109
autoconfiguration, 205
device nodes and stacks, 208
labels, 214
vs. volume managers, 206
withering, 214
GEOM classes, 205
geom_eli.ko kernel module, 596
geom_journal kernel module, 240
getty(8) program, 539
GhostBSD, xl
GIDs file, in Ports Collection, 365
git(1), 16
gjournal label command, 240
gjournal provider, creating, 240
glabel create command, 214
glob(3), 556
gmirror(8) class, 205
Google, 11
gpart add command, 229
gpart bootcode command, 222
gpart create command, 217, 227
gpart delete command, 226
gpart destroy command, 217, 252–253
gpart modify command, 221
gpart resize, 221
gpart show command, 215, 218, 220, 221, 226, 227–228, 229, 285
gpart(8) command, 214–217, 220
for managing MBR slices, 225–226
GPT (GUID Partition Tables), 20, 209, 595–598
default partitioning, 36
expanding disks, 223
GUID labels, 213
partitions
changing labels and types, 221
resizing, 221
types, 219
scheme creation, 252
gptzfsboot(8), 218
Greenwich Mean Time, 504
administrative group, creating, 182–184
to avoid root, 182
creating, 181
membership changes, 181
system accounts, 182
growfs(8) command, 243
gstat(8), 532
GUID (globally unique identifier), for GPT partition, 211
GUID Partition Tables (GPT), 20, 23
gvinum(8), 206
gzip compression, 91
H
halt(8) command, 74
multiple, 24
hardening options for system, 44–45
hardware
cryptographic support, 482
customized with FreeBSD, 583
device names for, 62
as files, xlviii
optimizing network, 159
proprietary, 19
hardware clock, 60
hardware MIBs, 100
hardware threading, 400
help, 600
responding to email, 14
mailing lists and forums for, 2
finding, 5
navigating, 5
sections, 4
minimizing requests, 2
home directory, 46
for user, 172
$HOME environment variable, 570
$HOME/.nsmbrc file, 311
/home partition, 23
host addresses, for login restriction, 187
“host key has changed” message, 595
host.allow option, 192
host.deny option, 192
Hostess module, 562
hostname, 67
false, for Dragonfly, 501
for login restriction, 186
hot-swappable hardware, 299–300
HTTP_PROXY environment variable, 356
hubs, for Ethernet, 140
human errors, recovery from, 55
hushlogin environment variable, 191
HyperThreading, 400
hypervisors, FreeBSD on, 20
I
i386 platform, 17
ICMP (Internet Control Message Protocol), 126, 136–137
PF and, 468
ident entry, in kernel configuration file, 108
ifconfig(8) command, 68, 144–145
to create VLAN interfaces, 164–165
to enable polling, 162
ignorelogin environment variable, 191
illumos, xli
Image Writer for Windows, 27
inactive memory, 535
INCLUDE_CONFIG_FILE option, 117–118
INDEX file, in Ports Collection, 365
INET networking option, for kernel, 114
changing behavior, 512
jail for, 567
sample configuration, 511
servers configuration, 510–511
wrappers and, 456
infinite loop, memory allocation with, 25
info log message, 548
inheritance
of dataset properties, 261
init(8), 539
inodes (index nodes), 232
fsck(8) program to verify, 246
input/output
and performance, 526
top(1) tool and, 538
install clean command, 380
installing
jail packages, 578
kernel, 439
Linux packages, 419
packages on diskless client, 594–595
poudriere, 383
poudriere ports tree, 386
from Ports Collection, 370–381
network and service configuration, 41–46
configuration with UCL, 17
integers, 99
integrity check
of cryptosystems, 475
resiliency and, 237
in ZFS, 265
Intelligent Platform Management Interface (IPMI), 76–77
interface
multiple IP addresses on single, 147–148
testing, 146
internet, accessibility of old data, 14
Internet Control Message Protocol (ICMP), 126
Internet Protocol (IP), 125
interruptible NFS mount, 309
intruders
mtree for preparing for, 485–489
ioapic device, 61
iocage, 581
iostat(8), 528
IP addresses
attaching syslogd(8) to single, 552
for BMC, 76
for interface, 68
multiple on interface, 147–148
sshd listening to, 494
unusable, 133
IP Filter, 463
IP (Internet Protocol), 125
IPFW, 463
IPMI (Intelligent Platform Management Interface), 76–77
SOL (Serial-over-LAN) connections, 80–81
IPSEC networking option, for kernel, 114
IPv4, 41
IPv4-only stack, 130
assigning, 136
IPv6 network, 42
exporting to, 307
IPv6-only stack, 130
ISC DHCP server, 513
ISO 8601 time format, for logs, 555
ISO 9660 filesystem, 283
burning to optical media, 287
IVCSW (involuntary context switches), 538
J
jail ID, 575
at boot, 568
clean login for, 577
defining, 570
dependencies, 575
disk space, 382
in-jail startup, 571
installing packages, 578
notes on, 581
parameters as variables, 572–573
userland, 569
startup and shutdown, 574
testing and configuring, 573–574
jls(8), 575
job control, xxxiv
periodic(8), 323, 327, 523–524
journaling
and recovery, 246
Joy, Bill, xxxv
JSON, 17
K
KeepModifiedMetadata, for freebsd update, 429
kenv(8), 101
Kerberos authentication, 10, 301
buses and attachments, 106–107
preparation, 106
working kernel backup, 107
building, installing, and testing, 439–440
configuration file format, 107–109
configuration, no option and include, 119
enabling crash dumps, 44
inclusions, exclusions and expansion, 119–121
and jails, 564
locks, 399
options, 58
kernel-dbg, 33
kernel debugger configuration utility, 319
kernel memory, minidump of, 25
loading and unloading, 104
loading in boot process, 105
skipping, 121
kern.elf32.fallback_brand sysctl, 418
kern.elf32.nxstack sysctl, 485
kern.elf64.fallback_brand sysctl, 418
kern.elf64.nxstack sysctl, 485
kern.hostname sysctl, 97
kern.ipc.nmbclusters systcl, 160
kern.ipc.somaxconn systcl, 161
kern.maxusers systcl, 160
keyboard, console options for, 69–70
keymap, selecting, 31
KeyPrint option, for freebsd update, 429
keystrokes, script to copy, 92
keyword searches, on man pages, 5
Keywords directory, in Ports Collection, 365
kldload(8), 104
kldunload(8), 104
knobs, 62. See also tunables
KNOWN keyword, for TCP wrapper, 458
kqueue(2), 413
krb5, 10
L
labels. See also BSD labels
changing for GPT partition, 221
for partition, 37
viewing, 212
LACP (Link Aggregation Control Protocol), 163
lagg(4), 163
configuring, 164
laptop theft, 596
ldconfig_local_dirs variable, 407
ldconfig_paths variable, 407
LD_LIBRARY_PATH environment variable, 71, 409–410
LD_PRELOAD environment variable, 409–410
legacy boot, 20
legacy hardware, boot process on, 222
legacy mode, 50
LEGAL file, in Ports Collection, 365
legal restrictions
on software, 337
Let’s Encrypt, 481
Level 2 Adaptive Replacement Cache (L2ARC), 267
libiconv.ko module, 311
libmchain.ko module, 311
libraries. See shared libraries
license, 337
line-continuation character (), 306–307, 459
link aggregation, 163
Linux, xli
commercial software, 420
testing, 417
Linux packages, installing, 419
Linux process filesystem, 301
Linuxator
installing and configuring, 415
userland, 416
Linuxisms, 413
ListenAddress, 494
live system, activating, 93
lm75 module, 562
load average, 534
load, once-in-a-lifetime vs. standard, 161
booting from, 57
variables, 56
loader configuration file, 16
loader.conf file, 104
loader_logo option, 58
local blacklistd rules, 471
local build, installing jail from, 385–386
local configuration files, 16
LOCAL, for login restriction, 187
local mail delivery, disabling, 501
local partitions, mounting, 53
LOCALBASE variable, 381
localpkg script, 405
locate(1), 323
lock order reversal, 399
locking
user accounts, 178
log rotation, 553
logical block addressing (LBA), 202
logical port, 138
login(8), 539
class definitions, 188
LoginGraceTime, 495
logins
on serial console, 81
logs, 66
backup process and, 90
changes, 88
of connection attempt, 460
overlap, 551
for poudriere, 389
rotation by size and time, 555
from script(1) command, 92
sending messages to programs, 550
specifying senders, 552
message levels, 547
in verbose mode, 553
loopback device, 117
lost+found directory, 246
lp (default printer), 517
lpd(8) printing daemon, 70, 516, 517–518
LPD (Line Printer Spooler Daemon), 516
ls command, for viewing flags, 194
lsof package, 490
lz4 compression algorithm, 273
M
for clients, 514
for DHCP client, 589
macOS, xl
macros, configuring for PF, 466
MAIL environment variable, 190
mail server, 499
mailing lists, 2
aliased, 504
archives, 8
searching, 11
for FreeBSD-stable, 424
general questions, 13
old information in archives, 336
MAILNAME, for dma(8), 501
mailq(1) program, 500
MailTo root option, for freebsd update, 429
maintenance jobs, 327, 545–546
major release, 422
make build command, 373
make buildkernel command, failure, 118
make buildworld command, 438
make check-old command, 444
make check-old-libs command, 445
make checksum command, 372
make clean command, 380
make config-recursive command, 377
make configure command, 373, 374
make deinstall command, 379
make delete-old-libs command, 445
make depends command, 373
make extract command, 373
make fetch command, 372
make install command, 373
make installkernel command, 111, 439
make installworld command, 443–446
make missing command, 378
make package command, 379
make patch command, 373
make pretty-print-config command, 374–375
make readmes command, 369
make rmconfig-recursive command, 377
make showconfig command, 375
make(1) program, 362
SMP and, 400
make_buildkernel command, 110
make_distribution command, 569
makeoptions entry, in kernel configuration file, 108
malloc-backed memory disks, 290
contents, 6
finding, 5
navigating, 5
manpath environment variable, 191
MASQUERADE, for dma(8), 501
MaxAuthTrie, 495
maximum resource limits, 190
MBR (master boot record), 20, 208–209, 218, 222
and disklabel alignment, 225
partitioning, 23
mbrowse, 559
memory, 61
allocation in infinite loop, 25
bottleneck analysis with vmstat(8), 529
and network optimization, 159–161
and performance, 526
for /tmp, 65
memory disks, 117, 289, 290–292
creating and mounting, 290–291
and /etc/fstab, 292
shutdown, 291
MergeChanges option, for freebsd update, 429
merged from current (MFC), 424
message of the day (motd) file, 325
metadata, 232
MIBs (management information base), 98–99
Microsoft Outlook, email from, 13
minidump, 610
of kernel memory, 25
MINIMAL file, 110
MINIMAL kernel, 111
minor release, 422
Mirror Swap option, 39
mirror VDEVs (virtual devices), 266, 274
mixpasswordcase option, 192
Mk subdirectory, in Ports Collection, 366
mkisofs(1), 287
mksnap_ffs(8) program, 244
modular kernel, 96
MODULES_OVERRIDE option, 121
monitor
console options for, 69
display on, 70
monitoring system security, 489–490
mount point, 209
temporary, for new partition, 253
for foreign filesystems, 282–284
options, 210
mountd(8) daemon, 303
mounting
exports, 309
local partitions, 53
thumb drive, 285
mounts
showing available for NFS client, 309
MOVED file, in Ports Collection, 365
moving
package cache, 345
msdosfs mount type, 283
mt(1) command, 87
exclusion file, 488
checking for differences, 488–489
saving, 488
multitasking, preemptive, 397
N
name service, 150. See also DNS (Domain Name Service)
named(8) program, 553
names
for boot environment, 277
for interfaces, changing, 148–149
nameserver list, 153
navigating man pages, 5
nbns keyword, for CIFS configuration, 312
NDP (Neighbor Discovery Protocol), 142
net-snmp, 559
Netflix, xxxvii
Netgraph module, 562
net.inet.ip.portrange.reservedhigh, 139
net.inet.ip.portrange.reservedlow, 139
net.inet.tcp.cc.available sysctl, 528
computing in decimal, 132
to calculate mbuf clusters, 160
per-protocol performance statistics, 158
viewing open network connections, 156–157
bandwidth, and performance, 526
bits and hexes, 128
installing jail from, 384
interface selection, 41
optimizing performance, 158–162
maximum incoming connections, 161
performance monitoring, 527–528
in single-user mode, 54
traffic control, 454
network adapter
aliases for, 68
Network Address Translation (NAT), PF and, 467
Network Configuration screen, 41–42
network daemons, 66
Network File System (NFS). See NFS (Network File System)
network layer (of OSI), 125, 127, 128
network number, 133
network-related options, for kernel, 114
network secure mode, 196
network stacks, 130
Network time protocol (NTP), 505, 567–568
NETWORKING provider, 404
newfs_msdos(8) program, 286
newsyslog(8), 553
NFS (Network File System), 301–310
exporting multiple directories, 306
exports configuration, 304–308
and firewalls, 308
interoperability, 302
and jails, 567
kernel options supporting, 115
server
and diskless client userland, 591–592
and upgrades, 448
versions, 302
zfs(8) for managing, 308
nfsd(8), 303
Nintendo GameCube, emulator, 413
nmbclusters, 160
noasync mounts, 236
nobody account, 453
noexec mount option, 236
nologin environment variable, 191
nomatch rules, for devd(8), 300
nonautomatic packages, 346
changes, 352
nonrepudiation, of cryptosystems, 475
normal, defining, 527
nosymfollow option, 237
“not a working copy” error, 436
notice log message, 548
notify rules, for devd(8), 300
nscd(8) service, 326
NTP (Network time protocol), 505, 567–568
null memory disk, 290
null modem cable, 75
NULLCLIENT option, for Dragonfly, 502
O
obsolete files, checking for, 444–445
offline command, 87
OFFLINE pool state, 275
ONLINE pool state, 275
opaque sysctls, 97
opaques, 99
open files, listing all, 490
Open System Interconnection (OSI) network protocol stack, 124
applications, 126
datalink layer, 125, 127–128, 138
transport layer, 126, 127, 128
OpenBSD, xxxix
openntpd package, 568
OpenSolaris, xli
clients, 497
passwords and keys, 499
openssl s_client command, 481
operating systems
multiple, 24
packages and upgrades, 449–450
running software from wrong, 412–418
OPIE (One-time Passwords In Everything), 326–327
optical disk (.iso) format, 26
optical media
burning ISOs to, 287
/etc/fstab entry for, 285
foreign filesystems for, 284
options entry, in kernel configuration file, 108
OPTIONS_SET variable, 376
OPTIONS_UNSET variable, 376
Oracle Solaris, xl
organization employees, security risks from, 169
output. See also input/output
ownership
of device node, changing, 296
in CIFS, 315
in TFTP, 519
P
package cache, 345
package database
packaged dependencies, 378
building, 379
fetching, 344
information and automatic installs, 346
installing on diskless client, 594–595
for jails, installing, 578
maintenance, 355
networking and environment, 355–356
Ports Collection and, 363
building, 371
customization, 357
security, 490
packaging system, xliii
packet filtering, 454, 462–470
default accept vs. default deny, 463–464
and stateful inspection, 464–465
packet sniffers, 492
packets, 127
normalization in PF, 466
pagedaemon, 529
pages of memory, 529
PAM (Pluggable Authentication Modules), 327
serial consoles and, 609
parallel builds, limiting, 391
PARANOID keyword, for TCP wrapper, 458
parent datasets, unmounted, 262
partition table, 38
partitioning schemes, 23, 35, 208–209
MBR (master boot record), 223–226
adding new, 37
alignment, 220
encrypted, 65
mount point for, 209
passphrase, 597
for certificate, 480
for full-disk encryption, 39
passwd_format option, 191
password
changing, 174
in CIFS, 314
default for new users, 173
for dma(8), 502
expiration, 176
for group, 181
for OpenSSL, 499
for single-user mode, 585
for user, 172
password keyword, for CIFS configuration, 312
patches
levels, 422
PATH environment variable, 190, 191
path, for log file, 553
patterns, for queries, 347
pax, 87
performance
computer resources and, 526–527
bottleneck analysis with vmstat(8), 528–532
disk I/O, 532
per-protocol statistics, from netstat, 158
periodic(8), 323, 327, 523–524
permissions
of device node, 296
for extracted files, 91
and foreign filesystems, 283–284
for logs, 554
PermitRootLogin, 495
PF module, 562
PF (packet filter), 463
and blacklistd(8), 471
for active anchor, 471
pf.ko module, 463
pfSense project, xl
PGID (process group ID), 539
pgrep(1), 576
physical address, 141
physical layer (of OSI), 124, 128
physical serial lines, 79
ping, 146
pkg autoremove command, 351
pkg check command, 355
pkg-check(8) tool, 354
pkg clean command, 345
pkg-create(8), 345
pkg delete command, 350
pkg-descr file, 370
pkg help command, 338
pkg-help file, 370
pkg install command, 342–343, 354, 390
pkg-plist file, 370
pkg query command, 347
pkg remove command, 379
pkg unlock command, 353
pkg update command, 358
pkg upgrade command, 359
pkg which command, 353
command aliases, 349
common options, 339
fetch, 344
and jails, 578
repository download, 390
pkg.conf file, 390
customizing download behavior, 344
DEBUG_LEVEL in, 340
PKG_CACHDIR, 345
PKG_ENV section, 356
pkgNG, 336
pkg_query(8), 387
PKG_REPO_SIGNING_KEY variable, 393
pkg_static(8), 449
pkg_tools, 336
pkg_upgrade command, 449
PMBR (protective master boot record), 218, 222
polling
mode, 527
pool. See zpool (storage pool)
portability of FreeBSD, xlii
porting, 412
portmaster, 371
review of open, 198
updating installed, 450
Ports Collection, xliii, 336, 358, 361–393
cleaning up ports, 380
customization options, 373–381
installing software from, 370–381
and Linux mode, 418
port flavors, 378
problem ports, 389
tracking build status, 379–380
uninstalling and reinstalling ports, 379
ports tree, 363. See also Ports Collection
read-only, 380
portsnap cron update command, 364
portupgrade, 371
posting to forums, 14
poudriere bulk command, 388
poudriere options command, 388
poudriere package-building system, 361, 371, 381–391
installing and configuring, 383
installing ports tree, 386
large and small systems, 391–392
package list for, 387
repository, 389
resources, 382
poudriere ports command, 386
PowerPC, 18
preemptive multitasking, 397
preening, 246
prefix length, 131–133. See also netmasks
PREFIX variable, 381
primary partitions, 223
Primordial Unix Compression, 91
printer, configuration information, 329
priority environment variable, 191
private key, 476
process ID (PID), 533
for jails, 575
process state, 539
processes
bottleneck analysis with vmstat(8), 529
priority in top(1) tool, 544
rescheduling to balance, 543
vs. thread, 401
processors
multiple, 396
virtual, 400
procfs (process filesystem), 416
production releases of FreeBSD, 26
programs, logging by name, 550
proprietary hardware, 19
protective master boot record (PMBR), 218
provider, for geoms, 206
proxy server, need for, 356
PRUNEPATHS variable, 323
pseudodevices, in kernel, 116–117
pseudorandom numbers, 117
pseudoterminal, 584
public-key encryption, 475–482
public-key files, 493
PuTTY, 497
pw(8) command, 178
PXE (Preboot Execution Environment), 588
Q
qemu-user-static package, 382
quarterly branches, in package system, 358
queries
remote, 347
QWERTY keyboard, 69
R
ZFS and, 22
and pools, 267
virtual devices, 274
RAID-Z2, 266
RAID-Z3, 266
RAM, 61. See also memory
random password generator, 172
random quote generator, 510–511
range keyword, in dhcpd, 515
read-only mounts, 235
read-only sysctls, 100
read-write mounts, forcing on dirty disks, 248
README file, in Ports Collection, 366, 369
real memory, 61
reboot(8) command, 74
rebooting, to test interface changes, 149
recursion, front-loading, 377–378
recursive nameserver, 150
redundancy, 274
Reed, Darren, 463
regular expressions, in ruleset, 298
Release Engineering team, 424
releases of FreeBSD, 422
reload command, 73
remote blacklistd rules, 471, 472
remote computers, intruders and, 168
remote modems, phone numbers for, 328
removable hardware, kernel support for, 117
removable media
ejecting, 285
foreign filesystems for, 284–288
REMOVED pool state, 275
repositories
customization, 357
REQUIRE statement, in rc script, 405
requirehome environment variable, 191
reserved ports, 139
resilvering, 274
resolver, 150
resources
restarting, services, 72
retension command, 87
rewind command, 87
rmuser(8) program, 178
rndc(8), 184
rollback of FreeBSD update, 434
root
email sent to, 503
in jail, 564
password change by, 174
server login as, 495
user changes by, 176
user groups to avoid, 182
root dataset, 259
root directory, for tftpd, 518
root filesystem
partition letter for, 228
as read-write, 53
root partition, for filesystem, 37–38
root password, 41, 46, 179–180
for jail, 574
requiring, 484
root user, and NFS server, 305
rootkit-hunting software, 490
rotating logs, by size and time, 555
routers option, in dhcpd, 515
rpcbind(8) daemon, 303
RPCs (remote procedure calls), 303, 330
RSA key, 493
rsync(8) program, 352
running processes, 534
runtime tunable sysctl, 101
RUN_UPDATES option, for mergemaster, 447
S
Safe Mode, 59
Samba, 315
sappnd flag, 193
SATA disk controllers, 24
/sbin/nologin, 183
scheduling
to balance processes, 543
binary updates, 434
schg flag, 193
scp(1), 498
script(1) command, 92
scripts, startup and shutdown, 402–405
scrubbing, 466
SCSI drives, for tape backups, 84
SCSI_DELAY option, for kernel, 115
SCTP transport protocol, in kernel, 114
searching ports index file, 368–369
SEARCHPATHS variable, 323
sector size, 202
Secure Shell, 331
limitations, 197
data protecton, 428
default accept vs. default deny, 454–455
for diskless systems, 591
FreeBSD announcements, 170–171
secure console, 484
hacking, 490
for inetd, 509
LD_ environment variables and, 409
for packages, 490
preparing for intrusions with mtree(1), 485–489
removable media risks, 284
TFTP and, 518
workstation vs. server, 199
security.bsd sysctl tree, 485
security.jail sysctl tree, 565
self-signed certificates, 480–481
Sendmail, 499
shutting down, 503
sendmail(8) daemon, 70
sendmail_outbound_enable, 70
Separate Intent Log (SLOG), 267
disconnecting, 80
and panics, 609
server security, vs. workstation, 199
ServerName update.freebsd.org option, for freebsd update, 429
SERVERS provider, 404
service(8) command, 71–73, 402
services
for jails, 566
listing and identifying enabled, 71–72
restarting, 72
set command, 56
setenv environment variable, 191
setuid programs, disabling, 236
severity option, for log message, 460
sftp(1), 498
adding directories to search list, 407–408
attaching to programs, 406–409
program requirements, 409
versions and files, 406
sharenfs property, for NFS exports, 308
shares, mounting in CIFS, 313–314
shell environment variable, 191
$SHELL environment variable, 570
shell scripts, variables, 461
selecting, 52
for user, 172
shorn write, 270
show command, 56
showmount(8) command, 309
memory disks, 291
and stopping jails, 568
syncer and, 245
shutdown(8) command, 74
SID (session ID), 539
SIGHUP, logfile rotation on, 557
signal, for log rotation, 557
single-key ciphers, 475
network in, 54
upgrades and, 448
skipping modules, 121
SLAAC, 42
sleeping processes, 534
slices, 223
activating, 226
removing, 226
smart host, for Dragonfly, 501
SMB (Server Message Block), 310
smbfs.ko module, 311
view command, 313
SMP (symmetric multiprocessing), 115, 396–401
problems, 399
SMT (Simultaneous Multi-Threading), 400
accessing, 272
destroying, 273
finding, 244
of FreeBSD-current and -stable, 425
taking and destroying, 244
vs. journaling, 238
ZFS, 276
SNMP (Simple Network Management Protocol), 557–562
MIBs (management information base), 558–559
sockstat(1), 155, 198, 489, 566
soft updates, 237
software
add-on, 336
attaching shared libraries to, 406–409
building, 362
commercial for Linux, 419
from Ports Collection, 370–381
jail for, 565
running from wrong architecture or release, 420
running from wrong OS, 412–418
binary branding, 414
emulation, 413
software binaries, branding, 417–418
SOL (Serial-over-LAN), 74
solid-state disks, TRIM protocol, 242–243
sort(1) program, 251
source code, 336
building FreeBSD from, 437–448
for FreeBSD upgrade, 435
for kernel, 106
for port, 371
updating, 436
upgrading from, 428
Sparc hardware, 18
spawn option, for TCP connection, 461–462
special mounts, 234
SRV record, 357
SSH (Secure Shell), 44, 478, 491–499
keys and fingerprints, 493
diskless clients and, 595
enabling blacklistd in, 473
user access, managing, 496
jail for, 567
SSL (Secure Sockets Layer), 478
library, 376
stack guard page, 485
stackable GEOM classes, 205
standard error, xlvii
standard input, xlvii
standard output, xlvii
STAPE environment variable, 85
startup services, 44
startup/shutdown scripts, from vendors, 405
stateful protocol, 138
stateless protocol, 137
storage
device control programs, 205
hard disks, partitions and schemes, 208–209
identifying devices, 204
on jail host, 565
streaming protocol, 138
strings, 99
striped VDEVs (virtual devices), 265
su(1) (switch user) command, 179
Subversion (SVN), 435
updates, 436
sunlnk flag, 193
superblock, 232
SVN (Subversion), 435
svn(1), 16
svnlite(1) command, 435
for source code, 436
swap-backed memory disks, 290
swap partition, for crash dump, 608
swap space, 24–25, 37, 39, 536, 540–541, 542
partition letter for, 228
switches
for Ethernet, 140
failure, 141
quality, 159
symbol versioning, 406
symlinks, disabling, 237
symmetric multiprocessing (SMP), 396–401
SYN packet, 464
syncer, 245
synchronous mounts, 235
MIBs (management information base), 98–99
values and definitions, 99
sysctl.out file, 97
sysctls
runtime tunable, 101
to set fallback brand, 418
viewing, 100
syslog protocol, levels, 547
syslog server, 141
facilities as source of log entry, 546–547
local facilities, 549
logging by program name, 550
processing messages with, 548–553
systat(1), 528
system accounts, 182
system administrator, xlv–xlviii
system backups, 84
system calls, 419
system clock, setting, 43
system status, top(1) tool for overview, 533
T
tables, configuring for PF, 466
tape drives, density, 86
tapes
non-default storage, 90
verbose flag for, 90
tarball, 88
targets, for Makefile, 362
Tarsnap, 87
tasting, 205
TCP/IP network protocol, 123, 124
TCP port, for Dragonfly, 501
TCP (Transmission Control Protocol), 126, 137–138
displaying retransmits, 157
NFS over, 303
keywords, 458
TCP_HHOOK networking option, for kernel, 114
TCP_OFFLOAD networking option, for kernel, 114
Templates directory, in Ports Collection, 366
temporary mount point, for new partition, 253
term environment variable, 191
terminal emulators, 79
terminal server, 75
testing
interface, 146
changes, by rebooting, 149
kernel, 439
Linux mode, 417
text editor window, 175
TFTP (Trivial File Transfer Protocol), 518–520
tftpd(8), 518
configuring, 519
threading library, 402
bottleneck analysis with vmstat(8), 529
thumb drive
with partition table, mounting, 285
writing images to, 288
“tilde-dot” disconnect sequence, 80
tilde (~), for user’s home directory, 190
time
epochal seconds and real dates, 487–488
time servers, 505
time slice, 397
local data, 322
setting, 504
timecounter, 60
timed rc script, 404
times.allow option, 192
times.deny option, 192
timezone environment variable, 191
tip(1) program, 79
TLS (Transport Layer Security), 478
connecting to protected ports, 481–482
enabling, 502
host key, 479
/tmp, memory for, 65
TMPDIR variable, 323
tmpfs(5) program, 289
Tools directory, in Ports Collection, 366
top(1) tool, 533
and I/O, 538
Transmission Control Protocol (TCP), 126
transport layer (of OSI), 126, 127, 128
transport protocol, ports, 138–139
traps in SNMP, 558
troubleshooting, 599–612. See also bug reports
TrueOS, xl
trunking, 163
tsch shell, 46
nice vs., 544
tutorials, 8
twist option, for TCP connection, 460–461
typescript file, 92
TZ environment variable, 505
tzsetup(8), 504
U
uappnd flag, 193
uart(4) device driver, 78
uchg flag, 193
UCL (universal configuration language), 17, 587
UDF (Universal Disk Format), 283
burning to optical media, 287–288
creating, 287
UDP (User Datagram Protocol), 37, 126, 137
NFS over, 303
PF and, 468
UEFI (Unified Extensible Firmware Interface), 50
UFS (Unix File System), xliii, 20, 231–255
block and fragment size, 239–240
expanding, 243
for jails, 565
minimum free space, 242
mounting, 282
and poudriere, 383
finding, 244
vs. journaling, 238
taking and destroying, 244
space reservations, 249
UFS_DIRHASH option, for kernel, 114
UIDs file, in Ports Collection, 366
umask environment variable, 191
UNAVAIL pool state, 275
uncompressed installation media, 26–27
uninstalling
ports, 379
universal configuration language (UCL), 17
University of California, Berkeley, xxxiv
Unix administrator, xlv
Unix File System (UFS), xliii, 21. See also UFS (Unix File System)
Unix-like, xlii
Unix Sytems Laboratories (USL), xxxvi
UNKNOWN rule, for TCP wrapper, 457, 458
unmounted parent datasets, 262
unmounting
memory disks, 291
unprivileged users, 45, 452–453
untarring, 90
UpdateIfUnmodified option, for freebsd update, 429
UPDATING file
for building FreeBSD, 438
in Ports Collection, 366
updating FreeBSD, source code, 436
checking for obsolete files, 444–445
and data risk, 428
methods, 428
optimizing and customizing, 434
reverting updates, 434
from source code, 435
uptime, 534
USB drives
creating key on, 597
for tape backups, 84
unmounting, 285
User Datagram Protocol (UDP). See UDP (User Datagram Protocol)
$USER environment variable, 570
user groups, 173
user sessions, logging by, 550
diskless client, NFS server and, 591–592
for Linuxator, 416
username
for dma(8), 502
false, for Dragonfly, 501
users, xxxix
account expiration, 176
deleting accounts, 178
filesystem mounting by, 284
for jail, 574
locking accounts, 178
nobody account, 453
for running tftpd(8), 519
creating user, 171
Uses directory, in Ports Collection, 366
/usr/campat/linux , 416
/usr/lib/compat directory, 445
/usr/local/etc/pkg/repos directory, 357
/usr/local/k1//k0etc/dhcpd.conf file, 514–515
/usr/local/lib, vs. per-port library directories, 408
/usr/local/poudriere dataset, 383
/usr/ports directory, 364
/usr/ports/INDEX file, 367–370
/usr/ports/LEGAL file, 369–370
/usr/ports/packages directory, 379
/usr/ports/UPDATING file, 392
/usr/share/snmp file, 559
/usr/src/UPDATING, 437
UTC (Universal Time Clock), 504
uunlnk flag, 194
V
/var/cache/pkg, 345
/var/crash, 609
/var/cron file, 520
/var/db/dhcpd.leases file, 514, 589
/var/db/freebsd-update, 430
/var/db/pkg/vuln.xml file, 490
/var/messages file, errors from background fsck, 248
/var/run/dmesg.boot file, 59, 62, 84
variables. See also tunables
VCSW (voluntary context switches), 538
VDEVs (virtual devices), 265–267
vendors, startup/shutdown scripts, 405
verbose flag, for tar, 90
verbose mode, logs in, 553
verbose_loading variable, 16
version control system, for configuration file, 16
VersionAddendum, 494
vesa_load_ioctl function, 118
vesa_unload_ioctl function, 118
vfs.nfs.diskless_valid, 592
vfs.usermount sysctl, 284
Vigor, 175
Vinum, 206
virtual devices, selecting, 40
virtual disk, expanding, 223
virtual memory, bottleneck analysis with vmstat(8), 530
virtual network stack, for jails, 564
virtual processors, 400
virtual terminal, 584
virtualization server, ZFS for, 21
vlan_ variable, 165
vmstat(8), 541
bottleneck analysis with, 528–532
vnet(9), 564
vnode-backed memory disks, 290
vnodes (virtual nodes), 233
volume managers, vs. GEOM, 206
VuXML (Vulnerability and eXposure Markup Language), 490
W
warning log message, 547
web interface, for configuring BMCs, 76
welcome environment variable, 191
wildcards, for log messages, 548–549
wired memory, 536
wireless cards, 330
WITH environment variable, 375
WITNESS, 60
WITNESS kernel option, 399
wlan module, 562
workgroup keyword, for CIFS configuration, 312
workstation, security, vs. server, 199
wrappers, 454. See also TCP wrappers
X
X Windows, 584
X11Forwarding, 495
Xenix, xli
XZ compression, 91
Y
Z
Zetabyte Filesystem (ZFS). See ZFS
zfs create command, 261
.zfs directory, 272
zfs rename command, 262
zfs set command, 260
ZFS (Zetabyte Filesystem), xli, xliii, 21–22, 257–279
Advanced Replacement Cache, 536–537
and poudriere, 383
in single-user mode, 53
and top(1), 536
zfs(8)
error messages, 270
for managing NFS, 308
zfs_destroy command, 273
zfs_list command, 272
zfs_scrub command, 274
zfs_status command, 273
zpool create command, 268
zpool get command, 264
zpool list command, 263
zpool online command, 276
zpool relace command, 276
zpool status command, 264, 268
zpool (storage pool), 259, 263
destroying, 270
and RAID-Z, 267
zpool(8), error messages, 270
zsetup(8), 322
zstatus_status command, 274