os/doc
3
0
Fork 0
Code Issues Pull requests Projects Releases Wiki Activity
doc/en_US.ISO_8859-1/books/faq/book.sgml
Daniel Harris 535be4e4eb A high securelevel doesn't mean you don't (was "do") have to follow 
good security practices.

Submitted by:	"Mike Boev" <mike@tric.tomsk.gov.ru> on -doc
2001-05-19 15:05:15 +00:00

12268 lines
510 KiB
Text
Raw Blame History

<!DOCTYPE BOOK PUBLIC "-//FreeBSD//DTD DocBook V4.1-Based Extension//EN" [
<!ENTITY % man PUBLIC "-//FreeBSD//ENTITIES DocBook Manual Page Entities//EN">
%man;
<!ENTITY % authors PUBLIC "-//FreeBSD//ENTITIES DocBook Author Entities//EN">
%authors;
<!ENTITY % bookinfo PUBLIC "-//FreeBSD//ENTITIES DocBook BookInfo Entities//EN">
%bookinfo;
]>
<book>
<bookinfo>
<title>Frequently Asked Questions for FreeBSD 2.X, 3.X and 4.X</title>
<corpauthor>The FreeBSD Documentation Project</corpauthor>
<pubdate>$FreeBSD: doc/en_US.ISO_8859-1/books/faq/book.sgml,v 1.198 2001/05/19 06:56:41 murray Exp $</pubdate>
<copyright>
<year>1995</year>
<year>1996</year>
<year>1997</year>
<year>1998</year>
<year>1999</year>
<year>2000</year>
<year>2001</year>
<holder>The FreeBSD Documentation Project</holder>
</copyright>
&bookinfo.legalnotice;
<abstract>
<para>This is the FAQ for FreeBSD versions 2.X, 3.X, and 4.X.
All entries are assumed to be relevant to FreeBSD 2.0.5 and later,
unless otherwise noted. Any entries with a &lt;XXX&gt; are under
construction. If you are interested in helping with this project,
send email to the FreeBSD documentation project mailing list
<email>freebsd-doc@FreeBSD.org</email>. The latest version of this
document is always available from the <ulink
URL="http://www.FreeBSD.org/">FreeBSD World Wide Web
server</ulink>. It may also be downloaded as one large <ulink
URL="book.html">HTML</ulink> file with HTTP or as plain text,
postscript, PDF, etc. from the <ulink
URL="ftp://ftp.FreeBSD.org/pub/FreeBSD/doc/">FreeBSD FTP
server</ulink>. You may also want to <ulink
URL="http://www.FreeBSD.org/search/search.html">Search the
FAQ</ulink>.</para>
</abstract>
</bookinfo>
<preface id="preface">
<title>Preface</title>
<para>Welcome to the FreeBSD 2.X-4.X FAQ!</para>
<para>As is usual with Usenet FAQs, this document aims to cover the
most frequently asked questions concerning the FreeBSD operating
system (and of course answer them!). Although originally intended
to reduce bandwidth and avoid the same old questions being asked
over and over again, FAQs have become recognized as valuable
information resources.</para>
<para>Every effort has been made to make this FAQ as informative as
possible; if you have any suggestions as to how it may be improved,
please feel free to mail them to the &a.faq;.</para>
<qandaset>
<qandaentry>
<question id="what-is-FreeBSD">
<para>What is FreeBSD?</para>
</question>
<answer>
<para>Briefly, FreeBSD is a UN*X-like operating system for the
i386 and Alpha/AXP platforms based on U.C. Berkeley's
4.4BSD-Lite release, with some 4.4BSD-Lite2 enhancements.
It is also based indirectly on William Jolitz's port of U.C.
Berkeley's Net/2 to the i386, known as 386BSD, though very
little of the 386BSD code remains. A fuller description of
what FreeBSD is and how it can work for you may be found on
the <ulink URL="http://www.FreeBSD.org/">FreeBSD home
page</ulink>.</para>
<para>FreeBSD is used by companies, Internet Service Providers,
researchers, computer professionals, students and home users
all over the world in their work, education and recreation.
See some of them in the <ulink
URL="http://www.FreeBSD.org/gallery/gallery.html">FreeBSD
Gallery</ulink>.</para>
<para>For more detailed information on FreeBSD, please see the
<ulink URL="../handbook/index.html">FreeBSD
Handbook</ulink>.</para>
</answer>
</qandaentry>
<qandaentry>
<question id="FreeBSD-goals">
<para>What are the goals of FreeBSD?</para>
</question>
<answer>
<para>The goals of the FreeBSD Project are to provide software
that may be used for any purpose and without strings attached.
Many of us have a significant investment in the code (and
project) and would certainly not mind a little financial
compensation now and then, but we're definitely not prepared
to insist on it. We believe that our first and foremost
<quote>mission</quote> is to provide code to any and all
comers, and for whatever purpose, so that the code gets the
widest possible use and provides the widest possible benefit.
This is, we believe, one of the most fundamental goals of Free
Software and one that we enthusiastically support.</para>
<para>That code in our source tree which falls under the GNU
General Public License (GPL) or GNU Library General Public
License (LGPL) comes with slightly more strings attached,
though at least on the side of enforced access rather than the
usual opposite. Due to the additional complexities that can
evolve in the commercial use of GPL software, we do, however,
endeavor to replace such software with submissions under the
more relaxed BSD copyright whenever possible.</para>
</answer>
</qandaentry>
<qandaentry>
<question id="why-called-FreeBSD">
<para>Why is it called FreeBSD?</para>
</question>
<answer>
<itemizedlist>
<listitem>
<para>It may be used free of charge, even by commercial
users.</para>
</listitem>
<listitem>
<para>Full source for the operating system is freely
available, and the minimum possible restrictions have
been placed upon its use, distribution and incorporation
into other work (commercial or non-commercial).</para>
</listitem>
<listitem>
<para>Anyone who has an improvement and/or bug fix is free
to submit their code and have it added to the source tree
(subject to one or two obvious provisos).</para>
</listitem>
</itemizedlist>
<para>For those of our readers whose first language is not
English, it may be worth pointing out that the word
<quote>free</quote> is being used in two ways here, one meaning
<quote>at no cost</quote>, the other meaning <quote>you can do
whatever you like</quote>. Apart from one or two things you
<emphasis>cannot</emphasis> do with the FreeBSD code, for
example pretending you wrote it, you really can do whatever you
like with it.</para>
</answer>
</qandaentry>
<qandaentry>
<question id="latest-version">
<para>What is the latest version of FreeBSD?</para>
</question>
<answer>
<para>Version <ulink
URL="ftp://ftp.FreeBSD.org/pub/FreeBSD/releases/i386/4.3-RELEASE/">4.3</ulink>
is the latest <emphasis>STABLE</emphasis> version; it was
released in April, 2001. This is also the latest
<emphasis>RELEASE</emphasis> version.</para>
<para>Briefly explained, <emphasis>-STABLE</emphasis> is aimed
at the ISP or other corporate user who wants stability and a
low change count over the wizzy new features of the latest
<emphasis>-CURRENT</emphasis> snapshot. Releases can come
from either branch, but you should only use
<emphasis>-CURRENT</emphasis> if you're sure that you're
prepared for its increased volatility (relative to
<emphasis>-STABLE</emphasis>, that is).</para>
<para>Releases are only made <link linkend="release-freq">every
few months</link>. While many people stay more up-to-date with
the FreeBSD sources (see the questions on <link
linkend="current">FreeBSD-CURRENT</link> and <link
linkend="stable">FreeBSD-STABLE</link>) than that, doing so
is more of a commitment, as the sources are a moving
target.</para>
</answer>
</qandaentry>
<qandaentry>
<question id="current">
<para>What is FreeBSD-CURRENT?</para>
</question>
<answer>
<para><ulink
URL="../handbook/cutting-edge.html#CURRENT">FreeBSD-CURRENT</ulink>
is the development version of the operating system, which will
in due course become 5.0-RELEASE. As such, it is really only
of interest to developers working on the system and die-hard
hobbyists. See the <ulink
URL="../handbook/cutting-edge.html#CURRENT">relevant
section</ulink> in the <ulink
URL="../handbook/index.html">handbook</ulink> for details on
running -CURRENT.</para>
<para>If you are not familiar with the operating system or are
not capable of identifying the difference between a real
problem and a temporary problem, you should not use
FreeBSD-CURRENT. This branch sometimes evolves quite quickly
and can be un-buildable for a number of days at a time.
People that use FreeBSD-CURRENT are expected to be able to
analyze any problems and only report them if they are deemed
to be mistakes rather than <quote>glitches</quote>. Questions
such as <quote>make world produces some error about
groups</quote> on the -CURRENT mailing list are sometimes
treated with contempt.</para>
<para>Every day, <ulink
URL="http://www.FreeBSD.org/releases/snapshots.html">snapshot
</ulink> releases are made based on the current state of the
-CURRENT and -STABLE branches. Nowadays, distributions of the
occasional snapshot are now being made available. The goals
behind each snapshot release are:</para>
<itemizedlist>
<listitem>
<para>To test the latest version of the installation
software.</para>
</listitem>
<listitem>
<para>To give people who would like to run -CURRENT or
-STABLE but who don't have the time and/or bandwidth to
follow it on a day-to-day basis an easy way of
bootstrapping it onto their systems.</para>
</listitem>
<listitem>
<para>To preserve a fixed reference point for the code in
question, just in case we break something really badly
later. (Although CVS normally prevents anything horrible
like this happening :)</para>
</listitem>
<listitem>
<para>To ensure that any new features in need of testing
have the greatest possible number of potential
testers.</para>
</listitem>
</itemizedlist>
<para>No claims are made that any -CURRENT snapshot can be
considered <quote>production quality</quote> for any purpose.
If you want to run a stable and fully tested system, you will
have to stick to full releases, or use the -STABLE
snaphosts.</para>
<para>Snapshot releases are directly available from <ulink
URL="ftp://current.FreeBSD.org/pub/FreeBSD/">
ftp://current.FreeBSD.org/pub/FreeBSD/</ulink> for 5.0-CURRENT
and <ulink URL="ftp://releng4.FreeBSD.org/pub/FreeBSD">
releng4.FreeBSD.org</ulink> for 4-STABLE snapshots.
3-STABLE snapshots are not being produced at the time of
this writing (May 2000).</para>
<para>Snapshots are generated, on the average, once a day for
all actively developed branches.</para>
</answer>
</qandaentry>
<qandaentry>
<question id="stable">
<para>What is the FreeBSD-STABLE concept?</para>
</question>
<answer>
<para>Back when FreeBSD 2.0.5 was released, we decided to
branch FreeBSD development into two parts. One branch was
named <ulink URL="../handbook/stable.html">-STABLE</ulink>,
with the intention that only well-tested bug fixes and small
incremental enhancements would be made to it (for Internet
Service Providers and other commercial enterprises for whom
sudden shifts or experimental features are quite
undesirable). The other branch was <ulink
URL="../handbook/cutting-edge.html#CURRENT">-CURRENT</ulink>,
which essentially has been one unbroken line leading towards
5.0-RELEASE (and beyond) since 2.0 was released. If a little
ASCII art would help, this is how it looks:</para>
<programlisting> 2.0
|
|
| [2.1-STABLE]
*BRANCH* 2.0.5 -&gt; 2.1 -&gt; 2.1.5 -&gt; 2.1.6 -&gt; 2.1.7.1 [2.1-STABLE ends]
| (Mar 1997)
|
|
| [2.2-STABLE]
*BRANCH* 2.2.1 -&gt; 2.2.2-RELEASE -&gt; 2.2.5 -&gt; 2.2.6 -&gt; 2.2.7 -&gt; 2.2.8 [end]
| (Mar 1997) (Oct 97) (Apr 98) (Jul 98) (Dec 98)
|
|
3.0-SNAPs (started Q1 1997)
|
|
3.0-RELEASE (Oct 1998)
|
| [3.0-STABLE]
*BRANCH* 3.1-RELEASE (Feb 1999) -&gt; 3.2 -&gt; 3.3 -&gt; 3.4 -&gt; 3.5 -&gt; 3.5.1
| (May 1999) (Sep 1999) (Dec 1999) (June 2000) (July 2000)
|
| [4.0-STABLE]
*BRANCH* 4.0 (Mar 2000) -&gt; 4.1 -&gt; 4.1.1 -&gt; 4.2 -&gt; 4.3 -&gt; ... future 4.x releases ...
|
| (July 2000) (Sep 2000) (Nov 2000)
\|/
+
[5.0-CURRENT continues]</programlisting>
<para>The -CURRENT branch is slowly progressing towards 5.0 and
beyond, the previous 2.2-STABLE branch having been retired with
the release of 2.2.8. 3-STABLE replaced it, with 3.5.1 (the
final 3.X release) being released in July 2000. In May 2000
(even though 3.5 came after that), the 3-STABLE branch was more
or less replaced by the 4-STABLE branch. 4.3-RELEASE was
released in April 2001. 4-STABLE is the actively developed
-STABLE branch, although some bugfixes (mostly
security-related) are still being committed to 3-STABLE. It is
expected that the 3.X branch will be officially obsoleted some
time in summer 2000. 5.0-CURRENT is now the <quote>current
branch</quote>, with the no release date planed.</para>
</answer>
</qandaentry>
<qandaentry>
<question id="release-freq">
<para>When are FreeBSD releases made?</para>
</question>
<answer>
<para>As a general principle, the FreeBSD core team only release
a new version of FreeBSD when they believe that there are
sufficient new features and/or bug fixes to justify one, and
are satisfied that the changes made have settled down
sufficiently to avoid compromising the stability of the
release. Many users regard this caution as one of the best
things about FreeBSD, although it can be a little frustrating
when waiting for all the latest goodies to become
available...</para>
<para>Releases are made about every 4 months on average.</para>
<para>For people needing (or wanting) a little more excitement,
binary snapshots are made every day... see above.</para>
</answer>
</qandaentry>
<qandaentry>
<question id="available-platforms">
<para>Is FreeBSD only available for PCs?</para>
</question>
<answer>
<para>Since 3.x, FreeBSD has run on the <ulink
URL="http://www.FreeBSD.org/alpha/alpha.html">DEC Alpha</ulink>
as well as the x86 architecture. Some interest has also been
expressed in a SPARC, PowerPC and IA64 ports.</para>
<para>If your machine has a different architecture and you need
something right now, we suggest you look at <ulink
URL="http://www.netbsd.org/">NetBSD</ulink> or <ulink
URL="http://www.openbsd.org/">OpenBSD</ulink>.</para>
</answer>
</qandaentry>
<qandaentry>
<question id="responsible">
<para>Who is responsible for FreeBSD?</para>
</question>
<answer>
<para>The key decisions concerning the FreeBSD project, such as
the overall direction of the project and who is allowed to add
code to the source tree, are made by a <ulink
URL="../handbook/staff.html#STAFF-CORE">core team</ulink> of
9 people. There is a much larger team of more than 200 <ulink
URL="../handbook/staff-committers.html">committers</ulink> who
are authorized to make changes directly to the FreeBSD source
tree.</para>
<para>However, most non-trivial changes are discussed in advance
in the <link linkend="mailing">mailing lists</link>, and there
are no restrictions on who may take part in the
discussion.</para>
</answer>
</qandaentry>
<qandaentry>
<question id="where-get">
<para>Where can I get FreeBSD?</para>
</question>
<answer>
<para>Every significant release of FreeBSD is available via
anonymous ftp from the <ulink
URL="ftp://ftp.FreeBSD.org/pub/FreeBSD/">
FreeBSD FTP site</ulink>:</para>
<itemizedlist>
<listitem>
<para>For the current 3.X-STABLE release, 3.5.1-RELEASE, see
the <ulink
URL="ftp://ftp.FreeBSD.org/pub/FreeBSD/releases/i386/3.5.1-RELEASE/">3.5.1-RELEASE directory</ulink>.</para>
</listitem>
<listitem>
<para>The current 4-STABLE release, 4.3-RELEASE can be
found in the <ulink
URL="ftp://ftp.FreeBSD.org/pub/FreeBSD/releases/i386/4.3-RELEASE/">4.3-RELEASE directory</ulink>.</para>
</listitem>
<listitem>
<para><ulink
URL="ftp://releng4.FreeBSD.org/pub/FreeBSD/">4.X
snapshots</ulink> are usually made once a day.</para>
</listitem>
<listitem>
<para><ulink
URL="ftp://current.FreeBSD.org/pub/FreeBSD/">
5.0 Snapshot</ulink> releases are made once a day for the
<link linkend="current">-CURRENT</link> branch, these being
of service purely to bleeding-edge testers and
developers.</para>
</listitem>
</itemizedlist>
<para>FreeBSD is also available via CDROM, from the following
place(s):</para>
<address>BSDi
<street>4041 Pike Lane, Suite F</street>
<city>Concord</city>, <state>CA</state>
<postcode>94520</postcode>
<country>USA</country>
<phone>Orders: +1 800 786-9907</phone>
<phone>Questions: +1 925 674-0783</phone>
<fax>FAX: +1 925 674-0821</fax>
<otheraddr>email: <ulink URL="mailto:orders@osd.bsdi.com">BSDi Orders address</ulink></otheraddr>
<otheraddr>WWW: <ulink URL="http://www.osd.bsdi.com/">BSDi Home page</ulink></otheraddr></address>
<para>In Australia, you may find it at:</para>
<address>Advanced Multimedia Distributors
<street>Factory 1/1 Ovata Drive</street>
<city>Tullamarine, Melbourne</city>
<state>Victoria</state>
<country>Australia</country>
<phone>Voice: +61 3 9338 6777</phone>
<otheraddr>CDROM Support BBS</otheraddr>
<street>17 Irvine St</street>
<city>Peppermint Grove</city>, <state>WA</state>
<postcode>6011</postcode>
<phone>Voice: +61 9 385-3793</phone>
<fax>Fax: +61 9 385-2360</fax></address>
<para>And in the UK:</para>
<address>The Public Domain &amp; Shareware Library
<street>Winscombe House, Beacon Rd</street>
<city>Crowborough</city>
<state>Sussex. TN6 1UL</state>
<phone>Voice: +44 1892 663-298</phone>
<fax>Fax: +44 1892 667-473</fax></address>
</answer>
</qandaentry>
<qandaentry>
<question id="mailing">
<para>Where do I find info on the FreeBSD mailing lists?</para>
</question>
<answer>
<para>You can find full information in the <ulink
URL="../handbook/eresources.html#ERESOURCES-MAIL">Handbook
entry on mailing-lists.</ulink></para>
</answer>
</qandaentry>
<qandaentry>
<question id="y2k">
<para>Where do I find the FreeBSD Y2K info?</para>
</question>
<answer>
<para>You can find full information in the <ulink
URL="http://www.FreeBSD.org/y2kbug.html">FreeBSD Y2K
page.</ulink></para>
</answer>
</qandaentry>
<qandaentry>
<question id="newsgroups">
<para>What FreeBSD news groups are available?</para>
</question>
<answer>
<para>You can find full information in the <ulink
URL="../handbook/eresources-news.html">Handbook entry on
newsgroups.</ulink></para>
</answer>
</qandaentry>
<qandaentry>
<question id="irc">
<para>Are there FreeBSD IRC (Internet Relay Chat)
channels?</para>
</question>
<answer>
<para>Yes, most major IRC networks host a FreeBSD chat
channel:</para>
<itemizedlist>
<listitem>
<para>Channel <literal>#FreeBSD</literal> on
EFNet is a FreeBSD forum, but don't go there for tech
support or to try and get folks there to help you avoid
the pain of reading man pages or doing your own research.
It is a chat channel, first and foremost, and topics there
are just as likely to involve sex, sports or nuclear
weapons as they are FreeBSD. You Have Been Warned!
Available at server <hostid>irc.chat.org</hostid>.</para>
</listitem>
<listitem>
<para>Channel <emphasis>#FreeBSDhelp</emphasis> on
EFNet is a channel dedicated to helping FreeBSD users. They
are much more sympathetic to questions then
<emphasis>#FreeBSD</emphasis> is.</para>
</listitem>
<listitem>
<para>Channel <literal>#FreeBSD</literal> on
DALNET is available at <hostid>irc.dal.net</hostid> in the
US and <hostid>irc.eu.dal.net</hostid> in Europe.</para>
</listitem>
<listitem>
<para>Channel <literal>#FreeBSD</literal> on
UNDERNET is available at <hostid>us.undernet.org</hostid>
in the US and <hostid>eu.undernet.org</hostid> in Europe.
Since it is a help channel, be prepared to read the
documents you are referred to.</para>
</listitem>
<listitem>
<para>Channel <literal>#FreeBSD</literal> on <ulink
url="http://www.hybnet.net/">HybNet</ulink>. This channel
<emphasis>is</emphasis> a help channel. A list of servers
can be found on the <ulink
url="http://www.hybnet.net/">HybNet web site</ulink>.</para>
</listitem>
</itemizedlist>
<para>Each of these channels are distinct and are not connected
to each other. Their chat styles also differ, so you may need
to try each to find one suited to your chat style. As with
*all* types of IRC traffic, if you're easily offended or can't
deal with lots of young people (and more than a few older
ones) doing the verbal equivalent of jello wrestling, don't
even bother with it.</para>
</answer>
</qandaentry>
<qandaentry>
<question id="books">
<para>Books on FreeBSD</para>
</question>
<answer>
<para>There is a FreeBSD Documentation Project which you may
contact (or even better, join) at the
<literal>freebsd-doc</literal> mailing list:
<email>freebsd-doc@FreeBSD.org</email>.
This list is for discussion of the FreeBSD documentation. For
actual questions about FreeBSD, there is the
<literal>freebsd-questions</literal> mailing list:
<email>freebsd-questions@FreeBSD.org</email>.</para>
<para>A FreeBSD <quote>handbook</quote> is available, and can be
found as: <ulink URL="../handbook/index.html">the FreeBSD
Handbook</ulink>. Note that this is a work in progress; some
parts may be incomplete or out-of-date.</para>
<para>The definitive printed guide on FreeBSD is <quote>The
Complete FreeBSD</quote>, written by Greg Lehey and published
by BSDi (formerly Walnut Creek CDROM) Books. Now in its third
edition, the book contains 773 pages of install &amp; system
administration guidance, program setup help, and manual pages.
The book (and current FreeBSD release) can be ordered from
<ulink URL="http://www.osd.bsdi.com/">BSDi</ulink>, <ulink
URL="http://www.cheapbytes.com/">CheapBytes</ulink>, or at your
favorite bookstore. The ISBN is 1-57176-246-9 (this may not be
unique).</para>
<para>Since FreeBSD is based upon Berkeley
4.4BSD-Lite, most of the 4.4BSD manuals are applicable to
FreeBSD. O'Reilly and Associates publishes the following
manuals:</para>
<itemizedlist>
<listitem>
<para>4.4BSD System Manager's Manual
By Computer Systems Research Group, UC Berkeley
1st Edition June 1994, 804 pages
<ulink
URL="http://www.amazon.com/exec/obidos/ASIN/1-56592-080-5">ISBN</ulink>:
1-56592-080-5</para>
</listitem>
<listitem>
<para>4.4BSD User's Reference Manual
By Computer Systems Research Group, UC Berkeley
1st Edition June 1994, 905 pages
<ulink
URL="http://www.amazon.com/exec/obidos/ASIN/1-56592-075-9">ISBN</ulink>:
1-56592-075-9</para>
</listitem>
<listitem>
<para>4.4BSD User's Supplementary Documents
By Computer Systems Research Group, UC Berkeley
1st Edition July 1994, 712 pages
<ulink
URL="http://www.amazon.com/exec/obidos/ASIN/1-56592-076-7">ISBN</ulink>:
1-56592-076-7</para>
</listitem>
<listitem>
<para>4.4BSD Programmer's Reference Manual
By Computer Systems Research Group, UC Berkeley
1st Edition June 1994, 886 pages
<ulink
URL="http://www.amazon.com/exec/obidos/ASIN/1-56592-078-3">ISBN</ulink>:
1-56592-078-3</para>
</listitem>
<listitem>
<para>4.4BSD Programmer's Supplementary Documents
By Computer Systems Research Group, UC Berkeley
1st Edition July 1994, 596 pages
<ulink
URL="http://www.amazon.com/exec/obidos/ASIN/1-56592-079-1">ISBN</ulink>:
1-56592-079-1</para>
</listitem>
</itemizedlist>
<para>A description of these can be found via WWW as:
<ulink
URL="http://gnn.com/gnn/bus/ora/category/bsd.html">4.4BSD
books description</ulink>. Due to poor sales, however, these
manuals may be hard to get a hold of.</para>
<para>For a more in-depth look at the 4.4BSD kernel
organization, you can't go wrong with:</para>
<para>McKusick, Marshall Kirk, Keith Bostic, Michael J Karels,
and John Quarterman.</para>
<para><emphasis>The Design and Implementation of the 4.4BSD
Operating System</emphasis>. Reading, Mass. :
Addison-Wesley, 1996.
<ulink
URL="http://www.amazon.com/exec/obidos/ASIN/0-201-54979-4">ISBN</ulink>
0-201-54979-4</para>
<para>A good book on system administration is:</para>
<para>Evi Nemeth, Garth Snyder, Scott Seebass &amp; Trent R.
Hein,
<quote>Unix System Administration Handbook</quote>, Prentice-Hall,
2000
<ulink
URL="http://www.amazon.com/exec/obidos/ASIN/0-13-151051-7">ISBN</ulink>:
0-13-0206016</para>
<para>
<note>
<para>Make sure you get the third edition, with a purple
cover, instead of the first edition.</para>
</note></para>
<para>This book covers the basics, as well as TCP/IP, DNS, NFS,
SLIP/PPP, sendmail, INN/NNTP, printing, etc. It's expensive
but worth it. The third edition covers Solaris, HP/UX, FreeBSD,
and Linux.</para>
</answer>
</qandaentry>
<qandaentry>
<question id="access-pr">
<para>How do I access your Problem Report database?</para>
</question>
<answer>
<para>The Problem Report database of all user change requests
may be queried (or submitted to) by using our web-based PR
<ulink
URL="http://www.FreeBSD.org/send-pr.html">submission</ulink>
and <ulink
URL="http://www.FreeBSD.org/cgi/query-pr-summary.cgi?query">
query</ulink>
interfaces. The <command>send-pr(1)</command> command can
also be used to submit problem reports and change requests via
electronic mail.</para>
</answer>
</qandaentry>
<qandaentry>
<question id="doc-formats">
<para>Is the documentation available in other formats, such as plain
text (ASCII), or Postscript?</para>
</question>
<answer>
<para>Yes. The documentation is available in a number of different
formats and compression schemes on the FreeBSD FTP site, in the
<ulink
URL="ftp://ftp.FreeBSD.org/pub/FreeBSD/doc/">/pub/FreeBSD/doc/</ulink> directory.</para>
<para>The documentation is categorised in a number of different
ways. These include:</para>
<itemizedlist>
<listitem>
<para>The document's name, such as <literal>faq</literal>, or
<literal>handbook</literal>.</para>
</listitem>
<listitem>
<para>The document's language and encoding. These are based on
the locale names you will find under
<filename>/usr/share/locale</filename> on your FreeBSD
system. The current languages and encodings that we have for
documentation are as follows:</para>
<informaltable frame="none">
<tgroup cols="2">
<thead>
<row>
<entry>Name</entry>
<entry>Meaning</entry>
</row>
</thead>
<tbody>
<row>
<entry><literal>en_US.ISO_8859-1</literal></entry>
<entry>US English</entry>
</row>
<row>
<entry><literal>de_DE.ISO_8859-1</literal></entry>
<entry>German</entry>
</row>
<row>
<entry><literal>es_ES.ISO_8859-1</literal></entry>
<entry>Spanish</entry>
</row>
<row>
<entry><literal>fr_FR.ISO_8859-1</literal></entry>
<entry>French</entry>
</row>
<row>
<entry><literal>ja_JP.eucJP</literal></entry>
<entry>Japanese (EUC encoding)</entry>
</row>
<row>
<entry><literal>ru_RU.KOI8-R</literal></entry>
<entry>Russian (KOI8-R encoding)</entry>
</row>
<row>
<entry><literal>zh_TW.Big5</literal></entry>
<entry>Chinese (Big5 encoding)</entry>
</row>
</tbody>
</tgroup>
</informaltable>
<note>
<para>Some documents may not be available in all
languages.</para>
</note>
</listitem>
<listitem>
<para>The document's format. We produce the documentation in a
number of different output formats to try and make it as
flexible as possible. The current formats are;</para>
<informaltable frame="none">
<tgroup cols="2">
<thead>
<row>
<entry>Format</entry>
<entry>Meaning</entry>
</row>
</thead>
<tbody>
<row>
<entry><literal>html-split</literal></entry>
<entry>A collection of small, linked, HTML
files.</entry>
</row>
<row>
<entry><literal>html</literal></entry>
<entry>One large HTML file containing the entire
document</entry>
</row>
<row>
<entry><literal>pdb</literal></entry>
<entry>Palm Pilot database format, for use with the
<ulink URL="http://www.iSilo.com/">iSilo</ulink>
reader.</entry>
</row>
<row>
<entry><literal>pdf</literal></entry>
<entry>Adobe's Portable Document Format</entry>
</row>
<row>
<entry><literal>ps</literal></entry>
<entry>Postscript</entry>
</row>
<row>
<entry><literal>rtf</literal></entry>
<entry>Microsoft's Rich Text Format<footnote>
<para>Page numbers are not automatically updated
when loading this format in to Word. Press
<keycap>CTRL</keycap>+<keycap>A</keycap>,
<keycap>CTRL</keycap>+<keycap>END</keycap>,
<keycap>F9</keycap> after loading the document, to
update the page numbers.</para>
</footnote>
</entry>
</row>
<row>
<entry><literal>txt</literal></entry>
<entry>Plain text</entry>
</row>
</tbody>
</tgroup>
</informaltable>
</listitem>
<listitem>
<para>The compression and packaging scheme. There are three of
these currently in use.</para>
<orderedlist>
<listitem>
<para>Where the format is <literal>html-split</literal>, the
files are bundled up using &man.tar.1;. The resulting
<filename>.tar</filename> file is then compressed using
the compression schemes detailed in the next point.</para>
</listitem>
<listitem>
<para>All the other formats generate one file, called
<filename>book.<replaceable>format</replaceable></filename>
(i.e., <filename>book.pdb</filename>,
<filename>book.html</filename>, and so on).</para>
<para>These files are then compressed using three
compression schemes.</para>
<informaltable frame="none">
<tgroup cols="2">
<thead>
<row>
<entry>Scheme</entry>
<entry>Description</entry>
</row>
</thead>
<tbody>
<row>
<entry><literal>zip</literal></entry>
<entry>The Zip format. If you want to uncompress
this on FreeBSD you will need to install the
<filename>archivers/unzip</filename> port
first.</entry>
</row>
<row>
<entry><literal>gz</literal></entry>
<entry>The GNU Zip format. Use &man.gunzip.1; to
uncompress these files, which is part of
FreeBSD.</entry>
</row>
<row>
<entry><literal>bz2</literal></entry>
<entry>The BZip2 format. Less widespread than the
others, but generally gives smaller files.
Install the <filename>archivers/bzip2</filename>
port to uncompress these files.</entry>
</row>
</tbody>
</tgroup>
</informaltable>
<para>So the Postscript version of the Handbook, compressed
using BZip2 will be stored in a file called
<filename>book.sgml.bz2</filename> in the
<filename>handbook/</filename> directory.</para>
</listitem>
<listitem>
<para>The formatted documentation is also available as a
FreeBSD package, of which more later.</para>
</listitem>
</orderedlist>
</listitem>
</itemizedlist>
<para>After choosing the format and compression mechanism that you
want to download, you must then decide whether or not you want to
download the document as a FreeBSD
<emphasis>package</emphasis>.</para>
<para>The advantage of downloading and installing the package is
that the documentation can then be managed using the normal
FreeBSD package management comments, such as &man.pkg.add.1; and
&man.pkg.delete.1;.</para>
<para>If you decide to download and install the package then you
must know the filename to download. The documentation-as-packages
files are stored in a directory called
<filename>packages</filename>. Each package file looks like
<filename><replaceable>document-name</replaceable>.<replaceable>lang</replaceable>.<replaceable>encoding</replaceable>.<replaceable>format</replaceable>.tgz</filename>.</para>
<para>For example, the FAQ, in English, formatted as PDF, is in the
package called
<filename>faq.en_US.ISO_8859-1.pdf.tgz</filename>.</para>
<para>Knowing this, you can use the following command to install the
English PDF FAQ package.</para>
<screen>&prompt.root; <userinput>pkg_add ftp://ftp.FreeBSD.org/pub/FreeBSD/doc/packages/faq.en_US.ISO_8859-1.pdf.tgz</userinput></screen>
<para>Having done that, you can use &man.pkg.info.1; to determine
where the file has been installed.</para>
<screen>&prompt.root; <userinput>pkg_info -f faq.en_US.ISO_8859-1.pdf</userinput>
Information for faq.en_US.ISO_8859-1.pdf:
Packing list:
Package name: faq.en_US.ISO_8859-1.pdf
CWD to /usr/share/doc/en_US.ISO_8859-1/books/faq
File: book.pdf
CWD to .
File: +COMMENT (ignored)
File: +DESC (ignored)</screen>
<para>As you can see, <filename>book.pdf</filename> will have been
installed in to
<filename>/usr/share/doc/en_US.ISO_8859-1/books/faq</filename>.
</para>
<para>If you do not want to use the packages then you will have to
download the compressed files yourself, uncompress them, and then
copy the appropriate documents in to place.</para>
<para>For example, the split HTML version of the FAQ, compressed
using &man.gzip.1;, can be found in the
<filename>en_US.ISO_8859-1/books/faq/book.html-split.tar.gz</filename>
file. To download and uncompress that file you would have to do
this.</para>
<screen>&prompt.root; <userinput>fetch ftp://ftp.freebsd.org/pub/FreeBSD/doc/en_US.ISO_8859-1/books/faq/book.html-split.tar.gz</userinput>
&prompt.root; <userinput>gzip -d book.html-split.tar.gz</userinput>
&prompt.root; <userinput>tar xvf book.html-split.tar</userinput></screen>
<para>You will be left with a collection of
<filename>.html</filename> files. The main one is called
<filename>index.html</filename>, which will contain the table of
contents, introductory material, and links to the other parts of
the document. You can then copy or move these to their final
location as necessary.</para>
</answer>
</qandaentry>
<qandaentry>
<question id="become-web-mirror">
<para>I'd like to become a FreeBSD Web mirror!</para>
</question>
<answer>
<para>Certainly! There are multiple ways to mirror the Web
pages.</para>
<itemizedlist>
<listitem>
<para>Using <application>CVSup</application>:
You can retrieve the formatted files
using <application>CVSup</application>, and connecting to
a <application>CVSup</application> server.</para>
<para>To retrieve the webpages, please look at the example
supfile, which can be found in
<filename>/usr/share/examples/cvsup/www-supfile</filename>.
</para>
</listitem>
<listitem>
<para>Using ftp mirror: You can download the FTP server's
copy of the web site sources using your favorite ftp mirror
tool. Keep in mind that you have to build these sources before
publishing them. Simply start at
ftp://ftp.FreeBSD.org/pub/FreeBSD/FreeBSD-current/www.</para>
</listitem>
</itemizedlist>
</answer>
</qandaentry>
<qandaentry>
<question id="translation">
<para>I'd like to translate the documentation into
Friesian.</para>
</question>
<answer>
<para>Well, we can't pay, but we might arrange a free CD or
T-shirt and a Contributor's Handbook entry if you submit a
translation of the documentation. Before you begin translating
please contact the <emphasis>freebsd-doc</emphasis> mailing
list at <email>freebsd-doc@FreeBSD.org</email>; you may find
somebody to help with the translation effort. You may also find
out there is already a team translating the docs into your
chosen language, who surely wouldn't turn down your help.
</para>
</answer>
</qandaentry>
<qandaentry>
<question id="other-info-sources">
<para>Other sources of information.</para>
</question>
<answer>
<para>The following newsgroups contain pertinent discussion for
FreeBSD users:</para>
<itemizedlist>
<listitem>
<para><ulink
URL="news:comp.unix.bsd.freebsd.announce">comp.unix.bsd.freebsd.announce</ulink>
(moderated)</para>
</listitem>
<listitem>
<para><ulink
URL="news:comp.unix.bsd.freebsd.misc">comp.unix.bsd.freebsd.misc</ulink></para>
</listitem>
<listitem>
<para><ulink
URL="news:comp.unix.bsd.misc">comp.unix.bsd.misc</ulink></para>
</listitem>
</itemizedlist>
<para>Web resources:</para>
<itemizedlist>
<listitem>
<para>The <ulink
URL="http://www.FreeBSD.org/">FreeBSD Home Page</ulink>.</para>
</listitem>
<listitem>
<para><anchor id="pao">If you have a laptop, be sure and see
<ulink URL="http://www.jp.FreeBSD.org/PAO/">Tatsumi
Hosokawa's Mobile Computing page</ulink> in Japan.</para>
</listitem>
<listitem>
<para><anchor id="smp">For information on SMP (Symmetric
MultiProcessing), please see the <ulink
URL="http://people.FreeBSD.org/~fsmp/SMP/SMP.html">SMP support page</ulink>.</para>
</listitem>
<listitem>
<para><anchor id="multimedia">For information on FreeBSD
multimedia applications, please see the <ulink
URL="http://people.FreeBSD.org/~faulkner/multimedia/mm.html">multimedia</ulink>
page. If you're interested specifically in the <ulink
URL="http://people.FreeBSD.org/~ahasty/Bt848.html">Bt848</ulink>
video capture chip, then follow that link.</para>
</listitem>
</itemizedlist>
<para>The FreeBSD handbook also has a fairly complete <ulink
URL="../handbook/bibliography.html">bibliography</ulink>
section which is worth reading if you're looking for actual
books to buy.</para>
</answer>
</qandaentry>
</qandaset>
</preface>
<chapter
id="install">
<title>Installation</title>
<qandaset>
<qandaentry>
<question id="floppy-download">
<para>Which file do I download to get FreeBSD?</para>
</question>
<answer>
<para>Prior to release 3.1, you only needed one floppy image to
install FreeBSD, namely <filename>floppies/boot.flp</filename>.
However, since release 3.1 the Project has added base support
for a wide variety of hardware which needed more space, and
thus for 3.x and 4.x we now use two floppy images, namely
<filename>floppies/kernel.flp</filename> and
<filename>floppies/mfsroot.flp</filename>. These images need to
be copied onto floppies by tools like
<command>fdimage</command> or &man.dd.1;.</para>
<para>If you need to download the distributions yourself (for a
DOS filesystem install, for instance), below are some
recommendations for distributions to grab:</para>
<itemizedlist>
<listitem>
<para>bin/</para>
</listitem>
<listitem>
<para>manpages/</para>
</listitem>
<listitem>
<para>compat*/</para>
</listitem>
<listitem>
<para>doc/</para>
</listitem>
<listitem>
<para>src/ssys.*</para>
</listitem>
</itemizedlist>
<para>Full instructions on this procedure and a little bit more
about installation issues in general can be found in the
<ulink URL="../handbook/install.html">Handbook entry on
installing FreeBSD.</ulink></para>
</answer>
</qandaentry>
<qandaentry>
<question id="floppy-image-too-large">
<para>Help! The boot floppy image will not fit on a single
floppy!</para>
</question>
<answer>
<para>A 3.5 inch (1.44MB) floppy can accomodate 1474560 bytes
of data. The boot image is exactly 1474560 bytes in size.</para>
<para>Common mistakes when preparing the boot floppy are:</para>
<itemizedlist>
<listitem>
<para>Not downloading the floppy image in
<emphasis>binary</emphasis> mode when using
<acronym>FTP</acronym>.</para>
<para>Some FTP clients default their transfer mode to
<emphasis>ascii</emphasis> and attempt to change any
end-of-line characters received to match the conventions
used by the client's system. This will almost invariably
corrupt the boot image. Check the size of the downloaded
boot image: if it is not <emphasis>exactly</emphasis> that
on the server, then the download process is suspect.</para>
<para>To workaround: type <emphasis>binary</emphasis> at the
FTP command prompt after getting connected to the server
and before starting the download of the image.</para>
</listitem>
<listitem>
<para>Using the DOS <command>copy</command> command (or
equivalent GUI tool) to transfer the boot image to
floppy.</para>
<para>Programs like <command>copy</command> will not work as
the boot image has been created to be booted into directly.
The image has the complete content of the floppy, track for
track, and is not meant to be placed on the floppy as a
regular file. You have to transfer it to the floppy
<quote>raw</quote>, using the low-level tools (e.g.
<command>fdimage</command> or <command>rawrite</command>)
described in the <ulink
URL="../handbook/install.html">installation guide to
FreeBSD</ulink>.</para>
</listitem>
</itemizedlist>
</answer>
</qandaentry>
<qandaentry>
<question id="install-instructions-location">
<para>Where are the instructions for installing FreeBSD?</para>
</question>
<answer>
<para>Installation instructions can be found in the
<ulink URL="../handbook/install.html">Handbook entry on installing FreeBSD.</ulink></para>
</answer>
</qandaentry>
<qandaentry>
<question id="need-to-run">
<para>What do I need in order to run FreeBSD?</para>
</question>
<answer>
<para>You'll need a 386 or better PC, with 5 MB or more of RAM
and at least 60 MB of hard disk space. It can run with a low
end MDA graphics card but to run X11R6, a VGA or better video
card is needed.</para>
<para>See also the section on
<xref linkend="hardware" remap="Hardware compatibility"></para>
</answer>
</qandaentry>
<qandaentry>
<question id="four-meg-ram-install">
<para>I have only 4 MB of RAM. Can I install FreeBSD?</para>
</question>
<answer>
<para>FreeBSD 2.1.7 was the last version of FreeBSD that could
be installed on a 4MB system. Newer versions of FreeBSD, like
2.2, need at least 5MB to install on a new system.</para>
<para>All versions of FreeBSD, including 3.0, will
<emphasis>run</emphasis> in 4MB of RAM, they just can't run the
installation program in 4MB. You can add extra memory for the
install process, if you like, and then after the system is up
and running, go back to 4MB. Or you could always just swap your
disk into a system which has &gt;4MB, install onto it and then
swap it back.</para>
<para>There are also situations in which FreeBSD 2.1.7 will not
install in 4 MB. To be exact: it does not install with 640 kB
base + 3 MB extended memory. If your motherboard can remap some
of the <quote>lost</quote> memory out of the 640kB to 1MB
region, then you may still be able to get FreeBSD 2.1.7
up.</para>
<para>Try to go into your BIOS setup and look for a
<quote>remap</quote> option. Enable it. You may also have to
disable ROM shadowing.</para>
<para>It may be easier to get 4 more MB just for the install.
Build a custom kernel with only the options you need and then
get the 4MB out again.</para>
<para>You may also install 2.0.5 and then upgrade your system to
2.1.7 with the <quote>upgrade</quote> option of the 2.1.7
installation program.</para>
<para>After the installation, if you build a custom kernel, it
will run in 4 MB. Someone has even succeeded in booting with 2
MB (the system was almost unusable though :-))</para>
</answer>
</qandaentry>
<qandaentry>
<question id="custom-boot-floppy">
<para>How can I make my own custom install floppy?</para>
</question>
<answer>
<para>Currently there's no way to <emphasis>just</emphasis>
make a custom install floppy. You have to cut a whole new
release, which will include your install floppy.</para>
<para>To make a custom release, follow the instructions
<link linkend="custrel">here</link>.</para>
</answer>
</qandaentry>
<qandaentry>
<question id="multiboot">
<para>Can I have more than one operating system on my PC?</para>
</question>
<answer>
<para>Have a look at
<ulink URL="http://www.FreeBSD.org/tutorials/multi-os/">
The multi-OS page.</ulink></para>
</answer>
</qandaentry>
<qandaentry>
<question id="windows-coexist">
<para>Can Windows 95/98 co-exist with FreeBSD?</para>
</question>
<answer>
<para>Install Windows 95/98 first, after that FreeBSD.
FreeBSD's boot manager will then manage to boot Win95/98 and
FreeBSD. If you install Windows 95/98 second, it will boorishly
overwrite your boot manager without even asking. If that
happens, see the next section.</para>
</answer>
</qandaentry>
<qandaentry>
<question id="win95-damaged-boot-manager">
<para>Windows 95/98 killed my boot manager!
How do I get it back?</para>
</question>
<answer>
<para>You can reinstall the boot manager FreeBSD comes with in
one of three ways:</para>
<itemizedlist>
<listitem>
<para>Running DOS, go into the tools/ directory of your
FreeBSD distribution and look for
<filename>bootinst.exe</filename>. You run it like
so:</para>
<screen><prompt>...\TOOLS&gt;</prompt> <userinput>bootinst.exe boot.bin</userinput></screen>
<para>and the boot manager will be reinstalled.</para>
</listitem>
<listitem>
<para>Boot the FreeBSD boot floppy again and go to the
Custom installation menu item. Choose Partition. Select the
drive which used to contain your boot manager (likely the
first one) and when you come to the partition editor for
it, as the very first thing (e.g. do not make any changes)
select (W)rite. This will ask for confirmation, say yes,
and when you get the Boot Manager selection prompt, be
sure to select <literal>Boot Manager</literal>. This will
re-write the boot manager to disk. Now quit out of the
installation menu and reboot off the hard disk as
normal.</para>
</listitem>
<listitem>
<para>Boot the FreeBSD boot floppy (or CD-ROM) and choose the
<quote>Fixit</quote> menu item. Select either the Fixit
floppy or CD-ROM #2 (the <quote>live</quote> file system
option) as appropriate and enter the fixit shell. Then
execute the following command:</para>
<screen><prompt>Fixit#</prompt> <userinput>fdisk -B -b /boot/boot0 <replaceable>bootdevice</replaceable></userinput></screen>
<para>substituting <replaceable>bootdevice</replaceable> for
your real
boot device such as <devicename>ad0</devicename> (first IDE
disk), <devicename>ad4</devicename> (first IDE disk on
auxiliary controller), <devicename>da0</devicename> (first
SCSI disk), etc.</para>
</listitem>
</itemizedlist>
</answer>
</qandaentry>
<qandaentry>
<question id="boot-on-thinkpad">
<para>I have an IBM Thinkpad in the A, T, or X series that FreeBSD
installs on, but then the machine locks up on next boot. How can I
solve this?</para>
</question>
<answer>
<para>A bug in early revisions of IBM's BIOS on these machines
mistakenly identifies the FreeBSD partition as a potential FAT
suspend-to-disk partition. When the BIOS tries to parse the
FreeBSD partition it hangs.</para>
<para>According to IBM<footnote><para>In an e-mail from Keith
Frechette
<email>kfrechet@us.ibm.com</email>.</para></footnote>, the
following model/BIOS release numbers incorporate the fix.</para>
<informaltable frame="none">
<tgroup cols="2">
<thead>
<row>
<entry>Model</entry>
<entry>BIOS revision</entry>
</row>
</thead>
<tbody>
<row>
<entry>T20</entry>
<entry>IYET49WW or later</entry>
</row>
<row>
<entry>T21</entry>
<entry>KZET22WW or later</entry>
</row>
<row>
<entry>A20p</entry>
<entry>IVET62WW or later</entry>
</row>
<row>
<entry>A20m</entry>
<entry>IWET54WW or later</entry>
</row>
<row>
<entry>A21p</entry>
<entry>KYET27WW or later</entry>
</row>
<row>
<entry>A21m</entry>
<entry>KXET24WW or later</entry>
</row>
<row>
<entry>A21e</entry>
<entry>KUET30WW</entry>
</row>
</tbody>
</tgroup>
</informaltable>
<para>It has been reported that later IBM BIOS revisions may have
reintroduced the bug. <ulink
url="http://www.FreeBSD.org/cgi/getmsg.cgi?fetch=200565+208320+/usr/local/www/db/text/2001/freebsd-mobile/20010429.freebsd-mobile">This message</ulink>
from Jacques Vidrine to the <email>mobile@freebsd.org</email>
mailing list describes a procedure which may work if your newer
IBM laptop does not boot FreeBSD properly, and you can upgrade or
downgrade the BIOS..</para>
<para>If you have an earlier BIOS, and upgrading is not an option a
workaround is to install FreeBSD, change the partition ID FreeBSD
uses, and install new boot blocks that can handle the different
partition ID.</para>
<para>First, you'll need to restore the machine to a state where
it can get through its self-test screen. Doing this requires
powering up the machine without letting it find a FreeBSD
partition on its primary disk. One way is to remove the hard disk
and temporarily move it to an older ThinkPad (such as a ThinkPad
600) or a desktop PC with an appropriate conversion cable. Once
it's there, you can delete the FreeBSD partition and move the hard
disk back. The ThinkPad should now be in a bootable state
again.</para>
<para>With the machine functional again, you can use the workaround
procedure described here to get a working FreeBSD
installation.</para>
<procedure>
<step>
<para>Download <filename>boot1</filename> and
<filename>boot2</filename> from <ulink
url="http://people.freebsd.org/~bmah/ThinkPad/">http://people.freebsd.org/~bmah/ThinkPad/</ulink>.
Put these files somewhere you will be able to retrieve them
later.</para>
</step>
<step>
<para>Install FreeBSD as normal on to the ThinkPad.
<emphasis>Do not</emphasis> use <literal>Dangerously
Dedicated</literal> mode. <emphasis>Do not</emphasis>
reboot when the install has finished.</para>
</step>
<step>
<para>Either switch to the <quote>Emergency Holographic
Shell</quote> (<keycombo><keycap>ALT</keycap>
<keycap>F4</keycap></keycombo>) or start a
<quote>fixit</quote> shell.</para>
</step>
<step>
<para>Use &man.fdisk.8; to change the FreeBSD partition ID from
<literal>165</literal> to <literal>166</literal> (this is the
type used by OpenBSD).</para>
</step>
<step>
<para>Bring the <filename>boot1</filename> and
<filename>boot2</filename> files to the local
filesystem.</para>
</step>
<step>
<para>Use &man.disklabel.8; to write <filename>boot1</filename>
and <filename>boot2</filename> to your FreeBSD slice.</para>
<screen>&prompt.root; <userinput>disklabel -B -b boot1 -s boot2 ad0s<replaceable>n</replaceable></userinput></screen>
<para><replaceable>n</replaceable> is the number of the slice
where you installed FreeBSD.</para>
</step>
<step>
<para>Reboot. At the boot prompt you will be given the option
of booting <literal>OpenBSD</literal>. This will actually
boot FreeBSD.</para>
</step>
</procedure>
<para>Getting this to work in the case where you want to dual boot
OpenBSD and FreeBSD on the same laptop is left as an exercise for
the reader.</para>
</answer>
</qandaentry>
<qandaentry>
<question id="install-bad-blocks">
<para>Can I install on a disk with bad blocks?</para>
</question>
<answer>
<para>Prior to 3.0, FreeBSD included a utility known as
<command>bad144</command>, which automatically remapped bad
blocks. Because modern IDE drives perform this function
themselves, <command>bad144</command> has been removed from the
FreeBSD source tree. If you wish to install FreeBSD 3.0 or
later, we strongly suggest you purchase a newer disk drive. If
you do not wish to do this, you must run FreeBSD 2.x.</para>
<para>If you are seeing bad block errors with a modern IDE
drive, chances are the drive is going to die very soon (the
drive's internal remapping functions are no longer sufficient
to fix the bad blocks, which means the disk is heavily
corrupted); we suggest you by a new hard drive.</para>
<para>If you have a SCSI drive with bad blocks, see
<link linkend="awre">this answer</link>.</para>
</answer>
</qandaentry>
<qandaentry>
<question id="boot-floppy-strangeness">
<para>Strange things happen when I boot the install floppy!</para>
</question>
<answer>
<para>If you're seeing things like the machine grinding to a halt
or spontaneously rebooting when you try to boot the install
floppy, here are three questions to ask yourself:-</para>
<orderedlist>
<listitem>
<para>Did you use a new, freshly-formatted, error-free floppy
(preferably a brand-new one straight out of the box, as
opposed to the magazine coverdisk that's been lying under
the bed for the last three years)?</para>
</listitem>
<listitem>
<para>Did you download the floppy image in binary (or image)
mode? (don't be embarrassed, even the best of us have
accidentally downloaded a binary file in ASCII mode at
least once!)</para>
</listitem>
<listitem>
<para>If you're using Windows95 or Win98 did you run
<command>fdimage</command> or <command>rawrite</command> in
pure DOS mode? These OS's can interfere with programs that
write directly to hardware, which the disk creation program
does; even running it inside a DOS shell in the GUI can
cause this problem.</para>
</listitem>
</orderedlist>
<para>There have also been reports of Netscape causing problems
when downloading the boot floppy, so it's probably best to use
a different FTP client if you can.</para>
</answer>
</qandaentry>
<qandaentry>
<question id="no-install-cdrom">
<para>I booted from my ATAPI CD-ROM, but the install program says no
CD-ROM is found. Where did it go?</para>
</question>
<answer>
<para>The usual cause of this problem is a mis-configured CD-ROM
drive. Many PCs now ship with the CD-ROM as the slave device on
the secondary IDE controller, with no master device on that
controller. This is illegal according to the ATAPI specification,
but Windows plays fast and loose with the specification, and the
BIOS ignores it when booting. This is why the BIOS was able to
see the CD-ROM to boot from it, but why FreeBSD can not see it to
complete the install.</para>
<para>Reconfigure your system so that the CD-ROM is either the
master device on the IDE controller it is attached to, or make
sure that it is the slave on an IDE controller that also has a
master device.</para>
</answer>
</qandaentry>
<qandaentry>
<question id="cannot-install-tape">
<para>Help! I can't install from tape!</para>
</question>
<answer>
<para>If you are installing 2.1.7R from tape, you must create
the tape using a tar blocksize of 10 (5120 bytes). The default
tar blocksize is 20 (10240 bytes), and tapes created using this
default size cannot be used to install 2.1.7R; with these
tapes, you will get an error that complains about the record
size being too big.</para>
</answer>
</qandaentry>
<qandaentry>
<question id="parallel-connect">
<para>Connect two FreeBSD boxes over a parallel line (PLIP)</para>
</question>
<answer>
<para>Get a laplink cable. Make sure both computer have a kernel
with lpt driver support.</para>
<screen>&prompt.root; <userinput>dmesg | grep lp</userinput>
lpt0 at 0x378-0x37f irq 7 on isa
lpt0: Interrupt-driven
lp0: TCP/IP capable interface</screen>
<para>Plug in the laplink cable into the parallel interface.</para>
<para>Configure the network interface parameters for lp0 on both
sites as root. For example, if you want connect the host max
with moritz</para>
<programlisting> max &lt;-----&gt; moritz
IP Address 10.0.0.1 10.0.0.2</programlisting>
<para>on max start</para>
<screen>&prompt.root; <userinput>ifconfig lp0 10.0.0.1 10.0.0.2</userinput></screen>
<para>on moritz start</para>
<screen>&prompt.root; <userinput>ifconfig lp0 10.0.0.2 10.0.0.1</userinput></screen>
<para>Thats all! Please read also the manpages
&man.lp.4; and &man.lpt.4; .</para>
<para>You should also add the hosts to
<filename>/etc/hosts</filename>.</para>
<programlisting>127.0.0.1 localhost.my.domain localhost
10.0.0.1 max.my.domain max
10.0.0.2 moritz.my.domain</programlisting>
<para>To check if it works do:</para>
<para>on max:</para>
<screen>&prompt.root; <userinput>ifconfig lp</userinput>0
lp0: flags=8851&lt;UP,POINTOPOINT,RUNNING,SIMPLEX,MULTICAST&gt; mtu 1500
inet 10.0.0.1 --&gt; 10.0.0.2 netmask 0xff000000
&prompt.root; <userinput>netstat -r</userinput>
Routing tables
Internet:
Destination Gateway Flags Refs Use Netif Expire
moritz max UH 4 127592 lp0
&prompt.root; <userinput>ping -c 4 moritz</userinput>
PING moritz (10.0.0.2): 56 data bytes
64 bytes from 10.0.0.2: icmp_seq=0 ttl=255 time=2.774 ms
64 bytes from 10.0.0.2: icmp_seq=1 ttl=255 time=2.530 ms
64 bytes from 10.0.0.2: icmp_seq=2 ttl=255 time=2.556 ms
64 bytes from 10.0.0.2: icmp_seq=3 ttl=255 time=2.714 ms
--- moritz ping statistics ---
4 packets transmitted, 4 packets received, 0% packet loss
round-trip min/avg/max/stddev = 2.530/2.643/2.774/0.103 ms</screen>
</answer>
</qandaentry>
<qandaentry>
<question id="install-PLIP">
<para>Can I install on my laptop over PLIP (Parallel Line
IP)?</para>
</question>
<answer>
<para>Connect the two computers using a Laplink parallel cable
to use this feature:</para>
<table>
<title>Wiring a parallel cable for networking</title>
<tgroup cols="5">
<thead>
<row>
<entry>A-name</entry>
<entry>A-End</entry>
<entry>B-End</entry>
<entry>Descr.</entry>
<entry>Post/Bit</entry>
</row>
</thead>
<tbody>
<row>
<entry><literallayout>DATA0
-ERROR</literallayout></entry>
<entry><literallayout>2
15</literallayout></entry>
<entry><literallayout>15
2</literallayout></entry>
<entry>Data</entry>
<entry><literallayout>0/0x01
1/0x08</literallayout></entry>
</row>
<row>
<entry><literallayout>DATA1
+SLCT</literallayout></entry>
<entry><literallayout>3
13</literallayout></entry>
<entry><literallayout>13
3</literallayout></entry>
<entry>Data</entry>
<entry><literallayout>0/0x02
1/0x10</literallayout></entry>
</row>
<row>
<entry><literallayout>DATA2
+PE</literallayout></entry>
<entry><literallayout>4
12</literallayout></entry>
<entry><literallayout>12
4</literallayout></entry>
<entry>Data</entry>
<entry><literallayout>0/0x04
1/0x20</literallayout></entry>
</row>
<row>
<entry><literallayout>DATA3
-ACK</literallayout></entry>
<entry><literallayout>5
10</literallayout></entry>
<entry><literallayout>10
5</literallayout></entry>
<entry>Strobe</entry>
<entry><literallayout>0/0x08
1/0x40</literallayout></entry>
</row>
<row>
<entry><literallayout>DATA4
BUSY</literallayout></entry>
<entry><literallayout>6
11</literallayout></entry>
<entry><literallayout>11
6</literallayout></entry>
<entry>Data</entry>
<entry><literallayout>0/0x10
1/0x80</literallayout></entry>
</row>
<row>
<entry>GND</entry>
<entry>18-25</entry>
<entry>18-25</entry>
<entry>GND</entry>
<entry>-</entry>
</row>
</tbody>
</tgroup>
</table>
<para>See also <link linkend="pao">this note</link> on the
Mobile Computing page.</para>
</answer>
</qandaentry>
<qandaentry>
<question id="geometry">
<para>Which geometry should I use for a disk drive?</para>
</question>
<answer>
<para>
<note>
<para>By the <quote>geometry</quote> of a disk, we mean the
number of cylinders, heads and sectors/track on a disk - I'll
refer to this as C/H/S for convenience. This is how the PC's
BIOS works out which area on a disk to read/write from.</para>
</note>
</para>
<para>This seems to cause a lot of confusion for some reason.
First of all, the <emphasis>physical</emphasis> geometry of a
SCSI drive is totally irrelevant, as FreeBSD works in term of
disk blocks. In fact, there is no such thing as
<emphasis>the</emphasis> physical geometry, as the sector
density varies across the disk - what manufacturers claim is
the <emphasis>quote</emphasis> physical geometry is usually the
geometry that they've worked out results in the least wasted
space. For IDE disks, FreeBSD does work in terms of C/H/S, but
all modern drives will convert this into block references
internally as well.</para>
<para>All that matters is the <emphasis>logical</emphasis>
geometry - the answer that the BIOS gets when it asks
<quote>what is your geometry?</quote> and then uses to access
the disk. As FreeBSD uses the BIOS when booting, it's very
important to get this right. In particular, if you have more
than one operating system on a disk, they must all agree on the
geometry, otherwise you will have serious problems
booting!</para>
<para>For SCSI disks, the geometry to use depends on whether
extended translation support is turned on in your controller
(this is often referred to as <quote>support for DOS disks
&gt;1GB</quote> or something similar). If it's turned off, then
use <replaceable>N</replaceable> cylinders, 64 heads and 32
sectors/track, where <replaceable>N</replaceable> is the
capacity of the disk in MB. For example, a 2GB disk should
pretend to have 2048 cylinders, 64 heads and 32
sectors/track.</para>
<para>If it <emphasis>is</emphasis> turned on (it's often supplied
this way to get around certain limitations in MSDOS) and the
disk capacity is more than 1GB, use M cylinders, 63 sectors per
track (*not* 64), and 255 heads, where 'M' is the disk capacity
in MB divided by 7.844238 (!). So our example 2GB drive would
have 261 cylinders, 63 sectors per track and 255 heads.</para>
<para>If you are not sure about this, or FreeBSD fails to detect
the geometry correctly during installation, the simplest way
around this is usually to create a small DOS partition on the
disk. The correct geometry should then be detected (and you can
always remove the DOS partition in the partition editor if you
don't want to keep it, or leave it around for programming
network cards and the like).</para>
<para>Alternatively, there is a freely available utility
distributed with FreeBSD called <filename>pfdisk.exe</filename>
(located in the <filename>tools</filename> subdirectory on the
FreeBSD CDROM or on the various FreeBSD ftp sites) which can be
used to work out what geometry the other operating systems on
the disk are using. You can then enter this geometry in the
partition editor.</para>
</answer>
</qandaentry>
<qandaentry>
<question id="disk-divide-restrictions">
<para>Any restrictions on how I divide the disk up?</para>
</question>
<answer>
<para>Yes. You must make sure that your root partition is below
1024
cylinders so the BIOS can boot the kernel from it. (Note that
this is a limitation in the PC's BIOS, not FreeBSD).</para>
<para>For a SCSI drive, this will normally imply that the root
partition will be in the first 1024MB (or in the first 4096MB
if extended translation is turned on - see previous question).
For IDE, the corresponding figure is 504MB.</para>
</answer>
</qandaentry>
<qandaentry>
<question id="disk-manager">
<para>What about disk managers? Or, I have a large drive!</para>
</question>
<answer>
<para>FreeBSD recognizes the Ontrack Disk Manager and makes
allowances for it. Other disk managers are not supported.</para>
<para>If you just want to use the disk with FreeBSD you don't
need a disk manager. Just configure the disk for as much space
as the BIOS can deal with (usually 504 megabytes), and FreeBSD
should figure out how much space you really have. If you're
using an old disk with an MFM controller, you may need to
explicitly tell FreeBSD how many cylinders to use.</para>
<para>If you want to use the disk with FreeBSD and another
operating system, you may be able to do without a disk manager:
just make sure the the FreeBSD boot partition and the slice for
the other operating system are in the first 1024 cylinders. If
you're reasonably careful, a 20 megabyte boot partition should
be plenty.</para>
</answer>
</qandaentry>
<qandaentry>
<question id="missing-os">
<para>When I boot FreeBSD I get <literal>Missing Operating
System</literal></para>
</question>
<answer>
<para>This is classically a case of FreeBSD and DOS or some other
OS conflicting over their ideas of disk <link
linkend="geometry">geometry</link>. You will have to reinstall
FreeBSD, but obeying the instructions given above will almost
always get you going.</para>
</answer>
</qandaentry>
<qandaentry>
<question id="stop-at-boot-manager">
<para>I can't get past the boot manager's <literal>F?</literal>
prompt.</para>
</question>
<answer>
<para>This is another symptom of the problem described in the
preceding question. Your BIOS geometry and FreeBSD geometry
settings do not agree! If your controller or BIOS supports
cylinder translation (often marked as <literal>&gt;1GB drive
support</literal>), try toggling its setting and reinstalling
FreeBSD.</para>
</answer>
</qandaentry>
<qandaentry>
<question id="need-complete-sources">
<para>Do I need to install the complete sources?</para>
</question>
<answer>
<para>In general, no. However, we would strongly recommend that
you install, at a minimum, the <literal>base</literal> source
kit, which includes several of the files mentioned here, and
the <literal>sys</literal> (kernel) source kit, which includes
sources for the kernel. There is nothing in the system which
requires the presence of the sources to operate, however,
except for the kernel-configuration program &man.config.8;.
With the exception of the kernel sources, our build structure
is set up so that you can read-only mount the sources from
elsewhere via NFS and still be able to make new binaries.
(Because of the kernel-source restriction, we recommend that
you not mount this on <filename>/usr/src</filename> directly,
but rather in some other location with appropriate symbolic
links to duplicate the top-level structure of the source
tree.)</para>
<para>Having the sources on-line and knowing how to build a
system with them will make it much easier for you to upgrade
to future releases of FreeBSD.</para>
<para>To actually select a subset of the sources, use the Custom
menu item when you are in the Distributions menu of the
system installation tool.</para>
</answer>
</qandaentry>
<qandaentry>
<question id="need-kernel">
<para>Do I need to build a kernel?</para>
</question>
<answer>
<para>Building a new kernel was originally pretty much a required
step in a FreeBSD installation, but more recent releases have
benefited from the introduction of a much friendlier kernel
configuration tool. When at the FreeBSD boot prompt (boot:),
use the <option>-c</option> flag and you will be dropped into a
visual configuration screen which allows you to configure the
kernel's settings for most common ISA cards.</para>
<para>It's still recommended that you eventually build a new
kernel containing just the drivers that you need, just to save a
bit of RAM, but it's no longer a strict requirement for most
systems.</para>
</answer>
</qandaentry>
<qandaentry>
<question id="password-encryption">
<para>Should I use DES passwords, or MD5, and how do I specify
which form my users receive?</para>
</question>
<answer>
<para>The default password format on FreeBSD is to use
<emphasis>MD5</emphasis>-based passwords. These are believed to
be more secure than the traditional UNIX password format, which
used a scheme based on the <emphasis>DES</emphasis> algorithm.
DES passwords are still available if you need to share your
password file with legacy operating systems which still use the
less secure password format (they are available if you choose
to install the <quote>crypto</quote> distribution in
sysinstall, or by installing the crypto sources if building
from source). Which password format to use for new passwords is
controlled by the <quote>passwd_format</quote> login capability
in <filename>/etc/login.conf</filename>, which takes values of
either <quote>des</quote> (if available) or <quote>md5</quote>.
See the login.conf(5) manpage for more information about login
capabilities.</para>
</answer>
</qandaentry>
<qandaentry>
<question id="boot-floppy-hangs">
<para>The boot floppy starts but hangs at the
<literal>Probing Devices...</literal> screen.</para>
</question>
<answer>
<para>If you have a IDE Zip or Jaz drive installed, remove it
and try again. The boot floppy can get confused by the drives.
After the system is installed you can reconnect the drive.
Hopefully this will be fixed in a later release.</para>
</answer>
</qandaentry>
<qandaentry>
<question id="panic-on-install-reboot">
<para>I get a <literal>panic: cant mount root</literal>
error when rebooting the system after installation.</para>
</question>
<answer>
<para>This error comes from confusion between the boot block's
and the kernel's understanding of the disk devices. The error
usually manifests on two-disk IDE systems, with the hard disks
arranged as the master or single device on separate IDE
controllers, with FreeBSD installed on the secondary IDE
controller. The boot blocks think the system is installed on
wd1 (the second BIOS disk) while the kernel assigns the first
disk on the secondary controller device wd2. After the device
probing, the kernel tries to mount what the boot blocks think
is the boot disk, wd1, while it is really wd2, and
fails.</para>
<para>To fix the problem, do one of the following:</para>
<orderedlist>
<listitem>
<para>For FreeBSD 3.3 and later, reboot the system and hit
<literal>Enter</literal> at the <literal>Booting kernel
in 10 seconds; hit [Enter] to interrupt</literal> prompt.
This will drop you into the boot loader.</para>
<para>Then type
<literal>
set root_disk_unit="<replaceable>disk_number</replaceable>"
</literal>. <replaceable>disk_number</replaceable>
will be <literal>0</literal> if FreeBSD is installed on
the master drive on the first IDE controller,
<literal>1</literal> if it is installed on the slave on
the first IDE controller, <literal>2</literal> if it is
installed on the master of the second IDE controller, and
<emphasis>3</emphasis> if it is installed on the slave of
the second IDE controller.</para>
<para>Then type <literal>boot</literal>, and your system
should boot correctly.</para>
<para>To make this change permanent (ie so you don't have to
do this everytime you reboot or turn on your FreeBSD
machine), put the line <literal>
root_disk_unit="<replaceable>disk_number</replaceable>"
</literal> in <filename>/boot/loader.conf.local
</filename>.</para>
</listitem>
<listitem>
<para>If using FreeBSD 3.2 or earlier, at the Boot: prompt,
enter <literal>1:wd(2,a)kernel</literal> and press Enter.
If the system starts, then run the command
<command>echo "1:wd(2,a)kernel" &gt; /boot.config</command>
to make it the default boot string.</para>
</listitem>
<listitem>
<para>Move the FreeBSD disk onto the primary IDE controller,
so the hard disks are consecutive.</para>
</listitem>
<listitem>
<para><ulink URL="../handbook/kernelconfig.html">Rebuild
your kernel,</ulink> modify the wd configuration lines to
read:</para>
<programlisting>controller wdc0 at isa? port "IO_WD1" bio irq 14 vector wdintr
disk wd0 at wdc0 drive 0
# disk wd1 at wdc0 drive 1 # comment out this line
controller wdc1 at isa? port "IO_WD2" bio irq 15 vector wdintr
disk wd1 at wdc1 drive 0 # change from wd2 to wd1
disk wd2 at wdc1 drive 1 # change from wd3 to wd2</programlisting>
<para>Install the new kernel. If you moved your disks and
wish to restore the previous configuration, replace the
disks in the desired configuration and reboot. Your
system should boot successfully.</para>
</listitem>
</orderedlist>
</answer>
</qandaentry>
<qandaentry>
<question id="memory-limits">
<para>What are the limits for memory?</para>
</question>
<answer>
<para>For memory, the limit is 4 gigabytes. This configuration
has been tested, see <ulink
URL="ftp://ftp.cdrom.com/archive-info/configuration">wcarchive's
configuration</ulink> for more details. If you plan to install
this much memory into a machine, you need to be careful. You'll
probably want to use ECC memory and to reduce capacitive
loading use 9 chip memory modules vice 18 chip memory
modules.</para>
</answer>
</qandaentry>
<qandaentry>
<question id="ffs-limits">
<para>What are the limits for ffs filesystems?</para>
</question>
<answer>
<para>For ffs filesystems, the maximum theoretical limit is 8
terabytes (2G blocks), or 16TB for the default block size of
8K. In practice, there is a soft limit of 1 terabyte, but with
modifications filesystems with 4 terabytes are possible (and
exist).</para>
<para>The maximum size of a single ffs file is approximately 1G
blocks (4TB) if the block size is 4K.</para>
<table>
<title>Maximum file sizes</title>
<tgroup cols="5">
<thead>
<row>
<entry>fs block size</entry>
<entry>2.2.7-stable</entry>
<entry>3.0-current</entry>
<entry>works</entry>
<entry>should work</entry>
</row>
</thead>
<tbody>
<row>
<entry>4K</entry>
<entry>4T-1</entry>
<entry>4T-1</entry>
<entry>4T-1</entry>
<entry>4+t</entry>
</row>
<row>
<entry>8K</entry>
<entry>32+G</entry>
<entry>8T-1</entry>
<entry>32+G</entry>
<entry>32T-1</entry>
</row>
<row>
<entry>16K</entry>
<entry>128+G</entry>
<entry>16T-1</entry>
<entry>128+G</entry>
<entry>32T-1</entry>
</row>
<row>
<entry>32K</entry>
<entry>512+G</entry>
<entry>32T-1</entry>
<entry>512+G</entry>
<entry>64T-1</entry>
</row>
<row>
<entry>64K</entry>
<entry>2048+G</entry>
<entry>64T-1</entry>
<entry>2048+G</entry>
<entry>128T-1</entry>
</row>
</tbody>
</tgroup>
</table>
<para>When the fs block size is 4K, triple indirect blocks work
and everything should be limited by the maximum fs block number
that can be represented using triple indirect blocks (approx.
1K^3 + 1K^2 + 1K), but everything is limited by a (wrong) limit
of 1G-1 on fs block numbers. The limit on fs block numbers
should be 2G-1. There are some bugs for fs block numbers near
2G-1, but such block numbers are unreachable when the fs block
size is 4K.</para>
<para>For block sizes of 8K and larger, everything should be
limited by the 2G-1 limit on fs block numbers, but is actually
limited by the 1G-1 limit on fs block numbers, except under
-STABLE triple indirect blocks are unreachable, so the limit is
the maxiumum fs block number that can be represented using
double indirect blocks (approx. (blocksize/4)^2 +
(blocksize/4)), and under -CURRENT exceeding this limit may
cause problems. Using the correct limit of 2G-1 blocks does
cause problems.</para>
</answer>
</qandaentry>
<qandaentry>
<question id="tb-on-floppy">
<para>How can I put 1TB files on my floppy?</para>
</question>
<answer>
<para>I keep several virtual ones on floppies :-). The maxiumum
file size is not closely related to the maximum disk size. The
maximum disk size is 1TB. It is a feature that the file size
can be larger than the disk size.</para>
<para>The following example creates a file of size 8T-1 using a
whole 32K of disk space (3 indirect blocks and 1 data block) on
a small root partition. The dd command requires a dd that works
with large files.</para>
<screen>&prompt.user; <userinput>cat foo</userinput>
df .
dd if=/dev/zero of=z bs=1 seek=`echo 2^43 - 2 | bc` count=1
ls -l z
du z
df .
&prompt.user; <userinput>sh foo</userinput>
Filesystem 1024-blocks Used Avail Capacity Mounted on
/dev/da0a 64479 27702 31619 47% /
1+0 records in
1+0 records out
1 bytes transferred in 0.000187 secs (5346 bytes/sec)
-rw-r--r-- 1 bde bin 8796093022207 Sep 7 16:04 z
32 z
Filesystem 1024-blocks Used Avail Capacity Mounted on
/dev/da0a 64479 27734 31587 47% /</screen>
<para>Bruce Evans, September 1998</para>
</answer>
</qandaentry>
<qandaentry>
<question id="archsw-readin-failed-error">
<para>I compiled a new kernel and now I get the error message
<literal>archsw.readin.failed</literal> when booting.</para>
</question>
<answer>
<para>You can boot by specifying the kernel directly at the second
stage, pressing any key when the | shows up before loader is
started. More specifically, you have upgraded the source for
your kernel, and installed a new kernel builtin from them
<emphasis>without making world</emphasis>. This is not
supported. Make world.</para>
</answer>
</qandaentry>
<qandaentry>
<question id="upgrade-3x-4x">
<para>How do I upgrade from 3.X -&gt; 4.X?</para>
</question>
<answer>
<para>We <emphasis>strongly</emphasis> recommend that you use
binary snapshots to do this. 4-STABLE snapshots are available at
<ulink
URL="ftp://releng4.FreeBSD.org/">releng4.FreeBSD.org</ulink>.</para>
<para>If you wish to upgrade using source, please see the <ulink
URL="http://www.FreeBSD.org/handbook/cutting-edge.html">FreeBSD
Handbook</ulink> for more information.</para>
<caution>
<para>Upgrading via source is never recommended for new
users, and upgading from 3.X -> 4.X is even less so; make sure
you have read the instructions carefully before attempting to
upgrade via source.</para>
</caution>
</answer>
</qandaentry>
<qandaentry>
<question id="security-profiles">
<para>What are these <quote>security profiles</quote>?</para>
</question>
<answer>
<para>A <quote>security profile</quote> is a set of configuration
options that attempts to achieve the desired ratio of security
to convenience by enabling and disabling certain programs and
other settings. The more severe the security profile, the less
programs will be enabled by default; this is one of the basic
principles of security: do not run anything except what you
must.</para>
<para>Please note that the security profile is just a default
setting. All programs can be enabled and disabled after you've
installed FreeBSD by editing or adding the appropriate line(s)
to <filename>/etc/rc.conf</filename>. For more information on
the latter, please see the &man.rc.conf.5; manual page.</para>
<para>Following is a table that describes what each security
profile does. The columns are the choices you have for a
security profile, and the rows are the program or feature that
is enabled or disabled.</para>
<table>
<title>Possible security profiles</title>
<tgroup cols=5>
<thead>
<row>
<entry></entry>
<entry>Extreme</entry>
<entry>High</entry>
<entry>Moderate</entry>
<entry>Low</entry>
</row>
</thead>
<tbody>
<row>
<entry>&man.inetd.8;</entry>
<entry>NO</entry>
<entry>NO</entry>
<entry>YES</entry>
<entry>YES</entry>
</row>
<row>
<entry>&man.sendmail.8;</entry>
<entry>NO</entry>
<entry>YES</entry>
<entry>YES</entry>
<entry>YES</entry>
</row>
<row>
<entry>&man.sshd.8;</entry>
<entry>NO</entry>
<entry>YES</entry>
<entry>YES</entry>
<entry>YES</entry>
</row>
<row>
<entry>&man.portmap.8;</entry>
<entry>NO</entry>
<entry>NO</entry>
<entry>MAYBE <footnote>
<para>The portmapper is enabled if the machine has been
configured as an NFS client or server earlier in the
installation.</para>
</footnote>
</entry>
<entry>YES</entry>
</row>
<row>
<entry>NFS server</entry>
<entry>NO</entry>
<entry>NO</entry>
<entry>YES</entry>
<entry>YES</entry>
</row>
<row>
<entry>&man.securelevel.8;</entry>
<entry>YES (2) <footnote>
<para>If you choose a security profile that sets the
securelevel (Extreme or High), you must be aware of the
implications. Please read the &man.init.8; manual page
and pay particular attention to the meanings of the
security levels, or you may have significant trouble
later!</para>
</footnote>
</entry>
<entry>YES (1)</entry>
<entry>NO</entry>
<entry>NO</entry>
</row>
</tbody>
</tgroup>
</table>
<warning>
<para>The security profile is not a silver bullet! Setting
it high does not mean you don't have to keep up with security
issues by reading an appropriate <ulink
url="../handbook/eresources.html#ERESOURCES-MAIL">mailing
list</ulink>, using good passwords and passphrases, and
generally adhering to good security practices. It simply
sets up the desired security to convenience ration out of
the box.</para>
</warning>
<note>
<para>The security profile mechanism is meant to be used
when you first install FreeBSD. If you already have
FreeBSD installed, it would probably be more beneficial to
simply enable or disable the desired functionality. If
you really want to use a security profile, you can re-run
&man.sysinstall.8; to set it.</para>
</note>
</answer>
</qandaentry>
</qandaset>
</chapter>
<chapter
id="hardware">
<title>Hardware compatibility</title>
<qandaset>
<qandaentry>
<question id="supported-hard-drives">
<para>What kind of hard drives does FreeBSD support?</para>
</question>
<answer>
<para>FreeBSD supports EIDE and SCSI drives (with a compatible
controller; see the next section), and all drives using the
original <quote>Western Digital</quote> interface (MFM, RLL,
ESDI, and of course IDE). A few ESDI controllers that use
proprietary interfaces may not work: stick to WD1002/3/6/7
interfaces and clones.</para>
</answer>
</qandaentry>
<qandaentry>
<question id="supported-scsi-controllers">
<para>Which SCSI controllers are supported?</para>
</question>
<answer>
<para>See the complete list in the <ulink
URL="../handbook/install.html#INSTALL-HW">Handbook</ulink>.</para>
</answer>
</qandaentry>
<qandaentry>
<question id="supported-cdrom-drives">
<para>Which CD-ROM drives are supported by FreeBSD?</para>
</question>
<answer>
<para>Any SCSI drive connected to a supported controller is
supported.</para>
<para>The following proprietary CD-ROM interfaces are also
supported:</para>
<itemizedlist>
<listitem>
<para>Mitsumi LU002 (8bit), LU005 (16bit) and FX001D
(16bit 2x Speed).</para>
</listitem>
<listitem>
<para>Sony CDU 31/33A</para>
</listitem>
<listitem>
<para>Sound Blaster Non-SCSI CD-ROM</para>
</listitem>
<listitem>
<para>Matsushita/Panasonic CD-ROM</para>
</listitem>
<listitem>
<para>ATAPI compatible IDE CD-ROMs</para>
</listitem>
</itemizedlist>
<para>All non-SCSI cards are known to be extremely slow compared
to SCSI drives, and some ATAPI CDROMs may not work.</para>
<para>As of 2.2 the FreeBSD CDROM from BSDi supports
booting directly from the CD.</para>
</answer>
</qandaentry>
<qandaentry>
<question id="supported-cdrw-drives">
<para>Which CD-RW drives are supported by FreeBSD?</para>
</question>
<answer>
<para>FreeBSD supports any ATAPI-compatible IDE CD-R or CD-RW
drive. For FreeBSD versions 4.0 and later, see the man page for
&man.burncd.8;. For earlier FreeBSD versions, see the examples
in <filename>/usr/share/examples/atapi</filename>.</para>
<para>FreeBSD also supports any SCSI CD-R or CD-RW drives.
Install and use the <command>cdrecord</command> command from the
ports or packages system, and make sure that you have the
<devicename>pass</devicename> device compiled in your
kernel.</para>
</answer>
</qandaentry>
<qandaentry>
<question id="zip-support">
<para>Does FreeBSD support ZIP drives?</para>
</question>
<answer>
<para>FreeBSD supports the SCSI ZIP drive out of the box, of
course. The ZIP drive can only be set to run at SCSI target IDs
5 or 6, but if your SCSI host adapter's BIOS supports it you
can even boot from it. It is not clear which host
adapters support booting from targets other than 0 or 1,
so you will have to consult your adapter's documentation
if you'd like to use this feature.</para>
<para>ATAPI (IDE) Zip drives are supported in FreeBSD 2.2.6 and
later releases.</para>
<para>FreeBSD has contained support for Parallel Port Zip Drives
since version 3.0. If you are using a sufficiently up to date
version, then you should check that your kernel contains the
<devicename>scbus0</devicename>, <devicename>da0</devicename>,
<devicename>ppbus0</devicename>, and
<devicename>vp0</devicename> drivers (the GENERIC kernel
contains everything except <devicename>vp0</devicename>). With
all these drivers present, the Parallel Port drive should be
available as <filename>/dev/da0s4</filename>. Disks can be
mounted using <command>mount /dev/da0s4 /mnt</command> OR (for
dos disks) <command>mount_msdos /dev/da0s4 /mnt</command> as
appropriate.</para>
<para>Also check out <link linkend="jaz">this note on removable
drives</link>, and <link linkend="disklabel">this note on
<quote>formatting</quote></link>.</para>
</answer>
</qandaentry>
<qandaentry>
<question id="jaz-zip-removable-support">
<para>Does FreeBSD support JAZ, EZ and other removable
drives?</para>
</question>
<answer>
<para>Apart from the IDE version of the EZ drive, these are all
SCSI devices, so the should all look like SCSI disks to
FreeBSD, and the IDE EZ should look like an IDE drive.</para>
<para><anchor id="jaz">I'm not sure how well FreeBSD supports
changing the media out while running. You will of course need
to dismount the drive before swapping media, and make sure that
any external units are powered on when you boot the system so
FreeBSD can see them.</para>
<para>See <link linkend="disklabel">this note on
<quote>formatting</quote></link>.</para>
</answer>
</qandaentry>
<qandaentry>
<question id="multiport-serial-support">
<para>Which multi-port serial cards are supported by
FreeBSD?</para>
</question>
<answer>
<para>There is a list of these in the <ulink
URL="../handbook/install-hw.html#INSTALL-MISC">Miscellaneous
devices</ulink> section of the handbook.</para>
<para>Some unnamed clone cards have also been known to work,
especially those that claim to be AST compatible.</para>
<para>Check the &man.sio.4;
man page to get more information on configuring such cards.</para>
</answer>
</qandaentry>
<qandaentry>
<question id="usbkbd">
<para>I have a USB keyboard. Does FreeBSD support it?</para>
</question>
<answer>
<para>USB device support was added to FreeBSD 3.1. However, it
is still in preliminary state and may not always work as of
version 3.2. If you want to experiment with the USB keyboard
support, follow the procedure described below.</para>
<orderedlist>
<listitem>
<para>Use FreeBSD 3.2 or later.</para>
</listitem>
<listitem>
<para>Add the following lines to your kernel configuration
file, and rebuild the kernel.</para>
<programlisting>device uhci
device ohci
device usb
device ukbd
options KBD_INSTALL_CDEV</programlisting>
<para>In versions of FreeBSD before 4.0, use this
instead:</para>
<programlisting>controller uhci0
controller ohci0
controller usb0
controller ukbd0
options KBD_INSTALL_CDEV</programlisting>
</listitem>
<listitem>
<para>Go to the <filename>/dev</filename> directory and create
device nodes as follows:</para>
<screen>&prompt.root; <userinput>cd /dev</userinput>
&prompt.root; <userinput>./MAKEDEV kbd0 kbd1</userinput></screen>
</listitem>
<listitem>
<para>Edit <filename>/etc/rc.conf</filename> and add the
following lines:</para>
<programlisting>usbd_enable="YES"
usbd_flags=""</programlisting>
</listitem>
</orderedlist>
<para>After the system is rebooted, the AT keyboard becomes
<filename>/dev/kbd0</filename> and the USB keyboard becomes
<filename>/dev/kbd1</filename>, if both are connected to the
system. If there is the USB keyboard only, it will be
<filename>/dev/ukbd0</filename>.</para>
<para>If you want to use the USB keyboard in the console, you
have to explicitly tell the console driver to use the existence
of the USB keyboard. This can be done by running the following
command as a part of system initialization.</para>
<screen>&prompt.root; <userinput>kbdcontrol -k /dev/kbd1 &lt; /dev/ttyv0 &gt; /dev/null</userinput></screen>
<para>Note that if the USB keyboard is the only keyboard, it is
accessed as <filename>/dev/kbd0</filename>, thus, the command
should look like:</para>
<screen>&prompt.root; <userinput>kbdcontrol -k /dev/kbd0 &lt; /dev/ttyv0 &gt; /dev/null</userinput></screen>
<para><filename>/etc/rc.i386</filename> is a good place to add the
above command.</para>
<para>Once this is done, the USB keyboard should work in the X
environment as well without any special settings.</para>
<para>Hot-plugging and unplugging of the USB keyboard may not
work quite right yet. It is a good idea to connect the keyboard
before you start the system and leave it connected until the
system is shutdown to avoid troubles.</para>
<para>See the &man.ukbd.4; man page for more information.</para>
</answer>
</qandaentry>
<qandaentry>
<question id="busmouse">
<para>I have an unusual bus mouse. How do I set it up?</para>
</question>
<answer>
<para>FreeBSD supports the bus mouse and the InPort bus mouse
from such manufactures as Microsoft, Logitech and ATI. The bus
device driver is compiled in the GENERIC kernel by default in
FreeBSD versions 2.X, but not included in version 3.0 or later.
If you are building a custom kernel with the bus mouse driver,
make sure to add the following line to the kernel config
file</para>
<para>In FreeBSD 3.0 or before, add:</para>
<programlisting>device mse0 at isa? port 0x23c tty irq5 vector mseintr</programlisting>
<para>In FreeBSD 3.X, the line should be:</para>
<programlisting>device mse0 at isa? port 0x23c tty irq5</programlisting>
<para>And in FreeBSD 4.X and later, the line should read:</para>
<programlisting>device mse0 at isa? port 0x23c irq5</programlisting>
<para>Bus mice usually comes with dedicated interface cards.
These cards may allow you to set the port address and the IRQ
number other than shown above. Refer to the manual of your
mouse and the &man.mse.4; man page for more information.</para>
</answer>
</qandaentry>
<qandaentry>
<question id="ps2mouse">
<para>How do I use my PS/2 (<quote>mouse port</quote> or
<quote>keyboard</quote>) mouse?</para>
</question>
<answer>
<para>If you're running a post-2.2.5 version of FreeBSD, the
necessary driver, <devicename>psm</devicename>, is included and
enabled in the kernel. The kernel should detect your PS/2 mouse
at boot time.</para>
<para>If you're running a previous but relatively recent version
of FreeBSD (2.1.x or better) then you can simply enable it in
the kernel configuration menu at installation time, otherwise
later with <option>-c</option> at the <command>boot:</command>
prompt. It is disabled by default, so you will need to enable
it explicitly.</para>
<para>If you're running an older version of FreeBSD then you'll
have to add the following lines to your kernel configuration
file and compile a new kernel.</para>
<para>In FreeBSD 3.0 or earlier, the line should be:</para>
<programlisting>device psm0 at isa? port "IO_KBD" conflicts tty irq 12 vector psmintr</programlisting>
<para>In FreeBSD 3.1 or later, the line should be:</para>
<programlisting>device psm0 at isa? tty irq 12</programlisting>
<para>In FreeBSD 4.0 or later, the line should be:</para>
<programlisting>device psm0 at atkbdc? irq 12</programlisting>
<para>See the <ulink
URL="../handbook/kernelconfig.html">Handbook entry on
configuring the kernel</ulink> if you've no experience with
building kernels.</para>
<para>Once you have a kernel detecting
<devicename>psm0</devicename> correctly at boot time, make sure
that an entry for <devicename>psm0</devicename> exists in
<filename>/dev</filename>. You can do this by typing:</para>
<screen>&prompt.root; <userinput>cd /dev; sh MAKEDEV psm0</userinput></screen>
<para>when logged in as root.</para>
</answer>
</qandaentry>
<qandaentry>
<question id="moused">
<para>Is it possible to make use of a mouse in any way outside
the X Window?</para>
</question>
<answer>
<para>If you are using the default console driver, syscons, you
can use a mouse pointer in text consoles to cut &amp; paste
text. Run the mouse daemon, moused, and turn on the mouse
pointer in the virtual console:</para>
<screen>&prompt.root; <userinput>moused -p /dev/<replaceable>xxxx</replaceable> -t <replaceable>yyyy</replaceable></userinput>
&prompt.root; <userinput>vidcontrol -m on</userinput></screen>
<para>Where <replaceable>xxxx</replaceable> is the mouse device
name and <replaceable>yyyy</replaceable> is a protocol type for
the mouse. See the &man.moused.8; man page for supported
protocol types.</para>
<para>You may wish to run the mouse daemon automatically when the
system starts. In version 2.2.1, set the following variables in
<filename>/etc/sysconfig</filename>.</para>
<programlisting>mousedtype="yyyy"
mousedport="xxxx"
mousedflags=""</programlisting>
<para>In versions 2.2.2 to 3.0, set the following variables in
<filename>/etc/rc.conf</filename>.</para>
<programlisting>moused_type="yyyy"
moused_port="xxxx"
moused_flags=""</programlisting>
<para>In 3.1 and later, assuming you have a PS/2 mouse, all you
need to is add <literal>moused_enable="YES"</literal> to
<filename>/etc/rc.conf</filename>.</para>
<para>In addition, if you would like to be able to use the mouse
daemon on all virtual terminals instead of just console at
boot-time, add the following to
<filename>/etc/rc.conf</filename>.</para>
<programlisting>allscreens_flags="-m on"</programlisting>
<para>Staring from FreeBSD 2.2.6, the mouse daemon is capable of
determining the correct protocol type automatically unless the
mouse is a relatively old serial mouse model. Specify
<literal>auto</literal> the protocol to invoke automatic
detection.</para>
<para>When the mouse daemon is running, access to the mouse
needs to be coordinated between the mouse daemon and other
programs such as the X Window. Refer to <link
linkend="x-and-moused">another section</link> on this
issue.</para>
</answer>
</qandaentry>
<qandaentry>
<question id="text-mode-cut-paste">
<para>How do I cut and paste text with mouse in the text
console?</para>
</question>
<answer>
<para>Once you get the mouse daemon running (see
<link linkend="moused">previous section</link>), hold down the
button 1 (left button) and move the mouse to select a region of
text. Then, press the button 2 (middle button) or the button 3
(right button) to paste it at the text cursor.</para>
<para>In versions 2.2.6 and later, pressing the button 2 will
paste the text. Pressing the button 3 will
<quote>extend</quote> the selected region of text. If your
mouse does not have the middle button, you may wish to emulate
it or remap buttons using moused options. See the
&man.moused.8; man page for details.</para>
</answer>
</qandaentry>
<qandaentry>
<question id="usbmouse">
<para>I have a USB mouse. Does FreeBSD support the USB
mouse?</para>
</question>
<answer>
<para>USB device support was added to FreeBSD 3.1. However, it
is still in a preliminary state and may not always work as of
version 3.2. If you want to experiment with the USB mouse
support, follow the procedure described below.</para>
<orderedlist>
<listitem>
<para>Use FreeBSD 3.2 or later.</para>
</listitem>
<listitem>
<para>Add the following lines to your kernel configuration
file, and rebuild the kernel.</para>
<programlisting>device uhci
device ohci
device usb
device ums</programlisting>
<para>In versions of FreeBSD before 4.0, use this
instead:</para>
<programlisting>controller uhci0
controller ohci0
controller usb0
device ums0</programlisting>
</listitem>
<listitem>
<para>Go to the <filename>/dev</filename> directory and
create a device node as follows:</para>
<screen>&prompt.root; <userinput>cd /dev</userinput>
&prompt.root; <userinput>./MAKEDEV ums0</userinput></screen>
</listitem>
<listitem>
<para>Edit <filename>/etc/rc.conf</filename> and add the
following lines:</para>
<programlisting>moused_enable="YES"
moused_type="auto"
moused_port="/dev/ums0"
moused_flags=""
usbd_enable="YES"
usbd_flags=""</programlisting>
<para>See the <link linkend="moused">previous section</link>
for more detailed discussion on moused.</para>
</listitem>
<listitem>
<para>In order to use the USB mouse in the X session, edit
<filename>XF86Config</filename>. If you are using XFree86
3.3.2 or later, be sure to have the following lines in the
<emphasis>Pointer</emphasis> section:</para>
<programlisting>Device "/dev/sysmouse"
Protocol "Auto"</programlisting>
<para>If you are using earlier versions of XFree86, be sure to
have the following lines in the <emphasis>Pointer</emphasis>
section:</para>
<programlisting>Device "/dev/sysmouse"
Protocol "SysMouse"</programlisting>
</listitem>
</orderedlist>
<para>Refer to <link linkend="x-and-moused">another section</link>
on the mouse support in the X environment.</para>
<para>Hot-plugging and unplugging of the USB mouse may not work
quite right yet. It is a good idea connect the mouse before you
start the system and leave it connected until the system is
shutdown to avoid trouble.</para>
</answer>
</qandaentry>
<qandaentry>
<question id="mouse-wheel-buttons">
<para>My mouse has a fancy wheel and buttons. Can I use them in
FreeBSD?</para>
</question>
<answer>
<para>The answer is, unfortunately, <quote>It depends</quote>.
These mice with additional features require specialized driver
in most cases. Unless the mouse device driver or the user
program has specific support for the mouse, it will act just
like a standard two, or three button mouse.</para>
<para>For the possible usage of wheels in the X Window
environment, refer to <link linkend="x-and-wheel">that
section</link>.</para>
</answer>
</qandaentry>
<qandaentry>
<question id="psmerr">
<para>My mouse does not seem working. The mouse cursor jumps
around on the screen. The mouse has a wheel and is connected
to the PS/2 mouse port.</para>
</question>
<answer>
<para>The PS/2 mouse driver psm in FreeBSD versions 3.2 or
earlier has difficulty with some wheel mice, including Logitech
model M-S48 and its OEM siblings. Apply the following patch to
<filename>/sys/i386/isa/psm.c</filename> and rebuild the
kernel.</para>
<programlisting>Index: psm.c
===================================================================
RCS file: /src/CVS/src/sys/i386/isa/Attic/psm.c,v
retrieving revision 1.60.2.1
retrieving revision 1.60.2.2
diff -u -r1.60.2.1 -r1.60.2.2
--- psm.c 1999/06/03 12:41:13 1.60.2.1
+++ psm.c 1999/07/12 13:40:52 1.60.2.2
@@ -959,14 +959,28 @@
sc->mode.packetsize = vendortype[i].packetsize;
/* set mouse parameters */
+#if 0
+ /*
+ * A version of Logitech FirstMouse+ won't report wheel movement,
+ * if SET_DEFAULTS is sent... Don't use this command.
+ * This fix was found by Takashi Nishida.
+ */
i = send_aux_command(sc->kbdc, PSMC_SET_DEFAULTS);
if (verbose >= 2)
printf("psm%d: SET_DEFAULTS return code:%04x\n", unit, i);
+#endif
if (sc->config & PSM_CONFIG_RESOLUTION) {
sc->mode.resolution
= set_mouse_resolution(sc->kbdc,
- (sc->config & PSM_CONFIG_RESOLUTION) - 1);
+ (sc->config & PSM_CONFIG_RESOLUTION) - 1);
+ } else if (sc->mode.resolution >= 0) {
+ sc->mode.resolution
+ = set_mouse_resolution(sc->kbdc, sc->dflt_mode.resolution);
+ }
+ if (sc->mode.rate > 0) {
+ sc->mode.rate = set_mouse_sampling_rate(sc->kbdc, sc->dflt_mode.rate);
}
+ set_mouse_scaling(sc->kbdc, 1);
/* request a data packet and extract sync. bits */
if (get_mouse_status(sc->kbdc, stat, 1, 3) < 3) {</programlisting>
<para>Versions later than 3.2 should be all right.</para>
</answer>
</qandaentry>
<qandaentry>
<question id="laptop-mouse-trackball">
<para>How do I use the mouse/trackball/touchpad on my
laptop?</para>
</question>
<answer>
<para>Please refer to <link linkend="ps2mouse">the answer to
the previous question</link>. And check out
<link linkend="pao">this note</link> on the Mobile Computing
page.</para>
</answer>
</qandaentry>
<qandaentry>
<question id="tape-support">
<para>What types of tape drives are supported?</para>
</question>
<answer>
<para>FreeBSD supports SCSI and QIC-36 (with a QIC-02 interface).
This includes 8-mm (aka Exabyte) and DAT drives.</para>
<para>Some of the early 8-mm drives are not quite compatible
with SCSI-2, and may not work well with FreeBSD.</para>
</answer>
</qandaentry>
<qandaentry>
<question id="tape-changer-support">
<para>Does FreeBSD support tape changers?</para>
</question>
<answer>
<para>FreeBSD 2.2 supports SCSI changers using the
&man.ch.4;
device and the
&man.chio.1;
command. The details of how you actually control the changer
can be found in the
&man.chio.1;
man page.</para>
<para>If you're not using <ulink
URL="http://www.FreeBSD.org/cgi/ports.cgi?amanda">AMANDA</ulink>
or some other product that already understands changers,
remember that they're only know how to move a tape from one
point to another, so you need to keep track of which slot a
tape is in, and which slot the tape currently in the drive
needs to go back to.</para>
</answer>
</qandaentry>
<qandaentry>
<question id="sound-card-support">
<para>Which sound cards are supported by FreeBSD?</para>
</question>
<answer>
<para>FreeBSD supports the SoundBlaster, SoundBlaster Pro,
SoundBlaster 16, Pro Audio Spectrum 16, AdLib and Gravis
UltraSound sound cards. There is also limited support for
MPU-401 and compatible MIDI cards. Cards conforming to the
Microsoft Sound System specification are also supported through
the pcm driver.</para>
<para>
<note>
<para>This is only for sound! This driver does not support
CD-ROMs, SCSI or joysticks on these cards, except for the
SoundBlaster. The SoundBlaster SCSI interface and some
non-SCSI CDROMS are supported, but you can't boot off this
device.</para>
</note></para>
</answer>
</qandaentry>
<qandaentry>
<question id="es1370-silent-pcm">
<para>Workarounds for no sound from es1370 with pcm driver?</para>
</question>
<answer>
<para>You can run the following command everytime the machine
booted up:</para>
<screen>&prompt.root; <userinput>mixer pcm 100 vol 100 cd 100</userinput></screen>
</answer>
</qandaentry>
<qandaentry>
<question id="network-cards">
<para>Which network cards does FreeBSD support?</para>
</question>
<answer>
<para>See the <ulink
URL="../handbook/install-hw.html#INSTALL-NICS">
Ethernet cards</ulink> section of the handbook for a more
complete list.</para>
</answer>
</qandaentry>
<qandaentry>
<question id="no-math-coprocessor">
<para>I don't have a math co-processor - is that bad?</para>
</question>
<answer>
<para>
<note>
<para>This will only affect 386/486SX/486SLC owners - other
machines will have one built into the CPU.</para>
</note></para>
<para>In general this will not cause any problems, but there are
circumstances where you will take a hit, either in performance
or accuracy of the math emulation code (see the section <link
linkend="emul">on FP emulation</link>). In particular, drawing
arcs in X will be VERY slow. It is highly recommended that you
buy a math co-processor; it's well worth it.</para>
<para>
<note>
<para>Some math co-processors are better than others. It
pains us to say it, but nobody ever got fired for buying
Intel. Unless you're sure it works with FreeBSD, beware of
clones.</para>
</note></para>
</answer>
</qandaentry>
<qandaentry>
<question id="other-device-support">
<para>What other devices does FreeBSD support?</para>
</question>
<answer>
<para>See the <ulink
URL="../handbook/install.html#INSTALL-MISC">Handbook</ulink>
for the list of other devices supported.</para>
</answer>
</qandaentry>
<qandaentry>
<question id="power-management-support">
<para>Does FreeBSD support power management on my laptop?</para>
</question>
<answer>
<para>FreeBSD supports APM on certain machines. Please look in
the <filename>LINT</filename> kernel config file, searching for
the
<literal>APM</literal>
keyword. Further information can be found in &man.apm.4;.</para>
</answer>
</qandaentry>
<qandaentry>
<question id="micron-hang-boot">
<para>My Micron system hangs at boot time</para>
</question>
<answer>
<para>Certain Micron motherboards have a non-conforming PCI BIOS
implementation that causes grief when FreeBSD boots because PCI
devices don't get configured at their reported addresses.</para>
<para>Disable the <quote>Plug and Play Operating System</quote>
flag in the BIOS to work around this problem. More information
can be found at <ulink
URL="http://cesdis.gsfc.nasa.gov/linux/drivers/vortex.html#micron">
http://cesdis.gsfc.nasa.gov/linux/drivers/vortex.html#micron</ulink></para>
</answer>
</qandaentry>
<qandaentry>
<question id="newer-adaptec-support">
<para>I have a newer Adaptec controller and FreeBSD can't find
it.</para>
</question>
<answer>
<para>The newer AIC789x series Adaptec chips are supported under
the CAM SCSI framework which made it's debut in 3.0. Patches
against 2.2-STABLE are in <ulink
URL="ftp://ftp.FreeBSD.org/pub/FreeBSD/development/cam/">
ftp://ftp.FreeBSD.org/pub/FreeBSD/development/cam/</ulink>.
A CAM-enhanced boot floppy is available at <ulink
URL="http://people.FreeBSD.org/~abial/cam-boot/">
http://people.FreeBSD.org/~abial/cam-boot/</ulink>.
In both cases read the README before beginning.</para>
</answer>
</qandaentry>
<qandaentry>
<question id="internal-plugnplay-modem">
<para>I have an internal Plug &amp; Play modem and FreeBSD
can't find it.</para>
</question>
<answer>
<para>You will need to add the modem's PnP ID to the PnP ID
list in the serial driver. To enable Plug &amp; Play support,
compile a new kernel with <literal>controller pnp0</literal> in
the configuration file, then reboot the system. The kernel will
print the PnP IDs of all the devices it finds. Copy the PnP ID
from the modem to the table in
<filename>/sys/i386/isa/sio.c</filename>, at about line 2777.
Look for the string <literal>SUP1310</literal> in the structure
<literal>siopnp_ids[]</literal> to find the table. Build the
kernel again, install, reboot, and your modem should be
found.</para>
<para>You may have to manually configure the PnP devices using
the <literal>pnp</literal> command in the boot-time
configuration with a command like</para>
<programlisting>pnp 1 0 enable os irq0 3 drq0 0 port0 0x2f8</programlisting>
<para>to make the modem show.</para>
</answer>
</qandaentry>
<qandaentry>
<question id="serial-console-prompt">
<para>How do I get the boot: prompt to show on the serial
console?</para>
</question>
<answer>
<orderedlist>
<listitem>
<para>Build a kernel with
<literal>options COMCONSOLE</literal>.</para>
</listitem>
<listitem>
<para>Create /boot.config and place <option>-P</option>
as the only text in the file.</para>
</listitem>
<listitem>
<para>Unplug the keyboard from the system.</para>
</listitem>
</orderedlist>
<para>See
<filename>/usr/src/sys/i386/boot/biosboot/README.serial</filename>
for information.</para>
</answer>
</qandaentry>
<qandaentry>
<question id="micron-3comnic-failure">
<para>Why doesn't my 3Com PCI network card work with my Micron
computer?</para>
</question>
<answer>
<para>Certain Micron motherboards have a non-conforming PCI BIOS
implementation that does not configure PCI devices at the
addresses reported. This causes grief when FreeBSD
boots.</para>
<para>To work around this problem, disable the
<quote>Plug and Play Operating System</quote> flag in the
BIOS.</para>
<para>More information on this problem is available at URL:
<ulink URL="http://cesdis.gsfc.nasa.gov/linux/drivers/vortex.html#micron">http://cesdis.gsfc.nasa.gov/linux/drivers/vortex.html#micron</ulink></para>
</answer>
</qandaentry>
<qandaentry>
<question id="smp-support">
<para>Does FreeBSD support Symmetric Multiprocessing (SMP)?</para>
</question>
<answer>
<para>SMP is supported in 3.0-STABLE and later releases only.
SMP is not enabled in the <emphasis>GENERIC</emphasis> kernel,
so you will have to recompile your kernel to enable SMP. Take a
look at <filename>/sys/i386/conf/LINT</filename> to figure out
what options to put in your kernel config file.</para>
</answer>
</qandaentry>
<qandaentry>
<question id="asusk7v-boot-failure">
<para>The boot floppy hangs on a system with an ASUS K7V
motherboard. How do I fix this?</para>
</question>
<answer>
<para>Go in to the BIOS setup and disable the boot virus
protection.</para>
</answer>
</qandaentry>
</qandaset>
</chapter>
<chapter id="troubleshoot">
<title>Troubleshooting</title>
<qandaset>
<qandaentry>
<question id="awre">
<para>I have bad blocks on my hard drive!</para>
</question>
<answer>
<para>With SCSI drives, the drive should be capable of re-mapping
these automatically. However, many drives are shipped with
this feature disabled, for some mysterious reason...</para>
<para>To enable this, you'll need to edit the first device page
mode, which can be done on FreeBSD by giving the command
(as root)</para>
<screen>&prompt.root; <userinput>scsi -f /dev/rsd0c -m 1 -e -P 3</userinput></screen>
<para>and changing the values of AWRE and ARRE from 0 to 1:-</para>
<programlisting>AWRE (Auto Write Reallocation Enbld): 1
ARRE (Auto Read Reallocation Enbld): 1</programlisting>
<para>The following paragraphs were submitted by <ulink
URL="mailto:tedm@toybox.placo.com">
Ted Mittelstaedt</ulink>:</para>
<para>For IDE drives, any bad block is usually a sign of
potential trouble. All modern IDE drives come with internal
bad-block remapping turned on. All IDE hard drive manufacturers
today offer extensive warranties and will replace drives with
bad blocks on them.</para>
<para>If you still want to attempt to rescue an IDE drive with
bad blocks, you can attempt to download the IDE drive
manufacturer's IDE diagnostic program, and run this against the
drive. Sometimes these programs can be set to force the drive
electronics to rescan the drive for bad blocks and lock them
out.</para>
<para>For ESDI, RLL and MFM drives, bad blocks are a normal part
of the drive and are no sign of trouble, generally. With a PC,
the disk drive controller card and BIOS handle the task of
locking out bad sectors. This is fine for operating systems
like DOS that use BIOS code to access the disk. However,
FreeBSD's disk driver does not go through BIOS, therefore a
mechanism, bad144, exists that replaces this functionality.
bad144 only works with the wd driver (which means it is not
supported in FreeBSD 4.0), it is NOT able to be used with SCSI.
bad144 works by entering all bad sectors found into a special
file.</para>
<para>One caveat with bad144 - the bad block special file is
placed on the last track of the disk. As this file may possibly
contain a listing for a bad sector that would occur near the
beginning of the disk, where the /kernel file might be located,
it therefore must be accessible to the bootstrap program that
uses BIOS calls to read the kernel file. This means that the
disk with bad144 used on it must not exceed 1024 cylinders, 16
heads, and 63 sectors. This places an effective limit of 500MB
on a disk that is mapped with bad144.</para>
<para>To use bad144, simply set the <quote>Bad Block</quote>
scanning to ON in the FreeBSD fdisk screen during the initial
install. This works up through FreeBSD 2.2.7. The disk must
have less than 1024 cylinders. It is generally recommended that
the disk drive has been in operation for at least 4 hours prior
to this to allow for thermal expansion and track
wandering.</para>
<para>If the disk has more than 1024 cylinders (such as a large
ESDI drive) the ESDI controller uses a special translation mode
to make it work under DOS. The wd driver understands about
these translation modes, IF you enter the
<quote>translated</quote> geometry with the <quote>set
geometry</quote> command in fdisk. You must also NOT use the
<quote>dangerously dedicated</quote> mode of creating the
FreeBSD partition, as this ignores the geometry. Also, even
though fdisk will use your overridden geometry, it still knows
the true size of the disk, and will attempt to create a too
large FreeBSD partition. If the disk geometry is changed to the
translated geometry, the partition MUST be manually created
with the number of blocks.</para>
<para>A quick trick to use is to set up the large ESDI disk with
the ESDI controller, boot it with a DOS disk and format it with
a DOS partition. Then, boot the FreeBSD install and in the
fdisk screen, read off and write down the blocksize and block
numbers for the DOS partition. Then, reset the geometry to the
same that DOS uses, delete the DOS partition, and create a
<quote>cooperative</quote> FreeBSD partition using the
blocksize you recorded earlier. Then, set the partition
bootable and turn on bad block scanning. During the actual
install, bad144 will run first, before any filesystems are
created. (you can view this with an Alt-F2) If it has any
trouble creating the badsector file, you have set too large a
disk geometry - reboot the system and start all over again
(including repartitioning and reformatting with DOS).</para>
<para>If remapping is enabled and you are seeing bad blocks,
consider replacing the drive. The bad blocks will only get
worse as time goes on.</para>
</answer>
</qandaentry>
<qandaentry>
<question id="bustek742a-eisa-scsi">
<para>FreeBSD does not recognize my Bustek 742a EISA SCSI!</para>
</question>
<answer>
<para>This info is specific to the 742a but may also cover
other Buslogic cards. (Bustek = Buslogic)</para>
<para>There are 2 general <quote>versions</quote> of the 742a
card. They are hardware revisions A-G, and revisions H -
onwards. The revision letter is located after the Assembly
number on the edge of the card. The 742a has 2 ROM chips on it,
one is the BIOS chip and the other is the Firmware chip.
FreeBSD doesn't care what version of BIOS chip you have but it
does care about what version of firmware chip. Buslogic will
send upgrade ROMS out if you call their tech support dept. The
BIOS and Firmware chips are shipped as a matched pair. You must
have the most current Firmware ROM in your adapter card for
your hardware revision.</para>
<para>The REV A-G cards can only accept BIOS/Firmware sets up to
2.41/2.21. The REV H- up cards can accept the most current
BIOS/Firmware sets of 4.70/3.37. The difference between the
firmware sets is that the 3.37 firmware supports <quote>round
robin</quote></para>
<para>The Buslogic cards also have a serial number on them. If
you have a old hardware revision card you can call the Buslogic
RMA department and give them the serial number and attempt to
exchange the card for a newer hardware revision. If the card is
young enough they will do so.</para>
<para>FreeBSD 2.1 only supports Firmware revisions 2.21 onward.
If you have a Firmware revision older than this your card will
not be recognized as a Buslogic card. It may be recognized as
an Adaptec 1540, however. The early Buslogic firmware contains
an AHA1540 <quote>emulation</quote> mode. This is not a good
thing for an EISA card, however.</para>
<para>If you have an old hardware revision card and you obtain
the 2.21 firmware for it, you will need to check the position
of jumper W1 to B-C, the default is A-B.</para>
</answer>
</qandaentry>
<qandaentry>
<question id="hpnetserver-scsi-failure">
<para>My HP Netserver's SCSI controller is not detected!</para>
</question>
<answer>
<para>This is basically a known problem. The EISA on-board SCSI
controller in the HP Netserver machines occupies EISA slot
number 11, so all the <quote>true</quote> EISA slots are in
front of it. Alas, the address space for EISA slots &gt;= 10
collides with the address space assigned to PCI, and FreeBSD's
auto-configuration currently cannot handle this situation very
well.</para>
<para>So now, the best you can do is to pretend there is no
address range clash :), by bumping the kernel option
<literal>EISA_SLOTS</literal> to a value of 12. Configure and
compile a kernel, as described in the <ulink
URL="../handbook/kernelconfig.html">Handbook entry on
configuring the kernel</ulink>.</para>
<para>Of course, this does present you with a chicken-and-egg
problem when installing on such a machine. In order to work
around this problem, a special hack is available inside
<emphasis>UserConfig</emphasis>. Do not use the
<quote>visual</quote> interface, but the plain command-line
interface there. Simply type</para>
<programlisting>eisa 12
quit</programlisting>
<para>at the prompt, and install your system as usual. While
it's recommended you compile and install a custom kernel
anyway,</para>
<para>Hopefully, future versions will have a proper fix for
this problem.</para>
<para>
<note>
<para>You can not use a
<literal>dangerously dedicated</literal> disk
with an HP Netserver. See <link linkend="dedicate">this
note</link> for more info.</para>
</note></para>
</answer>
</qandaentry>
<qandaentry>
<question id="cmd640-ide">
<para>What's up with this CMD640 IDE controller?</para>
</question>
<answer>
<para>It's broken. It cannot handle commands on both channels
simultaneously.</para>
<para>There's a workaround available now and it is enabled
automatically if your system uses this chip. For the details
refer to the manual page of the disk driver (man 4 wd).</para>
<para>If you're already running FreeBSD 2.2.1 or 2.2.2 with a
CMD640 IDE controller and you want to use the second channel,
build a new kernel with <literal>options "CMD640"</literal>
enabled. This is the default for 2.2.5 and later.</para>
</answer>
</qandaentry>
<qandaentry>
<question id="ed1-timeout">
<para>I keep seeing messages like
<literal>ed1: timeout</literal>.</para>
</question>
<answer>
<para>This is usually caused by an interrupt conflict (e.g.,
two boards using the same IRQ). FreeBSD prior to 2.0.5R used to
be tolerant of this, and the network driver would still
function in the presence of IRQ conflicts. However, with 2.0.5R
and later, IRQ conflicts are no longer tolerated. Boot with the
-c option and change the ed0/de0/... entry to match your
board.</para>
<para>If you're using the BNC connector on your network card,
you may also see device timeouts because of bad termination. To
check this, attach a terminator directly to the NIC (with no
cable) and see if the error messages go away.</para>
<para>Some NE2000 compatible cards will give this error if there
is no link on the UTP port or if the cable is disconnected.</para>
</answer>
</qandaentry>
<qandaentry>
<question id="mount-cd-superblock">
<para>When I mount a CDROM, I get
<literal>Incorrect super block</literal>.</para>
</question>
<answer>
<para>You have to tell &man.mount.8;
the type of the device that you want to mount. By default,
&man.mount.8;
will assume the filesystem is of type <literal>ufs</literal>.
You want to mount a CDROM filesystem, and you do this by
specifying the <option>-t cd9660</option> option to
&man.mount.8;. This does, of course, assume that the
CDROM contains an ISO 9660 filesystem, which is what most CDROMs
have. As of 1.1R, FreeBSD automatically understands the Rock
Ridge (long filename) extensions as well.</para>
<para>As an example, if you want to mount the CDROM device,
<filename>/dev/cd0c</filename>, under <filename>/mnt</filename>,
you would execute:</para>
<screen>&prompt.root; <userinput>mount -t cd9660 /dev/cd0c /mnt</userinput></screen>
<para>Note that your device name (<filename>/dev/cd0c</filename>
in this example) could be different, depending on the CDROM
interface. Note that the <option>-t cd9660</option> option just
causes the <command>mount_cd9660</command> command to be
executed, and so the above example could be shortened
to:</para>
<screen>&prompt.root; <userinput>mount_cd9660 /dev/cd0c /mnt</userinput></screen>
</answer>
</qandaentry>
<qandaentry>
<question id="cdrom-not-configured">
<para>When I mount a CDROM, I get
<literal>Device not configured</literal>.</para>
</question>
<answer>
<para>This generally means that there is no CDROM in the CDROM
drive, or the drive is not visible on the bus. Feed the drive
something, and/or check its master/slave status if it is IDE
(ATAPI). It can take a couple of seconds for a CDROM drive to
notice that it's been fed, so be patient.</para>
<para>Sometimes a SCSI CD-ROM may be missed because it hadn't
enough time to answer the bus reset. If you have a SCSI CD-ROM
please try to add the following symbol into your kernel
configuration file and recompile.</para>
<programlisting>options "SCSI_DELAY=15"</programlisting>
</answer>
</qandaentry>
<qandaentry>
<question id="cdrom-unicode-filenames">
<para>When I mount a CDROM, all non-English characters in
filenames show up as <quote>?</quote>.</para>
</question>
<answer>
<para>Most likely your CDROM uses the <quote>Joilet</quote>
extention for storing information about files and directories.
This extension specifies that all filenames are stored using
Unicode two-byte characters. Currently, efforts are under way
to introduce a generic Unicode interface into the FreeBSD
kernel, but since that isn't ready yet, the CD9660 driver does
not have the ability to decode the characters in the
filenames.</para>
<para>As a temporary solution, starting with FreeBSD 4.3, a
special hook has been added into the CD9660 driver to allow the
user to load an appropriate conversion table on the fly.
Modules for some of the common encodings are available via the
<filename>sysutils/cd9660_unicode</filename> port.</para>
</answer>
</qandaentry>
<qandaentry>
<question id="printer-slow">
<para>My printer is ridiculously slow. What can I do?</para>
</question>
<answer>
<para>If it's parallel, and the only problem is that it's terribly
slow, try setting your printer port into <quote>polled</quote>
mode:</para>
<screen>&prompt.root; <userinput>lptcontrol -p</userinput></screen>
<para>Some newer HP printers are claimed not to work correctly in
interrupt mode, apparently due to some (not yet exactly
understood) timing problem.</para>
</answer>
</qandaentry>
<qandaentry>
<question id="signal11">
<para>My programs occasionally die with
<literal>Signal 11</literal> errors.</para>
</question>
<answer>
<para>Signal 11 errors are caused when your process has attempted
to access memory which the operating system has not granted it
access to. If something like this is happening at seemingly
random intervals then you need to start investigating things
very carefully.</para>
<para>These problems can usually be attributed to either:</para>
<orderedlist>
<listitem>
<para>If the problem is occurring only in a specific
application that you are developing yourself it is probably
a bug in your code.</para>
</listitem>
<listitem>
<para>If it's a problem with part of the base FreeBSD system,
it may also be buggy code, but more often than not these
problems are found and fixed long before us general FAQ
readers get to use these bits of code (that's what -current
is for).</para>
</listitem>
</orderedlist>
<para>In particular, a dead giveaway that this is *not* a FreeBSD
bug is if you see the problem when you're compiling a program,
but the activity that the compiler is carrying out changes
each time.</para>
<para>For example, suppose you're running <quote>make buildworld</quote>, and
the compile fails while trying to compile ls.c in to ls.o. If
you next run <quote>make buildworld</quote> again, and the compile fails in
the same place then this is a broken build -- try updating your
sources and try again. If the compile fails elsewhere then this
is almost certainly hardware.</para>
<para>What you should do:</para>
<para>In the first case you can use a debugger e.g. gdb to find
the point in the program which is attempting to access a bogus
address and then fix it.</para>
<para>In the second case you need to verify that it's not your
hardware at fault.</para>
<para>Common causes of this include:</para>
<orderedlist>
<listitem>
<para>Your hard disks might be overheating: Check the fans in
your case are still working, as your disk (and perhaps
other hardware might be overheating).</para>
</listitem>
<listitem>
<para>The processor running is overheating: This might be
because the processor has been overclocked, or the fan on
the processor might have died. In either case you need to
ensure that you have hardware running at what it's
specified to run at, at least while trying to solve this
problem. i.e. Clock it back to the default settings.</para>
<para>If you are overclocking then note that it's far cheaper
to have a slow system than a fried system that needs
replacing! Also the wider community is not often
sympathetic to problems on overclocked systems, whether you
believe it's safe or not.</para>
</listitem>
<listitem>
<para>Dodgy memory: If you have multiple memory SIMMS/DIMMS
installed then pull them all out and try running the
machine with each SIMM or DIMM individually and narrow the
problem down to either the problematic DIMM/SIMM or perhaps
even a combination.</para>
</listitem>
<listitem>
<para>Over-optimistic Motherboard settings: In your BIOS
settings, and some motherboard jumpers you have options to
set various timings, mostly the defaults will be
sufficient, but sometimes, setting the wait states on RAM
too low, or setting the <quote>RAM Speed: Turbo</quote> option, or
similar in the BIOS will cause strange behaviour. A
possible idea is to set to BIOS defaults, but it might be
worth noting down your settings first!</para>
</listitem>
<listitem>
<para>Unclean or insufficient power to the motherboard. If you
have any unused I/O boards, hard disks, or CDROMs in your
system, try temporarily removing them or disconnecting the
power cable from them, to see if your power supply can
manage a smaller load. Or try another power supply,
preferably one with a little more power (for instance, if
your current power supply is rated at 250 Watts try one
rated at 300 Watts).</para>
</listitem>
</orderedlist>
<para>You should also read the SIG11 FAQ (listed below) which has
excellent explanations of all these problems, albeit from a
Linux viewpoint. It also discusses how memory testing software
or hardware can still pass faulty memory.</para>
<para>Finally, if none of this has helped it is possible that
you've just found a bug in FreeBSD, and you should follow the
instructions to send a problem report.</para>
<para>There's an extensive FAQ on this at <ulink
URL="http://www.bitwizard.nl/sig11/">
the SIG11 problem FAQ</ulink></para>
</answer>
</qandaentry>
<qandaentry>
<question id="screen-loses-sync">
<para>When I boot, the screen goes black and loses sync!</para>
</question>
<answer>
<para>This is a known problem with the ATI Mach 64 video card.
The problem is that this card uses address
<literal>2e8</literal>, and the fourth serial port does too.
Due to a bug (feature?) in the &man.sio.4;
driver it will touch this port even if you don't have the
fourth serial port, and <emphasis>even</emphasis> if
you disable sio3 (the fourth port) which normally uses this
address.</para>
<para>Until the bug has been fixed, you can use this
workaround:</para>
<orderedlist>
<listitem>
<para>Enter <option>-c</option> at the bootprompt.
(This will put the kernel into configuration mode).</para>
</listitem>
<listitem>
<para>Disable <devicename>sio0</devicename>,
<devicename>sio1</devicename>,
<devicename>sio2</devicename> and
<devicename>sio3</devicename> (all of them). This way
the sio driver doesn't get activated -&gt; no
problems.</para>
</listitem>
<listitem>
<para>Type exit to continue booting.</para>
</listitem>
</orderedlist>
<para>If you want to be able to use your serial ports, you'll
have to build a new kernel with the following modification: in
<filename>/usr/src/sys/i386/isa/sio.c</filename> find the one
occurrence of the string <literal>0x2e8</literal> and remove
that string and the preceding comma (keep the trailing comma).
Now follow the normal procedure of building a new
kernel.</para>
<para>Even after applying these workarounds, you may still find
that the X Window System does not work properly. If this is the
case, make sure that the XFree86 version you are using is at
least XFree86 3.3.3 or higher. This version and upwards has
built-in support for the Mach64 cards and even a dedicated X
server for those cards.</para>
</answer>
</qandaentry>
<qandaentry>
<question id="reallybigram">
<para>I have 128 MB of RAM but the system only uses 64 MB.</para>
</question>
<answer>
<para>Due to the manner in which FreeBSD gets the memory size
from the BIOS, it can only detect 16 bits worth of Kbytes in
size (65535 Kbytes = 64MB) (or less... some BIOSes peg the
memory size to 16M). If you have more than 64MB, FreeBSD will
attempt to detect it; however, the attempt may fail.</para>
<para>To work around this problem, you need to use the kernel
option specified below. There is a way to get complete memory
information from the BIOS, but we don't have room in the
bootblocks to do it. Someday when lack of room in the
bootblocks is fixed, we'll use the extended BIOS functions to
get the full memory information...but for now we're stuck with
the kernel option.</para>
<para><literal>options "MAXMEM=<replaceable>n</replaceable>"</literal></para>
<para>Where <replaceable>n</replaceable> is your memory in
Kilobytes. For a 128 MB machine, you'd want to use
<literal>131072</literal>.</para>
</answer>
</qandaentry>
<qandaentry>
<question id="panic-kmemmap-too-small">
<para>FreeBSD 2.0 panics with
<literal>kmem_map too small!</literal></para>
</question>
<answer>
<para>
<note>
<para>The message may also be
<literal>mb_map too small!</literal></para>
</note></para>
<para>The panic indicates that the system ran out of virtual
memory for network buffers (specifically, mbuf clusters). You
can increase the amount of VM available for mbuf clusters by
adding:</para>
<para><literal>options "NMBCLUSTERS=<replaceable>n</replaceable>"</literal></para>
<para>to your kernel config file, where
<replaceable>n</replaceable> is a number in the range 512-4096,
depending on the number of concurrent TCP connections you need
to support. I'd recommend trying 2048 - this should get rid of
the panic completely. You can monitor the number of mbuf
clusters allocated/in use on the system with
<command>netstat
-m</command> (see &man.netstat.1;). The default value for NMBCLUSTERS is <literal>512 +
MAXUSERS * 16</literal>.</para>
</answer>
</qandaentry>
<qandaentry>
<question id="cmap-busy-panic">
<para><literal>CMAP busy panic</literal> when rebooting with a
new kernel.</para>
</question>
<answer>
<para>The logic that attempts to detect an out of date
<filename>/var/db/kvm_*.db</filename> files sometimes fails
and using a mismatched file can sometimes lead to panics.</para>
<para>If this happens, reboot single-user and do:</para>
<screen>&prompt.root; <userinput>rm /var/db/kvm_*.db</userinput></screen>
</answer>
</qandaentry>
<qandaentry>
<question id="brkadrint-illegal-host-access">
<para>ahc0: brkadrint, Illegal Host Access at seqaddr 0x0</para>
</question>
<answer>
<para>This is a conflict with an Ultrastor SCSI Host Adapter.</para>
<para>During the boot process enter the kernel configuration
menu and disable
<devicename>uha0</devicename>,
which is causing the problem.</para>
</answer>
</qandaentry>
<qandaentry>
<question id="mail-loopback">
<para>Sendmail says
<literal>mail loops back to myself</literal></para>
</question>
<answer>
<para>This is answered in the sendmail FAQ as follows:-</para>
<literallayout> * I'm getting "Local configuration error" messages, such as:
553 relay.domain.net config error: mail loops back to myself
554 &lt;user@domain.net&gt;... Local configuration error
How can I solve this problem?
You have asked mail to the domain (e.g., domain.net) to be
forwarded to a specific host (in this case, relay.domain.net)
by using an MX record, but the relay machine doesn't recognize
itself as domain.net. Add domain.net to /etc/sendmail.cw
(if you are using FEATURE(use_cw_file)) or add "Cw domain.net"
to /etc/sendmail.cf.
</literallayout>
<para>The current version of the <ulink
URL="ftp://rtfm.mit.edu/pub/usenet/news.answers/mail/sendmail-faq">sendmail
FAQ</ulink> is no longer maintained with the sendmail release.
It is however regularly posted to <ulink
URL="news:comp.mail.sendmail">comp.mail.sendmail</ulink>,
<ulink URL="news:comp.mail.misc">comp.mail.misc</ulink>, <ulink
URL="news:comp.mail.smail">comp.mail.smail</ulink>, <ulink
URL="news:comp.answers">comp.answers</ulink>, and <ulink
URL="news:news.answers">news.answers</ulink>. You can also
receive a copy via email by sending a message to
<email>mail-server@rtfm.mit.edu</email> with the command
<literal>send usenet/news.answers/mail/sendmail-faq</literal>
as the body of the message.</para>
</answer>
</qandaentry>
<qandaentry>
<question id="remote-fullscreen">
<para>Full screen applications on remote machines misbehave</para>
</question>
<answer>
<para>The remote machine may be setting your terminal type
to something other than the <literal>cons25</literal> terminal
type required by the FreeBSD console.</para>
<para>There are a number of possible work-arounds for this
problem:</para>
<itemizedlist>
<listitem>
<para>After logging on to the remote machine, set your
TERM shell variable to <literal>ansi</literal> or
<literal>sco</literal> if the remote machine knows
about these terminal types.</para>
</listitem>
<listitem>
<para>Use a VT100 emulator like <ulink
URL="http://www.FreeBSD.org/cgi/ports.cgi?screen-">
screen</ulink> at the FreeBSD console.
<application>screen</application> offers you the ability
to run multiple concurrent sessions from one terminal,
and is a neat program in its own right. Each
<application>screen</application> window behaves like a
VT100 terminal, so the TERM variable at the remote end
should be set to <literal>vt100</literal>.</para>
</listitem>
<listitem>
<para>Install the <literal>cons25</literal> terminal
database entry on the remote machine. The way to do this
depends on the operating system on the remote machine.
The system administration manuals for the remote system
should be able to help you here.</para>
</listitem>
<listitem>
<para>Fire up an X server at the FreeBSD end and login to
the remote machine using an X based terminal emulator
such as <command>xterm</command> or
<command>rxvt</command>. The TERM variable at the remote
host should be set to <literal>xterm</literal> or
<literal>vt100</literal>.</para>
</listitem>
</itemizedlist>
</answer>
</qandaentry>
<qandaentry>
<question id="calcru-negative">
<para>My machine prints
<literal>calcru: negative time...</literal></para>
</question>
<answer>
<para>This can be caused by various hardware and/or software
ailments relating to interrupts. It may be due to bugs but can
also happen by nature of certain devices. Running TCP/IP over
the parallel port using a large MTU is one good way to provoke
this problem. Graphics accelerators can also get you here, in
which case you should check the interrupt setting of the card
first.</para>
<para>A side effect of this problem are dying processes with the
message <quote>SIGXCPU exceeded cpu time limit</quote>.</para>
<para>For FreeBSD 3.0 and later from Nov 29, 1998 forward: If the
problem cannot be fixed otherwise the solution is to set
this sysctl variable:</para>
<screen>&prompt.root; <userinput>sysctl -w kern.timecounter.method=1</userinput></screen>
<para>This means a performance impact, but considering the cause
of this problem, you probably will not notice. If the problem
persists, keep the sysctl set to one and set the
<literal>NTIMECOUNTER</literal> option in your kernel to
increasingly large values. If by the time you have reached
<literal>NTIMECOUNTER=20</literal> the problem isn't solved,
interrupts are too hosed on your machine for reliable
timekeeping.</para>
</answer>
</qandaentry>
<qandaentry>
<question id="pcm0-not-found">
<para>I see <literal>pcm0 not found</literal> or my sound card is
found as <literal>pcm1</literal> but I have
<literal>device pcm0</literal> in my kernel config file</para>
</question>
<answer>
<para>This occurs in FreeBSD 3.x with PCI sound cards. The
<literal>pcm0</literal> device is reserved exclusively for
ISA-based cards so, if you have a PCI card, then you will see
this error, and your card will appear as <literal>pcm1</literal>.
<note>
<para>You cannot remove the warning by simply changing the
line in the kernel config file to <literal>device
pcm1</literal> as this will result in
<literal>pcm1</literal> being reserved for ISA cards and
your PCI card being found as <literal>pcm2</literal> (along
with the warning <literal>pcm1 not found</literal>).</para>
</note>
If you have a PCI sound card you will also have to make the
<literal>snd1</literal> device rather than
<literal>snd0</literal>:</para>
<screen>&prompt.root; <userinput>cd /dev</userinput>
&prompt.root; <userinput>./MAKEDEV snd1</userinput></screen>
<para>This situation does not arise in FreeBSD 4.x as has a lot
of work has been done to make the it more
<emphasis>PnP-centric</emphasis> and the
<literal>pcm0</literal> device is no longer reserved
exclusively fo ISA cards</para>
</answer>
</qandaentry>
<qandaentry>
<question id="pnp-not-found">
<para>My PnP card is no longer found (or found as
<literal>unknown</literal>) since upgrading to FreeBSD 4.x</para>
</question>
<answer>
<para>FreeBSD 4.x is now much more <emphasis>PnP-centric</emphasis>
and this has had the side effect of some PnP devices (e.g. sound
cards and internal modems) not working even though they worked
under FreeBSD 3.x.</para>
<para>The reasons for this behaviour are explained by the following
e-mail, posted to the freebsd-questions mailing list by Peter
Wemm, in answer to a question about an internal modem that was
no longer found after an upgrade to FreeBSD 4.x (the comments
in <literal>[]</literal> have been added to clarify the
context.</para>
<blockquote>
<para>The PNP bios preconfigured it [the modem] and left it
laying around in port space, so [in 3.x] the old-style ISA
probes <quote>found</quote> it there.</para>
<para>Under 4.0, the ISA code is much more PnP-centric. It was
possible [in 3.x] for an ISA probe to find a
<quote>stray</quote> device and then for the PNP device id to
match and then fail due to resource conflicts. So, it
disables the programmable cards first so this double probing
cannot happen. It also means that it needs to know the PnP
id's for supported PnP hardware. Making this more user
tweakable is on the TODO list.</para>
</blockquote>
<para>To get the device working again requires finding its PnP id
and adding it to the list that the ISA probes use to identify
PnP devices. This is obtained using &man.pnpinfo.8; to probe the
device, for example this is the output from &man.pnpinfo.8; for
an internal modem:</para>
<screen>&prompt.root; <userinput>pnpinfo</userinput>
Checking for Plug-n-Play devices...
Card assigned CSN #1
Vendor ID PMC2430 (0x3024a341), Serial Number 0xffffffff
PnP Version 1.0, Vendor Version 0
Device Description: Pace 56 Voice Internal Plug & Play Modem
Logical Device ID: PMC2430 0x3024a341 #0
Device supports I/O Range Check
TAG Start DF
I/O Range 0x3f8 .. 0x3f8, alignment 0x8, len 0x8
[16-bit addr]
IRQ: 4 - only one type (true/edge)</screen>
<para>[more TAG lines elided]</para>
<screen>
TAG End DF
End Tag
Successfully got 31 resources, 1 logical fdevs
-- card select # 0x0001
CSN PMC2430 (0x3024a341), Serial Number 0xffffffff
Logical device #0
IO: 0x03e8 0x03e8 0x03e8 0x03e8 0x03e8 0x03e8 0x03e8 0x03e8
IRQ 5 0
DMA 4 0
IO range check 0x00 activate 0x01</screen>
<para>The information you require is in the
<quote>Vendor ID</quote> line at the start of the output. The
hexadecimal number in parentheses (0x3024a341 in this example)
is the PnP id and the string immediately before this (PMC2430)
is a unique ASCII id. This information needs adding to the file
<filename>/usr/src/sys/isa/sio.c</filename>.</para>
<para>You should first make a backup of <filename>sio.c</filename>
just in case things go wrong. You will also need it to make the
patch to submit with your PR (you are going to submit a PR,
aren't you?) then edit <filename>sio.c</filename> and search
for the line</para>
<programlisting>static struct isa_pnp_id sio_ids[] = {</programlisting>
<para>then scroll down to find the correct place to add the entry
for your device. The entries look like this, and are sorted on
the ASCII Vendor ID string which should be included in the
comment to the right of the line of code along with all (if it
will fit) or part of the <emphasis>Device Description</emphasis>
from the output of &man.pnpinfo.8;:</para>
<programlisting>{0x0f804f3f, NULL}, /* OZO800f - Zoom 2812 (56k Modem) */
{0x39804f3f, NULL}, /* OZO8039 - Zoom 56k flex */
{0x3024a341, NULL}, /* PMC2430 - Pace 56 Voice Internal Modem */
{0x1000eb49, NULL}, /* ROK0010 - Rockwell ? */
{0x5002734a, NULL}, /* RSS0250 - 5614Jx3(G) Internal Modem */</programlisting>
<para>Add the hexadecimal Vendor ID for your device in the
correct place, save the file, rebuild your kernel, and reboot.
Your device should now be found as an <literal>sio</literal>
device as it was under FreeBSD 3.x</para>
</answer>
</qandaentry>
<qandaentry>
<question id="nlist-failed">
<para>I get the error <errorname>nlist failed</errorname> when
running, for example, <command>top</command> or
<command>systat</command>.</para>
</question>
<answer>
<para>The problem is that the application you are trying to run is
looking for a specific kernel symbol, but, for whatever reason,
cannot find it; this error stems from one of two problems:</para>
<itemizedlist>
<listitem>
<para>Your kernel and userland are not synchronized (i.e., you
built a new kernel but did not do an
<maketarget>installworld</maketarget>, or vice versa), and
thus the symbol table is different from what the user
application thinks it is. If this is the case, simply
complete the upgrade process (see
<filename>/usr/src/UPDATING</filename> for the correct
sequence).</para>
</listitem>
<listitem>
<para>You are not using <command>/boot/loader</command> to load
your kernel, but doing it directly from boot2 (see
&man.boot.8;). While there is nothing wrong with bypassing
<command>/boot/loader</command>, it generally does a better
job of making the kernel symbols available to user
applications.</para>
</listitem>
</itemizedlist>
</answer>
</qandaentry>
<qandaentry>
<question id="connection-delay">
<para>Why does it take so long to connect to my computer via
&man.ssh.1; or &man.telnet.1;?</para>
</question>
<answer>
<para>The symptom: there is a long delay between the time the TCP
connection is established and the time when the client software
asks for a password (or, in &man.telnet.1;'s case, when a login
prompt appears).</para>
<para>The problem: more likely than not, the delay is caused by
the server software trying to resolve the client's IP address
into a hostname. Many servers, including the Telnet and SSH
servers that come with FreeBSD, do this in order to, among
other things, store the hostname in a log file for future
reference by the administrator.</para>
<para>The remedy: if the problem occurs whenever you connect from
your computer (the client) to any server, the problem is with
the client; likewise, if the problem only occurs when someone
connects to your computer (the server) the problem is with the
server.</para>
<para>If the problem is with the client, the only remedy is to
fix the DNS so the server can resolve it. If this is on a
local network, consider it a server problem and keep reading;
conversely, if this is on the global Internet, you will most
likely need to contact your ISP and ask them to fix it for
you.</para>
<para>If the problem is with the server, and this is on a local
network, you need to configure the server to be able to resolve
address-to-hostname queries for your local address range. See
the &man.hosts.5; and &man.named.8; manual pages for more
information. If this is on the global Internet, the problem
may be that your server's resolver is not functioning
correctly. To check, try to look up another host--say,
<hostid>www.yahoo.com</hostid>. If it doesn't work, that's
your problem.</para>
</answer>
</qandaentry>
<qandaentry>
<question id="file-table-full">
<para><errorname>file: table is full</errorname> shows up
repeatedly in dmesg.
</para>
</question>
<answer>
<para>
This error is caused when you have exhausted the number of
available file descriptors on your system. The file table in
memory is full.
</para>
<para>The solution:</para>
<para>
Manually adjust the <varname>kern.maxfiles</varname> kernel limit
setting.
</para>
<screen>&prompt.root; <userinput>sysctl -w kern.maxfiles=n</userinput></screen>
<para>Adjust <varname>n</varname> according to your system needs.
Each open file, socket, or fifo uses one file descriptor.
A large-scale server may easily require tens of thousands of
file descriptors (10,000+), depending on the kind and number
of services running concurrently.</para>
<para>The number of default file descriptors set in the kernel is
dictated by the</para>
<programlisting>maxusers 32</programlisting>
<para><varname>maxusers</varname> line in your kernel
config file. Increasing this will proportionally increase
<varname>kern.maxfiles</varname>.
</para>
<para>You can see what <varname>kern.maxfiles</varname> is
currently set to by:
</para>
<screen>&prompt.root; <userinput>sysctl kern.maxfiles</userinput>
kern.maxfiles: 1064
</screen>
</answer>
</qandaentry>
<qandaentry>
<question id="laptop-clock-skew">
<para>The clock on my laptop keeps incorrect time, losing or gaining
seconds at a very rapid rate.</para>
</question>
<answer>
<para>Your laptop has two or more clocks, and FreeBSD has chosen to
use the wrong one.</para>
<para>Run &man.dmesg.8;, and check for lines that contain
<literal>Timecounter</literal>. The last line printed is the one
that FreeBSD chose, and will almost certainly be
<literal>TSC</literal>.</para>
<screen>&prompt.root; <userinput>dmesg | grep Timecounter</userinput>
Timecounter "i8254" frequency 1193182 Hz
Timecounter "TSC" frequency 595573479 Hz</screen>
<para>You can confirm this by checking the
<literal>kern.timecounter.hardware</literal>
&man.sysctl.3;.</para>
<screen>&prompt.root; <userinput>sysctl kern.timecounter.hardware</userinput>
kern.timecounter.hardware: TSC</screen>
<para>The BIOS may modify the TSC clock&mdash;perhaps to change the
speed of the processor when running from batteries, or going in to
a power saving mode, but FreeBSD is unaware of these adjustments,
and appears to gain or lose time.</para>
<para>In this example, the <literal>i8254</literal> clock is also
available, and can be selected by writing its name to the
<literal>kern.timecounter.hardware</literal>
&man.sysctl.3;.</para>
<screen>&prompt.root; <userinput>sysctl -w kern.timecounter.hardware=i8254</userinput>
kern.timecounter.hardware: TSC -> i8254</screen>
<para>Your laptop should now start keeping more accurate
time.</para>
<para>To have this change automatically run at boot time, add the
following line to <filename>/etc/sysctl.conf</filename>.</para>
<programlisting>kern.timecounter.hardware=i8254</programlisting>
</answer>
</qandaentry>
<qandaentry>
<question id="boot-read-error">
<para>After the BIOS screen, FreeBSD's boot loader displays
<errorname>Read error</errorname> and stops.
</para>
</question>
<answer>
<para>FreeBSD's boot loader is incorrectly recognizing the hard
drive's geometry. This must be manually set within fdisk when
creating or modifying FreeBSD's slice.
</para>
<para>The correct drive geometry values can be found within the
machine's BIOS. Look for the number of cylinders, heads and
sectors for the particular drive.
</para>
<para>Within &man.sysinstall.8;'s fdisk, hit
<userinput>G</userinput> for:
</para>
<programlisting>G = set Drive Geometry</programlisting>
<para>A dialog will pop up requesting the number of cylinders, heads
and sectors. Type the numbers found from the BIOS seperates by
forward slashes.
</para>
<para>5000 heads, 250 sectors and 60 sectors would be entered as
<userinput>5000/250/60</userinput>
</para>
<para>Press enter to set the values, and hit <userinput>W</userinput>
for:
</para>
<programlisting>W = Write Changes</programlisting>
<para>This will write the new partition table to the drive.
</para>
</answer>
</qandaentry>
<qandaentry>
<question id="bootmanager-restore">
<para>Another operating system destroyed my Boot Manager, how do I
get it back?
</para>
</question>
<answer>
<para>Enter &man.sysinstall.8 and choose Configure,
then Fdisk. Select the disk the Boot Manager resided on
with the <userinput>space</userinput> key. Press
<userinput>W</userinput> to write changes to the drive. A prompt
will appear asking which boot loader to install. Select this,
and it will be restored.
</para>
</answer>
</qandaentry>
</qandaset>
</chapter>
<chapter id="commercial">
<title>Commercial Applications</title>
<para>
<note>
<para>This section is still very sparse, though we're hoping, of
course, that companies will add to it! :) The FreeBSD group has
no financial interest in any of the companies listed here but
simply lists them as a public service (and feels that commercial
interest in FreeBSD can have very positive effects on FreeBSD's
long-term viability). We encourage commercial software vendors to
send their entries here for inclusion. See <ulink
URL="http://www.FreeBSD.org/commercial/commercial.html">the
Vendors page</ulink> for a longer list.</para>
</note></para>
<qandaset>
<qandaentry>
<question id="officesuite">
<para>Where can I get an Office Suite for FreeBSD?</para>
</question>
<answer>
<itemizedlist>
<listitem>
<para><ulink url="http://www.wccdrom.com">BSDi</ulink>
offers a FreeBSD native version of <ulink
url="http://www.vistasource.com">VistaSource</ulink>
ApplixWare 5.</para>
<para>ApplixWare is a rich full-featured, commercial
Office Suite for FreeBSD containing a word processor,
spreadsheet, presentation program, vector drawing
package, and other applications.
</para>
<para>You can purchase ApplixWare for FreeBSD <ulink
url="http://www.wccdrom.com/titles/freebsd/applix.phtml">here</ulink>.
</para>
</listitem>
<listitem>
<para>The Linux version of <ulink
url="http://www.sun.com/staroffice">StarOffice</ulink>
works flawlessly on FreeBSD. The easiest way to
install the Linux version of StarOffice is through the
<ulink
url="../handbook/ports.html">FreeBSD
Ports collection</ulink>. Future versions of the
open-source <ulink
url="http://www.openoffice.org">OpenOffice</ulink>
suite should work as well.</para>
</listitem>
</itemizedlist>
</answer>
</qandaentry>
<qandaentry>
<question id="motif">
<para>Where can I get Motif for FreeBSD?</para>
</question>
<answer>
<para>Contact <link linkend="apps2go">Apps2go</link> for the
least expensive ELF Motif 2.1.20 distribution for FreeBSD
(either i386 or Alpha).<anchor id="apps2go"></para>
<para>There are two distributions, the <quote>developement
edition</quote> and the <quote>runtime edition</quote> (for
much less). These distributions includes:</para>
<itemizedlist>
<listitem>
<para>OSF/Motif manager, xmbind, panner, wsm.</para>
</listitem>
<listitem>
<para>Development kit with uil, mrm, xm, xmcxx, include
and Imake files.</para>
</listitem>
<listitem>
<para>Static and dynamic ELF libraries (for use with
FreeBSD 3.0 and above).</para>
</listitem>
<listitem>
<para>Demonstration applets.</para>
</listitem>
</itemizedlist>
<para>Be sure to specify that you want the FreeBSD version of
Motif when ordering (don't forget to mention the architecture
you want too)! Versions for NetBSD and OpenBSD are also sold by
<emphasis>Apps2go</emphasis>. This is currently a FTP only
download.</para>
<variablelist>
<varlistentry>
<term>More info</term>
<listitem>
<para><ulink URL="http://www.apps2go.com/">
Apps2go WWW page</ulink></para>
</listitem>
</varlistentry>
<varlistentry>
<term>or</term>
<listitem>
<para><ulink URL="mailto:sales@apps2go.com">
Sales</ulink> or <ulink
URL="mailto:support@apps2go.com">Support</ulink>
email addresses.</para>
</listitem>
</varlistentry>
<varlistentry>
<term>or</term>
<listitem>
<para>phone (817) 431 8775 or +1 817 431-8775</para>
</listitem>
</varlistentry>
</variablelist>
<para>Contact <link linkend="metrox">Metro Link</link>
for an either ELF or a.out Motif 2.1 distribution for
FreeBSD.</para>
<para>This distribution includes:</para>
<itemizedlist>
<listitem>
<para>OSF/Motif manager, xmbind, panner, wsm.</para>
</listitem>
<listitem>
<para>Development kit with uil, mrm, xm, xmcxx, include
and Imake files.</para>
</listitem>
<listitem>
<para>Static and dynamic libraries (specify ELF for use
with FreeBSD 3.0 and later; or a.out for use with FreeBSD
2.2.8 and eariler).</para>
</listitem>
<listitem>
<para>Demonstration applets.</para>
</listitem>
<listitem>
<para>Preformatted man pages.</para>
</listitem>
</itemizedlist>
<para>Be sure to specify that you want the FreeBSD version
of Motif when ordering! Versions for Linux are also sold by
<emphasis>Metro Link</emphasis>. This is available on either a
CDROM or for FTP download.</para>
<para>Contact <link linkend="xig">Xi Graphics</link> for an
a.out Motif 2.0 distribution for FreeBSD.</para>
<para>This distribution includes:</para>
<itemizedlist>
<listitem>
<para>OSF/Motif manager, xmbind, panner, wsm.</para>
</listitem>
<listitem>
<para>Development kit with uil, mrm, xm, xmcxx, include
and Imake files.</para>
</listitem>
<listitem>
<para>Static and dynamic libraries (for use with FreeBSD
2.2.8 and eariler).</para>
</listitem>
<listitem>
<para>Demonstration applets.</para>
</listitem>
<listitem>
<para>Preformatted man pages.</para>
</listitem>
</itemizedlist>
<para>Be sure to specify that you want the FreeBSD version
of Motif when ordering! Versions for BSDI and Linux are also
sold by <emphasis>Xi Graphics</emphasis>. This is currently a 4
diskette set... in the future this will change to a unified CD
distribution like their CDE.</para>
</answer>
</qandaentry>
<qandaentry>
<question id="cde">
<para>Where can I get CDE for FreeBSD?</para>
</question>
<answer>
<para><link linkend="xig">Xi Graphics</link> used to sell CDE
for FreeBSD, but no longer do.</para>
<para><ulink URL="http://www.kde.org/">KDE</ulink> is an open
source X11 desktop which is similar to CDE in many respects.
You might also like the look and feel of <ulink
URL="http://www.xfce.org/">xfce</ulink>. KDE and xfce are both
in the <ulink URL="http://www.FreeBSD.org/ports/">ports
system</ulink>.</para>
</answer>
</qandaentry>
<qandaentry>
<question id="commercial-xserver">
<para>Are there any commercial high-performance X servers?</para>
</question>
<answer>
<para>Yes, <ulink URL="http://www.xig.com/">Xi Graphics</ulink>
and <ulink URL="http://www.metrolink.com/">Metro Link</ulink>
sells Accelerated-X product for FreeBSD and other Intel based
systems.</para>
<para>The Metro Link offering is a high performance X Server
that offers easy configuration using the FreeBSD Package suite
of tools, support for multiple concurrent video boards and is
distributed in binary form only, in a convienent FTP download.
Not to mention the Metro Link offering is available at the very
reasonable price of $39. <anchor id="metrox"></para>
<para>Metro Link also sells both ELF and a.out Motif for
FreeBSD (see above).</para>
<variablelist>
<varlistentry>
<term>More info</term>
<listitem>
<para><ulink URL="http://www.metrolink.com/">
Metro Link WWW page</ulink></para>
</listitem>
</varlistentry>
<varlistentry>
<term>or</term>
<listitem>
<para><ulink URL="mailto:sales@metrolink.com">Sales</ulink>
or <ulink URL="mailto:tech@metrolink.com">Support</ulink>
email addresses.</para>
</listitem>
</varlistentry>
<varlistentry>
<term>or</term>
<listitem>
<para>phone (954) 938-0283 or +1 954 938-0283</para>
</listitem>
</varlistentry>
</variablelist>
<para>The Xi Graphics offering is a high performance X Server
that offers easy configuration, support for multiple concurrent
video boards and is distributed in binary form only, in a
unified diskette distribution for FreeBSD and Linux. Xi
Graphics also offers a high performance X Server taylored for
laptop support.<anchor id="xig"></para>
<para>There is a free <quote>compatibility demo</quote> of
version 5.0 available.</para>
<para>Xi Graphics also sells Motif and CDE for FreeBSD (see
above).</para>
<variablelist>
<varlistentry>
<term>More info</term>
<listitem>
<para><ulink URL="http://www.xig.com/">
Xi Graphics WWW page</ulink></para>
</listitem>
</varlistentry>
<varlistentry>
<term>or</term>
<listitem>
<para><ulink URL="mailto:sales@xig.com">Sales</ulink>
or <ulink URL="mailto:support@xig.com">Support</ulink>
email addresses.</para>
</listitem>
</varlistentry>
<varlistentry>
<term>or</term>
<listitem>
<para>phone (800) 946 7433 or +1 303 298-7478.</para>
</listitem>
</varlistentry>
</variablelist>
</answer>
</qandaentry>
<qandaentry>
<question id="database-systems">
<para>Are there any Database systems for FreeBSD?</para>
</question>
<answer>
<para>Yes! See the <ulink
URL="http://www.FreeBSD.org/commercial/software_bycat.html#CATEGORY_DATABASE">
Commercial Vendors</ulink> section of FreeBSD's Web site.</para>
<para>Also see the <ulink
URL="http://www.FreeBSD.org/ports/databases.html">
Databases</ulink> section of the Ports collection.</para>
</answer>
</qandaentry>
<qandaentry>
<question id="oracle-support">
<para>Can I run Oracle on FreeBSD?</para>
</question>
<answer>
<para>Yes. The following pages tell you exactly how to setup
Linux-Oracle on FreeBSD:</para>
<itemizedlist>
<listitem>
<para><ulink
URL="http://www.scc.nl/~marcel/howto-oracle.html">
http://www.scc.nl/~marcel/howto-oracle.html</ulink></para>
</listitem>
<listitem>
<para><ulink
URL="http://www.lf.net/lf/pi/oracle/install-linux-oracle-on-freebsd">
http://www.lf.net/lf/pi/oracle/install-linux-oracle-on-freebsd</ulink></para>
</listitem>
</itemizedlist>
</answer>
</qandaentry>
</qandaset>
</chapter>
<chapter id="applications">
<title>User Applications</title>
<qandaset>
<qandaentry>
<question id="user-apps">
<para>So, where are all the user applications?</para>
</question>
<answer>
<para>Please take a look at
<ulink URL="http://www.FreeBSD.org/ports/">the ports
page</ulink> for info on software packages ported to FreeBSD.
The list currently tops 3400 and is growing daily, so come back
to check often or subscribe to the
<literal>freebsd-announce</literal> <link
linkend="mailing">mailing list</link> for periodic updates on
new entries.</para>
<para>Most ports should be available for the 2.2, 3.x and 4.x
branches, and many of them should work on 2.1.x systems as
well. Each time a FreeBSD release is made, a snapshot of the
ports tree at the time of release in also included in the
<filename>ports/</filename> directory.</para>
<para>We also support the concept of a <quote>package</quote>,
essentially no more than a gzipped binary distribution with a
little extra intelligence embedded in it for doing whatever
custom installation work is required. A package can be
installed and uninstalled again easily without having to know
the gory details of which files it includes.</para>
<para>Use the package installation menu in
<filename>/stand/sysinstall</filename> (under the
post-configuration menu item) or invoke the
<command>pkg_add(1)</command> command on the specific package
files you're interested in installing. Package files can
usually be identified by their <filename>.tgz</filename> suffix
and CDROM distribution people will have a
<filename>packages/All</filename> directory on their CD which
contains such files. They can also be downloaded over the net
for various versions of FreeBSD at the following
locations:</para>
<variablelist>
<varlistentry>
<term>for 2.2.8-RELEASE/2.2.8-STABLE</term>
<listitem>
<para><ulink
URL="ftp://ftp.FreeBSD.org/pub/FreeBSD/ports/i386/packages-2.2.8/">
ftp://ftp.FreeBSD.org/pub/FreeBSD/ports/i386/packages-2.2.8/</ulink></para>
</listitem>
</varlistentry>
<varlistentry>
<term>for 3.X-RELEASE/3.X-STABLE</term>
<listitem>
<para><ulink
URL="ftp://ftp.FreeBSD.org/pub/FreeBSD/ports/i386/packages-3-stable/">
ftp://ftp.FreeBSD.org/pub/FreeBSD/ports/i386/packages-3-stable/</ulink></para>
</listitem>
</varlistentry>
<varlistentry>
<term>for 4.X-RELEASE/4-STABLE</term>
<listitem>
<para><ulink
URL="ftp://ftp.FreeBSD.org/pub/FreeBSD/ports/i386/packages-4-stable/">
ftp://ftp.FreeBSD.org/pub/FreeBSD/ports/i386/packages-4-stable/</ulink></para>
</listitem>
</varlistentry>
<varlistentry>
<term>for 5.X-CURRENT</term>
<listitem>
<para><ulink
URL="ftp://ftp.FreeBSD.org/pub/FreeBSD/ports/i386/packages-5-current/">
ftp://ftp.FreeBSD.org/pub/FreeBSD/ports/i386/packages-5-current</ulink></para>
</listitem>
</varlistentry>
</variablelist>
<para>or your nearest local mirror site.</para>
<para>Note that all ports may not be available as packages since
new ones are constantly being added. It is always a good idea
to check back periodically to see which packages are available
at the <ulink
URL="ftp://ftp.FreeBSD.org/pub/FreeBSD/">ftp.FreeBSD.org</ulink>
master site.</para>
</answer>
</qandaentry>
<qandaentry>
<question id="minimal-sh">
<para>Why is <command>/bin/sh</command> so minimal? Why doesn't
FreeBSD use <command>bash</command> or another shell?</para>
</question>
<answer>
<para>Because POSIX says that there shall be such a shell.</para>
<para>The more complicated answer: many people need to write shell
scripts which will be portable across many systems. That's why
POSIX specifies the shell and utility commands in great detail.
Most scripts are written in Bourne shell, and because several
important programming interfaces (&man.make.1;, &man.system.3;,
&man.popen.3;, and analogues in higher-level scripting
languages like Perl and Tcl) are specified to use the Bourne
shell to interpret commands. Because the Bourne shell is so
often and widely used, it is important for it to be quick to
start, be deterministic in its behavior, and have a small
memory footprint.</para>
<para>The existing implementation is our best effort at meeting as
many of these requirements simultaneously as we can. In order to
keep <command>/bin/sh</command> small, we have not provided many
of the convenience features that other shells have. That's why the
Ports Collection includes more featureful shells like bash, scsh,
tcsh, and zsh. (You can compare for yourself the memory
utilization of all these shells by looking at the
<quote>VSZ</quote> and <quote>RSS</quote> columns in a <command>ps
-u</command> listing.)</para>
</answer>
</qandaentry>
<qandaentry>
<question id="missing-libcso30">
<para>Where do I find libc.so.3.0?</para>
</question>
<answer>
<para>You are trying to run a package built on 2.2 and later on
a 2.1.x system. Please take a look at the previous section and
get the correct port/package for your system.</para>
</answer>
</qandaentry>
<qandaentry>
<question id="missing-libcso40">
<para>I get a message <literal>Error: can't find
libc.so.4.0</literal></para>
</question>
<answer>
<para>You accidently downloaded packages meant for 4.X and 5.X
systems and attempted to install them on your 2.X or 3.X
FreeBSD system. Please download the correct version of the
packages.</para>
</answer>
</qandaentry>
<qandaentry>
<question id="emul">
<para>ghostscript gives lots of errors with my 386/486SX.</para>
</question>
<answer>
<para>You don't have a math co-processor, right?
You will need to add the alternative math emulator to your
kernel; you do this by adding the following to your kernel
config file and it will be compiled in.</para>
<programlisting>options GPL_MATH_EMULATE</programlisting>
<para>
<note>
<para>You will need to remove the
<literal>MATH_EMULATE</literal> option when you do
this.</para>
</note></para>
</answer>
</qandaentry>
<qandaentry>
<question id="sco-socksys">
<para>When I run a SCO/iBCS2 application, it bombs on
<literal>socksys</literal> (FreeBSD 3.0 and older only).</para>
</question>
<answer>
<para>You first need to edit the
<filename>/etc/sysconfig</filename> (or
<filename>/etc/rc.conf</filename>, see &man.rc.conf.5;) file in the last section to change the
following variable to <literal>YES</literal>:</para>
<programlisting># Set to YES if you want ibcs2 (SCO) emulation loaded at startup
ibcs2=NO</programlisting>
<para>It will load the ibcs2 kernel module at startup.</para>
<para>You'll then need to set up /compat/ibcs2/dev to look
like:</para>
<screen>lrwxr-xr-x 1 root wheel 9 Oct 15 22:20 X0R@ -&gt; /dev/null
lrwxr-xr-x 1 root wheel 7 Oct 15 22:20 nfsd@ -&gt; socksys
-rw-rw-r-- 1 root wheel 0 Oct 28 12:02 null
lrwxr-xr-x 1 root wheel 9 Oct 15 22:20 socksys@ -&gt; /dev/null
crw-rw-rw- 1 root wheel 41, 1 Oct 15 22:14 spx</screen>
<para>You just need socksys to go to
<devicename>/dev/null</devicename> (see &man.null.4;)
to fake the open &amp; close. The code in -CURRENT will handle
the rest. This is much cleaner than the way it was done before.
If you want the <devicename>spx</devicename> driver for a local
socket X connection, define <literal>SPX_HACK</literal> when
you compile the system.</para>
</answer>
</qandaentry>
<qandaentry>
<question id="configure-inn">
<para>How do I configure INN (Internet News) for my machine?</para>
</question>
<answer>
<para>After installing the inn package or port, an excellent
place to start is <ulink
URL="http://www.cis.ohio-state.edu/~barr/INN.html">Dave Barr's
INN Page</ulink> where you'll find the INN FAQ.</para>
</answer>
</qandaentry>
<qandaentry>
<question id="ms-frontpage">
<para>What version of Microsoft FrontPage should I get?</para>
</question>
<answer>
<para>Use the Port, Luke! A pre-patched version of Apache is
available in the ports tree.</para>
</answer>
</qandaentry>
<qandaentry>
<question id="java">
<para>Does FreeBSD support Java?</para>
</question>
<answer>
<para>Yes. Please see <ulink
URL="http://www.FreeBSD.org/java/">
http://www.FreeBSD.org/java/</ulink>.</para>
</answer>
</qandaentry>
<qandaentry>
<question id="ports-3x">
<para>Why can't I build this port on my 3.X-STABLE machine?</para>
</question>
<answer>
<para>If you're running a FreeBSD version that lags
significantly behind -CURRENT or -STABLE, you may need a ports
upgrade kit from <ulink URL="http://www.FreeBSD.org/ports/">
http://www.FreeBSD.org/ports/</ulink>. If you are up to date,
then someone might have committed a change to the port which
works for -CURRENT but which broke the port for -STABLE. Please
submit a bug report on this with the
<command>send-pr(1)</command> command, since the ports
collection is supposed to work for both the -CURRENT and
-STABLE branches.</para>
</answer>
</qandaentry>
<qandaentry>
<question id="find-ldso">
<para>Where do I find ld.so?</para>
</question>
<answer>
<para>If you want to run some aout applications like
Netscape Navigator on an Elf'ened machine such as 3.1-R or
later, it would need <filename>/usr/libexec/ld.so</filename>
and some aout libs. They are included in the compat22
distribution. Use <filename>/stand/sysinstall</filename> or
<filename>install.sh</filename> in the compat22 subdirectory
and install it. Also read ERRATAs for 3.1-R and 3.2-R.</para>
</answer>
</qandaentry>
<qandaentry>
<question id="ports-update">
<para>I updated the sources, now how do I update my installed
ports?</para>
</question>
<answer>
<para>Unfortunately, there is no easy way to update installed
ports. The <command>pkg_version</command> command can be used
to generate a script that will update the installed ports with
a newer version in the ports tree:</para>
<screen>&prompt.root; <userinput>pkg_version <option>-c</option> > <replaceable>/tmp/myscript</replaceable></userinput></screen>
<para>The output script <emphasis>must</emphasis> be edited by
hand before you use it. Current versions of
<command>pkg_version</command> force this by inserting an
<command>exit</command> at the beginning of the script.</para>
<para>You should save the output of the script, as it will note
packages that depend on the one that has been udpated. These
may or may not need to be updated as well. The usual case where
they need to be updated is that a shared library has changed
version numbers, so the ports that used that library need to be
rebuilt to use the new version.</para>
<para>If your system is up full time, the &man.periodic.8 system
can be used to generate a weekly list of ports that might need
updating by setting
<literal>weekly_status_pkg_enable="YES"</literal> in
<filename>/etc/periodic.conf</filename>.</para>
</answer>
</qandaentry>
</qandaset>
</chapter>
<chapter id="kernelconfig">
<title>Kernel Configuration</title>
<qandaset>
<qandaentry>
<question id="make-kernel">
<para>I'd like to customize my kernel. Is it difficult?</para>
</question>
<answer>
<para>Not at all! Check out the <ulink
URL="../handbook/kernelconfig.html">
kernel config section of the Handbook</ulink>.</para>
<para>
<note>
<para>It is recommended that you make a dated snapshot
of your kernel
in <filename>kernel.YYMMDD</filename> after you get it all
working, that way if you do something dire the next time
you play with your configuration you can boot that kernel
instead of having to go all the way back to
<filename>kernel.GENERIC</filename>. This is particularly
important if you're now booting off a controller that isn't
supported in the GENERIC kernel.</para>
</note></para>
</answer>
</qandaentry>
<qandaentry>
<question id="missing-hw-float">
<para>My kernel compiles fail because
<literal>_hw_float</literal> is missing.</para>
</question>
<answer>
<para>Let me guess. You removed
<devicename>npx0</devicename> (see &man.npx.4;)
from your kernel configuration file because you don't have a
math co-processor, right? Wrong! :-) The
<devicename>npx0</devicename> is
<emphasis>MANDATORY</emphasis>. Even if you don't have a
mathematic co-processor, you <emphasis>must</emphasis>
include the <devicename>npx0</devicename> device.</para>
</answer>
</qandaentry>
<qandaentry>
<question id="why-kernel-big">
<para>Why is my kernel so big (over 10MB)?</para>
</question>
<answer>
<para>Chances are, you compiled your kernel in
<emphasis>debug mode</emphasis>. Kernels built in debug
mode contain many symbols that are used for debugging, thus
greatly increasing the size of the kernel. Note that if you
running a FreeBSD 3.0 or later system, there will be little
or no performance decrease from running a debug kernel,
and it is useful to keep one around in case of a system
panic.</para>
<para>However, if you are running low on disk space, or
you simply don't want to run a debug kernel, make sure
that both of the following are true:</para>
<itemizedlist>
<listitem>
<para>You do not have a line in your kernel
configuration file that reads:</para>
<programlisting>makeoptions DEBUG=-g</programlisting>
</listitem>
<listitem>
<para>You are not running <command>config</command> with
the <option>-g</option> option.</para>
</listitem>
</itemizedlist>
<para>Both of the above situations will cause your kernel to
be built in debug mode. As long as you make sure you follow
the steps above, you can build your kernel normally, and you
should notice a fairly large size decrease; most kernels
tend to be around 1.5MB to 2MB.</para>
</answer>
</qandaentry>
<qandaentry>
<question id="multiport-serial-interrupts">
<para>Interrupt conflicts with multi-port serial code.</para>
</question>
<answer>
<para>When I compile a kernel
with multi-port serial code, it tells me that only the first
port is probed and the rest skipped due to interrupt conflicts.
How do I fix this?</para>
<para>The problem here is that
FreeBSD has code built-in to keep the kernel from getting
trashed due to hardware or software conflicts. The way to fix
this is to leave out the IRQ settings on all but one port. Here
is a example:</para>
<programlisting>#
# Multiport high-speed serial line - 16550 UARTS
#
device sio2 at isa? port 0x2a0 tty irq 5 flags 0x501 vector siointr
device sio3 at isa? port 0x2a8 tty flags 0x501 vector siointr
device sio4 at isa? port 0x2b0 tty flags 0x501 vector siointr
device sio5 at isa? port 0x2b8 tty flags 0x501 vector siointr</programlisting>
</answer>
</qandaentry>
<qandaentry>
<question id="generic-kernel-build-failure">
<para>Every kernel I try to build fails to compile; even
GENERIC.</para>
</question>
<answer>
<para>There are a number of possible causes for this problem.
They are, in no particular order:</para>
<itemizedlist>
<listitem>
<para>You are not using the new <command>make
buildkernel</command> and <command>make
installkernel</command> targets, and your source tree is
different from the one used to build the currently running
system (e.g., you're compiling 4.3-RELEASE on a 4.0-RELEASE
system). If you're attempting an upgrade, please read the
<filename>/usr/src/UPDATING</filename> file, paying
particular attention to the <quote>COMMON ITEMS</quote>
section at the end.</para>
</listitem>
<listitem>
<para>You are using the new <command>make
buildkernel</command> and <command>make
installkernel</command> targets, but you failed to assert
the completion of the <command>make buildworld</command>
target. The <command>make buildkernel</command> target
relies on files generated by the <command>make
buildworld</command> target to complete its job
correctly.</para>
</listitem>
<listitem>
<para>Even if you are trying to build <link
linkend="stable">FreeBSD-STABLE</link>, it is possible that
you fetched the source tree at a time when it was either
being modified, or broken for other reasons; only releases
are absolutly guaranteed to be buildable, although <link
linkend="stable">FreeBSD-STABLE</link> builds fine the
majority of the time. If you have not already done so, try
re-fetching the source tree and see if the problem goes
away. Try using a different server in case the one you're
using is having problems.</para>
</listitem>
</itemizedlist>
</answer>
</qandaentry>
</qandaset>
</chapter>
<chapter id="admin">
<title>System Administration</title>
<qandaset>
<qandaentry>
<question id="startup-config-files">
<para>Where are the system start-up configuration files?</para>
</question>
<answer>
<para>From 2.0.5R to 2.2.1R, the primary configuration file is
<filename>/etc/sysconfig</filename>. All the options are to be
specified in this file and other files such as
<filename>/etc/rc</filename> (see &man.rc.8;)
and <filename>/etc/netstart</filename> just include it.</para>
<para>Look in the <filename>/etc/sysconfig</filename> file and
change the value to match your system. This file is filled with
comments to show what to put in there.</para>
<para>In post-2.2.1 and 3.0, <filename>/etc/sysconfig</filename>
was renamed to a more self-describing &man.rc.conf.5;
file and the syntax cleaned up a bit in the process.
<filename>/etc/netstart</filename> was also renamed to
<filename>/etc/rc.network</filename> so that all files could be
copied with a
<command>cp
/usr/src/etc/rc* /etc</command> command.</para>
<para>And, in 3.1 and later, <filename>/etc/rc.conf</filename>
has been moved to <filename>/etc/defaults/rc.conf</filename>.
<emphasis>Do not edit this file!</emphasis> Instead, if there
is any entry in <filename>/etc/defaults/rc.conf</filename> that
you want to change, you should copy the line into
<filename>/etc/rc.conf</filename> and change it there.</para>
<para>For example, if you wish to start named, the DNS server
included with FreeBSD in FreeBSD 3.1 or later, all you need to
do is:</para>
<screen>&prompt.root; <userinput>echo named_enable="YES" &gt;&gt; /etc/rc.conf</userinput></screen>
<para>To start up local services in FreeBSD 3.1 or later, place
shell scripts in the <filename>/usr/local/etc/rc.d</filename>
directory. These shell scripts should be set executable, and
end with a .sh. In FreeBSD 3.0 and earlier releases, you should
edit the <filename>/etc/rc.local</filename> file.</para>
<para>The <filename>/etc/rc.serial</filename> is for serial port
initialization (e.g. locking the port characteristics, and so
on.).</para>
<para>The <filename>/etc/rc.i386</filename> is for Intel-specifics
settings, such as iBCS2 emulation or the PC system console
configuration.</para>
</answer>
</qandaentry>
<qandaentry>
<question id="adding-users">
<para>How do I add a user easily?</para>
</question>
<answer>
<para>Use the &man.adduser.8;
command. For more complicated usage, the &man.pw.8;
command.</para>
<para>To remove the user again, use the &man.rmuser.8;
command. Once again, <command>pw</command> will work as
well.</para>
</answer>
</qandaentry>
<qandaentry>
<question id="adding-disks">
<para>How can I add my new hard disk to my FreeBSD system?</para>
</question>
<answer>
<para>See the Disk Formatting Tutorial at <ulink
URL="../tutorials/formatting-media/">
www.FreeBSD.org</ulink>.</para>
</answer>
</qandaentry>
<qandaentry>
<question id="removable-drives">
<para>I have a new removable drive, how do I use it?</para>
</question>
<answer>
<para>Whether it's a removable drive like a ZIP or an EZ drive
(or even a floppy, if you want to use it that way), or a new
hard disk, once it's installed and recognized by the system,
and you have your cartridge/floppy/whatever slotted in, things
are pretty much the same for all devices.</para>
<para><anchor id="disklabel">(this section is based on <ulink
URL="http://www.vmunix.com/mark/FreeBSD/ZIP-FAQ.html">
Mark Mayo's ZIP FAQ</ulink>)</para>
<para>If it's a ZIP drive or a floppy , you've already got a DOS
filesystem on it, you can use a command like this:</para>
<screen>&prompt.root; <userinput>mount -t msdos /dev/fd0c /floppy</userinput></screen>
<para>if it's a floppy, or this:</para>
<screen>&prompt.root; <userinput>mount -t msdos /dev/da2s4 /zip</userinput></screen>
<para>for a ZIP disk with the factory configuration.</para>
<para>For other disks, see how they're laid out using
<command>fdisk</command> or
<filename>/stand/sysinstall</filename>.</para>
<para>The rest of the examples will be for a ZIP drive on da2,
the third SCSI disk.</para>
<para>Unless it's a floppy, or a removable you plan on sharing
with other people, it's probably a better idea to stick a BSD
file system on it. You'll get long filename support, at least a
2X improvement in performance, and a lot more stability. First,
you need to redo the DOS-level partitions/filesystems. You can
either use &man.fdisk.8; or
<filename>/stand/sysinstall</filename>, or for a small drive
that you don't want to bother with multiple operating system
support on, just blow away the whole FAT partition table
(slices) and just use the BSD partitioning:</para>
<screen>&prompt.root; <userinput>dd if=/dev/zero of=/dev/rda2 count=2</userinput>
&prompt.root; <userinput>disklabel -Brw da2 auto</userinput></screen>
<para>You can use disklabel or
<filename>/stand/sysinstall</filename> to create multiple BSD
partitions. You'll certainly want to do this if you're adding
swap space on a fixed disk, but it's probably irrelevant on a
removable drive like a ZIP.</para>
<para>Finally, create a new file system, this one's on our ZIP
drive using the whole disk:</para>
<screen>&prompt.root; <userinput>newfs /dev/rda2c</userinput></screen>
<para>and mount it:</para>
<screen>&prompt.root; <userinput>mount /dev/da2c /zip</userinput></screen>
<para>and it's probably a good idea to add a line like this to
<filename>/etc/fstab</filename> (see &man.fstab.5;) so you can just type
<command>mount /zip</command> in the future:</para>
<programlisting>/dev/da2c /zip ffs rw,noauto 0 0</programlisting>
</answer>
</qandaentry>
<qandaentry>
<question id="root-not-found-cron-errors">
<para>Why do I keep getting messages like <errorname>root: not
found</errorname> after editing my crontab file?</para>
</question>
<answer>
<para>This is normally caused by editing the system crontab
(<filename>/etc/crontab</filename>) and then using
&man.crontab.1; to install it:</para>
<screen>&prompt.root; <userinput>crontab /etc/crontab</userinput></screen>
<para>This is not the correct way to do things. The system
crontab has a different format to the per-user crontabs
which &man.crontab.1; updates (the &man.crontab.5; manual
page explains the differences in more detail).</para>
<para>If this is what you did, the extra crontab is simply a
copy of <filename>/etc/crontab</filename> in the wrong
format it. Delete it with the command:</para>
<screen>&prompt.root; <userinput>crontab -r</userinput></screen>
<para>Next time, when you edit
<filename>/etc/crontab</filename>, you should not do
anything to inform &man.cron.8; of the changes, since it
will notice them automatically.</para>
<para>If you want something to be run once per day, week, or
month, it's probably better to add shell scripts
<filename>/usr/local/etc/periodic</filename>, and let the
&man.periodic.8; command run from the system cron schedule
it with the other periodic system tasks.</para>
<para>The actual reason for the error is that the system
crontab has an extra field, specifying which user to run the
command as. In the default system crontab provided with
FreeBSD, this is <username>root</username> for all entries.
When this crontab is used as the <username>root</username>
user's crontab (which is <emphasis>not</emphasis> the
same as the system crontab), &man.cron.8; assumes the string
<literal>root</literal> is the first word of the command to
execute, but no such command exists.</para>
</answer>
</qandaentry>
<qandaentry>
<question id="su-wheel-group">
<para>&man.su.1; says <errorname>you are not in the correct group
to su root</errorname> when I try to su to
<username>root</username>.</para>
</question>
<!-- XXX uses <username> around a group name -->
<answer>
<para>This is a security feature. In order to su to
<username>root</username> (or any other account with superuser
privileges), you must be in the <username>wheel</username>
group. If this feature were not there, anybody with an account
on a system who also found out <username>root</username>'s
password would be able to gain superuser level access to the
system. With this feature, this isn't strictly true;
&man.su.1; will prevent them from even trying to enter the
password if they aren't in <username>wheel</username>.</para>
<para>To allow someone to su to <username>root</username>, simply
put them in the wheel group.</para>
</answer>
</qandaentry>
<qandaentry>
<question id="rcconf-readonly">
<para>I made a mistake in <filename>rc.conf</filename>,
or another startup file, and
now I can't edit it because the filesystem is read-only.
What should I do?</para>
</question>
<answer>
<para>When you get the prompt to enter the shell
pathname, simply press <literal>ENTER</literal>, and run
<command>mount /</command> to re-mount the root filesystem in
read/write mode. You may also need to run <command>mount -a -t
ufs</command> to mount the filesystem where your favourite
editor is defined. If your favourite editor is on a network
filesystem, you will need to either configure the network
manually before you can mount network filesystems, or use an
editor which resides on a local filesystem, such as
&man.ed.1;.</para>
<para>If you intend to use a full screen editor such
as &man.vi.1; or &man.emacs.1;, you may also need to
run <command>export TERM=cons25</command> so that these
editors can load the correct data from the &man.termcap.5;
database.</para>
<para>Once you have performed these steps, you can edit
<filename>/etc/rc.conf</filename> as you usually would
to fix the syntax error. The error message displayed
immediately after the kernel boot messages should tell you
the number of the line in the file which is at fault.</para>
</answer>
</qandaentry>
<qandaentry>
<question id="mount-dos">
<para>How do I mount a secondary DOS partition?</para>
</question>
<answer>
<para>The secondary DOS partitions are found after ALL the primary
partitions. For example, if you have an <quote>E</quote>
partition as the second DOS partition on the second SCSI drive,
you need to create the special files for <quote>slice 5</quote>
in /dev, then mount /dev/da1s5:</para>
<screen>&prompt.root; <userinput>cd /dev</userinput>
&prompt.root; <userinput>sh MAKEDEV da1s5</userinput>
&prompt.root; <userinput>mount -t msdos /dev/da1s5 /dos/e</userinput></screen>
</answer>
</qandaentry>
<qandaentry>
<question id="mount-foreign-fs">
<para>Can I mount other foreign filesystems under FreeBSD?</para>
</question>
<answer>
<para><literal>Digital UNIX</literal> UFS CDROMs can
be mounted directly on FreeBSD. Mounting disk partitions from
Digital UNIX and other systems that support UFS may be more
complex, depending on the details of the disk partitioning for
the operating system in question.</para>
<para><literal>Linux</literal>: 2.2 and later have
support for <literal>ext2fs</literal> partitions.
See &man.mount.ext2fs.8;
for more information.</para>
<para><literal>NT</literal>: A read-only NTFS driver
exists for FreeBSD. For more information, see this tutorial by
Mark Ovens at
<ulink URL="http://ukug.uk.freebsd.org/~mark/ntfs_install.html">
http://ukug.uk.freebsd.org/~mark/ntfs_install.html</ulink>.</para>
<para>Any other information on this subject would be
appreciated.</para>
</answer>
</qandaentry>
<qandaentry>
<question id="nt-bootloader">
<para>How can I use the NT loader to boot FreeBSD?</para>
</question>
<answer>
<para>This procedure is slightly different for 2.2.x and 3.x
(with the 3-stage boot) systems.</para>
<para>The general idea is that you copy the first sector of your
native root FreeBSD partition into a file in the DOS/NT
partition. Assuming you name that file something like
<filename>c:\bootsect.bsd</filename> (inspired by
<filename>c:\bootsect.dos</filename>), you can then edit the
<filename>c:\boot.ini</filename> file to come up with something
like this:</para>
<programlisting>[boot loader]
timeout=30
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Windows NT"
C:\BOOTSECT.BSD="FreeBSD"
C:\="DOS"</programlisting>
<para>For 2.2.x systems this procedure assumes that DOS, NT,
FreeBSD, or whatever have been installed into their respective
fdisk partitions on the <emphasis>same</emphasis>
disk. This example was tested on a system where DOS &amp; NT
were on the first fdisk partition, and FreeBSD on the second.
FreeBSD was also set up to boot from its native partition, not
the disk's MBR.</para>
<para>Mount a DOS-formatted floppy (if you've converted to NTFS)
or the FAT partition, under, say,
<filename>/mnt</filename>.</para>
<screen>&prompt.root; <userinput>dd if=/dev/rda0a of=/mnt/bootsect.bsd bs=512 count=1</userinput></screen>
<para>Reboot into DOS or NT. NTFS users copy the
<filename>bootsect.bsd</filename> and/or the
<filename>bootsect.lnx</filename> file from the floppy to
<filename>C:\</filename>. Modify the attributes (permissions)
on <filename>boot.ini</filename> with:</para>
<screen><prompt>C:\&gt;</prompt> <userinput>attrib -s -r c:\boot.ini</userinput></screen>
<para>Edit to add the appropriate entries from the example
<filename>boot.ini</filename> above, and restore the
attributes:</para>
<screen><prompt>C:\&gt;</prompt> <userinput>attrib +s +r c:\boot.ini</userinput></screen>
<para>If FreeBSD is booting from the MBR, restore it with the DOS
<command>fdisk</command> command after you reconfigure them to
boot from their native partitions.</para>
<para>For FreeBSD 3.x systems the procedure is somewhat
simpler.</para>
<para>If FreeBSD is installed on the same disk as the NT boot
partition simply copy <filename>/boot/boot1</filename> to
<filename>C:\BOOTSECT.BSD</filename> However, if FreeBSD is
installed on a different disk <filename>/boot/boot1</filename>
will not work, <filename>/boot/boot0</filename> is needed.
<warning>
<para>DO NOT SIMPLY COPY <filename>/boot/boot0</filename>
INSTEAD OF <filename>/boot/boot1</filename>, YOU WILL
OVERWRITE YOUR PARTITION TABLE AND RENDER YOUR COMPUTER
UN-BOOTABLE!</para>
</warning>
<filename>/boot/boot0</filename> needs to be installed using
sysinstall by selecting the FreeBSD boot manager on the
screen which asks if you wish to use a boot manager. This is
because <filename>/boot/boot0</filename> has the partition
table area filled with NULL characters but sysinstall copies
the partition table before copying
<filename>/boot/boot0</filename> to the MBR.</para>
<para>When the FreeBSD boot manager runs it records the last
OS booted by setting the active flag on the partition table
entry for that OS and then writes the whole 512-bytes of itself
back to the MBR so if you just copy
<filename>/boot/boot0</filename> to
<filename>C:\BOOTSECT.BSD</filename> then it writes an empty
partition table, with the active flag set on one entry, to the
MBR.</para>
</answer>
</qandaentry>
<qandaentry>
<question id="lilo-bootloader">
<para>How do I boot FreeBSD and Linux from LILO?</para>
</question>
<answer>
<para>If you have FreeBSD and Linux on the same disk, just follow
LILO's installation instructions for booting a non-Linux
operating system. Very briefly, these are:</para>
<para>Boot Linux, and add the following lines to
<filename>/etc/lilo.conf</filename>:</para>
<programlisting>other=/dev/hda2
table=/dev/hda
label=FreeBSD</programlisting>
<para>(the above assumes that your FreeBSD slice is known to Linux
as <filename>/dev/hda2</filename>; tailor to suit your setup).
Then, run <command>lilo</command> as root and you should be
done.</para>
<para>If FreeBSD resides on another disk, you need to add
<literal>loader=/boot/chain.b</literal> to the LILO entry.
For example:</para>
<programlisting>other=/dev/dab4
table=/dev/dab
loader=/boot/chain.b
label=FreeBSD</programlisting>
<para>In some cases you may need to specify the BIOS drive number
to the FreeBSD boot loader to successfully boot off the second
disk. For example, if your FreeBSD SCSI disk is probed by BIOS
as BIOS disk 1, at the FreeBSD boot loader prompt you need to
specify:</para>
<screen>Boot: <userinput>1:da(0,a)/kernel</userinput></screen>
<para>On FreeBSD 2.2.5 and later, you can configure
&man.boot.8;
to automatically do this for you at boot time.</para>
<para>The <ulink
URL="http://sunsite.unc.edu/LDP/HOWTO/mini/Linux+FreeBSD.html">
Linux+FreeBSD mini-HOWTO</ulink> is a good reference for
FreeBSD and Linux interoperability issues.</para>
</answer>
</qandaentry>
<qandaentry>
<question id="booteasy-loader">
<para>How do I boot FreeBSD and Linux using BootEasy?</para>
</question>
<answer>
<para>Install LILO at the start of your Linux boot partition
instead of in the Master Boot Record. You can then boot LILO
from BootEasy.</para>
<para>If you're running Windows-95 and Linux this is recommended
anyway, to make it simpler to get Linux booting again if you
should need to reinstall Windows95 (which is a Jealous
Operating System, and will bear no other Operating Systems in
the Master Boot Record).</para>
</answer>
</qandaentry>
<qandaentry>
<question id="dangerously-dedicated">
<para>Will a <quote>dangerously dedicated</quote> disk endanger
my health?</para>
</question>
<answer>
<para><anchor id="dedicate">The installation procedure allows
you to chose two different methods in partitioning your
harddisk(s). The default way makes it compatible with other
operating systems on the same machine, by using fdisk table
entries (called <quote>slices</quote> in FreeBSD), with a
FreeBSD slice that employs partitions of its own. Optionally,
one can chose to install a boot-selector to switch between the
possible operating systems on the disk(s). The alternative uses
the entire disk for FreeBSD, and makes no attempt to be
compatible with other operating systems.</para>
<para>So why it is called <quote>dangerous</quote>? A disk in
this mode doesn't contain what normal PC utilities would
consider a valid fdisk table. Depending on how well they have
been designed, they might complain at you once they are getting
in contact with such a disk, or even worse, they might damage
the BSD bootstrap without even asking or notifying you. In
addition, the <quote>dangerously dedicated</quote> disk's
layout is known to confuse many BIOSsen, including those from
AWARD (eg. as found in HP Netserver and Micronics systems as
well as many others) and Symbios/NCR (for the popular 53C8xx
range of SCSI controllers). This isn't a complete list, there
are more. Symptoms of this confusion include the <quote>read
error</quote> message printed by the FreeBSD bootstrap when it
can't find itself, as well as system lockups when
booting.</para>
<para>Why have this mode at all then? It only saves a few kbytes
of disk space, and it can cause real problems for a new
installation. <quote>Dangerously dedicated</quote> mode's
origins lie in a desire to avoid one of the most common
problems plaguing new FreeBSD installers - matching the BIOS
<quote>geometry</quote> numbers for a disk to the disk
itself.</para>
<para><quote>Geometry</quote> is an outdated concept, but one
still at the heart of the PC's BIOS and its interaction with
disks. When the FreeBSD installer creates slices, it has to
record the location of these slices on the disk in a fashion
that corresponds with the way the BIOS expects to find them. If
it gets it wrong, you won't be able to boot.</para>
<para><quote>Dangerously dedicated</quote> mode tries to work
around this by making the problem simpler. In some cases, it
gets it right. But it's meant to be used as a last-ditch
alternative - there are better ways to solve the problem 99
times out of 100.</para>
<para>So, how do you avoid the need for <quote>DD</quote> mode
when you're installing? Start by making a note of the geometry
that your BIOS claims to be using for your disks. You can
arrange to have the kernel print this as it boots by specifying
<option>-v</option> at the <literal>boot:</literal> prompt, or
using <command>boot -v</command> in the loader. Just before the
installer starts, the kernel will print a list of BIOS
geometries. Don't panic - wait for the installer to start and
then use scrollback to read the numbers. Typically the BIOS
disk units will be in the same order that FreeBSD lists your
disks, first IDE, then SCSI.</para>
<para>When you're slicing up your disk, check that the disk
geometry displayed in the FDISK screen is correct (ie. it
matches the BIOS numbers); if it's wrong, use the
<literal>g</literal> key to fix it. You may have to do this if
there's absolutely nothing on the disk, or if the disk has been
moved from another system. Note that this is only an issue with
the disk that you're going to boot from; FreeBSD will sort
itself out just fine with any other disks you may have.</para>
<para>Once you've got the BIOS and FreeBSD agreeing about the
geometry of the disk, your problems are almost guaranteed to be
over, and with no need for <quote>DD</quote> mode at all. If,
however, you are still greeted with the dreaded <quote>read
error</quote> message when you try to boot, it's time to cross
your fingers and go for it - there's nothing left to
lose.</para>
<para>To return a <quote>dangerously dedicated</quote> disk
for normal PC use, there are basically two options. The first
is, you write enough NULL bytes over the MBR to make any
subsequent installation believe this to be a blank disk. You
can do this for example with</para>
<screen>&prompt.root; <userinput>dd if=/dev/zero of=/dev/rda0 count=15</userinput></screen>
<para>Alternatively, the undocumented DOS
<quote>feature</quote></para>
<screen><prompt>C:\&gt;</prompt> <userinput>fdisk /mbr</userinput></screen>
<para>will to install a new master boot record as well, thus
clobbering the BSD bootstrap.</para>
</answer>
</qandaentry>
<qandaentry>
<question id="add-swap-space">
<para>How can I add more swap space?</para>
</question>
<answer>
<para>The best way is to increase the size of your swap partition,
or take advantage of this convenient excuse to add another
disk. The general rule of thumb is to have around 2x the swap
space as you have main memory. However, if you have a very
small amount of main memory you may want to configure swap
beyond that. It is also a good idea to configure sufficient
swap relative to anticipated future memory upgrades so you do
not have to futz with your swap configuration later.</para>
<para>Adding swap onto a separate disk makes things faster than
simply adding swap onto the same disk. As an example, if you
are compiling source located on one disk, and the swap is on
another disk, this is much faster than both swap and compile on
the same disk. This is true for SCSI disks specifically.</para>
<para>When you have several disks, configuring a swap partition on
each one is usually beneficial, even if you wind up putting
swap on a work disk. Typically, each fast disk in your system
should have some swap configured. FreeBSD supports up to 4
interleaved swap devices by default. When configuring multiple
swap partitions you generally want to make them all about the
same size, but people sometimes make their primary swap
parition larger in order to accomodate a kernel core dump. Your
primary swap partition must be at least as large as main memory
in order to be able to accomodate a kernel core.</para>
<para>IDE drives are not able to allow access to both drives on
the same channel at the same time (FreeBSD doesn't support mode
4, so all IDE disk I/O is <quote>programmed</quote>).
It is still suggested that you put your swap partition on a
separate driver, however: the drives are so cheap, it is not
worth worrying about.</para>
<para>Swapping over NFS is only recommended if you do not have a
local disk to swap to. Swapping over NFS is slow and
inefficient in FreeBSD releases prior to 4.x, but reasonably
fast in releases greater or equal to 4.0. Even so, it will be
limited to the network bandwidth available and puts an
additional burden on the NFS server.</para>
<para>Here is an example for 64Mb vn-swap
(<filename>/usr/swap0</filename>, though of course you can use
any name that you want).</para>
<para>Make sure your kernel was built with the line</para>
<programlisting>pseudo-device vn 1 #Vnode driver (turns a file into a device)</programlisting>
<para>in your config-file. The GENERIC kernel already contains
this.</para>
<orderedlist>
<listitem>
<para>create a vn-device</para>
<screen>&prompt.root; <userinput>cd /dev</userinput>
&prompt.root; <userinput>sh MAKEDEV vn0</userinput></screen>
</listitem>
<listitem>
<para>create a swapfile (<filename>/usr/swap0</filename>)</para>
<screen>&prompt.root; <userinput>dd if=/dev/zero of=/usr/swap0 bs=1024k count=64</userinput></screen>
</listitem>
<listitem>
<para>set proper permissions on (<filename>/usr/swap0</filename>)</para>
<screen>&prompt.root; <userinput>chmod 0600 /usr/swap0</userinput></screen>
</listitem>
<listitem>
<para>enable the swap file in <filename>/etc/rc.conf</filename></para>
<programlisting>swapfile="/usr/swap0" # Set to name of swapfile if aux swapfile desired.</programlisting>
</listitem>
<listitem>
<para>reboot the machine</para>
</listitem>
</orderedlist>
<para>To enable the swap file immediately, type</para>
<screen>&prompt.root; <userinput>vnconfig -e /dev/vn0b /usr/swap0 swap</userinput></screen>
</answer>
</qandaentry>
<qandaentry>
<question id="printer-setup">
<para>I'm having problems setting up my printer.</para>
</question>
<answer>
<para>Please have a look at the Handbook entry on printing. It
should cover most of your problem. See the <ulink
URL="../handbook/printing.html">
Handbook entry on printing.</ulink></para>
<para>Some printers require a host-based driver to do any kind of
printing. These so-called <quote>WinPrinters</quote> are not
natively supported by FreeBSD. If your printer does not work
in DOS or Windows NT 4.0, it is probably a WinPrinter. Your
only hope of getting one of these to work is to check if the
<filename>ports/print/pnm2ppa</filename> port supports it.
From <ulink
url="http://www.freebsd.org/cgi/url.cgi?ports/print/pnm2ppa/pkg-descr">its
package description</ulink>:</para>
<blockquote>
<para>This software creates output using the PPA (printer
performance architecture) protocol. This protocol is used by
some HP "Windows-only" printers, including the HP Deskjet
820C series, the HP DeskJet 720 series, and the HP DeskJet
1000 series. [...]</para>
<para>WWW: <ulink
url="http://pnm2ppa.sourceforge.net/">http://pnm2ppa.sourceforge.net/</ulink></para>
</blockquote>
</answer>
</qandaentry>
<qandaentry>
<question id="keyboard-mappings">
<para>The keyboard mappings are wrong for my system.</para>
</question>
<answer>
<para>The kbdcontrol program has an option to load a keyboard
map file. Under <filename>/usr/share/syscons/keymaps</filename>
are a number of map files. Choose the one relevant to your
system and load it.</para>
<screen>&prompt.root; <userinput>kbdcontrol -l uk.iso</userinput></screen>
<para>Both the <filename>/usr/share/syscons/keymaps</filename>
and the <filename>.kbd</filename> extension are assumed by
&man.kbdcontrol.1;.</para>
<para>This can be configured in <filename>/etc/sysconfig</filename>
(or
&man.rc.conf.5;). See the appropriate comments in this
file.</para>
<para>In 2.0.5R and later, everything related to text fonts,
keyboard mapping is in
<filename>/usr/share/examples/syscons</filename>.</para>
<para>The following mappings are currently supported:</para>
<itemizedlist>
<listitem>
<para>Belgian ISO-8859-1</para>
</listitem>
<listitem>
<para>Brazilian 275 keyboard Codepage 850</para>
</listitem>
<listitem>
<para>Brazilian 275 keyboard ISO-8859-1</para>
</listitem>
<listitem>
<para>Danish Codepage 865</para>
</listitem>
<listitem>
<para>Danish ISO-8859-1</para>
</listitem>
<listitem>
<para>French ISO-8859-1</para>
</listitem>
<listitem>
<para>German Codepage 850</para>
</listitem>
<listitem>
<para>German ISO-8859-1</para>
</listitem>
<listitem>
<para>Italian ISO-8859-1</para>
</listitem>
<listitem>
<para>Japanese 106</para>
</listitem>
<listitem>
<para>Japanese 106x</para>
</listitem>
<listitem>
<para>Latin American</para>
</listitem>
<listitem>
<para>Norwegian ISO-8859-1</para>
</listitem>
<listitem>
<para>Polish ISO-8859-2 (programmer's)</para>
</listitem>
<listitem>
<para>Russian Codepage 866 (alternative)</para>
</listitem>
<listitem>
<para>Russian koi8-r (shift)</para>
</listitem>
<listitem>
<para>Russian koi8-r</para>
</listitem>
<listitem>
<para>Spanish ISO-8859-1</para>
</listitem>
<listitem>
<para>Swedish Codepage 850</para>
</listitem>
<listitem>
<para>Swedish ISO-8859-1</para>
</listitem>
<listitem>
<para>Swiss-German ISO-8859-1</para>
</listitem>
<listitem>
<para>United Kingdom Codepage 850</para>
</listitem>
<listitem>
<para>United Kingdom ISO-8859-1</para>
</listitem>
<listitem>
<para>United States of America ISO-8859-1</para>
</listitem>
<listitem>
<para>United States of America dvorak</para>
</listitem>
<listitem>
<para>United States of America dvorakx</para>
</listitem>
</itemizedlist>
</answer>
</qandaentry>
<qandaentry>
<question id="pnp-resources">
<para>I get messages like: <errorname>unknown: &lt;PNP0303&gt;
can't assign resources</errorname> on boot.</para>
</question>
<answer>
<para>The following is an excerpt from a post to the
freebsd-current mailing list.</para>
<blockquote>
<attribution>&a.wollman;, 24 April 2001</attribution>
<para>The <quote>can't assign resources</quote> messages
indicate that the devices are legacy ISA devices for which a
non-PnP-aware driver is compiled into the kernel. These
include devices such as keyboard controllers, the
programmable interrupt controller chip, and several other
bits of standard infrastructure. The resources can't be
assigned because there is already a driver using those
addresses.</para>
</blockquote>
</answer>
</qandaentry>
<qandaentry>
<question id="user-quotas">
<para>I can't get user quotas to work properly.</para>
</question>
<answer>
<orderedlist>
<listitem>
<para>Don't turn on quotas on <filename>/</filename>,</para>
</listitem>
<listitem>
<para>Put the quota file on the file system that the quotas
are to be enforced on. ie:</para>
<informaltable frame="none">
<tgroup cols="2">
<thead>
<row>
<entry>Filesystem</entry>
<entry>Quota file</entry>
</row>
</thead>
<tbody>
<row>
<entry><filename>/usr</filename></entry>
<entry><filename>/usr/admin/quotas</filename></entry>
</row>
<row>
<entry><filename>/home</filename></entry>
<entry><filename>/home/admin/quotas</filename></entry>
</row>
<row>
<entry>&hellip;</entry>
<entry>&hellip;</entry>
</row>
</tbody>
</tgroup>
</informaltable>
</listitem>
</orderedlist>
</answer>
</qandaentry>
<qandaentry>
<question id="inappropriate-ccd">
<para>What's inappropriate about my ccd?</para>
</question>
<answer>
<para>The symptom of this is:</para>
<screen>&prompt.root; <userinput>ccdconfig -C</userinput>
ccdconfig: ioctl (CCDIOCSET): /dev/ccd0c: Inappropriate file type or format</screen>
<para>This usually happens when you are trying to concatenate
the <literal>c</literal> partitions, which default to type
<literal>unused</literal>. The ccd driver requires the
underlying partition type to be FS_BSDFFS. Edit the disklabel
of the disks you are trying to concatenate and change the types
of partitions to <literal>4.2BSD</literal>.</para>
</answer>
</qandaentry>
<qandaentry>
<question id="ccd-disklabel">
<para>Why can't I edit the disklabel on my ccd?</para>
</question>
<answer>
<para>The symptom of this is:</para>
<screen>&prompt.root; <userinput>disklabel ccd0</userinput>
(it prints something sensible here, so let's try to edit it)
&prompt.root; <userinput>disklabel -e ccd0</userinput>
(edit, save, quit)
disklabel: ioctl DIOCWDINFO: No disk label on disk;
use "disklabel -r" to install initial label</screen>
<para>This is because the disklabel returned by ccd is actually
a <quote>fake</quote> one that is not really on the disk.
You can solve this problem by writing it back explicitly,
as in:</para>
<screen>&prompt.root; <userinput>disklabel ccd0 &gt; /tmp/disklabel.tmp</userinput>
&prompt.root; <userinput>disklabel -Rr ccd0 /tmp/disklabel.tmp</userinput>
&prompt.root; <userinput>disklabel -e ccd0</userinput>
(this will work now)</screen>
</answer>
</qandaentry>
<qandaentry>
<question id="sysv-ipc">
<para>Does FreeBSD support System V IPC primitives?</para>
</question>
<answer>
<para>Yes, FreeBSD supports System V-style IPC. This includes
shared memory, messages and semaphores. You need to add the
following lines to your kernel config to enable them.</para>
<programlisting>options SYSVSHM
options SYSVSHM # enable shared memory
options SYSVSEM # enable for semaphores
options SYSVMSG # enable for messaging</programlisting>
<para>
<note>
<para>In FreeBSD 3.2 and later, these options are already
part of the <emphasis>GENERIC</emphasis> kernel, which
meansthey should already be compiled into your
system.</para>
</note></para>
<para>Recompile and install your kernel.</para>
</answer>
</qandaentry>
<qandaentry>
<question id="uucpmail">
<para>How do I use sendmail for mail delivery with UUCP?</para>
</question>
<answer>
<para>The sendmail configuration that ships with FreeBSD is
suited for sites that connect directly to the Internet.
Sites that wish to exchange their mail via UUCP must install
another sendmail configuration file.</para>
<para>Tweaking <filename>/etc/sendmail.cf</filename> manually is
considered something for purists. Sendmail version 8 comes with
a new approach of generating config files via some
&man.m4.1;
preprocessing, where the actual hand-crafted configuration is
on a higher abstraction level. You should use the configuration
files under
<filename>/usr/src/usr.sbin/sendmail/cf</filename></para>
<para>If you didn't install your system with full sources,
the sendmail config stuff has been broken out into a separate
source distribution tarball just for you. Assuming you've got
your CD-ROM mounted, do:</para>
<screen>&prompt.root; <userinput>cd /cdrom/src</userinput>
&prompt.root; <userinput>cat scontrib.?? | tar xzf - -C /usr/src contrib/sendmail</userinput></screen>
<para>Don't panic, this is only a few hundred kilobytes in size.
The file <filename>README</filename> in the
<filename>cf</filename> directory can serve as a basic
introduction to m4 configuration.</para>
<para>For UUCP delivery, you are best advised to use the
<literal>mailertable</literal> feature. This constitutes a
database that sendmail can use to base its routing decision
upon.</para>
<para>First, you have to create your <filename>.mc</filename>
file. The directory
<filename>/usr/src/usr.sbin/sendmail/cf/cf</filename> is the
home of these files. Look around, there are already a few
examples. Assuming you have named your file
<filename>foo.mc</filename>, all you need to do in order to
convert it into a valid <filename>sendmail.cf</filename>
is:</para>
<screen>
&prompt.root; <userinput>cd /usr/src/usr.sbin/sendmail/cf/cf</userinput>
&prompt.root; <userinput>make foo.cf</userinput>
&prompt.root; <userinput>cp foo.cf /etc/sendmail.cf</userinput></screen>
<para>A typical <filename>.mc</filename> file might look
like:</para>
<programlisting>include(`../m4/cf.m4')
VERSIONID(`<replaceable>Your version number</replaceable>')
OSTYPE(bsd4.4)
FEATURE(nodns)
FEATURE(nocanonify)
FEATURE(mailertable)
define(`UUCP_RELAY', <replaceable>your.uucp.relay</replaceable>)
define(`UUCP_MAX_SIZE', 200000)
MAILER(local)
MAILER(smtp)
MAILER(uucp)
Cw <replaceable>your.alias.host.name</replaceable>
Cw <replaceable>youruucpnodename.UUCP</replaceable></programlisting>
<para>The <literal>nodns</literal> and
<literal>nocanonify</literal> features will prevent any usage
of the DNS during mail delivery. The
<literal>UUCP_RELAY</literal> clause is needed for bizarre
reasons, don't ask. Simply put an Internet hostname there that
is able to handle .UUCP pseudo-domain addresses; most likely,
you will enter the mail relay of your ISP there.</para>
<para>Once you've got this, you need this file called
<filename>/etc/mailertable</filename>. A typical example of
this gender again:</para>
<programlisting>#
# makemap hash /etc/mailertable.db &lt; /etc/mailertable
#
horus.interface-business.de uucp-dom:horus
.interface-business.de uucp-dom:if-bus
interface-business.de uucp-dom:if-bus
.heep.sax.de smtp8:%1
horus.UUCP uucp-dom:horus
if-bus.UUCP uucp-dom:if-bus
. uucp-dom:</programlisting>
<para>As you can see, this is part of a real-life file. The
first three lines handle special cases where domain-addressed
mail should not be sent out to the default route, but instead
to some UUCP neighbor in order to <quote>shortcut</quote> the
delivery path. The next line handles mail to the local Ethernet
domain that can be delivered using SMTP. Finally, the UUCP
neighbors are mentioned in the .UUCP pseudo-domain notation, to
allow for a <literal><replaceable>uucp-neighbor
</replaceable>!<replaceable>recipient</replaceable></literal>
override of the default rules. The last line is always a single
dot, matching everything else, with UUCP delivery to a UUCP
neighbor that serves as your universal mail gateway to the
world. All of the node names behind the
<literal>uucp-dom:</literal> keyword must be valid UUCP
neighbors, as you can verify using the command
<literal>uuname</literal>.</para>
<para>As a reminder that this file needs to be converted into a
DBM database file before being usable, the command line to
accomplish this is best placed as a comment at the top of
the mailertable. You always have to execute this command
each time you change your mailertable.</para>
<para>Final hint: if you are uncertain whether some particular
mail routing would work, remember the <option>-bt</option>
option to sendmail. It starts sendmail in <emphasis>address
test mode</emphasis>; simply enter <literal>0</literal>,
followed by the address you wish to test for the mail routing.
The last line tells you the used internal mail agent, the
destination host this agent will be called with, and the
(possibly translated) address. Leave this mode by typing
Control-D.</para>
<screen>&prompt.user; <userinput>sendmail -bt</userinput>
ADDRESS TEST MODE (ruleset 3 NOT automatically invoked)
Enter &lt;ruleset&gt; &lt;address&gt;
<prompt>&gt;</prompt> <userinput>0 foo@interface-business.de</userinput>
rewrite: ruleset 0 input: foo @ interface-business . de
...
rewrite: ruleset 0 returns: $# uucp-dom $@ if-bus $: foo \
&lt; @ interface-business . de &gt;
<prompt>&gt;</prompt> <userinput>^D</userinput></screen>
</answer>
</qandaentry>
<qandaentry>
<question id="ispmail">
<para>How do I set up mail with a dialup connection to the
'net?</para>
</question>
<answer>
<para>If you've got a statically assigned IP number, you should
not need to adjust anything from the default. Set your host
name up as your assigned internet name and sendmail will do
the rest.</para>
<para>If you've got a dynamically assigned IP number and use a
dialup <application>ppp</application> connection to the
internet, you will probably be given a mailbox on your ISPs
mail server. Lets assume your ISPs domain is
<hostid role="domainname">myISP.com</hostid>, and that your user name is
<username>user</username>. Lets also assume you've
called your machine <hostid role="fqdn">bsd.home</hostid> and that your
ISP has told you that you may use
<hostid role="fqdn">relay.myISP.com</hostid> as a mail relay.</para>
<para>In order to retrieve mail from your mailbox, you'll need
to install a retrieval agent. <application>Fetchmail</application> is a good choice as it supports
many different protocols. Usually, POP3 will be provided by
your ISP. If you've chosen to use user-ppp, you can
automatically fetch your mail when a connection to the 'net is
established with the following entry in
<filename>/etc/ppp/ppp.linkup</filename>:</para>
<programlisting>MYADDR:
!bg su user -c fetchmail</programlisting>
<para>If you are using <application>sendmail</application>
(as shown below) to deliver mail to non-local accounts, put
the command</para>
<programlisting> !bg su user -c "sendmail -q"</programlisting>
<para>after the above shown entry. This forces <application>sendmail</application> to
process your mailqueue as soon as the connection to the 'net
is established.</para>
<para>I'm assuming that you have an account for
<username>user</username> on
<hostid role="fqdn">bsd.home</hostid>. In the home directory of
<username>user</username> on
<hostid role="fqdn">bsd.home</hostid>, create a
<filename>.fetchmailrc</filename> file:</para>
<programlisting>poll myISP.com protocol pop3 fetchall pass MySecret</programlisting>
<para>Needless to say, this file should not be readable by
anyone except <username>user</username> as it contains
the password <literal>MySecret</literal>.</para>
<para>In order to send mail with the correct
<literal>from:</literal> header, you must tell
<application>sendmail</application> to use <literal>user@myISP.com</literal> rather than
<literal>user@bsd.home</literal>. You may also wish to tell
<application>sendmail</application> to send all mail via
<hostid role="fqdn">relay.myISP.com</hostid>, allowing quicker mail
transmission.</para>
<para>The following <filename>.mc</filename> file should
suffice:</para>
<programlisting>VERSIONID(`bsd.home.mc version 1.0')
OSTYPE(bsd4.4)dnl
FEATURE(nouucp)dnl
MAILER(local)dnl
MAILER(smtp)dnl
Cwlocalhost
Cwbsd.home
MASQUERADE_AS(`myISP.com')dnl
FEATURE(allmasquerade)dnl
FEATURE(masquerade_envelope)dnl
FEATURE(nocanonify)dnl
FEATURE(nodns)dnl
define(`SMART_HOST', `relay.myISP.com')
Dmbsd.home
define(`confDOMAIN_NAME',`bsd.home')dnl
define(`confDELIVERY_MODE',`deferred')dnl</programlisting>
<para>Refer to the previous section for details of how to turn
this <filename>.mc</filename> file into a
<filename>sendmail.cf</filename> file. Also, don't forget to
restart <application>sendmail</application> after updating <filename>sendmail.cf</filename>.</para>
</answer>
</qandaentry>
<qandaentry>
<question id="toor-account">
<para>What's this UID 0 <username>toor</username> account? Have I
been compromised?</para>
</question>
<answer>
<para>Don't worry. <username>toor</username> is an
<quote>alternative</quote> superuser account (toor is root
spelt backwards). Previously it was created when the
&man.bash.1; shell was installed but now it is created by
default. It is intended to be used with a non-standard shell so
you don't have to change <username>root</username>'s default
shell. This is important as shells which aren't part of the
base distribution (for example a shell installed from ports or
packages) are likely be to be installed in
<filename>/usr/local/bin</filename> which, by default, resides
on a different filesystem. If <username>root</username>'s shell
is located in <filename>/usr/local/bin</filename> and
<filename>/usr</filename> (or whatever filesystem contains
<filename>/usr/local/bin</filename>) isn't mounted for some
reason, <username>root</username> won't be able to log in to
fix a problem (although if you reboot into single user mode
you'll be prompted for the path to a shell).</para>
<para>Some people use <username>toor</username> for
day-to-day root tasks with a non-standard shell, leaving
<username>root</username>, with a standard shell, for
single user mode or emergencies. By default you can't log
in using <username>toor</username> as it doesn't have a
password, so log in as root and set a password for
<username>toor</username> if you want to use it.</para>
</answer>
</qandaentry>
<qandaentry>
<question id="forgot-root-pw">
<para>Eek! I forgot the root password!</para>
</question><answer>
<para>Don't Panic! Simply restart the system, type
<userinput>boot -s</userinput> at the Boot: prompt (just
<userinput>-s</userinput> for FreeBSD releases before 3.2) to
enter Single User mode. At the question about the shell to use,
hit ENTER. You'll be dropped to a &prompt.root; prompt. Enter
<command>mount -u /</command> to remount your root filesystem
read/write, then run <command>mount -a</command> to remount all
the filesystems. Run <command>passwd root</command> to change
the root password then run <command>exit</command> to continue
booting.</para>
</answer>
</qandaentry>
<qandaentry>
<question id="CAD-reboot">
<para>How do I keep Control-Alt-Delete from rebooting the
system?</para>
</question>
<answer>
<para>If you are using syscons (the default console driver)
in FreeBSD 2.2.7-RELEASE or later,
build and install a new kernel with the line</para>
<programlisting>options SC_DISABLE_REBOOT</programlisting>
<para>in the configuration file. If you use the PCVT console
driver in FreeBSD 2.2.5-RELEASE or later, use the following
kernel configuration line instead:</para>
<programlisting>options PCVT_CTRL_ALT_DEL</programlisting>
<para>For older versions of FreeBSD, edit the keymap you are
using for the console and replace the <literal>boot</literal>
keywords with <literal>nop</literal>. The default keymap is
<filename>/usr/share/syscons/keymaps/us.iso.kbd</filename>. You
may have to instruct <filename>/etc/rc.conf</filename> to load
this keymap explicitly for the change to take effect. Of course
if you are using an alternate keymap for your country, you
should edit that one instead.</para>
</answer>
</qandaentry>
<qandaentry>
<question id="dos-to-unix-txt">
<para>How do I reformat DOS text files to UNIX ones?</para>
</question>
<answer>
<para>Simply use this perl command:</para>
<screen>&prompt.user; <userinput>perl -i.bak -npe 's/\r\n/\n/g' file ...</userinput></screen>
<para>file is the file(s) to process. The modification is done
in-place, with the original file stored with a .bak
extension.</para>
<para>Alternatively you can use the
&man.tr.1;
command:</para>
<screen>&prompt.user; <userinput>tr -d '\r' &lt; <replaceable>dos-text-file</replaceable> &gt; <replaceable>unix-file</replaceable></userinput></screen>
<para><replaceable>dos-text-file</replaceable> is the file
containing DOS text while <replaceable>unix-file</replaceable>
will contain the converted output. This can be quite a bit
faster than using perl.</para>
</answer>
</qandaentry>
<qandaentry>
<question id="kill-by-name">
<para>How do I kill processes by name?</para>
</question><answer>
<para>Use &man.killall.1;.</para>
</answer>
</qandaentry>
<qandaentry>
<question id="root-acl">
<para>Why is su bugging me about not being in root's ACL?</para>
</question>
<answer>
<para>The error comes from the Kerberos distributed
authentication system. The problem isn't fatal but annoying.
You can either run su with the -K option, or uninstall
Kerberos as described in the next question.</para>
</answer>
</qandaentry>
<qandaentry>
<question id="uninstall-kerberos">
<para>How do I uninstall Kerberos?</para>
</question>
<answer>
<para>To remove Kerberos from the system, reinstall the bin
distribution for the release you are running. If you have
the CDROM, you can mount the cd (we'll assume on /cdrom)
and run</para>
<screen>&prompt.root; <userinput>cd /cdrom/bin</userinput>
&prompt.root; <userinput>./install.sh</userinput></screen>
<para>Alternately, you can remove all "MAKE_KERBEROS"
options from <filename>/etc/make.conf</filename> and rebuild
world.</para>
</answer>
</qandaentry>
<qandaentry>
<question id="add-pty">
<para>How do I add pseudoterminals to the system?</para>
</question>
<answer>
<para>If you have lots of telnet, ssh, X, or screen users,
you'll probably run out of pseudoterminals. Here's how to
add more:</para>
<orderedlist>
<listitem>
<para>Build and install a new kernel with the line</para>
<programlisting>pseudo-device pty 256</programlisting>
<para>in the configuration file.</para>
</listitem>
<listitem>
<para>Run the commands</para>
<screen>&prompt.root; <userinput>cd /dev</userinput>
&prompt.root; <userinput>sh MAKEDEV pty{1,2,3,4,5,6,7}</userinput></screen>
<para>to make 256 device nodes for the new terminals.</para>
</listitem>
<listitem>
<para>Edit <filename>/etc/ttys</filename> and add lines
for each of the 256 terminals. They should match the form
of the existing entries, i.e. they look like</para>
<programlisting>ttyqc none network</programlisting>
<para>The order of the letter designations is
<literal>tty[pqrsPQRS][0-9a-v]</literal>, using a
regular expression. </para>
</listitem>
<listitem>
<para>Reboot the system with the new kernel and you're
ready to go.</para>
</listitem>
</orderedlist>
</answer>
</qandaentry>
<qandaentry>
<question id="create-snd0">
<para>I can't create the snd0 device!</para>
</question>
<answer>
<para>There is no <devicename>snd</devicename> device. The name
is used as a shorthand for the various devices that make up the
FreeBSD sound driver, such as <devicename>mixer</devicename>,
<devicename>sequencer</devicename>, and
<devicename>dsp</devicename>.</para>
<para>To create these devices you should</para>
<screen>&prompt.root; <userinput>cd /dev</userinput>
&prompt.root; <userinput>sh MAKEDEV snd0</userinput></screen>
</answer>
</qandaentry>
<qandaentry>
<question id="reread-rc">
<para>How do I re-read /etc/rc.conf and re-start /etc/rc without
a reboot?</para>
</question>
<answer>
<para>Go into single user mode and than back to multi user
mode.</para>
<para>On the console do:</para>
<screen>&prompt.root; <userinput>shutdown now</userinput>
(Note: without -r or -h)
&prompt.root; <userinput>return</userinput>
&prompt.root; <userinput>exit</userinput></screen>
</answer>
</qandaentry>
<qandaentry>
<question id="sandbox">
<para>What is a sandbox?</para>
</question><answer>
<para><quote>Sandbox</quote> is a security term. It can mean
two things:</para>
<itemizedlist>
<listitem>
<para>A process which is placed inside a set of virtual
walls that are designed to prevent someone who breaks
into the process from being able to break into the wider
system.</para>
<para>The process is said to be able to
<command>play</command> inside the walls. That is,
nothing the process does in regards to executing code is
supposed to be able to breech the walls so you do not
have to do a detailed audit of its code to be able to
say certain things about its security.</para>
<para>The walls might be a userid, for example. This is
the definition used in the security and named man
pages.</para>
<para>Take the <literal>ntalk</literal> service, for
example (see /etc/inetd.conf). This service used to run
as userid root. Now it runs as userid tty. The tty user
is a sandbox designed to make it more difficult for
someone who has successfully hacked into the system via
ntalk from being able to hack beyond that user id.</para>
</listitem>
<listitem>
<para>A process which is placed inside a simulation of the
machine. This is more hard-core. Basically it means that
someone who is able to break into the process may believe
that he can break into the wider machine but is, in fact,
only breaking into a simulation of that machine and not
modifying any real data.</para>
<para>The most common way to accomplish this is to build a
simulated environment in a subdirectory and then run the
processes in that directory chroot'd (i.e.
<filename>/</filename> for that process is this
directory, not the real <filename>/</filename> of the
system).</para>
<para>Another common use is to mount an underlying
filesystem read-only and then create a filesystem layer
on top of it that gives a process a seemingly writeable
view into that filesystem. The process may believe it is
able to write to those files, but only the process sees
the effects - other processes in the system do not,
necessarily.</para>
<para>An attempt is made to make this sort of sandbox so
transparent that the user (or hacker) does not realize
that he is sitting in it.</para>
</listitem>
</itemizedlist>
<para>UNIX implements two core sanboxes. One is at the
process level, and one is at the userid level.</para>
<para>Every UNIX process is completely firewalled off from every
other UNIX process. One process can not modify the address
space of another. This is unlike Windows where a process
can easily overwrite the address space of any other, leading
to a crash.</para>
<para>A UNIX process is owned by a patricular userid. If the
userid is not the root user, it serves to firewall the process
off from processes owned by other users. The userid is also
used to firewall off on-disk data.</para>
</answer>
</qandaentry>
<qandaentry>
<question id="securelevel">
<para>What is securelevel?</para>
</question>
<answer>
<para>The securelevel is a security mechanism implemented in the
kernel. Basically, when the securelevel is positive, the
kernel restricts certain tasks; not even the superuser (i.e.,
<username>root</username>) is allowed to do them. At the time
of this writing, the securelevel mechanism is capable of, among
other things, limiting the ability to,</para>
<itemizedlist>
<listitem>
<para>unset certain file flags, such as
<literal>schg</literal> (the system immutable flag),</para>
</listitem>
<listitem>
<para>write to kernel memory via
<filename>/dev/mem</filename> and
<filename>/dev/kmem</filename>,</para>
</listitem>
<listitem>
<para>load kernel modules, and</para>
</listitem>
<listitem>
<para>alter &man.ipfirewall.4; rules.</para>
</listitem>
</itemizedlist>
<para>To check the status of the securelevel on a running system,
simply execute the following command:</para>
<screen>&prompt.root; <userinput>sysctl kern.securelevel</userinput></screen>
<para>The output will contain the name of the &man.sysctl.8;
variable (in this case, <varname>kern.securelevel</varname>)
and a number. The latter is the current value of the
securelevel. If it is positive (i.e., greater than 0), at
least some of the securelevel's protections are enabled.</para>
<para>You cannot lower the securelevel of a running system; being
able to do that would defeat its purpose. If you need to do a
task that requires that the securelevel be non-positive (e.g.,
an <maketarget>installworld</maketarget> or changing the date),
you will have to change the securelevel setting in
<filename>/etc/rc.conf</filename> (you want to look for the
<varname>kern_securelevel</varname> and
<varname>kern_securelevel_enable</varname> variables) and
reboot.</para>
<para>For more information on securelevel and the specific things
all the levels do, please consult the &man.init.8; manual
page.</para>
<para>
<warning>
<para>Securelevel is not a silver bullet; it has many known
deficiencies. More often than not, it provides a false
sense of security.</para>
<para>One of its biggest problems is that in order for it to
be at all effective, all files used in the boot process up
until the securelevel is set must be protected. If an
attacker can get the system to execute their code prior to
the securelevel being set (which happens quite late in the
boot process since some things the system must do at
start-up cannot be done at an elevated securelevel), its
protections are invalidated. While this task of protecting
all files used in the boot process is not technically
impossible, if it is achieved, system maintenance will
become a nightmare since one would have to take the system
down, at least to single-user mode, to modify a
configuration file.</para>
<para>This point and others are often discussed on the
mailing lists, particuarly freebsd-security. Please search
the archives <ulink
url="http://www.FreeBSD.org/search/">here</ulink> for an
extensive discussion. Some people are hopeful that
securelevel will soon go away in favor of a more
fine-grained mechanism, but things are still hazy in this
respect.</para>
<para>Consider yourself warned.</para>
</warning>
</para>
</answer>
</qandaentry>
<qandaentry>
<question id="user-floppymount">
<para>How do I let ordinary users mount floppies, CDROMs and other removable
media?</para>
</question>
<answer>
<para>Ordinary users can be permitted to mount devices. Here is
how:</para>
<procedure>
<step>
<para>As <username>root</username> set the sysctl variable
<varname>vfs.usermount</varname> to
<literal>1</literal>.</para>
<screen>&prompt.root; <userinput>sysctl -w vfs.usermount=1</userinput></screen>
</step>
<step>
<para>As <username>root</username> assign the appropriate
permissions to the block device associated with the
removable media.</para>
<para>For example, to allow users to mount the first floppy
drive, use:</para>
<screen>&prompt.root; <userinput>chmod 666 /dev/fd0</userinput></screen>
<para>To allow users in the group
<username>operator</username> to mount the cdrom drive,
use:</para>
<screen>&prompt.root; <userinput>chgrp operator /dev/cd0c</userinput>
&prompt.root; <userinput>chmod 640 /dev/cd0c</userinput></screen>
</step>
<step>
<para>Finally, add the line
<literal>vfs.usermount=1</literal> to the file
<filename>/etc/sysctl.conf</filename> so that it is reset
at system boot time.</para>
</step>
</procedure>
<para>All users can now mount the floppy
<filename>/dev/fd0</filename> onto a directory that they
own:</para>
<screen>&prompt.user; <userinput>mkdir ~/my-mount-point</userinput>
&prompt.user; <userinput>mount -t msdos /dev/fd0 ~/my-mount-point</userinput></screen>
<para>Users in group <username>operator</username> can now
mount the cdrom <filename>/dev/cd0c</filename> onto a
directory that they own:</para>
<screen>&prompt.user; <userinput>mkdir ~/my-mount-point</userinput>
&prompt.user; <userinput>mount -t msdos /dev/cd0c ~/my-mount-point</userinput></screen>
<para>Unmounting the device is simple:</para>
<screen>&prompt.user; <userinput>umount <filename>~/my-mount-point</filename></userinput></screen>
<para>Enabling <varname>vfs.usermount</varname>, however, has
negative security implications. A better way to access MSDOS
formatted media is to use the <ulink
URL="http://www.freebsd.org/cgi/ports.cgi?query=%5Emtools-&amp;stype=name">mtools</ulink> package in the ports collection.</para>
</answer>
</qandaentry>
<qandaentry>
<question id="new-huge-disk">
<para>How do I move my system over to my huge new disk?</para>
</question>
<answer>
<para>The best way is to reinstall the OS on the new
disk, then move the user data over. This is highly
recommended if you've been tracking -stable for more
than one release, or have updated a release instead of
installing a new one. You can install booteasy on both
disks with &man.boot0cfg.8;, and dual boot them until
you are happy with the new configuration. Skip the
next paragraph to find out how to move the data after
doing this.</para>
<para>Should you decide not to do a fresh install, you
need to partition and label the new disk with either
<filename>/stand/sysinstall</filename>, or &man.fdisk.8;
and &man.disklabel.8;. You should also install booteasy
on both disks with &man.boot0cfg.8;, so that you can
dual boot to the old or new system after the copying
is done. See the <ulink
url="http://www.freebsd.org/tutorials/formatting-media/index.html">
formatting-media tutorial</ulink> for details on this
process.</para>
<para>Now you've got the new disk set up, and are ready
to move the data. Unfortunately, you can't just blindly
copy the data. Things like device files (in
<filename>/dev</filename>) and symbolic links tend to
screw that up. You need to use tools that understand
these things, which means &man.dump.8; and &man.tar.1;.
Although it is suggested that you move the data in single user
mode, it is not required.</para>
<para>You should never use anything but &man.dump.8; and
&man.restore.8; to move the root file system. The
&man.tar.1; command may work - then again, it may not.
You should also use &man.dump.8; and &man.restore.8;
if you are moving a single partition to another empty
partition. The sequence of steps to use dump to move
a partitions data to a new partition is:</para>
<procedure>
<step>
<para>newfs the new partition.</para>
</step>
<step>
<para>mount it on a temporary mount point.</para>
</step>
<step>
<para>cd to that directory.</para>
</step>
<step>
<para>dump the old partition, piping output to the
new one.</para>
</step>
</procedure>
<para>For example, if you are going to move root to
<filename>/dev/ad1s1a</filename>, with
<filename>/mnt</filename> as the temporary mount point,
it's:</para>
<screen>&prompt.root; <userinput>newfs /dev/ad1s1a</userinput>
&prompt.root; <userinput>mount /dev/ad1s1a</userinput>
&prompt.root; <userinput>cd /mnt</userinput>
&prompt.root; <userinput>dump 0uaf - / | restore xf -</userinput></screen>
<para>If you are going to rearrange your partitions -
say, splitting one into two, or combing two into one,
you may find yourself needing to move everything under
a subdirectory to a new location. Since &man.dump.8;
works with file systems, it can't do this. So you use
&man.tar.1;. The general command to move
<filename>/old</filename> to <filename>/new</filename>
for &man.tar.1; is:</para>
<screen>&prompt.root; <userinput>(cd /old; tar cf - .) | (cd /new; tar xpf -)</userinput></screen>
<para>If <filename>/old</filename> has file systems
mounted on that, and you
don't want to move that data or unmount them, you just
add the 'l' flag to the first &man.tar.1;:</para>
<screen>&prompt.root; <userinput>(cd /old; tar clf - .) | (cd /new; tar xpf -).</userinput></screen>
<para>You might prefer cpio(1), pax(1) or cpdup
(in ports/sysutils/cpdup) to tar.</para>
</answer>
</qandaentry>
<qandaentry>
<question id="release-candidate">
<para>I tried to update my system to the latest -STABLE, but
got -RC or -BETA! What's going on?</para>
</question>
<answer>
<para>Short answer: it's just a name. RC stands for
<quote>Release Candidate</quote>. It signifies that a
release is imminent. In FreeBSD, -BETA is typically synonymous
with the code freeze before a release.</para>
<para>Long answer: FreeBSD derives its releases from one of
two places. Major, dot-zero, releases, such as
3.0-RELEASE and 4.0-RELEASE, are branched from the head of
the development stream, commonly referred to as <link
linkend="current">-CURRENT</link>. Minor releases, such
as 3.1-RELEASE or 4.2-RELEASE, have been snapshots of the active
<link linkend="stable">-STABLE</link> branch. Starting with
4.3-RELEASE, each release also now has its own branch which can be
tracked by people requiring an extremely conservative rate
of development (typically only security advisories).</para>
<para>When a release is about to be made, the branch from
which it will be derived from has to undergo a certain
process. Part of this process is a code freeze. When a
code freeze is initiated, the name of the branch is
changed to reflect that it's about to become a release.
For example, if the branch used to be called 4.0-STABLE,
its name will be changed to 4.1-BETA to signify the code
freeze and signify that extra pre-release testing should
be happening. Bug fixes can still be committed to be part
of the release. When the source code is in shape for the
release the name will be chagned to 4.1-RC to signify that a
release is about to be made from it. Once in the RC stage,
only the most critical bugs found can be fixed.
Once the release, 4.1-RELEASE in this example, has been made,
the branch will be renamed to 4.1-STABLE.</para>
</answer>
</qandaentry>
<qandaentry>
<question id="kernel-chflag-failure">
<para>I tried to install a new kernel, and the chflags failed.
How do I get around this?</para>
</question>
<answer>
<para>Short answer: You're probably at security level
greater than 0. Reboot directly to single user mode to
install the kernel.</para>
<para>Long answer: FreeBSD disallows changing system flags
at security levels greater than 0. You can check your
security level with the command:</para>
<screen>&prompt.root; <userinput>sysctl kern.securelevel</userinput></screen>
<para>You cannot lower the security level; you have to boot
to single mode to install the kernel, or change the
security in <filename>/etc/rc.conf</filename> then reboot. See
the &man.init.8; man page for details on securelevel, and
see <filename>/etc/defaults/rc.conf</filename> and the
&man.rc.conf.5; man page for more information on rc.conf.</para>
</answer>
</qandaentry>
<qandaentry>
<question id="kernel-securelevel-time">
<para>I can't change the time on my system by more than one second!
How do I get around this?</para>
</question>
<answer>
<para>Short answer: You're probably at security level
greater than 1. Reboot directly to single user mode to
change the date.</para>
<para>Long answer: FreeBSD disallows changing the time by
more that one second at security levels greater than 1. You
can check your security level with the command:</para>
<screen>&prompt.root; <userinput>sysctl kern.securelevel</userinput></screen>
<para>You cannot lower the security level; you have to boot
to single mode to change the date, or change the security
level in <filename>/etc/rc.conf</filename> then reboot. See
the &man.init.8; man page for details on securelevel, and
see <filename>/etc/defaults/rc.conf</filename> and the
&man.rc.conf.5; man page for more information on rc.conf.</para>
</answer>
</qandaentry>
<qandaentry>
<question id="statd-mem-leak">
<para>There is a memory leak in &man.rpc.statd.8;! It is using
256 Mbytes of memory!</para>
</question>
<answer>
<para>No, there is no memory leak, and it's not using 256 Mbytes
of memory. It simply likes to (i.e., always does) map an
obscene amount of memory into its address space for convenience.
There is nothing terribly wrong with this from a technical
standpoint; it just throws off things like &man.top.1; and
&man.ps.1;.</para>
<para>&man.rpc.statd.8; maps its status file (resident on
<filename>/var</filename>) into its address space; to save
worrying about remapping it later when it needs to grow, it maps
it with a generious size. This is very evident from the source
code, where one can see that the length argument to &man.mmap.2;
is <literal>0x10000000</literal>, or one sixteenth of the
address space on an IA32, or exactly 256MB.</para>
</answer>
</qandaentry>
<qandaentry>
<question id="unsetting-schg">
<para>Why can't I unset the <literal>schg</literal> file
flag?</para>
</question>
<answer>
<para>You're running at an elevated (i.e., greater than 0)
securelevel. Lower the securelevel and try again. For more
information, see <link linkend="securelevel">the FAQ entry on
securelevel</link> and the &man.init.8; manual page.</para>
</answer>
</qandaentry>
</qandaset>
</chapter>
<chapter id="x">
<title>The X Window System and Virtual Consoles</title>
<qandaset>
<qandaentry>
<question id="running-X">
<para>I want to run X, how do I go about it?</para>
</question>
<answer>
<para>The easiest way is to simply specify that you want to
run X during the installation process.</para>
<para>Then read and follow the documentation on the <ulink
URL="http://www.FreeBSD.org/cgi/man.cgi?manpath=xfree86&amp;query=xf86config">
xf86config</ulink> tool, which assists you in configuring
XFree86(tm) for your particular graphics card/mouse/etc.</para>
<para>You may also wish to investigate the Xaccel server.
See the section on <link linkend="xig">Xi Graphics</link> or
<link linkend="metrox">Metro Link</link> for more details.</para>
</answer>
</qandaentry>
<qandaentry>
<question id="running-X-securelevels">
<para>I <emphasis>tried</emphasis> to run X, but I get an
<errorname>KDENABIO failed (Operation not permitted)</errorname>
error when I type <command>startx</command>. What do I do
now?</para>
</question>
<answer>
<para>Your system is running at a raised securelevel, isn't
it? It is, indeed, impossible to start X at a raised
securelevel. To see why, look at the &man.init.8; man
page.</para>
<para>So the question is what else you should do instead,
and you basically have two choices: set your securelevel
back down to zero (usually from <filename>/etc/rc.conf</filename>),
or run &man.xdm.1; at boot time (before the securelevel is
raised).</para>
<para>See <xref linkend="xdm-boot"> for more information about
running &man.xdm.1; at boot time.</para>
</answer>
</qandaentry>
<qandaentry>
<question id="x-and-moused">
<para>Why doesn't my mouse work with X?</para>
</question>
<answer>
<para>If you are using syscons (the default console driver),
you can configure FreeBSD to support a mouse pointer on each
virtual screen. In order to avoid conflicting with X, syscons
supports a virtual device called
<filename>/dev/sysmouse</filename>. All mouse events received
from the real mouse device are written to the sysmouse device
via moused. If you wish to use your mouse on one or more
virtual consoles, <emphasis>and</emphasis> use X, see
<xref linkend="moused" remap="another section"> and set up
moused.</para>
<para>Then edit <filename>/etc/XF86Config</filename> and make
sure you have the following lines.</para>
<programlisting>Section Pointer
Protocol "SysMouse"
Device "/dev/sysmouse"
.....</programlisting>
<para>The above example is for XFree86 3.3.2 or later. For
earlier versions, the <emphasis>Protocol</emphasis> should be
<emphasis>MouseSystems</emphasis>.</para>
<para>Some people prefer to use <filename>/dev/mouse</filename>
under X. To make this work, <filename>/dev/mouse</filename>
should be linked to
<filename>/dev/sysmouse</filename> (see &man.sysmouse.4;):</para>
<screen>&prompt.root; <userinput>cd /dev</userinput>
&prompt.root; <userinput>rm -f mouse</userinput>
&prompt.root; <userinput>ln -s sysmouse mouse</userinput></screen>
</answer>
</qandaentry>
<qandaentry>
<question id="x-and-wheel">
<para>My mouse has a fancy wheel. Can I use it in X?</para>
</question>
<answer>
<para>Yes. But you need to customize X client programs. See <ulink
URL="http://www.inria.fr/koala/colas/mouse-wheel-scroll/">
Colas Nahaboo's web page
(http://www.inria.fr/koala/colas/mouse-wheel-scroll/)
</ulink>.</para>
<para>If you want to use the <application>imwheel</application>
program, just follow these simple steps.</para>
<orderedlist>
<listitem>
<para>Translate the Wheel Events</para>
<para>The <application>imwheel</application> program
works by translating mouse button 4 and mouse button 5
events into key events. Thus, you have to get the
mouse driver to translate mouse wheel events to button
4 and 5 events. There are two ways of doing this, the
first way is to have &man.moused.8; do the
translation. The second way is for the X server
itself to do the event translation.</para>
<orderedlist>
<listitem>
<para>Using &man.moused.8; to Translate Wheel
Events</para>
<para>To have &man.moused.8; perform the event
translations, simply add <option>-z 4</option> to
the command line used to start &man.moused.8;.
For example, if you normally start &man.moused.8;
via <command>moused -p /dev/psm0</command> you
would start it by entering <command>moused -p
/dev/psm0 -z 4</command> instead. If you start
&man.moused.8; automatically during bootup via
<filename>/etc/rc.conf</filename>, you can simply
add <option>-z 4</option> to the
<varname>moused_flags</varname> variable in
<filename>/etc/rc.conf</filename>.</para>
<para>You now need to tell X that you have a 5
button mouse. To do this, simply add the line
<literal>Buttons 5</literal> to the
<quote>Pointer</quote> section of
<filename>/etc/XF86Config</filename>. For
example, you might have the following
<quote>Pointer</quote> section in
<filename>/etc/XF86Config</filename>.</para>
<example>
<title><quote>Pointer</quote> Section for Wheeled
Mouse in XFree86 3.3.x series XF86Config with moused
Translation</title>
<programlisting>Section "Pointer"
Protocol "SysMouse"
Device "/dev/sysmouse"
Buttons 5
EndSection</programlisting>
</example>
<example>
<title><quote>InputDevice</quote> Section for Wheeled
Mouse in XFree86 4.x series XF86Config with
automatic protocol recognition and button mapping
Translation</title>
<programlisting>Section "InputDevice"
Identifier "Mouse1"
Driver "mouse"
Option "Protocol" "auto"
Option "Device" "/dev/psm0"
Option "Buttons" "5"
Option "ZAxisMapping" "4 5"
EndSection</programlisting>
</example>
<example>
<title><quote>.emacs</quote> example for naive
page scrolling with Wheeled Mouse</title>
<programlisting>;; wheel mouse
(global-set-key [mouse-4] 'scroll-down)
(global-set-key [mouse-5] 'scroll-up)</programlisting>
</example>
</listitem>
<listitem>
<para>Using Your X Server to Translate the Wheel
Events</para>
<para>If you aren't running &man.moused.8;, or if
you don't want &man.moused.8; to translate your
wheel events, you can have the X server do the
event translation instead. This requires a couple
of modifications to your
<filename>/etc/XF86Config</filename> file. First,
you need to choose the proper protocol for your
mouse. Most wheeled mice use the
<quote>IntelliMouse</quote> protocol. However,
XFree86 does support other protocols, such as
<quote>MouseManPlusPS/2</quote> for the Logitech
MouseMan+ mice. Once you have chosen the protocol
you will use, you need to add a
<varname>Protocol</varname> line to the
<quote>Pointer</quote> section.</para>
<para>Secondly, you need to tell the X server to
remap wheel scroll events to mouse buttons 4 and
5. This is done with the
<varname>ZAxisMapping</varname> option.</para>
<para>For example, if you aren't using
&man.moused.8;, and you have an IntelliMouse
attached to the PS/2 mouse port you would use
the following in
<filename>/etc/XF86Config</filename>.</para>
<example>
<title><quote>Pointer</quote> Section for Wheeled
Mouse in <filename>XF86Config</filename> with X
Server Translation</title>
<programlisting>Section "Pointer"
Protocol "IntelliMouse"
Device "/dev/psm0"
ZAxisMapping 4 5
EndSection</programlisting>
</example>
</listitem>
</orderedlist>
</listitem>
<listitem>
<para>Install <application>imwheel</application></para>
<para>Next, install <application>imwheel</application>
from the Ports collection. It can be found in the
<filename>x11</filename> category. This program will
map the wheel events from your mouse into keyboard
events. For example, it might send <keycap>Page
Up</keycap> to a program when you scroll the wheel
forwards. <application>Imwheel</application> uses a
configuration file to map the wheel events to
keypresses so that it can send different keys to
different applications. The default
<application>imwheel</application> configuration file
is installed in
<filename>/usr/X11R6/etc/imwheelrc</filename>. You
can copy it to <filename>~/.imwheelrc</filename> and
then edit it if you wish to customize
<application>imwheel</application>'s configuration.
The format of the configuration file is documented in
&man.imwheel.1;.</para>
</listitem>
<listitem>
<para>Configure <application>Emacs</application> to Work
with <application>Imwheel</application>
(<emphasis>optional</emphasis>)</para>
<para>If you use <application>emacs</application> or
<application>Xemacs</application>, then you need to
add a small section to your
<filename>~/.emacs</filename> file. For
<application>emacs</application>, add the
following:</para>
<example>
<title><application>Emacs</application> Configuration
for <application>Imwheel</application></title>
<programlisting>;;; For imwheel
(setq imwheel-scroll-interval 3)
(defun imwheel-scroll-down-some-lines ()
(interactive)
(scroll-down imwheel-scroll-interval))
(defun imwheel-scroll-up-some-lines ()
(interactive)
(scroll-up imwheel-scroll-interval))
(global-set-key [?\M-\C-\)] 'imwheel-scroll-up-some-lines)
(global-set-key [?\M-\C-\(] 'imwheel-scroll-down-some-lines)
;;; end imwheel section</programlisting>
</example>
<para>For <application>Xemacs</application>, add the
following to your <filename>~/.emacs</filename> file
instead:</para>
<example>
<title><application>Xemacs</application> Configuration
for <application>Imwheel</application></title>
<programlisting>;;; For imwheel
(setq imwheel-scroll-interval 3)
(defun imwheel-scroll-down-some-lines ()
(interactive)
(scroll-down imwheel-scroll-interval))
(defun imwheel-scroll-up-some-lines ()
(interactive)
(scroll-up imwheel-scroll-interval))
(define-key global-map [(control meta \))] 'imwheel-scroll-up-some-lines)
(define-key global-map [(control meta \()] 'imwheel-scroll-down-some-lines)
;;; end imwheel section</programlisting>
</example>
</listitem>
<listitem>
<para>Run <application>Imwheel</application></para>
<para>You can just type <command>imwheel</command>
in an xterm to start it up once it is installed. It
will background itself and take effect immediately.
If you want to always use
<application>imwheel</application>, simply add it to
your <filename>.xinitrc</filename> or
<filename>.xsession</filename> file. You can safely
ignore any warnings <application>imwheel</application>
displays about PID files. Those warnings only apply
to the Linux version of
<application>imwheel</application>.</para>
</listitem>
</orderedlist>
</answer>
</qandaentry>
<qandaentry>
<question id="window-menu-weird">
<para>X Window menus and dialog boxes don't work right!</para>
</question>
<answer>
<para>Try turning off the Num Lock key.</para>
<para>If your Num Lock key is on by default at boot-time, you
may add the following line in the <literal>Keyboard</literal>
section of the <filename>XF86Config</filename> file.</para>
<programlisting># Let the server do the NumLock processing. This should only be
# required when using pre-R6 clients
ServerNumLock</programlisting>
</answer>
</qandaentry>
<qandaentry>
<question id="virtual-console">
<para>What is a virtual console and how do I make more?</para>
</question>
<answer>
<para>Virtual consoles, put simply, enable you to have several
simultaneous sessions on the same machine without doing anything
complicated like setting up a network or running X.</para>
<para>When the system starts, it will display a login prompt on
the monitor after displaying all the boot messages. You can
then type in your login name and password and start working (or
playing!) on the first virtual console.</para>
<para>At some point, you will probably wish to start another
session, perhaps to look at documentation for a program
you are running or to read your mail while waiting for an
FTP transfer to finish. Just do Alt-F2 (hold down the Alt
key and press the F2 key), and you will find a login prompt
waiting for you on the second <quote>virtual console</quote>!
When you want to go back to the original session, do
Alt-F1.</para>
<para>The default FreeBSD installation has three virtual consoles
enabled (8 starting with 3.3-RELEASE), and Alt-F1, Alt-F2, and
Alt-F3 will switch between these virtual consoles.</para>
<para>To enable more of them, edit
<filename>/etc/ttys</filename> (see &man.ttys.5;)
and add entries for <devicename>ttyv4</devicename>
to <devicename>ttyvc</devicename> after the comment on
<quote>Virtual terminals</quote>:</para>
<programlisting># Edit the existing entry for ttyv3 in /etc/ttys and change
# "off" to "on".
ttyv3 "/usr/libexec/getty Pc" cons25 on secure
ttyv4 "/usr/libexec/getty Pc" cons25 on secure
ttyv5 "/usr/libexec/getty Pc" cons25 on secure
ttyv6 "/usr/libexec/getty Pc" cons25 on secure
ttyv7 "/usr/libexec/getty Pc" cons25 on secure
ttyv8 "/usr/libexec/getty Pc" cons25 on secure
ttyv9 "/usr/libexec/getty Pc" cons25 on secure
ttyva "/usr/libexec/getty Pc" cons25 on secure
ttyvb "/usr/libexec/getty Pc" cons25 on secure</programlisting>
<para>Use as many or as few as you want. The more virtual
terminals you have, the more resources that are used; this
can be important if you have 8MB RAM or less. You may also
want to change the <literal>secure</literal>
to <literal>insecure</literal>.</para>
<para>
<important>
<para>If you want to run an X server you
<emphasis>must</emphasis> leave at least one virtual
terminal unused (or turned off) for it to use. That is to
say that if you want to have a login prompt pop up for all
twelve of your Alt-function keys, you're out of luck - you
can only do this for eleven of them if you also want to run
an X server on the same machine.</para>
</important>
</para>
<para>The easiest way to disable a console is by turning it off.
For example, if you had the full 12 terminal allocation
mentioned above and you wanted to run X, you would change
settings for virtual terminal 12 from:</para>
<programlisting>ttyvb "/usr/libexec/getty Pc" cons25 on secure</programlisting>
<para>to:</para>
<programlisting>ttyvb "/usr/libexec/getty Pc" cons25 off secure</programlisting>
<para>If your keyboard has only ten function keys, you would
end up with:</para>
<programlisting>ttyv9 "/usr/libexec/getty Pc" cons25 off secure
ttyva "/usr/libexec/getty Pc" cons25 off secure
ttyvb "/usr/libexec/getty Pc" cons25 off secure</programlisting>
<para>(You could also just delete these lines.)</para>
<para>Once you have edited
<filename>/etc/ttys</filename>, the next step is to make sure that you
have enough virtualterminal devices. The easiest way to do
this is:</para>
<screen>&prompt.root; <userinput>cd /dev</userinput>
&prompt.root; <userinput>sh MAKEDEV vty12</userinput></screen>
<para>Next, the easiest (and cleanest) way to activate the
virtual consoles is to reboot. However, if you really don't
want to reboot, you can just shut down the X Window system
and execute (as <username>root</username>):</para>
<screen>&prompt.root; <userinput>kill -HUP 1</userinput></screen>
<para>It's imperative that you completely shut down X Window if
it is running, before running this command. If you don't,
your system will probably appear to hang/lock up after
executing the kill command.</para>
</answer>
</qandaentry>
<qandaentry>
<question id="vty-from-x">
<para>How do I access the virtual consoles from X?</para>
</question>
<answer>
<para>Use <keycombo action="simul">
<keycap>Ctrl</keycap>
<keycap>Alt</keycap>
<keycap>F<replaceable>n</replaceable></keycap>
</keycombo> to switch back to a virtual console.
<keycombo action="simul">
<keycap>Ctrl</keycap>
<keycap>Alt</keycap>
<keycap>F1</keycap>
</keycombo> would return you to the first virtual console.</para>
<para>Once you are back to a text console, you can then use
<keycombo action="simul">
<keycap>Alt</keycap>
<keycap>F<replaceable>n</replaceable></keycap>
</keycombo> as normal to move between them.</para>
<para>To return to the X session, you must switch to the virtual
console running X. If you invoked X from the command line, (e.g.,
using <command>startx</command>) then the X session will attach to
the next unused virtual console, not the text console from which
it was invoked. If you have eight active virtual terminals then X
will be running on the ninth, and you would use
<keycombo action="simul">
<keycap>Alt</keycap>
<keycap>F9</keycap>
</keycombo> to return.</para>
</answer>
</qandaentry>
<qandaentry>
<question id="xdm-boot">
<para>How do I start XDM on boot?</para>
</question><answer>
<para>There are two schools of thought on how to start <ulink
URL="http://www.FreeBSD.org/cgi/man.cgi?manpath=xfree86&amp;query=xdm">
xdm</ulink>. One school starts xdm from
<filename>/etc/ttys</filename> (see &man.ttys.5;)
using the supplied example, while the other simply runs xdm
from
<filename>rc.local</filename> (see &man.rc.8;)
or from a <filename>X.sh</filename> script in
<filename>/usr/local/etc/rc.d</filename>. Both are equally
valid, and one may work in situations where the other doesn't.
In both cases the result is the same: X will popup a graphical
login: prompt.</para>
<para>The ttys method has the advantage of documenting which
vty X will start on and passing the responsibility of
restarting the X server on logout to init. The rc.local
method makes it easy to kill xdm if there is a problem
starting the X server.</para>
<para>If loaded from rc.local, <command>xdm</command> should
be started without any arguments (i.e., as a daemon). xdm must
start AFTER getty runs, or else getty and xdm will conflict,
locking out the console. The best way around this is to have
the script sleep 10 seconds or so then launch xdm.</para>
<para>If you are to start <command>xdm</command> from
<filename>/etc/ttys</filename>, there still is a chance of
conflict between <command>xdm</command> and
<command>getty</command>. One way to avoid this is to add the
<literal>vt</literal> number in the
<filename>/usr/X11R6/lib/X11/xdm/Xservers</filename>
file.</para>
<programlisting>:0 local /usr/X11R6/bin/X vt4</programlisting>
<para>The above example will direct the X server to run in
<filename>/dev/ttyv3</filename>. Note the number is offset by
one. The X server counts the vty from one, whereas the FreeBSD
kernel numbers the vty from zero.</para>
</answer>
</qandaentry>
<qandaentry>
<question id="xconsole-failure">
<para>When I run xconsole, I get
<literal>Couldn't open console</literal>.</para>
</question>
<answer>
<para>If you start <ulink
URL="http://www.FreeBSD.org/cgi/man.cgi?manpath=xfree86&amp;query=X">X</ulink>
with <ulink
URL="http://www.FreeBSD.org/cgi/man.cgi?manpath=xfree86&amp;query=startx">
startx</ulink>, the permissions on
<filename>/dev/console</filename> will
<emphasis>not</emphasis> get changed, resulting in
things like <ulink
URL="http://www.FreeBSD.org/cgi/man.cgi?manpath=xfree86&amp;query=xterm">
xterm -C</ulink> and <ulink
URL="http://www.FreeBSD.org/cgi/man.cgi?manpath=xfree86&amp;query=xconsole">
xconsole</ulink>not working.</para>
<para>This is because of the way console permissions are set
by default. On a multi-user system, one doesn't necessarily
want just any user to be able to write on the system console.
For users who are logging directly onto a machine with a VTY,
the &man.fbtab.5;
file exists to solve such problems.</para>
<para>In a nutshell, make sure an uncommented line of the
form</para>
<programlisting>/dev/ttyv0 0600 /dev/console</programlisting>
<para>is in
<filename>/etc/fbtab</filename> (see &man.fbtab.5;) and it will ensure that whomever logs in on
<filename>/dev/ttyv0</filename> will own the console.</para>
</answer>
</qandaentry>
<qandaentry>
<question id="xfree86-root">
<para>I used to run XFree86 as a regular user, but now when
I start it it says I must be root!</para>
</question>
<answer>
<para>All X servers need to be run as root in order to get direct
access to your video hardware. Older versions of XFree86
(&lt;= 3.3.6) installed all bundled servers to be automatically
run as root (setuid to root). This is obviously a security
hazard because X servers are large, complicated programs.
Newer versions of XFree86 do not install the servers setuid to
root for just this reason.</para>
<para>Obviously, running an X server as the root user is not
acceptable, nor a good idea security-wise. There are two ways
to be able to use X as a regular user. The first is to use
<command>xdm</command> or another display manager
(e.g., <command>kdm</command>); the second is to use the
<command>Xwrapper</command>.</para>
<para><command>xdm</command> is a daemon that handles graphical
logins. It is usually started at boot time, and is responsible
for authenticating users and starting their sessions; it is
essentially the graphical counterpart of
<command>getty</command> and <command>login</command>. For
more information on <command>xdm</command> see
<ulink url="http://www.xfree86.org/support.html">the XFree86
documentation</ulink>, and the <link linkend="xdm-boot">the FAQ
entry</link> on it.</para>
<para><command>Xwrapper</command> is the X server wrapper; it is
a small utility to enable one to manually run an X server while
maintaining reasonable safety. It performs some sanity checks
on the command line arguments given, and if they pass, runs the
appropriate X server. If you do not want to run a display
manger for whatever reason, this is for you. If you have
installed the complete ports collection, you can find the port in
<filename>/usr/ports/x11/wrapper</filename>.</para>
</answer>
</qandaentry>
<qandaentry>
<question id="ps2-x">
<para>My PS/2 mouse doesn't behave properly under X.</para>
</question>
<answer>
<para>Your mouse and the mouse driver may have somewhat become
out of synchronization.</para>
<para>In versions 2.2.5 and earlier, switching away from X to a
virtual terminal and getting back to X again may make them
re-synchronized. If the problem occurs often, you may add the
following option in your kernel configuration file and
recompile it.</para>
<programlisting>options PSM_CHECKSYNC</programlisting>
<para>See the section on <link linkend="make-kernel">building
a kernel</link> if you've no experience with building
kernels.</para>
<para>With this option, there should be less chance of
synchronization problem between the mouse and the driver.
If, however, you still see the problem, click any mouse
button while holding the mouse still to re-synchronize the
mouse and the driver.</para>
<para>Note that unfortunately this option may not work with all
the systems and voids the <quote>tap</quote> feature of the
ALPS GlidePoint device attached to the PS/2 mouse port.</para>
<para>In versions 2.2.6 and later, synchronization check is done
in a slightly better way and is standard in the PS/2 mouse
driver. It should even work with GlidePoint. (As the check code
has become a standard feature, PSM_CHECKSYNC option is not
available in these versions.) However, in rare case the driver
may erroneously report synchronization problem and you may see
the kernel message:</para>
<programlisting>psmintr: out of sync (xxxx != yyyy)</programlisting>
<para>and find your mouse doesn't seem to work properly.</para>
<para>If this happens, disable the synchronization check code
by setting the driver flags for the PS/2 mouse driver to 0x100.
Enter <emphasis>UserConfig</emphasis> by giving the
<option>-c</option> option at the boot prompt:</para>
<screen>boot: <userinput>-c</userinput></screen>
<para>Then, in the <emphasis>UserConfig</emphasis> command
line, type:</para>
<screen>UserConfig&gt; <userinput>flags psm0 0x100</userinput>
UserConfig&gt; <userinput>quit</userinput></screen>
</answer>
</qandaentry>
<qandaentry>
<question id="ps2-mousesystems">
<para>My PS/2 mouse from MouseSystems doesn't seem to
work.</para>
</question>
<answer>
<para>There have been some reports that certain model of PS/2
mouse from MouseSystems works only if it is put into the
<quote>high resolution</quote> mode. Otherwise, the mouse
cursor may jump to the upper-left corner of the screen every
so often.</para>
<para>Unfortunately there is no workaround for versions 2.0.X
and 2.1.X. In versions 2.2 through 2.2.5, apply the following
patch to <filename>/sys/i386/isa/psm.c</filename> and rebuild
the kernel. See the section on <link
linkend="make-kernel">building a kernel</link> if you've no
experience with building kernels.</para>
<programlisting>@@ -766,6 +766,8 @@
if (verbose &gt;= 2)
log(LOG_DEBUG, "psm%d: SET_DEFAULTS return code:%04x\n",
unit, i);
+ set_mouse_resolution(sc-&gt;kbdc, PSMD_RES_HIGH);
+
#if 0
set_mouse_scaling(sc-&gt;kbdc); /* 1:1 scaling */
set_mouse_mode(sc-&gt;kbdc); /* stream mode */</programlisting>
<para>In versions 2.2.6 or later, specify the flags 0x04 to
the PS/2 mouse driver to put the mouse into the high
resolution mode. Enter <emphasis>UserConfig</emphasis> by
giving the <option>-c</option> option at the boot prompt:</para>
<screen>boot: <userinput>-c</userinput></screen>
<para>Then, in the <emphasis>UserConfig</emphasis> command line,
type:</para>
<screen>UserConfig&gt; <userinput>flags psm0 0x04</userinput>
UserConfig&gt; <userinput>quit</userinput></screen>
<para>See the previous section for another possible cause of mouse
problems.</para>
</answer>
</qandaentry>
<qandaentry>
<question id="imake-tmpl">
<para>When building an X app, <command>imake</command> can't
find <filename>Imake.tmpl</filename>. Where is it?</para>
</question>
<answer>
<para>Imake.tmpl is part of the Imake package, a standard X
application building tool. Imake.tmpl, as well as several
header files that are required to build X apps, is contained
in the X prog distribution. You can install this from sysinstall
or manually from the X distribution files.</para>
</answer>
</qandaentry>
<qandaentry>
<question id="mouse-button-reverse">
<para>How do I reverse the mouse buttons?</para>
</question>
<answer>
<para>Run the command
<command>xmodmap -e "pointer = 3 2 1"</command> from your
.xinitrc or .xsession.</para>
</answer>
</qandaentry>
<qandaentry>
<question id="install-splash">
<para>How do I install a splash screen and where do I find
them?</para>
</question>
<answer>
<para>Just prior to the release of FreeBSD 3.1, a new feature
was added to allow the display of <quote>splash</quote> screens
during the boot messages. The splash screens currently must be
a 256 color bitmap (<filename>*.BMP</filename>) or ZSoft PCX
(<filename>*.PCX</filename>) file. In addition, they must have
a resolution of 320x200 or less to work on standard VGA
adapters. If you compile VESA support into your kernel, then
you can use larger bitmaps up to 1024x768. Note that VESA
support requires the <literal>VM86</literal> kernel option to
be compiled into the kernel. The actual VESA support can either
be compiled directly into the kernel with the
<literal>VESA</literal> kernel config option or by loading the
VESA kld module during bootup.</para>
<para>To use a splash screen, you need to modify the startup
files that control the boot process for FreeBSD. The files for
this changed prior to the release of FreeBSD 3.2, so there are
now two ways of loading a splash screen:</para>
<itemizedlist>
<listitem>
<para>FreeBSD 3.1</para>
<para>The first step is to find a bitmap version of your
splash screen. Release 3.1 only supports Windows bitmap
splash screens. Once you've found your splash screen of
choice copy it to <filename>/boot/splash.bmp</filename>.
Next, you need to have a
<filename>/boot/loader.rc</filename> file that contains
the following lines:</para>
<programlisting>load kernel
load -t splash_image_data /boot/splash.bmp
load splash_bmp
autoboot</programlisting>
</listitem>
<listitem>
<para>FreeBSD 3.2+</para>
<para>In addition to adding support for PCX splash screens,
FreeBSD 3.2 includes a nicer way of configuring the boot
process. If you wish, you can use the method listed above
for FreeBSD 3.1. If you do and you want to use PCX,
replace <literal>splash_bmp</literal> with
<literal>splash_pcx</literal>. If, on the other hand, you
want to use the newer boot configuration, you need to
create a <filename>/boot/loader.rc</filename> file that
contains the following lines:</para>
<programlisting>include /boot/loader.4th
start</programlisting>
<para>and a <filename>/boot/loader.conf</filename> that
contains the following:</para>
<programlisting>splash_bmp_load="YES"
bitmap_load="YES"</programlisting>
<para>This assumes you are using
<filename>/boot/splash.bmp</filename> for your splash
screen. If you'd rather use a PCX file, copy it to
<filename>/boot/splash.pcx</filename>, create a
<filename>/boot/loader.rc</filename> as instructed
above, and create a
<filename>/boot/loader.conf</filename> that
contains:</para>
<programlisting>splash_pcx_load="YES"
bitmap_load="YES"
bitmap_name="/boot/splash.pcx"</programlisting>
</listitem>
</itemizedlist>
<para>Now all you need is a splash screen. For that you can
surf on over to the gallery at <ulink
URL="http://www.baldwin.cx/splash/">http://www.baldwin.cx/splash/</ulink>.</para>
</answer>
</qandaentry>
<qandaentry>
<question id="windows-keys">
<para>Can I use the Windows(tm) keys on my keyboard in X?</para>
</question>
<answer>
<para>Yes. All you need to do is use &man.xmodmap.1; to define
what function you wish them to perform.</para>
<para>Assuming all <quote>Windows(tm)</quote> keyboards are
standard then the keycodes for the 3 keys are</para>
<itemizedlist>
<listitem>
<para>115 - Windows(tm) key, between the left-hand Ctrl and
Alt keys</para>
</listitem>
<listitem>
<para>116 - Windows(tm) key, to the right of the Alt-Gr
key</para>
</listitem>
<listitem>
<para>117 - Menu key, to the left of the right-hand Ctrl
key</para>
</listitem>
</itemizedlist>
<para>To have the left Windows(tm) key print a comma, try
this.</para>
<screen>&prompt.root; <userinput>xmodmap -e "keycode 115 = comma"</userinput></screen>
<para>You will probably have to re-start your window manager
to see the result.</para>
<para>To have the Windows(tm) key-mappings enabled automatically
everytime you start X either put the <command>xmodmap</command>
commands in your <filename>~/.xinitrc</filename> file or,
preferably, create a file <filename>~/.xmodmaprc</filename> and
include the <command>xmodmap</command> options, one per line,
then add the line</para>
<programlisting>xmodmap $HOME/.xmodmaprc</programlisting>
<para>to your <filename>~/.xinitrc</filename>.</para>
<para>For example, you could map the 3 keys top be F13, F14, and
F15, respectively. This would make it easy to map them to
useful functions within applications or your window
manager, as demonstrated further down.</para>
<para>To do this put the following in
<filename>~/.xmodmaprc</filename>.</para>
<programlisting>keycode 115 = F13
keycode 116 = F14
keycode 117 = F15</programlisting>
<para>If you use <command>fvwm2</command>, for example, you
could map the keys
so that F13 iconifies (or de-iconifies) the window the cursor
is in, F14 brings the window the cursor is in to the front or,
if it is already at the front, pushes it to the back, and F15
pops up the main Workplace (application) menu even if the
cursor is not on the desktop, which is useful if you don't have
any part of the desktop visible (and the logo on the key
matches its functionality).</para>
<para>The following entries in
<filename>~/.fvwmrc</filename> implement the
aforementioned setup:</para>
<programlisting>Key F13 FTIWS A Iconify
Key F14 FTIWS A RaiseLower
Key F15 A A Menu Workplace Nop</programlisting>
</answer>
</qandaentry>
</qandaset>
</chapter>
<chapter id="networking">
<title>Networking</title>
<qandaset>
<qandaentry>
<question id="diskless-booting">
<para>Where can I get information on
<quote>diskless booting</quote>?</para>
</question>
<answer>
<para><quote>Diskless booting</quote> means that the FreeBSD
box is booted over a network, and reads the necessary files
from a server instead of its hard disk. For full details,
please read <ulink URL="../handbook/diskless.html">the
Handbook entry on diskless booting</ulink></para>
</answer>
</qandaentry>
<qandaentry>
<question id="router">
<para>Can a FreeBSD box be used as a dedicated network
router?</para>
</question>
<answer>
<para>Internet standards and good engineering practice prohibit
us from providing packet forwarding by default in FreeBSD. You
can however enable this feature by changing the following
variable to <literal>YES</literal> in
&man.rc.conf.5;:</para>
<programlisting>gateway_enable=YES # Set to YES if this host will be a gateway</programlisting>
<para>This option will put the
&man.sysctl.8; variable
<filename>net.inet.ip.forwarding</filename>
to <literal>1</literal>.</para>
<para>In most cases, you will also need to run a routing process
to tell other systems on your network about your router;
FreeBSD comes with the standard BSD routing daemon
&man.routed.8;
or for more complex situations you may want to try
<emphasis>GaTeD</emphasis> (available from <ulink
URL="http://www.gated.org/">http://www.gated.org/</ulink>)
which supports FreeBSD as of 3_5Alpha7.</para>
<para>It is our duty to warn you that, even when FreeBSD is
configured in this way, it does not completely comply with
the Internet standard requirements for routers; however,
it comes close enough for ordinary usage.</para>
</answer>
</qandaentry>
<qandaentry>
<question id="win95-connection">
<para>Can I connect my Win95 box to the Internet via
FreeBSD?</para>
</question>
<answer>
<para>Typically, people who ask this question have two PC's
at home, one with FreeBSD and one with Win95; the idea is to
use the FreeBSD box to connect to the Internet and then be able
to access the Internet from the Windows95 box through the
FreeBSD box. This is really just a special case of the previous
question.</para> <para>... and the answer is yes! In FreeBSD
3.x, user-mode ppp contains a <option>-nat</option> option. If
you run <command>ppp</command> with the <option>-nat</option>,
set <literal>gateway_enable</literal> to
<emphasis>YES</emphasis> in <filename>/etc/rc.conf</filename>,
and configure your Windows machine correctly, this should work
fine.</para>
<para>More detailed information about setting this up can be
found in the <ulink
URL="http://www.FreeBSD.org/tutorials/ppp/index.html">
Pedantic PPP Primer</ulink> by Steve Sims.</para>
<para>If you are using kernel-mode ppp, or have an Ethernet
connection to the Internet, you will have to use
<command>natd</command>. Please look at the
<link linkend="natd">natd</link> section of this FAQ.</para>
</answer>
</qandaentry>
<qandaentry>
<question id="latest-bind">
<para>Why does recompiling the latest BIND from ISC fail?</para>
</question>
<answer>
<para>There is a conflict between the
<filename>cdefs.h</filename> file in the distribution and the
one shipped with FreeBSD. Just remove
<filename>compat/include/sys/cdefs.h</filename>.</para>
</answer>
</qandaentry>
<qandaentry>
<question id="slip-ppp-support">
<para>Does FreeBSD support SLIP and PPP?</para>
</question>
<answer>
<para>Yes. See the manual pages for &man.slattach.8;,
&man.sliplogin.8;, &man.ppp.8;, and &man.pppd.8;. &man.ppp.8;
and &man.pppd.8; provide support for both incoming and outgoing
connections, while &man.sliplogin.8; deals exlusively with
incoming connections, and &man.slattach.8; deals exclusively
with outgoing connections.</para>
<para>For more information on how to use these, please see the
<ulink url="../handbook/ppp-and-slip.html">Handbook chapter on
PPP and SLIP</ulink>.</para>
<para>If you only have access to the Internet through a
<quote>shell account</quote>, you may want to have a look at
the <ulink URL="http://www.FreeBSD.org/cgi/ports.cgi?^slirp">
slirp</ulink> package. It can provide you with (limited)
access to services such as ftp and http direct from your local
machine.</para>
</answer>
</qandaentry>
<qandaentry>
<question id="natd">
<para>Does FreeBSD support NAT or Masquerading</para>
</question>
<answer>
<para>If you have a local subnet (one or more local machines),
but have been allocated only a single IP number from your
Internet provider (or even if you receive a dynamic IP number),
you may want to look at the &man.natd.8;
program. <command>natd</command> allows you to connect an
entire subnet to the internet using only a single IP
number.</para>
<para>The &man.ppp.8;
program has similar functionality built in via
the <option>-nat</option> switch. The
alias library (&man.libalias.3;) is used in both cases.</para>
</answer>
</qandaentry>
<qandaentry>
<question id="create-dev-net">
<para>I can't create a <filename>/dev/ed0</filename>
device!</para>
</question>
<answer>
<para>In the Berkeley networking framework, network interfaces
are only directly accessible by kernel code. Please see the
<filename>/etc/rc.network</filename> file and the manual pages
for the various network programs mentioned there for more
information. If this leaves you totally confused, then you
should pick up a book describing network administration on
another BSD-related operating system; with few significant
exceptions, administering networking on FreeBSD is basically
the same as on SunOS 4.0 or Ultrix.</para>
</answer>
</qandaentry>
<qandaentry>
<question id="ethernet-aliases">
<para>How can I setup Ethernet aliases?</para>
</question><answer>
<para>Add <literal>netmask 0xffffffff</literal> to your
&man.ifconfig.8; command-line like the following:</para>
<screen>&prompt.root; <userinput>ifconfig ed0 alias 204.141.95.2 netmask 0xffffffff</userinput></screen>
</answer>
</qandaentry>
<qandaentry>
<question id="port-3c503">
<para>How do I get my 3C503 to use the other network
port?</para>
</question>
<answer>
<para>If you want to use the other ports, you'll have to specify
an additional parameter on the
&man.ifconfig.8; command line. The default port is
<literal>link0</literal>. To use the AUI port instead of the
BNC one, use <literal>link2</literal>. These flags should be
specified using the ifconfig_* variables in
<filename>/etc/rc.conf</filename> (see &man.rc.conf.5;).</para>
</answer>
</qandaentry>
<qandaentry>
<question id="nfs">
<para>I'm having problems with NFS to/from FreeBSD.</para>
</question>
<answer>
<para>Certain PC network cards are better than others (to put
it mildly) and can sometimes cause problems with network
intensive applications like NFS.</para>
<para>See <ulink URL="../handbook/nfs.html">
the Handbook entry on NFS</ulink> for more information on
this topic.</para>
</answer>
</qandaentry>
<qandaentry>
<question id="nfs-linux">
<para>Why can't I NFS-mount from a Linux box?</para>
</question>
<answer>
<para>Some versions of the Linux NFS code only accept mount
requests from a privileged port; try</para>
<screen>&prompt.root; <userinput>mount -o -P linuxbox:/blah /mnt</userinput></screen>
</answer>
</qandaentry>
<qandaentry>
<question id="nfs-sun">
<para>Why can't I NFS-mount from a Sun box?</para>
</question>
<answer>
<para>Sun workstations running SunOS 4.X only accept mount
requests from a privileged port; try</para>
<screen>&prompt.root; <userinput>mount -o -P sunbox:/blah /mnt</userinput></screen>
</answer>
</qandaentry>
<qandaentry>
<question id="exports-errors">
<para>Why does <command>mountd</command> keep telling me it
<quote>can't change attributes</quote> and that I have a
<quote>bad exports list</quote> on my FreeBSD NFS
server?</para>
</question>
<answer>
<para>The most frequent problem is not understanding this
passage from the &man.exports.5 manual page
correctly:</para>
<blockquote>
<para>Each line in the file (other than comment
lines that begin with a #) specifies the mount point(s)
and export flags within one local server filesystem for
one or more hosts. A host may be specified only once
for each local filesystem on the server and there may be
only one default entry for each server filesystem that
applies to all other hosts.</para>
</blockquote>
<para>This is made more clear by an example of a common
mistake. If everything above <filename>/usr</filename> is
part of one filesystem (there are no mounts above
<filename>/usr</filename>) the following exports list is
not valid:</para>
<programlisting>/usr/src client
/usr/ports client</programlisting>
<para>There are two lines specifying properties for one
filesystem, <filename>/usr</filename>, exported to the
same host, <hostid>client</hostid>. The correct format
is:</para>
<programlisting>/usr/src /usr/ports client</programlisting>
<para>To rephrase the passage from the manual page, the
properties of one filesystem exported to a given host
(world-wide exports are treated like another unique host)
must all occur on one line. And yes, this does cause
limitiation in how you can export filesystems without ugly
workarounds, but for most people, this is not an
issue.</para>
<para>The following is an example of a valid export list,
where <filename>/usr</filename> and
<filename>/exports</filename> are local
filesystems:</para>
<programlisting># Export src and ports to client01 and client02, but only
# client01 has root privileges on it
/usr/src /usr/ports -maproot=0 client01
/usr/src /usr/ports client02
# The "client" machines have root and can mount anywhere
# up /exports. The world can mount /exports/obj read-only
/exports -alldirs -maproot=0 client01 client02
/exports/obj -ro</programlisting>
</answer>
</qandaentry>
<qandaentry>
<question id="ppp-nextstep">
<para>I'm having problems talking PPP to NeXTStep
machines.</para>
</question>
<answer>
<para>Try disabling the TCP extensions in
<filename>/etc/rc.conf</filename> (see &man.rc.conf.5;) by changing the following variable to
NO:</para>
<programlisting>tcp_extensions=NO</programlisting>
<para>Xylogic's Annex boxes are also broken in this regard and
you must use the above change to connect thru them.</para>
</answer>
</qandaentry>
<qandaentry>
<question id="ip-multicast">
<para>How do I enable IP multicast support?</para>
</question>
<answer>
<para>Multicast host operations are fully supported in FreeBSD
2.0 and later by default. If you want your box to run as a
multicast router, you will need to recompile your kernel with
the <literal>MROUTING</literal> option and run
<command>mrouted</command>. FreeBSD 2.2 and later will start
<command>mrouted</command> at boot time if the flag
<literal>mrouted_enable</literal> is set to
<literal>"YES"</literal> in
<filename>/etc/rc.conf</filename>.</para>
<para>MBONE tools are available in their own ports category,
mbone. If you are looking for the conference tools
<command>vic</command> and <command>vat</command>,
look there!</para>
<para>For more information, see the <ulink
URL="http://www.mbone.com/">
Mbone Information Web</ulink>.</para>
</answer>
</qandaentry>
<qandaentry>
<question id="dec-pci-chipset">
<para>Which network cards are based on the DEC PCI
chipset?</para>
</question><answer>
<para>Here is a list compiled by <ulink
URL="mailto:gfoster@driver.nsta.org">Glen Foster</ulink>,
with some more modern additions:</para>
<programlisting>Vendor Model
----------------------------------------------
ASUS PCI-L101-TB
Accton ENI1203
Cogent EM960PCI
Compex ENET32-PCI
D-Link DE-530
Dayna DP1203, DP2100
DEC DE435, DE450
Danpex EN-9400P3
JCIS Condor JC1260
Linksys EtherPCI
Mylex LNP101
SMC EtherPower 10/100 (Model 9332)
SMC EtherPower (Model 8432)
TopWare TE-3500P
Znyx (2.2.x) ZX312, ZX314, ZX342, ZX345, ZX346, ZX348
(3.x) ZX345Q, ZX346Q, ZX348Q, ZX412Q, ZX414, ZX442,
ZX444, ZX474, ZX478, ZX212, ZX214 (10mbps/hd)</programlisting>
</answer>
</qandaentry>
<qandaentry>
<question id="fqdn-hosts">
<para>Why do I have to use the FQDN for hosts on my
site?</para>
</question>
<answer>
<para>You will probably find that the host is actually in a
different domain; for example, if you are in foo.bar.edu and
you wish to reach a host called <hostid>mumble</hostid> in the
<hostid role="domainname">bar.edu</hostid> domain, you will
have to refer to it by the fully-qualified domain name, <hostid
role="fqdn">mumble.bar.edu</hostid>, instead of just
<hostid>mumble</hostid>.</para>
<para>Traditionally, this was allowed by BSD BIND resolvers.
However the current version of
<application>bind</application> (see &man.named.8;)
that ships with FreeBSD no longer provides default
abbreviations for non-fully qualified domain names other than
the domain you are in. So an unqualified host
<hostid>mumble</hostid> must either be found as <hostid
role="fqdn">mumble.foo.bar.edu</hostid>, or it will be searched
for in the root domain.</para>
<para>This is different from the previous behavior, where the
search continued across
<hostid role="fqdn">mumble.bar.edu</hostid>, and
<hostid role="domainname">mumble.edu</hostid>. Have a look at
RFC 1535 for why this was considered bad practice, or even a
security hole.</para>
<para>As a good workaround, you can place the line</para>
<programlisting>search foo.bar.edu bar.edu</programlisting>
<para>instead of the previous</para>
<programlisting>domain foo.bar.edu</programlisting>
<para>into your
<filename>/etc/resolv.conf</filename> file (see &man.resolv.conf.5;). However, make sure that the
search order does not go beyond the <quote>boundary between
local and public administration</quote>, as RFC 1535 calls
it.</para>
</answer>
</qandaentry>
<qandaentry>
<question id="network-permission-denied">
<para><literal>Permission denied</literal> for all networking
operations.</para>
</question>
<answer>
<para>If you have compiled your kernel with the
<literal>IPFIREWALL</literal> option, you need to be aware
that the default policy as of 2.1.7R (this actually changed
during 2.1-STABLE development) is to deny all packets that are
not explicitly allowed.</para>
<para>If you had unintentionally misconfigured your system for
firewalling, you can restore network operability by typing
the following while logged in as root:</para>
<screen>&prompt.root; <userinput>ipfw add 65534 allow all from any to any</userinput></screen>
<para>You can also set <literal>firewall_type="open"</literal>
in <filename>/etc/rc.conf</filename>.</para>
<para>For further information on configuring a FreeBSD firewall,
see the <ulink URL="../handbook/firewalls.html">
Handbook section</ulink>.</para>
</answer>
</qandaentry>
<qandaentry>
<question id="ipfw-overhead">
<para>How much overhead does IPFW incur?</para>
</question>
<answer>
<para>The answer to this depends mostly on your rule set and
processor speed. For most applications dealing with ethernet
and small rule sets, the answer is, negligible. For those of
you that need actual measurements to satisfy your curiosity,
read on.</para>
<para>The following measurements were made using 2.2.5-STABLE
on a 486-66. IPFW was modified to measure the time spent
within the <literal>ip_fw_chk</literal> routine, displaying
the results to the console every 1000 packets.</para>
<para>Two rule sets, each with 1000 rules were tested. The
first set was designed to demonstrate a worst case scenario
by repeating the rule:</para>
<screen>&prompt.root; <userinput>ipfw add deny tcp from any to any 55555</userinput></screen>
<para>This demonstrates worst case by causing most of IPFW's
packet check routine to be executed before finally deciding
that the packet does not match the rule (by virtue of the port
number). Following the 999th iteration of this rule was an
<literal>allow ip from any to any</literal>.</para>
<para>The second set of rules were designed to abort the rule
check quickly:</para>
<screen>&prompt.root; <userinput>ipfw add deny ip from 1.2.3.4 to 1.2.3.4</userinput></screen>
<para>The nonmatching source IP address for the above rule causes
these rules to be skipped very quickly. As before, the 1000th
rule was an <literal>allow ip from any to any</literal>.</para>
<para>The per-packet processing overhead in the former case was
approximately 2.703ms/packet, or roughly 2.7 microseconds per
rule. Thus the theoretical packet processing limit with these
rules is around 370 packets per second. Assuming 10Mbps
ethernet and a ~1500 byte packet size, we would only be able to
achieve a 55.5% bandwidth utilization.</para>
<para>For the latter case each packet was processed in
approximately 1.172ms, or roughly 1.2 microseconds per rule.
The theoretical packet processing limit here would be about
853 packets per second, which could consume 10Mbps ethernet
bandwidth.</para>
<para>The excessive number of rules tested and the nature of
those rules do not provide a real-world scenario -- they were
used only to generate the timing information presented here.
Here are a few things to keep in mind when building an
efficient rule set:</para>
<itemizedlist>
<listitem>
<para>Place an <literal>established</literal> rule early
on to handle the majority of TCP traffic. Don't put any
<literal>allow tcp</literal> statements before this
rule.</para>
</listitem>
<listitem>
<para>Place heavily triggered rules earlier in the rule
set than those rarely used (<emphasis>without
changing the permissiveness of the firewall</emphasis>,
of course). You can see which rules are used most often
by examining the packet counting statistics with
<command>ipfw -a l</command>.</para>
</listitem>
</itemizedlist>
</answer>
</qandaentry>
<qandaentry>
<question id="ipfw-fwd">
<para>Why is my &man.ipfw.8; <quote>fwd</quote> rule to redirect a
service to another machine not working?</para>
</question>
<answer>
<para>Possibly because you want to do network address translation
(NAT) and not just forward packets. A <quote>fwd</quote> rule
does exactly what it says; it forwards packets. It does not
actually change the data inside the packet. Say we have a rule
like:</para>
<screen>01000 fwd <replaceable>10.0.0.1</replaceable> from any to <replaceable>foo 21</replaceable></screen>
<para>When a packet with a destination address of
<replaceable>foo</replaceable> arrives at the machine with this
rule, the packet is forwarded to
<replaceable>10.0.0.1</replaceable>, but it still has the
destination address of <replaceable>foo</replaceable>! The
destination address of the packet is <emphasis>not</emphasis>
changed to <replaceable>10.0.0.1</replaceable>. Most machines
would probably drop a packet that they receive with a
destination address that is not their own. Therefore, using a
<quote>fwd</quote> rule does not often work the way the user
expects. This behavior is a feature and not a bug.</para>
<para>See the <link linkend="service-redirect">FAQ about
redirecting services</link>, the &man.natd.8; manual, or one of
the several port redirecting utilities in the <ulink
url="../ports/">ports collection</ulink> for a correct way to do
this.</para>
</answer>
</qandaentry>
<qandaentry>
<question id="service-redirect">
<para>How can I redirect service requests from one machine to
another?</para>
</question>
<answer>
<para>You can redirect FTP (and other service) request with
the <literal>socket</literal> package, available in the ports
tree in category <quote>sysutils</quote>. Simply replace the
service's commandline to call socket instead, like so:</para>
<programlisting>ftp stream tcp nowait nobody /usr/local/bin/socket socket <replaceable>ftp.foo.com</replaceable> <replaceable>ftp</replaceable></programlisting>
<para>where <replaceable>ftp.foo.com</replaceable> and
<replaceable>ftp</replaceable> are the host and port to
redirect to, respectively.</para>
</answer>
</qandaentry>
<qandaentry>
<question id="bandwidth-mgr-tool">
<para>Where can I get a bandwidth management tool?</para>
</question>
<answer>
<para>There are two bandwidth management tools available for
FreeBSD. <ulink
URL="http://www.csl.sony.co.jp/person/kjc/programs.html">
ALTQ</ulink> is available for free; Bandwidth Manager from
<ulink URL="http://www.etinc.com/">Emerging Technologies</ulink>
is a commercial product.</para>
</answer>
</qandaentry>
<qandaentry>
<question id="extra-named-port">
<para>BIND (<command>named</command>) is listening on port 53 and
some other high-numbered port. Has my host been
compromised?</para>
</question>
<answer>
<para>Probably not. FreeBSD 3.0 and later use a version of BIND
that uses a random high-numbered port for outgoing queries. If
you want to use port 53 for outgoing queries, either to get
past a firewall or to make yourself feel better, you can try
the following in
<filename>/etc/namedb/named.conf</filename>:</para>
<programlisting>options {
query-source address * port 53;
};</programlisting>
<para>You can replace the <literal>*</literal> with a single IP
address if you want to tighten things further.</para>
<para>Congratulations, by the way. It is good practice to read
your <command>sockstat</command> output and notice odd
things!</para>
</answer>
</qandaentry>
<qandaentry>
<question id="bpf-not-configured">
<para>Why do I get <literal>/dev/bpf0: device not
configured</literal>?</para>
</question>
<answer>
<para>The Berkeley Packet Filter (&man.bpf.4;)
driver needs to be enabled before running programs that
utilize it. Add this to your kernel config file and build
a new kernel:</para>
<programlisting>pseudo-device bpfilter # Berkeley Packet Filter</programlisting>
<para>Secondly, after rebooting you will have to create the
device node. This can be accomplished by a change to the
<filename>/dev</filename> directory, followed by the execution
of:</para>
<screen>&prompt.root; <userinput>sh MAKEDEV bpf0</userinput></screen>
<para>Please see the <ulink
URL="../handbook/kernelconfig-nodes.html">
handbook's entry on device nodes</ulink> for more information
on creating devices.</para>
</answer>
</qandaentry>
<qandaentry>
<question id="mount-smb-share">
<para>How do I mount a disk from a Windows machine that's on my
network, like smbmount in Linux?</para>
</question>
<answer>
<para>Use the <ulink
URL="http://www.freebsd.org/cgi/ports.cgi?query=%5Esharity-light-&;amp;stype=name">
sharity light</ulink> package in the ports collection.</para>
<!-- XXX update for bp's SMBFS in CURRENT, when it is imported! -->
</answer>
</qandaentry>
<qandaentry>
<question id="icmp-response-bw-limit">
<para>What are these messages about <quote>icmp-response
bandwidth limit 300/200 pps</quote> in my log
files?</para>
</question>
<answer>
<para>This is the kernel telling you that some activity is
provoking it to send more ICMP or TCP reset (RST)
responses than it thinks it should. ICMP responses are
often generated as a result of attempted connections to
unused UDP ports. TCP resets are generated as a result of
attempted connections to unopened TCP ports. Among
others, these are the kinds of activities which may cause
these messages:</para>
<itemizedlist>
<listitem>
<para>Brute-force denial of service (DoS) attacks (as
opposed to single-packet attacks which exploit a
specific vulnerability).</para>
</listitem>
<listitem>
<para>Port scans which attempt to connect to a large
number of ports (as opposed to only trying a few
well-known ports).</para>
</listitem>
</itemizedlist>
<para>The first number in the message tells you how many
packets the kernel would have sent if the limit wasn't in
place, and the second number tells you the limit. You can
control the limit using the
<varname>net.inet.icmp.icmplim</varname> sysctl variable
like this, where <literal>300</literal> is the limit in
packets per second:</para>
<screen>&prompt.root; <userinput>sysctl -w net.inet.icmp.icmplim=300</userinput></screen>
<para>If you don't want to see messages about this in your
log files, but you still want the kernel to do response
limiting, you can use the
<varname>net.inet.icmp.icmplim_output</varname> sysctl
variable to disable the output like this:</para>
<screen>&prompt.root; <userinput>sysctl -w net.inet.icmp.icmplim_output=0</userinput></screen>
<para>Finally, if you want to disable response limiting, you
can set the <varname>net.inet.icmp.icmplim</varname>
sysctl variable (see above for an example) to
<literal>0</literal>. Disabling response limiting is
discouraged for the reasons listed above.</para>
</answer>
</qandaentry>
</qandaset>
</chapter>
<chapter id="ppp">
<title>PPP</title>
<qandaset>
<qandaentry>
<question id="userppp">
<para>I can't make ppp work. What am I doing wrong?</para>
</question>
<answer>
<para>You should first read the
&man.ppp.8;
man page and the <ulink
URL="../handbook/ppp-and-slip.html#USERPPP">
ppp section of the handbook</ulink>. Enable logging with
the command</para>
<programlisting>set log Phase Chat Connect Carrier lcp ipcp ccp command</programlisting>
<para>This command may be typed at the
<application>ppp</application> command prompt or it may be
entered in the <filename>/etc/ppp/ppp.conf</filename>
configuration file (the start of the
<literal>default</literal> section is the best
place to put it). Make sure that
<filename>/etc/syslog.conf</filename> (see &man.syslog.conf.5;) contains the lines</para>
<programlisting>!ppp
*.* /var/log/ppp.log</programlisting>
<para>and that the file <filename>/var/log/ppp.log</filename>
exists. You can now find out a lot about what's going on
from the log file. Don't worry if it doesn't all make sense.
If you need to get help from someone, it may make sense to
them.</para>
<para>If your version of ppp doesn't understand the
<command>set log</command> command, you should download the
<ulink URL="http://people.FreeBSD.org/~brian/">
latest version</ulink>. It will build on FreeBSD version
2.1.5 and higher.</para>
</answer>
</qandaentry>
<qandaentry>
<question id="ppp-hangs">
<para>Ppp just hangs when I run it</para>
</question>
<answer>
<para>This is usually because your hostname won't resolve.
The best way to fix this is to make sure that
<filename>/etc/hosts</filename> is consoluted by your
resolver first by editing <filename>/etc/host.conf</filename>
and putting the <literal>hosts</literal> line first. Then,
simply put an entry in <filename>/etc/hosts</filename> for
your local machine. If you have no local network, change your
<hostid>localhost</hostid> line:</para>
<programlisting>127.0.0.1 foo.bar.com foo localhost</programlisting>
<para>Otherwise, simply add another entry for your host.
Consult the relevant man pages for more details.</para>
<para>You should be able to successfully
<command>ping -c1 `hostname`</command> when you're done.</para>
</answer>
</qandaentry>
<qandaentry>
<question id="ppp-nodial-auto">
<para>Ppp won't dial in -auto mode</para>
</question>
<answer>
<para>First, check that you've got a default route. By running
<command>netstat -rn</command> (see &man.netstat.1;), you should see two entries like this:</para>
<programlisting>Destination Gateway Flags Refs Use Netif Expire
default 10.0.0.2 UGSc 0 0 tun0
10.0.0.2 10.0.0.1 UH 0 0 tun0</programlisting>
<para>This is assuming that you've used the addresses from the
handbook, the man page or from the ppp.conf.sample file.
If you haven't got a default route, it may be because you're
running an old version of &man.ppp.8;
that doesn't understand the word <literal>HISADDR</literal>
in the ppp.conf file. If your version of
<application>ppp</application> is from before FreeBSD
2.2.5, change the</para>
<programlisting>add 0 0 HISADDR</programlisting>
<para>line to one saying</para>
<programlisting>add 0 0 10.0.0.2</programlisting>
<para>Another reason for the default route line being missing
is that you have mistakenly set up a default router in your
<filename>/etc/rc.conf</filename> (see &man.rc.conf.5;) file (this file was called
<filename>/etc/sysconfig</filename> prior to release 2.2.2),
and you have omitted the line saying</para>
<programlisting>delete ALL</programlisting>
<para>from <filename>ppp.conf</filename>. If this is the case,
go back to the <ulink
URL="../handbook/ppp-and-slip.html#USERPPP-FINAL">
Final system configuration</ulink> section of the
handbook.</para>
</answer>
</qandaentry>
<qandaentry>
<question id="no-route-to-host">
<para>What does <literal>No route to host</literal> mean</para>
</question>
<answer>
<para>This error is usually due to a missing</para>
<programlisting>MYADDR:
delete ALL
add 0 0 HISADDR</programlisting>
<para>section in your <filename>/etc/ppp/ppp.linkup</filename>
file. This is only necessary if you have a dynamic IP address
or don't know the address of your gateway. If you're using
interactive mode, you can type the following after entering
<literal>packet mode</literal> (packet mode is
indicated by the capitalized <acronym>PPP</acronym> in the
prompt):</para>
<programlisting>delete ALL
add 0 0 HISADDR</programlisting>
<para>Refer to the <ulink
URL="../handbook/ppp-and-slip.html#USERPPP-DYNAMICIP">
PPP and Dynamic IP addresses</ulink> section of the handbook
for further details.</para>
</answer>
</qandaentry>
<qandaentry>
<question id="connection-threeminutedrop">
<para>My connection drops after about 3 minutes</para>
</question>
<answer>
<para>The default ppp timeout is 3 minutes. This can be
adjusted with the line</para>
<programlisting>set timeout <replaceable>NNN</replaceable></programlisting>
<para>where <replaceable>NNN</replaceable> is the number of
seconds of inactivity before the connection is closed. If
<replaceable>NNN</replaceable> is zero, the connection is never
closed due to a timeout. It is possible to put this command in
the <filename>ppp.conf</filename> file, or to type it at the
prompt in interactive mode. It is also possible to adjust it on
the fly while the line is active by connecting to
<application>ppp</application>s server socket using
&man.telnet.1; or &man.pppctl.8;.
Refer to the
&man.ppp.8; man
page for further details.</para>
</answer>
</qandaentry>
<qandaentry>
<question id="ppp-drop-heavy-load">
<para>My connection drops under heavy load</para>
</question>
<answer>
<para>If you have Link Quality Reporting (LQR) configured,
it is possible that too many LQR packets are lost between
your machine and the peer. Ppp deduces that the line must
therefore be bad, and disconnects. Prior to FreeBSD version
2.2.5, LQR was enabled by default. It is now disabled by
default. LQR can be disabled with the line</para>
<programlisting>disable lqr</programlisting>
</answer>
</qandaentry>
<qandaentry>
<question id="ppp-drop-random">
<para>My connection drops after a random amount of time</para>
</question>
<answer>
<para>Sometimes, on a noisy phone line or even on a line with
call waiting enabled, your modem may hang up because it
thinks (incorrectly) that it lost carrier.</para>
<para>There's a setting on most modems for determining how
tolerant it should be to temporary losses of carrier. On a
USR Sportster for example, this is measured by the S10
register in tenths of a second. To make your modem more
forgiving, you could add the following send-expect sequence
to your dial string:</para>
<programlisting>set dial "...... ATS10=10 OK ......"</programlisting>
<para>Refer to your modem manual for details.</para>
</answer>
</qandaentry>
<qandaentry>
<question id="ppp-hangs-random">
<para>My connection hangs after a random amount of time</para>
</question><answer>
<para>Many people experience hung connections with no apparent
explaination. The first thing to establish is which side of
the link is hung.</para>
<para>If you are using an external modem, you can simply try
using <command>ping</command> to see if the
<acronym>TD</acronym> light is flashing when you transmit data.
If it flashes (and the <acronym>RD</acronym> light doesn't),
the problem is with the remote end. If <acronym>TD</acronym>
doesn't flash, the problem is local. With an internal modem,
you'll need to use the <literal>set server</literal> command in
your <filename>ppp.conf</filename> file. When the hang occurs,
connect to ppp using pppctl. If your network connection
suddenly revives (ppp was revived due to the activity on the
diagnostic socket) or if you can't connect (assuming the
<literal>set socket</literal> command succeeded at startup
time), the problem is local. If you can connect and things are
still hung, enable local async logging with <literal>set log
local async</literal> and use <command>ping</command> from
another window or terminal to make use of the link. The async
logging will show you the data being transmitted and received
on the link. If data is going out and not coming back, the
problem is remote.</para>
<para>Having established whether the problem is local or remote,
you now have two possibilities:</para>
</answer>
</qandaentry>
<qandaentry>
<question id="ppp-remote-not-responding">
<para>The remote end isn't responding</para>
</question>
<answer>
<para>There's very little you can do about this. Most ISPs
will refuse to help if you're not running a Microsoft OS.
You can <literal>enable lqr</literal> in your
<filename>ppp.conf</filename> file, allowing ppp to detect
the remote failure and hang up, but this detection is
relatively slow and therefore not that useful. You may want to
avoid telling your ISP that you're running user-ppp....</para>
<para>First, try disabling all local compression by adding the
following to your configuration:</para>
<programlisting>disable pred1 deflate deflate24 protocomp acfcomp shortseq vj
deny pred1 deflate deflate24 protocomp acfcomp shortseq vj</programlisting>
<para>Then reconnect to ensure that this makes no difference.
If things improve or if the problem is solved completely,
determine which setting makes the difference through trial
and error. This will provide good amunition when you contact
your ISP (although it may make it apparent that you're not
running a Microsoft product).</para>
<para>Before contacting your ISP, enable async logging locally
and wait until the connection hangs again. This may use up
quite a bit of disk space. The last data read from the port
may be of interest. It is usually ascii data, and may even
describe the problem
(<quote>Memory fault, core dumped</quote>?).</para>
<para>If your ISP is helpful, they should be able to enable
logging on their end, then when the next link drop occurs,
they may be able to tell you why their side is having a
problem. Feel free to send the details to &a.brian;, or
even to ask your ISP to contact me directly.</para>
</answer>
</qandaentry>
<qandaentry>
<question id="ppp-hung">
<para>Ppp is hung</para>
</question>
<answer>
<para>Your best bet here is to rebuild ppp by adding
<literal>CFLAGS+=-g</literal> and <literal>STRIP=</literal>
to the end of the Makefile, then doing a
<command>make clean &amp;&amp; make &amp;&amp; make
install</command>. When ppp hangs, find the ppp process id
with <command>ps ajxww | fgrep ppp</command> and run
<command>gdb ppp <replaceable>PID</replaceable></command>.
From the gdb prompt, you can then use <command>bt</command>
to get a stack trace.</para>
<para>Send the results to <email>brian@Awfulhak.org</email>.</para>
</answer>
</qandaentry>
<qandaentry>
<question id="ppp-loginok-thennothing">
<para>Nothing happens after the Login OK! message</para>
</question>
<answer>
<para>Prior to FreeBSD version 2.2.5, once the link was
established, &man.ppp.8;
would wait for the peer to initiate the Line Control Protocol
(LCP). Many ISPs will not initiate negotiations and expect
the client to do so. To force
<application>ppp</application> to initiate the LCP, use the
following line:</para>
<programlisting>set openmode active</programlisting>
<para>
<note>
<para>It usually does no
harm if both sides initiate negotiation, so openmode is now
active by default. However, the next section explains when
it <emphasis>does</emphasis> do some harm.</para>
</note>
</para>
</answer>
</qandaentry>
<qandaentry>
<question id="ppp-same-magic">
<para>I keep seeing errors about magic being the same</para>
</question>
<answer>
<para>Occasionally, just after connecting, you may see messages
in the log that say <quote>magic is the same</quote>.
Sometimes, these messages are harmless, and sometimes one side
or the other exits. Most ppp implementations cannot survive
this problem, and even if the link seems to come up, you'll see
repeated configure requests and configure acknowledgements in
the log file until ppp eventually gives up and closes the
connection.</para>
<para>This normally happens on server machines with slow disks
that are spawning a getty on the port, and executing ppp from
a login script or program after login. I've also heard reports
of it happening consistently when using slirp. The reason is
that in the time taken between getty exiting and ppp starting,
the client-side ppp starts sending Line Control Protocol (LCP)
packets. Because ECHO is still switched on for the port on
the server, the client ppp sees these packets
<quote>reflect</quote> back.</para>
<para>One part of the LCP negotiation is to establish a magic
number for each side of the link so that
<quote>reflections</quote> can be detected. The protocol says
that when the peer tries to negotiate the same magic number, a
NAK should be sent and a new magic number should be chosen.
During the period that the server port has ECHO turned on, the
client ppp sends LCP packets, sees the same magic in the
reflected packet and NAKs it. It also sees the NAK reflect
(which also means ppp must change its magic). This produces a
potentially enormous number of magic number changes, all of
which are happily piling into the server's tty buffer. As soon
as ppp starts on the server, it's flooded with magic number
changes and almost immediately decides it's tried enough to
negotiate LCP and gives up. Meanwhile, the client, who no
longer sees the reflections, becomes happy just in time to see
a hangup from the server.</para>
<para>This can be avoided by allowing the peer to start
negotiating with the following line in your ppp.conf
file:</para>
<programlisting>set openmode passive</programlisting>
<para>This tells ppp to wait for the server to initiate LCP
negotiations. Some servers however may never initiate
negotiations. If this is the case, you can do something
like:</para>
<programlisting>set openmode active 3</programlisting>
<para>This tells ppp to be passive for 3 seconds, and then to
start sending LCP requests. If the peer starts sending
requests during this period, ppp will immediately respond
rather than waiting for the full 3 second period.</para>
</answer>
</qandaentry>
<qandaentry>
<question id="ppp-lcp-constant">
<para>LCP negotiations continue 'till the connection is
closed</para>
</question>
<answer>
<para>There is currently an implementation mis-feature in
<application>ppp</application> where it doesn't associate
LCP, CCP &amp; IPCP responses with their original requests. As
a result, if one <application>ppp</application>
implementation is more than 6 seconds slower than the other
side, the other side will send two additional LCP configuration
requests. This is fatal.</para>
<para>Consider two implementations,
<hostid>A</hostid> and
<hostid>B</hostid>. <hostid>A</hostid> starts
sending LCP requests immediately after connecting and
<hostid>B</hostid> takes 7 seconds to start. When
<hostid>B</hostid> starts, <hostid>A</hostid>
has sent 3 LCP REQs. We're assuming the line has ECHO switched
off, otherwise we'd see magic number problems as described in
the previous section. <hostid>B</hostid> sends a
REQ, then an ACK to the first of
<hostid>A</hostid>'s REQs. This results in
<hostid>A</hostid> entering the <acronym>OPENED</acronym>
state and sending and ACK (the first) back to
<hostid>B</hostid>. In the meantime,
<hostid>B</hostid> sends back two more ACKs in response to
the two additional REQs sent by <hostid>A</hostid>
before <hostid>B</hostid> started up.
<hostid>B</hostid> then receives the first ACK from
<hostid>A</hostid> and enters the
<acronym>OPENED</acronym> state.
<hostid>A</hostid> receives the second ACK from
<hostid>B</hostid> and goes back to the
<literal>REQ-SENT</literal> state, sending another (forth) REQ
as per the RFC. It then receives the third ACK and enters the
<acronym>OPENED</acronym> state. In the meantime,
<hostid>B</hostid> receives the forth REQ from
<hostid>A</hostid>, resulting in it reverting to the
<literal>ACK-SENT</literal> state and sending
another (second) REQ and (forth) ACK as per the RFC.
<hostid>A</hostid> gets the REQ, goes into
<literal>REQ-SENT</literal> and sends another REQ. It
immediately receives the following ACK and enters
<acronym>OPENED</acronym>.</para>
<para>This goes on 'till one side figures out that they're
getting nowhere and gives up.</para>
<para>The best way to avoid this is to configure one side to be
<literal>passive</literal> - that is, make one side
wait for the other to start negotiating. This can be done
with the</para>
<programlisting>set openmode passive</programlisting>
<para>command. Care should be taken with this option. You
should also use the</para>
<programlisting>set stopped N</programlisting>
<para>command to limit the amount of time that
<application>ppp</application> waits for the peer to begin
negotiations. Alternatively, the</para>
<programlisting>set openmode active N</programlisting>
<para>command (where <replaceable>N</replaceable> is the
number of seconds to wait before starting negotiations) can be
used. Check the manual page for details.</para>
</answer>
</qandaentry>
<qandaentry>
<question id="ppp-lockups">
<para>Ppp locks up shortly after connecting</para>
</question>
<answer>
<para>Prior to version 2.2.5 of FreeBSD, it was possible that
your link was disabled shortly after connection due to
<application>ppp</application> mis-handling Predictor1
compression negotiation. This would only happen if both sides
tried to negotiate different Compression Control Protocols
(CCP). This problem is now corrected, but if you're still
running an old version of <application>ppp</application>,
the problem can be circumvented with the line</para>
<programlisting>disable pred1</programlisting>
</answer>
</qandaentry>
<qandaentry>
<question id="ppp-shell-test-lockup">
<para>Ppp locks up when I shell out to test it</para>
</question>
<answer>
<para>When you execute the <command>shell</command> or
<command>!</command> command, <command>ppp</command> executes a
shell (or if you've passed any arguements,
<command>ppp</command> will execute those arguements). Ppp will
wait for the command to complete before continuing. If you
attempt to use the ppp link while running the command, the link
will appear to have frozen. This is because
<command>ppp</command> is waiting for the command to
complete.</para>
<para>If you wish to execute commands like this, use the
<command>!bg</command> command instead. This will execute
the given command in the background, and ppp can continue to
service the link.</para>
</answer>
</qandaentry>
<qandaentry>
<question id="ppp-nullmodem">
<para>Ppp over a null-modem cable never exits</para>
</question>
<answer>
<para>There is no way for <application>ppp</application> to
automatically determine that a direct connection has been
dropped. This is due to the lines that are used in a
null-modem serial cable. When using this sort of connection,
LQR should always be enabled with the line</para>
<programlisting>enable lqr</programlisting>
<para>LQR is accepted by default if negotiated by the peer.</para>
</answer>
</qandaentry>
<qandaentry>
<question id="ppp-auto-noreasondial">
<para>Why does ppp dial for no reason in -auto mode</para>
</question><answer>
<para>If <application>ppp</application> is dialing
unexpectedly, you must determine the cause, and set up Dial
filters (dfilters) to prevent such dialing.</para>
<para>To determine the cause, use the following line:</para>
<programlisting>set log +tcp/ip</programlisting>
<para>This will log all traffic through the connection. The
next time the line comes up unexpectedly, you will see the
reason logged with a convenient timestamp next to it.</para>
<para>You can now disable dialing under these circumstances.
Usually, this sort of problem arises due to DNS lookups. To
prevent DNS lookups from establishing a connection (this will
<emphasis>not</emphasis> prevent
<application>ppp</application> from passing the packets
through an established connection), use the following:</para>
<programlisting>set dfilter 1 deny udp src eq 53
set dfilter 2 deny udp dst eq 53
set dfilter 3 permit 0/0 0/0</programlisting>
<para>This is not always suitable, as it will effectively break
your demand-dial capabilities - most programs will need a DNS
lookup before doing any other network related things.</para>
<para>In the DNS case, you should try to determine what is
actually trying to resolve a host name. A lot of the time,
&man.sendmail.8; is the culprit. You should make sure that
you tell sendmail not to do any DNS lookups in its
configuration file. See the section on
<link linkend="ispmail">Mail Configuration</link> for details
on how to create your own configuration file and what should
go into it. You may also want to add the following line to
your <filename>.mc</filename> file:</para>
<programlisting>define(`confDELIVERY_MODE', `d')dnl</programlisting>
<para>This will make sendmail queue everything until the queue
is run (usually, sendmail is invoked with
<option>-bd -q30m</option>, telling it to run the queue every
30 minutes) or until a <command>sendmail -q</command> is done
(perhaps from your ppp.linkup file).</para>
</answer>
</qandaentry>
<qandaentry>
<question id="ccp-errors">
<para>What do these CCP errors mean</para>
</question>
<answer>
<para>I keep seeing the following errors in my log file:</para>
<programlisting>CCP: CcpSendConfigReq
CCP: Received Terminate Ack (1) state = Req-Sent (6)</programlisting>
<para>This is because ppp is trying to negotiate Predictor1
compression, and the peer does not want to negotiate any
compression at all. The messages are harmless, but if you
wish to remove them, you can disable Predictor1 compression
locally too:</para>
<programlisting>disable pred1</programlisting>
</answer>
</qandaentry>
<qandaentry>
<question id="ppp-lockup-ioerrors">
<para>Ppp locks up during file transfers with IO errors</para>
</question>
<answer>
<para>Under FreeBSD 2.2.2 and before, there was a bug in the
tun driver that prevents incoming packets of a size larger
than the tun interface's MTU size. Receipt of a packet
greater than the MTU size results in an IO error being logged
via syslogd.</para>
<para>The ppp specification says that an MRU of 1500 should
<emphasis>always</emphasis> be accepted as a minimum,
despite any LCP negotiations, therefore it is possible that
should you decrease the MTU to less than 1500, your ISP will
transmit packets of 1500 regardless, and you will tickle this
non-feature - locking up your link.</para>
<para>The problem can be circumvented by never setting an MTU of
less than 1500 under FreeBSD 2.2.2 or before.</para>
</answer>
</qandaentry>
<qandaentry>
<question id="ppp-connectionspeed">
<para>Why doesn't ppp log my connection speed?</para>
</question>
<answer>
<para>In order to log all lines of your modem
<quote>conversation</quote>, you must enable the
following:</para>
<programlisting>set log +connect</programlisting>
<para>This will make &man.ppp.8; log
everything up until the last requested <quote>expect</quote>
string.</para>
<para>If you wish to see your connect speed and are using PAP
or CHAP (and therefore don't have anything to
<quote>chat</quote> after the CONNECT in the dial script - no
<literal>set login</literal> script), you must make sure that
you instruct ppp to <quote>expect</quote> the whole CONNECT
line, something like this:</para>
<programlisting>set dial "ABORT BUSY ABORT NO\\sCARRIER TIMEOUT 4 \
\"\" ATZ OK-ATZ-OK ATDT\\T TIMEOUT 60 CONNECT \\c \\n"</programlisting>
<para>Here, we get our CONNECT, send nothing, then expect a
line-feed, forcing <application>ppp</application> to read
the whole CONNECT response.</para>
</answer>
</qandaentry>
<qandaentry>
<question id="ppp-ignores-backslash">
<para>Ppp ignores the <literal>\</literal> character in my
chat script</para>
</question><answer>
<para>Ppp parses each line in your config files so that it can
interpret strings such as
<literal>set phone "123 456 789"</literal> correctly (and
realize that the number is actually only
<emphasis>one</emphasis> argument. In order to specify
a <literal>"</literal> character, you must escape it using a
backslash (<literal>\</literal>).</para>
<para>When the chat interpreter parses each argument, it
re-interprets the argument in order to find any special
escape sequences such as <literal>\P</literal> or
<literal>\T</literal> (see the man page). As a result of this
double-parsing, you must remember to use the correct number of
escapes.</para>
<para>If you wish to actually send a <literal>\</literal>
character to (say) your modem, you'd need something
like:</para>
<programlisting>set dial "\"\" ATZ OK-ATZ-OK AT\\\\X OK"</programlisting>
<para>resulting in the following sequence:</para>
<programlisting>ATZ
OK
AT\X
OK</programlisting>
<para>or</para>
<programlisting>set phone 1234567
set dial "\"\" ATZ OK ATDT\\T"</programlisting>
<para>resulting in the following sequence:</para>
<programlisting>ATZ
OK
ATDT1234567</programlisting>
</answer>
</qandaentry>
<qandaentry>
<question id="ppp-segfault-nocore">
<para>Ppp gets a seg-fault, but I see no
<filename>ppp.core</filename> file</para>
</question>
<answer>
<para>Ppp (or any other program for that matter) should never
dump core. Because ppp runs with an effective user id of 0,
the operating system will not write ppps core image to disk
before terminating it. If, however ppp
is actually termating due to a
segmentation violation or some other signal that normally
causes core to be dumped, <emphasis>and</emphasis>
you're sure you're using the latest version (see the start of
this section), then you should do the following:</para>
<screen>&prompt.user; <userinput>tar xfz ppp-*.src.tar.gz</userinput>
&prompt.user; <userinput>cd ppp*/ppp</userinput>
&prompt.user; <userinput>echo STRIP= &gt;&gt;Makefile</userinput>
&prompt.user; <userinput>echo CFLAGS+=-g &gt;&gt;Makefile</userinput>
&prompt.user; <userinput>make clean all</userinput>
&prompt.user; <userinput>su</userinput>
&prompt.root; <userinput>make install</userinput>
&prompt.root; <userinput>chmod 555 /usr/sbin/ppp</userinput></screen>
<para>You will now have a debuggable version of ppp installed.
You will have to be root to run ppp as all of its privileges
have been revoked. When you start ppp, take a careful note
of what your current directory was at the time.</para>
<para>Now, if and when ppp receives the segmentation violation,
it will dump a core file called ppp.core. You should then do
the following:</para>
<screen>&prompt.user; <userinput>su</userinput>
&prompt.root; <userinput>gdb /usr/sbin/ppp ppp.core</userinput>
<prompt>(gdb)</prompt> <userinput>bt</userinput>
.....
<prompt>(gdb)</prompt> <userinput>f 0</userinput>
....
<prompt>(gdb)</prompt> <userinput>i args</userinput>
....
<prompt>(gdb)</prompt> <userinput>l</userinput>
.....</screen>
<para>All of this information should be given alongside your
question, making it possible to diagnose the problem.</para>
<para>If you're familiar with gdb, you may wish to find out some
other bits and pieces such as what actually caused the dump and
the addresses &amp; values of the relevant variables.</para>
</answer>
</qandaentry>
<qandaentry>
<question id="ppp-autodialprocess-noconnect">
<para>The process that forces a dial in auto mode never
connects</para>
</question>
<answer>
<para>This was a known problem with
<application>ppp</application> set up to negotiate a
dynamic local IP number with the peer in auto mode. It is
fixed in the latest version - search the man page for
<literal>iface</literal>.</para>
<para>The problem was that when that initial program calls
&man.connect.2;, the IP number of the tun interface is
assigned to the socket endpoint. The kernel creates the first
outgoing packet and writes it to the tun device.
<application>ppp</application> then reads the packet and establishes a
connection. If, as a result of
<application>ppp</application>s dynamic IP assignment, the interface
address is changed, the original socket endpoint will be
invalid. Any subsequent packets sent to the peer will usually
be dropped. Even if they aren't, any responses will not route
back to the originating machine as the IP number is no longer
owned by that machine.</para>
<para>There are several theoretical ways to approach this
problem. It would be nicest if the peer would re-assign the
same IP number if possible <literal>:-)</literal>
The current version of <application>ppp</application> does
this, but most other implementations don't.</para>
<para>The easiest method from our side would be to never change
the tun interface IP number, but instead to change all outgoing
packets so that the source IP number is changed from the
interface IP to the negotiated IP on the fly. This is
essentially what the <literal>iface-alias</literal> option in
the latest version of <application>ppp</application> is
doing (with the help of
&man.libalias.3; and ppp's <option>-nat</option> switch) -
it's maintaining all previous interface addresses and NATing
them to the last negotiated address.</para>
<para>Another alternative (and probably the most reliable) would
be to implement a system call that changes all bound sockets
from one IP to another. <application>ppp</application> would
use this call to modify the sockets of all existing programs
when a new IP number is negotiated. The same system call could
be used by dhcp clients when they are forced to re-bind() their
sockets.</para>
<para>Yet another possibility is to allow an interface to be
brought up without an IP number. Outgoing packets would be
given an IP number of 255.255.255.255 up until the first
SIOCAIFADDR ioctl is done. This would result in fully binding
the socket. It would be up to <application>ppp</application>
to change the source IP number, but only if it's set to
255.255.255.255, and only the IP number and IP checksum would
need to change. This, however is a bit of a hack as the kernel
would be sending bad packets to an improperly configured
interface, on the assumption that some other mechanism is
capable of fixing things retrospectively.</para>
</answer>
</qandaentry>
<qandaentry>
<question id="ppp-nat-games">
<para>Why don't most games work with the -nat switch</para>
</question>
<answer>
<para>The reason games and the like don't work when libalias
is in use is that the machine on the outside will try to open a
connection or send (unsolicited) UDP packets to the machine on
the inside. The NAT software doesn't know that it should send
these packets to the interior machine.</para>
<para>To make things work, make sure that the only thing
running is the software that you're having problems with, then
either run tcpdump on the tun interface of the gateway or
enable ppp tcp/ip logging (<literal>set log +tcp/ip</literal>)
on the gateway.</para>
<para>When you start the offending software, you should see
packets passing through the gateway machine. When something
comes back from the outside, it'll be dropped (that's the
problem). Note the port number of these packets then shut down
the offending software. Do this a few times to see if the port
numbers are consistent. If they are, then the following line in
the relevant section of /etc/ppp/ppp.conf will make the
software functional:</para>
<programlisting>nat port <replaceable>proto</replaceable> <replaceable>internalmachine</replaceable>:<replaceable>port</replaceable> <replaceable>port</replaceable></programlisting>
<para>where <replaceable>proto</replaceable> is either
<literal>tcp</literal> or <literal>udp</literal>,
<replaceable>internalmachine</replaceable> is the machine that
you want the packets to be sent to and
<replaceable>port</replaceable> is the destination port number
of the packets.</para>
<para>You won't be able to use the software on other machines
without changing the above command, and running the software
on two internal machines at the same time is out of the question
- after all, the outside world is seeing your entire internal
network as being just a single machine.</para>
<para>If the port numbers aren't consistent, there are three
more options:</para>
<orderedlist>
<listitem>
<para>Submit support in
libalias. Examples of <quote>special cases</quote> can be found
in <filename>/usr/src/lib/libalias/alias_*.c</filename>
(<filename>alias_ftp.c</filename> is a good prototype). This
usually involves reading certain recognised outgoing packets,
identifying the instruction that tells the outside machine to
initiate a connection back to the internal machine on a
specific (random) port and setting up a <quote>route</quote> in
the alias table so that the subsequent packets know where to
go.</para>
<para>This is the most difficult solution, but it is the best
and will make the software work with multiple machines.</para>
</listitem>
<listitem>
<para>Use a proxy. The
application may support socks5 for example, or (as in the
<quote>cvsup</quote> case) may have a <quote>passive</quote>
option that avoids ever requesting that the peer open
connections back to the local machine.</para>
</listitem>
<listitem>
<para>Redirect everything to
the internal machine using <literal>nat addr</literal>. This
is the sledge-hammer approach.</para>
</listitem>
</orderedlist>
</answer>
</qandaentry>
<qandaentry>
<question id="useful-port-numbers">
<para>Has anybody made a list of useful port numbers?</para>
</question><answer>
<para>Not yet, but this is intended to grow into such a list
(if any interest is shown). In each example,
<replaceable>internal</replaceable> should be replaced with
the IP number of the machine playing the game.</para>
<itemizedlist>
<listitem>
<para><application>Asheron's Call</application></para>
<para><literal>nat port udp
<replaceable>internal</replaceable>
:65000 65000</literal></para>
<para>Manually change the port number within the game to
65000. If you've got a number of machines that you wish
to play on assign a unique port number for each (i.e.
65001, 65002, etc) and add a <literal>nat port</literal>
line for each one.</para>
</listitem>
<listitem>
<para><application>Half Life</application></para>
<para><literal>nat port udp
<replaceable>internal</replaceable>:27005
27015</literal></para>
</listitem>
<listitem>
<para><application>PCAnywhere 8.0</application></para>
<para><literal>nat port udp
<replaceable>internal</replaceable>:5632
5632</literal></para>
<para><literal>nat port tcp
<replaceable>internal</replaceable>:5631
5631</literal></para>
</listitem>
<listitem>
<para><application>Quake</application></para>
<para><literal>nat port udp
<replaceable>internal</replaceable>:6112
6112</literal></para>
<para>Alternatively, you may want to take a look at <ulink
URL="http://www.battle.net/support/proxy/">
www.battle.net</ulink> for Quake proxy support.</para>
</listitem>
<listitem>
<para><application>Quake 2</application></para>
<para><literal>nat port udp
<replaceable>internal</replaceable>:27901
27910</literal></para>
</listitem>
<listitem>
<para><application>Red Alert</application></para>
<para><literal>nat port udp
<replaceable>internal</replaceable>:8675
8675</literal></para>
<para><literal>nat port udp
<replaceable>internal</replaceable>:5009
5009</literal></para>
</listitem>
</itemizedlist>
</answer>
</qandaentry>
<qandaentry>
<question id="fcs-errors">
<para>What are FCS errors?</para>
</question>
<answer>
<para>FCS stands for <literal>F</literal>rame
<literal>C</literal>heck
<literal>S</literal>equence. Each ppp packet
has a checksum attached to ensure that the data being
received is the data being sent. If the FCS of an incoming
packet is incorrect, the packet is dropped and the HDLC FCS
count is increased. The HDLC error values can be displayed
using the <literal>show hdlc</literal> command.</para>
<para>If your link is bad (or if your serial driver is dropping
packets), you will see the occasional FCS error. This is not
usually worth worrying about although it does slow down the
compression protocols substantially. If you have an external
modem, make sure your cable is properly shielded from
interference - this may eradicate the problem.</para>
<para>If your link freezes as soon as you've connected and you
see a large number of FCS errors, this may be because your link
is not 8 bit clean. Make sure your modem is not using software
flow control (XON/XOFF). If your datalink
<emphasis>must</emphasis> use software flow control, use the
command <literal>set accmap 0x000a0000</literal> to tell
<command>ppp</command> to escape the <literal>^Q</literal> and
<literal>^S</literal> characters.</para>
<para>Another reason for seeing too many FCS errors may be that
the remote end has stopped talking <acronym>PPP</acronym>. You
may want to enable <literal>async</literal> logging at this
point to determine if the incoming data is actually a login or
shell prompt. If you have a shell prompt at the remote end,
it's possible to terminate ppp without dropping the line by
using the <literal>close lcp</literal> command (a following
<literal>term</literal> command will reconnect you to the shell
on the remote machine.</para>
<para>If nothing in your log file indicates why the link might
have been terminated, you should ask the remote administrator
(your ISP?) why the session was terminated.</para>
</answer>
</qandaentry>
<qandaentry id=PPPoEwithNAT>
<question id="macos-win98-pppoe-freeze">
<para>Why do MacOS and Windows 98 connections freeze when
running PPPoE on the gateway</para>
</question>
<answer>
<para>Thanks to Michael Wozniak
<email>mwozniak@netcom.ca</email> for figuring this out and
Dan Flemming <email>danflemming@mac.com</email> for the Mac
solution:</para>
<para>This is due to what's called a <quote>Black Hole</quote>
router. MacOS and Windows 98 (and maybe other Microsoft OSs)
send TCP packets with a requested segment size too big to fit
into a PPPoE frame (MTU is 1500 by default for ethernet)
<emphasis>and</emphasis> have the <quote>don't
fragment</quote> bit set (default of TCP) and the Telco router
is not sending ICMP <quote>must fragment</quote> back to the
www site you are trying to load. (Alternatively, the router is
sending the ICMP packet correctly, but the firewall at the www
site is dropping it.) When the www server is sending
you frames that don't fit into the PPPoE pipe the Telco router
drops them on the floor and your page doesn't load (some
pages/graphics do as they are smaller than a MSS.) This seems
to be the default of most Telco PPPoE configurations (if only
they knew how to program a router... sigh...)</para>
<para>One fix is to use regedit on your 95/98 boxes to add the
following registry entry...</para>
<literallayout>
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Class\NetTrans\0000\MaxMTU
</literallayout>
<para>It should be a string with a value <quote>1450</quote>
(more accurately it should be <quote>1464</quote> to fit TCP
packets into a PPPoE frame perfectly but the
<quote>1450</quote> gives you a margin of error for other IP
protocols you may encounter). This registry key is reported to
have moved to
<literal>Tcpip\Parameters\Interfaces\<replaceable>ID for adapter</replaceable>\MTU</literal>
in Windows 2000.</para>
<para>Refer to <ulink
URL="http://search.support.microsoft.com/kb">Microsoft Knowledge
Base</ulink> documents <quote>Q158474 - Windows TCPIP Registry
Entries</quote> and <quote>Q120642 - TCPIP & NBT Configuration
Parameters for Windows NT</quote> for more information on
changing Windoze MTU to work with a FreeBSD/NAT/PPPoE
router.</para>
<para>Unfortunately, MacOS does not provide an interface for
changing TCP/IP settings. However, there is commercial software
available, such as OTAdvancedTuner (OT for OpenTransport, the
MacOS TCP/IP stack) by <ulink
URL="http://www.softworks.com/">Sustainable Softworks</ulink>,
that will allow users to customize TCP/IP settings. MacOS NAT
users should select <literal>ip_interface_MTU</literal> from
the drop-down menu, enter <literal>1450</literal> instead of
<literal>1500</literal> in the box, click the box next to
<literal>Save as Auto Configure</literal>, and click
<literal>Make Active</literal>.</para>
<para>The latest version of <application>ppp</application>
(2.3 or greater) has an <command>enable tcpmssfixup</command>
command that will automatically adjust the MSS to an appropriate
value. This facility is enabled by default. If you're stuck
with an older version of <application>ppp</application>, you
may want to look at the <application>tcpmssd</application>
port.</para>
</answer>
</qandaentry>
<qandaentry>
<question id="desperation">
<para>None of this helps - I'm desperate!</para>
</question>
<answer>
<para>If all else fails, send as much information as you can,
including your config files, how you're starting
<application>ppp</application>, the relevant parts of your
log file and the output of the
<command>netstat -rn</command> command (before and after connecting) to
the <email>freebsd-questions@FreeBSD.org</email> mailing list
or the <ulink URL="news:comp.unix.bsd.freebsd.misc">
comp.unix.bsd.freebsd.misc</ulink> news group, and someone
should point you in the right direction.</para>
</answer>
</qandaentry>
</qandaset>
</chapter>
<chapter id="serial">
<title>Serial Communications</title>
<para>This section answers common questions about serial
communications with FreeBSD. PPP and SLIP are covered in the
<xref linkend="networking" remap="Networking"> section.</para>
<qandaset>
<qandaentry>
<question id="found-serial">
<para>How do I tell if FreeBSD found my serial ports?</para>
</question>
<answer>
<para>As the FreeBSD kernel boots, it will probe for the serial
ports in your system for which the kernel was configured.
You can either watch your system closely for the messages it
prints or run the command</para>
<screen>&prompt.user; <userinput>dmesg | grep sio</userinput></screen>
<para>after your system's up and running.</para>
<para>Here's some example output from the above command:</para>
<programlisting>sio0 at 0x3f8-0x3ff irq 4 on isa
sio0: type 16550A
sio1 at 0x2f8-0x2ff irq 3 on isa
sio1: type 16550A</programlisting>
<para>This shows two serial ports. The first is on irq 4, is
using port address <literal>0x3f8</literal>, and has a
16550A-type UART chip. The second uses the same kind of chip
but is on irq 3 and is at port address <literal>0x2f8</literal>.
Internal modem cards are treated just like serial ports---except
that they always have a modem <quote>attached</quote> to the
port.</para>
<para>The <filename>GENERIC</filename> kernel includes support
for two serial ports using the same irq and port address
settings in the above example. If these settings aren't
right for your system, or if you've added modem cards or have
more serial ports than your kernel is configured for, just
reconfigure your kernel. See section
<link linkend="make-kernel">about building a kernel</link> for
more details.</para>
</answer>
</qandaentry>
<qandaentry>
<question id="found-modem">
<para>How do I tell if FreeBSD found my modem cards?</para>
</question>
<answer>
<para>Refer to the answer to the previous question.</para>
</answer>
</qandaentry>
<qandaentry>
<question id="missing-tty0X">
<para>I just upgraded to 2.0.5 and my
<filename>tty0X</filename> are missing!</para>
</question>
<answer>
<para>Don't worry, they have been merged with the
<filename>ttydX</filename> devices. You'll have to change
any old configuration files you have, though.</para>
</answer>
</qandaentry>
<qandaentry>
<question id="access-serial-ports">
<para>How do I access the serial ports on FreeBSD?</para>
</question>
<answer>
<para>The third serial port,
<devicename>sio2</devicename>
(see &man.sio.4;, known as COM3 in DOS), is on <filename>/dev/cuaa2</filename>
for dial-out devices, and on <filename>/dev/ttyd2</filename>
for dial-in devices. What's the difference between these two
classes of devices?</para>
<para>You use <filename>ttydX</filename> for dial-ins. When
opening <filename>/dev/ttydX</filename> in blocking mode, a
process will wait for the corresponding
<filename>cuaaX</filename> device to become inactive, and then
wait for the carrier detect line to go active. When you open
the <filename>cuaaX</filename> device, it makes sure the serial
port isn't already in use by the <filename>ttydX</filename>
device. If the port's available, it <quote>steals</quote> it
from the <filename>ttydX</filename> device. Also, the
<filename>cuaXX</filename> device doesn't care about carrier
detect. With this scheme and an auto-answer modem, you can have
remote users log in and you can still dialout with the same
modem and the system will take care of all the
conflicts.</para>
</answer>
</qandaentry>
<qandaentry>
<question id="enable-multiport-serial">
<para>How do I enable support for a multiport serial
card?</para>
</question>
<answer>
<para>Again, the section on kernel configuration provides
information about configuring your kernel. For a multiport
serial card, place an &man.sio.4; line
for each serial port on the card in the kernel configuration
file. But place the irq and vector specifiers on only one of
the entries. All of the ports on the card should share one irq.
For consistency, use the last serial port to specify the irq.
Also, specify the <literal>COM_MULTIPORT</literal>
option.</para>
<para>The following example is for an AST 4-port serial card on
irq 7:</para>
<programlisting>options "COM_MULTIPORT"
device sio4 at isa? port 0x2a0 tty flags 0x781
device sio5 at isa? port 0x2a8 tty flags 0x781
device sio6 at isa? port 0x2b0 tty flags 0x781
device sio7 at isa? port 0x2b8 tty flags 0x781 irq 7 vector siointr</programlisting>
<para>The flags indicate that the master port has minor number 7
(<literal>0x700</literal>), diagnostics enabled during probe
(<literal>0x080</literal>), and all the ports share an irq
(<literal>0x001</literal>).</para>
</answer>
</qandaentry>
<qandaentry>
<question id="multiport-serial-share-irq">
<para>Can FreeBSD handle multiport serial cards sharing
irqs?</para>
</question>
<answer>
<para>Not yet. You'll have to use a different irq for each
card.</para>
</answer>
</qandaentry>
<qandaentry>
<question id="default-serial-params">
<para>Can I set the default serial parameters for a
port?</para>
</question>
<answer>
<para>The <filename>ttydX</filename> (or
<filename>cuaaX</filename>) device is the regular device
you'll want to open for your applications. When a process
opens the device, it'll have a default set of terminal I/O
settings. You can see these settings with the command</para>
<screen>&prompt.root; <userinput>stty -a -f /dev/ttyd1</userinput></screen>
<para>When you change the settings to this device, the settings
are in effect until the device is closed. When it's reopened,
it goes back to the default set. To make changes to the
default set, you can open and adjust the settings of the
<quote>initial state</quote> device. For example, to turn on
<acronym>CLOCAL</acronym> mode, 8 bits, and
<filename>XON/XOFF</filename> flow control by default for
ttyd5, do:</para>
<screen>&prompt.root; <userinput>stty -f /dev/ttyid5 clocal cs8 ixon ixoff</userinput></screen>
<para>A good place to do this is in
<filename>/etc/rc.serial</filename>. Now, an application will
have these settings by default when it opens
<filename>ttyd5</filename>. It can still change these settings
to its liking, though.</para>
<para>You can also prevent certain settings from being changed
by an application by making adjustments to the
<quote>lock state</quote> device. For example, to lock the
speed of <filename>ttyd5</filename> to 57600 bps, do</para>
<screen>&prompt.root; <userinput>stty -f /dev/ttyld5 57600</userinput></screen>
<para>Now, an application that opens <filename>ttyd5</filename>
and tries to change the speed of the port will be stuck with
57600 bps.</para>
<para>Naturally, you should make the initial state and lock state
devices writable only by <username>root</username>. The
&man.MAKEDEV.8;
script does <emphasis>NOT</emphasis> do this when it creates the
device entries.</para>
</answer>
</qandaentry>
<qandaentry>
<question id="enable-dialup">
<para>How can I enable dialup logins on my modem?</para>
</question>
<answer>
<para>So you want to become an Internet service provider, eh?
First, you'll need one or more modems that can auto-answer.
Your modem will need to assert carrier-detect when it detects a
carrier and not assert it all the time. It will need to hang up
the phone and reset itself when the data terminal ready
(<acronym>DTR</acronym>) line goes from on to off. It should
probably use <filename>RTS/CTS</filename> flow control or no
local flow control at all. Finally, it must use a constant
speed between the computer and itself, but (to be nice to your
callers) it should negotiate a speed between itself and the
remote modem.</para>
<para>For many Hayes command-set--compatible modems, this
command will make these settings and store them in
nonvolatile memory:</para>
<programlisting>AT &amp;C1 &amp;D3 &amp;K3 &amp;Q6 S0=1 &amp;W</programlisting>
<para>See the section <link linkend="direct-at">on sending AT
commands</link> below for information on how to make these
settings without resorting to an MS-DOS terminal program.</para>
<para>Next, make an entry in
<filename>/etc/ttys</filename> (see &man.ttys.5;) for the modem. This file lists all the ports
on which the operating system will await logins. Add a line
that looks something like this:</para>
<programlisting>ttyd1 "/usr/libexec/getty std.57600" dialup on insecure</programlisting>
<para>This line indicates that the second serial port
(<filename>/dev/ttyd1</filename>) has a modem connected
running at 57600 bps and no parity
(<literal>std.57600</literal>, which comes from the file
<filename>/etc/gettytab</filename>, see &man.gettytab.5;).
The terminal type for this port is <literal>dialup</literal>.
The port is <literal>on</literal> and is
<literal>insecure</literal>---meaning root logins on the port
aren't allowed. For dialin ports like this one, use the
<literal>ttydX</literal> entry.</para>
<para>It's common practice to use <literal>dialup</literal> as
the terminal type. Many users set up in their .profile or
.login files a prompt for the actual terminal type if the
starting type is dialup. The example shows the port as
insecure. To become root on this port, you have to login as a
regular user, then <command>su</command> to become
<username>root</username>. If you use <literal>secure</literal>
then <username>root</username> can login in directly.</para>
<para>After making modifications to
<filename>/etc/ttys</filename>, you need to send a hangup or
<acronym>HUP</acronym> signal to the
&man.init.8; process:</para>
<screen>&prompt.root; <userinput>kill -HUP 1</userinput></screen>
<para>This forces the init process to reread
<filename>/etc/ttys</filename>. The init process will then start getty
processes on all <literal>on</literal> ports. You can find
out if logins are available for your port by typing</para>
<screen>&prompt.user; <userinput>ps -ax | grep '[t]tyd1'</userinput></screen>
<para>You should see something like:</para>
<programlisting>747 ?? I 0:00.04 /usr/libexec/getty std.57600 ttyd1</programlisting>
</answer>
</qandaentry>
<qandaentry>
<question id="dumb-terminal">
<para>How can I connect a dumb terminal to my FreeBSD
box?</para>
</question>
<answer>
<para>If you're using another computer as a terminal into your
FreeBSD system, get a null modem cable to go between the two
serial ports. If you're using an actual terminal, see its
accompanying instructions.</para>
<para>Then, modify
<filename>/etc/ttys</filename> (see &man.ttys.5;), like above. For example, if you're
hooking up a WYSE-50 terminal to the fifth serial port,
use an entry like this:</para>
<programlisting>ttyd4 "/usr/libexec/getty std.38400" wyse50 on secure</programlisting>
<para>This example shows that the port on
<filename>/dev/ttyd4</filename> has a wyse50 terminal
connected at 38400 bps with no parity
(<literal>std.38400</literal> from
<filename>/etc/gettytab</filename>, see &man.gettytab.5;) and <literal>root</literal> logins are
allowed (secure).</para>
</answer>
</qandaentry>
<qandaentry>
<question id="cannot-tip">
<para>Why can't I run <command>tip</command> or
<command>cu</command>?</para>
</question>
<answer>
<para>On your system, the programs &man.tip.1;
and &man.cu.1;
are probably executable only by
<username>uucp</username>
and group <literal>dialer</literal>. You can use the group
<literal>dialer</literal> to control who has access to your
modem or remote systems. Just add yourself to group
dialer.</para>
<para>Alternatively, you can let everyone on your system
run <command>tip</command> and <command>cu</command> by
typing:</para>
<screen>&prompt.root; <userinput>chmod 4511 /usr/bin/cu</userinput>
&prompt.root; <userinput>chmod 4511 /usr/bin/tip</userinput></screen>
</answer>
</qandaentry>
<qandaentry>
<question id="hayes-unsupported">
<para>My stock Hayes modem isn't supported---what
can I do?</para>
</question>
<answer>
<para>Actually, the man page for &man.tip.1; is
out of date. There is a generic Hayes dialer already built in.
Just use <literal>at=hayes</literal> in your
<filename>/etc/remote</filename> (see &man.remote.5;) file.</para>
<para>The Hayes driver isn't smart enough to recognize some of
the advanced features of newer modems---messages like
<literal>BUSY</literal>, <literal>NO DIALTONE</literal>, or
<literal>CONNECT 115200</literal> will just confuse it. You
should turn those messages off when you use &man.tip.1;
(using <literal>ATX0&amp;W</literal>).</para>
<para>Also, the dial timeout for <command>tip</command> is 60
seconds. Your modem should use something less, or else tip
will think there's a communication problem. Try
<literal>ATS7=45&amp;W</literal>.</para>
<para>Actually, as shipped <command>tip</command> doesn't yet
support it fully. The solution is to edit the file
<filename>tipconf.h</filename> in the directory
<filename>/usr/src/usr.bin/tip/tip</filename>. Obviously you
need the source distribution to do this.</para>
<para>Edit the line <literal>#define HAYES 0</literal>
to <literal>#define HAYES 1</literal>. Then
<command>make</command> and <command>make install</command>.
Everything works nicely after that.</para>
</answer>
</qandaentry>
<qandaentry>
<question id="direct-at">
<para>How am I expected to enter these AT commands?</para>
</question>
<answer>
<para>Make what's called a <quote>direct</quote> entry in your
<filename>/etc/remote</filename> file (see &man.remote.5;). For example, if your modem's hooked
up to the first serial port, <filename>/dev/cuaa0</filename>,
then put in the following line:</para>
<programlisting>cuaa0:dv=/dev/cuaa0:br#19200:pa=none</programlisting>
<para>Use the highest bps rate your modem supports in the br
capability. Then, type
<command>tip cuaa0</command> (see &man.tip.1;)
and you'll be connected to your modem.</para>
<para>If there is no <filename>/dev/cuaa0</filename> on your
system, do this:</para>
<screen>&prompt.root; <userinput>cd /dev</userinput>
&prompt.root; <userinput>sh MAKEDEV cuaa0</userinput></screen>
<para>Or use cu as root with the following command:</para>
<screen>&prompt.root; <userinput>cu -l<replaceable>line</replaceable> -s<replaceable>speed</replaceable></userinput></screen>
<para>with line being the serial port (e.g.
<filename>/dev/cuaa0</filename>) and speed being the speed
(e.g.<literal>57600</literal>). When you are done entering
the AT commands hit <literal>~.</literal> to exit.</para>
</answer>
</qandaentry>
<qandaentry>
<question id="gt-failure">
<para>The <literal>&lt;@&gt;</literal> sign for the pn
capability doesn't work!</para></question><answer>
<para>The <literal>&lt;@&gt;</literal> sign in the phone number
capability tells tip to look in
<filename>/etc/phones</filename> for a phone number. But the
<literal>&lt;@&gt;</literal> sign is also a special character
in capability files like <filename>/etc/remote</filename>.
Escape it with a backslash:</para>
<programlisting>pn=\@</programlisting>
</answer>
</qandaentry>
<qandaentry>
<question id="dial-command-line">
<para>How can I dial a phone number on the command
line?</para>
</question><answer>
<para>Put what's called a <quote>generic</quote> entry in your
<filename>/etc/remote</filename> file (see &man.remote.5;). For example:</para>
<programlisting>tip115200|Dial any phone number at 115200 bps:\
:dv=/dev/cuaa0:br#115200:at=hayes:pa=none:du:
tip57600|Dial any phone number at 57600 bps:\
:dv=/dev/cuaa0:br#57600:at=hayes:pa=none:du:</programlisting>
<para>Then you can do something like <command>tip -115200
5551234</command>. If you prefer &man.cu.1;
over
&man.tip.1;, use a generic cu entry:</para>
<programlisting>cu115200|Use cu to dial any number at 115200bps:\
:dv=/dev/cuaa1:br#57600:at=hayes:pa=none:du:</programlisting>
<para>and type <command>cu 5551234 -s 115200</command>.</para>
</answer>
</qandaentry>
<qandaentry>
<question id="set-bps">
<para>Do I have to type in the bps rate every time I do
that?</para>
</question><answer>
<para>Put in an entry for <literal>tip1200</literal> or
<literal>cu1200</literal>, but go ahead and use whatever bps
rate is appropriate with the br capability.
&man.tip.1;
thinks a good default is 1200 bps which is why it looks for
a <literal>tip1200</literal> entry. You don't have to use 1200
bps, though.</para>
</answer>
</qandaentry>
<qandaentry>
<question id="terminal-server">
<para>I access a number of hosts through a terminal
server.</para>
</question>
<answer>
<para>Rather than waiting until you're connected and typing
<literal>CONNECT <replaceable>host</replaceable></literal>
each time, use tip's <literal>cm</literal> capability. For
example, these entries in
<filename>/etc/remote</filename> (see &man.remote.5;):</para>
<programlisting>pain|pain.deep13.com|Forrester's machine:\
:cm=CONNECT pain\n:tc=deep13:
muffin|muffin.deep13.com|Frank's machine:\
:cm=CONNECT muffin\n:tc=deep13:
deep13:Gizmonics Institute terminal server:\
:dv=/dev/cuaa2:br#38400:at=hayes:du:pa=none:pn=5551234:</programlisting>
<para>will let you type <command>tip pain</command> or
<command>tip muffin</command> to connect to the hosts
<hostid>pain</hostid> or <hostid>muffin</hostid>; and
<command>tip deep13</command> to get to the terminal
server.</para>
</answer>
</qandaentry>
<qandaentry>
<question id="tip-multiline">
<para>Can tip try more than one line for each site?</para>
</question>
<answer>
<para>This is often a problem where a university has several
modem lines and several thousand students trying to use
them...</para>
<para>Make an entry for your university in
<filename>/etc/remote</filename> (see &man.remote.5;) and use <literal>&lt;\@&gt;</literal> for
the <literal>pn</literal> capability:</para>
<programlisting>big-university:\
:pn=\@:tc=dialout
dialout:\
:dv=/dev/cuaa3:br#9600:at=courier:du:pa=none:</programlisting>
<para>Then, list the phone numbers for the university in
<filename>/etc/phones</filename> (see &man.phones.5;):</para>
<programlisting>big-university 5551111
big-university 5551112
big-university 5551113
big-university 5551114</programlisting>
<para>&man.tip.1;
will try each one in the listed order, then give
up. If you want to keep retrying, run <command>tip</command>
in a while loop.</para>
</answer>
</qandaentry>
<qandaentry>
<question id="multi-controlp">
<para>Why do I have to hit CTRL+P twice to send CTRL+P
once?</para>
</question>
<answer>
<para>CTRL+P is the default <quote>force</quote> character,
used to tell &man.tip.1;
that the next character is literal data. You can set the
force character to any other character with the
<literal>~s</literal> escape, which means <quote>set a
variable</quote>.</para>
<para>Type <literal>~sforce=<replaceable>single-char
</replaceable></literal> followed by a newline.
<replaceable>single-char</replaceable> is any single character.
If you leave out <replaceable>single-char</replaceable>,
then the force character is the nul character, which you can
get by typing CTRL+2 or CTRL+SPACE. A pretty good value for
<replaceable>single-char</replaceable> is SHIFT+CTRL+6, which
I've seen only used on some terminal servers.</para>
<para>You can have the force character be whatever you want by
specifying the following in your
<filename>&#36;HOME/.tiprc</filename> file:</para>
<programlisting>force=<replaceable>single-char</replaceable></programlisting>
</answer>
</qandaentry>
<qandaentry>
<question id="uppercase">
<para>Suddenly everything I type is in UPPER CASE??</para>
</question>
<answer>
<para>You must've pressed CTRL+A, &man.tip.1;
<quote>raise character</quote>, specially
designed for people with broken caps-lock keys. Use
<literal>~s</literal> as above and set the variable
<quote>raisechar</quote> to something reasonable. In fact,
you can set it to the same as the force character, if you
never expect to use either of these features.</para>
<para>Here's a sample .tiprc file perfect for Emacs users who
need to type CTRL+2 and CTRL+A a lot:</para>
<programlisting>force=^^
raisechar=^^</programlisting>
<para>The ^^ is SHIFT+CTRL+6.</para>
</answer>
</qandaentry>
<qandaentry>
<question id="tip-filetransfer">
<para>How can I do file transfers with
<command>tip</command>?</para>
</question>
<answer>
<para>If you're talking to another UNIX system, you can send
and receive files with <literal>~p</literal> (put) and
<literal>~t</literal> (take). These commands run
&man.cat.1; and
&man.echo.1; on the remote system to accept and send files.
The syntax is:</para>
<programlisting>~p &lt;local-file&gt; [&lt;remote-file&gt;]
~t &lt;remote-file&gt; [&lt;local-file&gt;]</programlisting>
<para>There's no error checking, so you probably should use
another protocol, like zmodem.</para>
</answer>
</qandaentry>
<qandaentry>
<question id="zmodem-tip">
<para>How can I run zmodem with
<application>tip</application>?</para>
</question>
<answer>
<para>First, install one of the zmodem programs from the ports
collection (such as one of the two from the comms category,
<ulink URL="http://www.FreeBSD.org/cgi/ports.cgi?^lrzsz">
lrzsz</ulink> and <ulink
URL="http://www.FreeBSD.org/cgi/ports.cgi?^rzsz">
rzsz</ulink>).</para>
<para>To receive files, start the sending program on the
remote end. Then, press enter and type
<literal>~C rz</literal> (or <literal>~C lrz</literal> if you
installed <application>lrzsz</application>) to begin
receiving them locally.</para>
<para>To send files, start the receiving program on the remote
end. Then, press enter and type
<literal>~C sz <replaceable>files</replaceable></literal>
(or <literal>~C lsz <replaceable>files</replaceable></literal>)
to send them to the remote system.</para>
</answer>
</qandaentry>
<qandaentry>
<question id="cannot-find-serial">
<para>FreeBSD can't seem to find my serial ports, even when
the settings are correct.</para>
</question>
<answer>
<para>Motherboards and cards with Acer UARTs do not probe
properly under the FreeBSD sio probe. Obtain a patch from
<ulink URL="http://www.lemis.com/serial-port-patch.html">
www.lemis.com</ulink> to fix your problem.</para>
</answer>
</qandaentry>
</qandaset>
</chapter>
<chapter id="misc">
<title>Miscellaneous Questions</title>
<qandaset>
<qandaentry>
<question id="more-swap">
<para>FreeBSD uses far more swap space than Linux. Why?</para>
</question>
<answer>
<para>FreeBSD only appears to use more swap than Linux. In
actual fact, it does not. The main difference between FreeBSD
and Linux in this regard is that FreeBSD will proactively move
entirely idle, unused pages of main memory into swap in order
to make more main memory available for active use. Linux tends
to only move pages to swap as a last resort. The perceived
heavier use of swap is balanced by the more efficient use of
main memory.</para>
<para>Note that while FreeBSD is proactive in this regard, it
does not arbitrarily decide to swap pages when the system is
truely idle. Thus you will not find your system all paged
out when you get up in the morning after leaving it idle
overnight.</para>
</answer>
</qandaentry>
<qandaentry>
<question id="top-freemem">
<para>Why does &man.top.1; show very little free memory even
when I have very few programs running?</para>
</question>
<answer>
<para>The simple answer is that free memory is wasted
memory. Any memory that your programs don't actively
allocate is used within the FreeBSD kernel as disk
cache. The values shown by &man.top.1; labelled as
<literal>Inact</literal>, <literal>Cache</literal>, and
<literal>Buf</literal> are all cached data at different
aging levels. This cached data means the system does
not have to access a slow disk again for data it has
accessed recently, thus increasing overall performance.
In general, a low value shown for <literal>Free</literal>
memory in &man.top.1; is good, provided it is not
<emphasis>very</emphasis> low.</para>
</answer>
</qandaentry>
<qandaentry>
<question id="aout-elf">
<para>Why use (what are) a.out and ELF executable
formats?</para>
</question>
<answer>
<para>To understand why FreeBSD uses the
<filename>ELF</filename> format, you must first know a little
about the 3 currently <quote>dominant</quote> executable
formats for UNIX:</para>
<para>
<note>
<para>Prior to FreeBSD 3.x, FreeBSD used the a.out
format.</para>
</note></para>
<itemizedlist>
<listitem>
<para>&man.a.out.5;</para>
<para>The oldest and <quote>classic</quote> unix object
format. It uses a short and compact header with a magic
number at the beginning that's often used to
characterize the format (see
&man.a.out.5; for more details). It contains three
loaded segments: .text, .data, and .bss plus a symbol
table and a string table.</para>
</listitem>
<listitem>
<para><acronym>COFF</acronym></para>
<para>The SVR3 object format. The header now comprises
a section table, so you can have more than just .text,
.data, and .bss sections.</para>
</listitem>
<listitem>
<para><acronym>ELF</acronym></para>
<para>The successor to <acronym>COFF</acronym>, featuring
Multiple sections and 32-bit or 64-bit possible values.
One major drawback: <acronym>ELF</acronym> was also
designed with the assumption that there would be only
one ABI per system architecture. That assumption is
actually quite incorrect, and not even in the
commercial SYSV world (which has at least three ABIs:
SVR4, Solaris, SCO) does it hold true.</para>
<para>FreeBSD tries to work around this problem somewhat
by providing a utility for <emphasis>branding</emphasis>
a known <acronym>ELF</acronym> executable with
information about the ABI it's compliant with. See the
man page for &man.brandelf.1;
for more information.</para>
</listitem>
</itemizedlist>
<para>FreeBSD comes from the <quote>classic</quote> camp and has
traditionally used the &man.a.out.5;
format, a technology tried and proven through
many generations of BSD releases. Though it has also been
possible for some time to build and run native
<acronym>ELF</acronym> binaries (and kernels) on a FreeBSD
system, FreeBSD initially resisted the <quote>push</quote> to
switch to <acronym>ELF</acronym> as the default format. Why?
Well, when the Linux camp made their painful transition to
<acronym>ELF</acronym>, it was not so much to flee the
<filename>a.out</filename> executable format as it was their
inflexible jump-table based shared library mechanism, which
made the construction of shared libraries very difficult for
vendors and developers alike. Since the <acronym>ELF</acronym>
tools available offered a solution to the shared library
problem and were generally seen as <quote>the way
forward</quote> anyway, the migration cost was accepted as
necessary and the transition made.</para>
<para>In FreeBSD's case, our shared library mechanism is based
more closely on Sun's <application>SunOS</application>-style
shared library mechanism and, as such, is very easy to use.
However, starting with 3.0, FreeBSD officially supports
<acronym>ELF</acronym> binaries as the default format. Even
though the <filename>a.out</filename> executable format has
served us well, the GNU people, who author the compiler tools
we use, have dropped support for the <filename>a.out</filename>
format. This has forced us to maintain a divergent version of
the compler and linker, and has kept us from reaping the
benefits of the latest GNU development efforts. Also the
demands of ISO-C++, notably contstructors and destructors, has
also led to native <acronym>ELF</acronym> support in future
FreeBSD releases.</para>
</answer>
</qandaentry>
<qandaentry>
<question id="binary-formats">
<para>Yes, but why are there so many different formats?</para>
</question>
<answer>
<para>Back in the dim, dark past, there was simple hardware.
This simple hardware supported a simple, small system. a.out
was completely adequate for the job of representing binaries on
this simple system (a PDP-11). As people ported unix from this
simple system, they retained the a.out format because it was
sufficient for the early ports of unix to architectures like
the Motorola 68k, VAXen, etc.</para>
<para>Then some bright hardware engineer decided that if he
could force software to do some sleazy tricks, then he'd be
able to shave a few gates off the design and allow his CPU core
to run faster. While it was made to work with this new kind of
hardware (known these days as RISC), <filename>a.out</filename>
was ill-suited for this hardware, so many formats were
developed to get to a better performance from this hardware
than the limited, simple <filename>a.out</filename> format
could offer. Things like <acronym>COFF</acronym>,
<acronym>ECOFF</acronym>, and a few obscure others were
invented and their limitations explored before things seemed to
settle on <acronym>ELF</acronym>.</para>
<para>In addition, program sizes were getting huge and disks
(and physical memory) were still relatively small so the
concept of a shared library was born. The VM system also became
more sophisticated. While each one of these advancements was
done using the <filename>a.out</filename> format, its
usefulness was stretched more and more with each new feature.
In addition, people wanted to dynamically load things at run
time, or to junk parts of their program after the init code had
run to save in core memory and/or swap space. Languages became
more sophistocated and people wanted code called before main
automatically. Lots of hacks were done to the
<filename>a.out</filename> format to allow all of these things
to happen, and they basically worked for a time. In time,
<filename>a.out</filename> wasn't up to handling all these
problems without an ever increasing overhead in code and
complexity. While <acronym>ELF</acronym> solved many of these
problems, it would be painful to switch from the system that
basically worked. So <acronym>ELF</acronym> had to wait until
it was more painful to remain with <filename>a.out</filename>
than it was to migrate to <acronym>ELF</acronym>.</para>
<para>However, as time passed, the build tools that FreeBSD
derived their build tools from (the assembler and loader
especially) evolved in two parallel trees. The FreeBSD tree
added shared libraries and fixed some bugs. The GNU folks that
originally write these programs rewrote them and added simpler
support for building cross compilers, plugging in different
formats at will, etc. Since many people wanted to build cross
compilers targeting FreeBSD, they were out of luck since the
older sources that FreeBSD had for as and ld weren't up to the
task. The new gnu tools chain (binutils) does support cross
compiling, <acronym>ELF</acronym>, shared libraries, C++
extnensions, etc. In addition, many vendors are releasing
<acronym>ELF</acronym> binaries, and it is a good thing for
FreeBSD to run them. And if it is running
<acronym>ELF</acronym> binaries, why bother having
<filename>a.out</filename> any more? It is a tired old horse
that has proven useful for a long time, but it is time to turn
him out to pasture for his long, faithful years of
service.</para>
<para><acronym>ELF</acronym> is more expressive than a.out and
will allow more extensibility in the base system. The
<acronym>ELF</acronym> tools are better maintained, and offer
cross compilation support, which is important to many people.
<acronym>ELF</acronym> may be a little slower than a.out, but
trying to measure it can be difficult. There are also numerous
details that are different between the two in how they map
pages, handle init code, etc. None of these are very important,
but they are differences. In time support for
<filename>a.out</filename> will be moved out of the GENERIC
kernel, and eventually removed from the kernel once the need to
run legacy <filename>a.out</filename> programs is past.</para>
</answer>
</qandaentry>
<qandaentry>
<question id="chmod-symlinks">
<para>Why won't chmod change the permissions on symlinks?</para>
</question>
<answer>
<para>Symlinks do not have permissions, and by default,
&man.chmod.1; will not follow symlinks to change the
permissions on the target file. So if you have a file,
<filename>foo</filename>, and a symlink to that file,
<filename>bar</filename>, then this command will always
succeed.</para>
<screen>&prompt.user; <userinput>chmod g-w bar</userinput></screen>
<para>However, the permissions on <filename>foo</filename> will
not have changed.</para>
<para>You have to use either <option>-H</option> or
<option>-L</option> together with the <option>-R</option>
option to make this work. See the
&man.chmod.1; and &man.symlink.7;
man pages for more info.</para>
<para>
<warning>
<para>The <option>-R</option> option does a
<acronym>RECURSIVE</acronym>
&man.chmod.1;. Be careful about
specifying directories or symlinks to directories to
<command>chmod</command>. If you want to
change the permissions of a directory referenced by a
symlink, use &man.chmod.1;
without any options and follow the symlink
with a trailing slash (<filename>/</filename>). For
example, if <filename>foo</filename> is a symlink to
directory <filename>bar</filename>, and you want to change
the permissions of <filename>foo</filename> (actually
<filename>bar</filename>), you would do something
like:</para>
<screen>&prompt.user; <userinput>chmod 555 foo/</userinput></screen>
<para>With the trailing slash, &man.chmod.1;
will follow the symlink,
<filename>foo</filename>, to change the permissions of the
directory, <filename>bar</filename>.</para>
</warning></para>
</answer>
</qandaentry>
<qandaentry>
<question id="login-8char">
<para>Why are login names <emphasis>still</emphasis>
restricted to 8 characters?</para>
</question>
<answer>
<para>You'd think it'd be easy enough to change
<literal>UT_NAMESIZE</literal> and rebuild the whole world,
and everything would just work. Unfortunately there are often
scads of applications and utilities (including system tools)
that have hard-coded small numbers (not always
<literal>8</literal> or <literal>9</literal>, but oddball ones
like <literal>15</literal> and <literal>20</literal>) in
structures and buffers. Not only will this get you log files
which are trashed (due to variable-length records getting
written when fixed records were expected), but it can break
Sun's NIS clients and potentially cause other problems in
interacting with other UNIX systems.</para>
<para>In FreeBSD 3.0 and later, the maximum name length has
been increased to 16 characters and those various utilities
with hard-coded name sizes have been found and fixed. The fact
that this touched so many areas of the system is why, in fact,
the change was not made until 3.0.</para>
<para>If you're absolutely confident in your ability to find
and fix these sorts of problems for yourself when and if they
pop up, you can increase the login name length in earlier
releases by editing /usr/include/utmp.h and changing
UT_NAMESIZE accordingly. You must also update MAXLOGNAME in
/usr/include/sys/param.h to match the UT_NAMESIZE change.
Finally, if you build from sources, don't forget that
/usr/include is updated each time! Change the appropriate files
in /usr/src/.. instead.</para>
</answer>
</qandaentry>
<qandaentry>
<question id="dos-binaries">
<para>Can I run DOS binaries under FreeBSD?</para>
</question>
<answer>
<para>Yes, starting with version 3.0 you can using BSDI's
<application>doscmd</application> DOS emulation which has
been integrated and enhanced. Send mail to <ulink
URL="mailto:freebsd-emulation@FreeBSD.org">The FreeBSD
emulation discussion list</ulink> if you're interested in
joining this ongoing effort!</para>
<para>For pre-3.0 systems, there is a neat utility called
<ulink URL="http://www.FreeBSD.org/cgi/ports.cgi?^pcemu">
pcemu</ulink> in the ports collection which emulates an 8088
and enough BIOS services to run DOS text mode applications.
It requires the X Window System (provided as XFree86).</para>
</answer>
</qandaentry>
<qandaentry>
<question id="free-account">
<para>Where can I find a free FreeBSD account?</para>
</question>
<answer>
<para>While FreeBSD does not provide open access to any of their
servers, others do provide open access Unix systems. The
charge varies and limited services may be available.</para>
<para><ulink URL="http://www.arbornet.org/">Arbornet,
Inc</ulink>, also known as M-Net, has been providing open
access to Unix systems since 1983. Starting on an Altos
running System III, the site switched to BSD/OS in 1991. In
June of 2000, the site switched again to FreeBSD. M-Net can be
accessed via telnet and SSH and provides basic access to the
entire FreeBSD software suite. However, network access is
limited to members and patrons who donate to the system, which
is run as a non-proft organization. M-Net also provides an
bulletin board system and interactive chat.</para>
<para><ulink URL="http://www.grex.org/">Grex</ulink> provides a
site very similar to M-Net including the same bulletin board
and interactive chat software. However, the machine is a Sun
4M and is running SunOS</para>
</answer>
</qandaentry>
<qandaentry>
<question id="sup-define">
<para>What is <command>sup</command>, and how do I use
it?</para>
</question>
<answer>
<para><ulink URL="http://www.FreeBSD.org/cgi/ports.cgi?^sup">
SUP</ulink> stands for Software Update Protocol, and was
developed by CMU for keeping their development trees in sync.
We used it to keep remote sites in sync with our central
development sources.</para>
<para>SUP is not bandwidth friendly, and has been retired.
The current recommended method to keep your sources up to
date is <ulink URL="../handbook/synching.html#CVSUP">
Handbook entry on CVSup</ulink></para>
</answer>
</qandaentry>
<qandaentry>
<question id="very-very-cool">
<para>How cool is FreeBSD?</para>
</question>
<answer>
<para>Q. Has anyone done any temperature testing while
running FreeBSD? I know Linux runs cooler than dos, but have
never seen a mention of FreeBSD. It seems to run really
hot.</para>
<para>A. No, but we have done numerous taste tests on
blindfolded volunteers who have also had 250 micrograms of
LSD-25 administered beforehand. 35% of the volunteers said that
FreeBSD tasted sort of orange, whereas Linux tasted like purple
haze. Neither group mentioned any significant variances in
temperature. We eventually had to throw the
results of this survey out entirely anyway when we found that
too many volunteers were wandering out of the room during the
tests, thus skewing the results. We think most of the volunteers
are at Apple now, working on their new <quote>scratch and
sniff</quote> GUI. It's a funny old business we're in!</para>
<para>Seriously, both FreeBSD and Linux use the
<acronym>HLT</acronym> (halt) instruction when the system is
idle thus lowering its energy consumption and therefore the
heat it generates. Also if you have APM (advanced power
management) configured, then FreeBSD can also put the CPU into
a low power mode.</para>
</answer>
</qandaentry>
<qandaentry>
<question id="letmeoutofhere">
<para>Who's scratching in my memory banks??</para>
</question>
<answer>
<para>Q. Is there anything <quote>odd</quote> that FreeBSD
does when compiling the kernel which would cause the memory to
make a scratchy sound? When compiling (and for a brief moment
after recognizing the floppy drive upon startup, as well), a
strange scratchy sound emanates from what appears to be the
memory banks.</para>
<para>A. Yes! You'll see frequent references to
<quote>daemons</quote> in the BSD documentation, and what most
people don't know is that this refers to genuine, non-corporeal
entities that now possess your computer. The scratchy sound
coming from your memory is actually high-pitched whispering
exchanged among the daemons as they best decide how to deal
with various system administration tasks.</para>
<para>If the noise gets to you, a good
<command>fdisk /mbr</command> from DOS will get rid of them,
but don't be surprised if they react adversely and try to stop
you. In fact, if at any point during the exercise you hear the
satanic voice of Bill Gates coming from the built-in speaker,
take off running and don't ever look back! Freed from the
counterbalancing influence of the BSD daemons, the twin demons
of DOS and Windows are often able to re-assert total control
over your machine to the eternal damnation of your soul.
Now that you know, given a choice you'd probably prefer to get
used to the scratchy noises, no?</para>
</answer>
</qandaentry>
<qandaentry>
<question id="define-MFC">
<para>What does <acronym>MFC</acronym> mean?</para>
</question>
<answer>
<para>MFC is an acronym for <quote>Merged From -CURRENT</quote>.
It's used in the CVS logs to denote when a change was
migrated from the CURRENT to the STABLE branches.</para>
</answer>
</qandaentry>
<qandaentry>
<question id="define-BSD">
<para>What does <acronym>BSD</acronym> mean?</para>
</question>
<answer>
<para>It stands for something in a secret language that only
members can know. It doesn't translate literally but its ok
to tell you that BSD's translation is something between,
<quote>Formula-1 Racing Team</quote>, <quote>Penguins are
tasty snacks</quote>, and <quote>We have a better sense of
humor than Linux</quote>. :-)</para>
<para>Seriously, BSD is an acronym for <quote>Berkeley
Software Distribution</quote>, which is the name the
Berkeley <acronym>CSRG</acronym> (Computer Systems Research
Group) chose for their Unix distribution way back when.</para>
</answer>
</qandaentry>
<qandaentry>
<question id="define-repocopy">
<para>What is a repo-copy?</para>
</question>
<answer>
<para>A repo-copy (which is a short form of <quote>repository
copy</quote>) refers to the direct copying of files within
the CVS repository.</para>
<para>Without a repo-copy, if a file needed to be copied or
moved to another place in the repository, the committer would
run <command>cvs add</command> to put the file in its new
location, and then <command>cvs rm</command> on the old file
if the old copy was being removed.</para>
<para>The disadvantage of this method is that the history
(i.e. the entries in the CVS logs) of the file would not be
copied to the new location. As the FreeBSD Project considers
this history very useful, a repository copy is often used
instead. This is a process where one of the repository meisters
will copy the files directly within the repository, rather than
using the <command>cvs</command> program.</para>
</answer>
</qandaentry>
<qandaentry>
<question id="bikeshed-painting">
<para>Why should I care what color the bikeshed is?</para>
</question>
<answer>
<para>The really, really short answer is that you shouldn't.
The somewhat longer answer is that just because you are
capable of building a bikeshed doesn't mean you should stop
others from building one just because you don't like the
color they plan to paint it. This is a metaphor indicating
that you need not argue about every little feature just
because you know enough to do so. Some people have
commented that the amount of noise generated by a change is
inversely proportional to the complexity of the
change.</para>
<para>The longer and more complete answer is that after a very
long argument about whether &man.sleep.1; should take
fractional second arguments, &a.phk; posted a long
message entitled <quote><ulink
url="http://www.FreeBSD.org/cgi/getmsg.cgi?fetch=506636+517178+/usr/local/www/db/text/1999/freebsd-hackers/19991003.freebsd-hackers">A bike
shed (any colour will do) on greener grass...</ulink></quote>.
The appropriate portions of that message are quoted
below.</para>
<blockquote>
<attribution>&a.phk; on freebsd-hackers, October
2, 1999</attribution>
<para>
<quote>What is it about this bike shed?</quote> Some
of you have asked me.</para>
<para>It's a long story, or rather it's an old story, but
it is quite short actually. C. Northcote Parkinson wrote
a book in the early 1960'ies, called <quote>Parkinson's
Law</quote>, which contains a lot of insight into the
dynamics of management.</para>
<para>[snip a bit of commentary on the book]</para>
<para>In the specific example involving the bike shed, the
other vital component is an atomic power-plant, I guess
that illustrates the age of the book.</para>
<para>Parkinson shows how you can go in to the board of
directors and get approval for building a multi-million or
even billion dollar atomic power plant, but if you want to
build a bike shed you will be tangled up in endless
discussions.</para>
<para>Parkinson explains that this is because an atomic
plant is so vast, so expensive and so complicated that
people cannot grasp it, and rather than try, they fall
back on the assumption that somebody else checked all the
details before it got this far. Richard P. Feynmann
gives a couple of interesting, and very much to the point,
examples relating to Los Alamos in his books.</para>
<para>A bike shed on the other hand. Anyone can build one
of those over a weekend, and still have time to watch the
game on TV. So no matter how well prepared, no matter how
reasonable you are with your proposal, somebody will seize
the chance to show that he is doing his job, that he is
paying attention, that he is
<emphasis>here</emphasis>.</para>
<para>In Denmark we call it <quote>setting your
fingerprint</quote>. It is about personal pride and
prestige, it is about being able to point somewhere and
say <quote>There! <emphasis>I</emphasis> did that.</quote>
It is a strong trait in politicians, but present in most
people given the chance. Just think about footsteps in
wet cement.</para>
</blockquote>
</answer>
</qandaentry>
<qandaentry>
<question id="changing-lightbulbs">
<para>How many FreeBSD hackers does it take to change a
lightbulb?</para>
</question>
<answer>
<para>One thousand, one hundred and seventy-two:</para>
<para>Twenty-three to complain to -CURRENT about the lights
being out;</para>
<para>Four to claim that it is a configuration problem, and
that such matters really belong on -questions;</para>
<para>Three to submit PRs about it, one of which is misfiled
under doc and consists only of "it's dark";</para>
<para>One to commit an untested lightbulb which breaks
buildworld, then back it out five minutes later;</para>
<para>Eight to flame the PR originators for not including
patches in their PRs;</para>
<para>Five to complain about buildworld being broken;</para>
<para>Thirty-one to answer that it works for them, and they
must have cvsupped at a bad time;</para>
<para>One to post a patch for a new lightbulb to -hackers;</para>
<para>One to complain that he had patches for this three years
ago, but when he sent them to -CURRENT they were just ignored,
and he has had bad experiences with the PR system; besides,
the proposed new lightbulb is non-reflexive;</para>
<para>Thirty-seven to scream that lightbulbs do not belong in
the base system, that committers have no right to do things
like this without consulting the Community, and WHAT IS
-CORE DOING ABOUT IT!?</para>
<para>Two hundred to complain about the color of the bicycle
shed;</para>
<para>Three to point out that the patch breaks style(9);</para>
<para>Seventeen to complain that the proposed new lightbulb is
under GPL;</para>
<para>Five hundred and eighty-six to engage in a flame war
about the comparative advantages of the GPL, the BSD
license, the MIT license, the NPL, and the personal hygiene
of unnamed FSF founders;</para>
<para>Seven to move various portions of the thread to -chat
and -advocacy;</para>
<para>One to commit the suggested lightbulb, even though it
shines dimmer than the old one;</para>
<para>Two to back it out with a furious flame of a commit
message, arguing that FreeBSD is better off in the dark than
with a dim lightbulb;</para>
<para>Forty-six to argue vociferously about the backing out
of the dim lightbulb and demanding a statement from
-core;</para>
<para>Eleven to request a smaller lightbulb so it will fit
their Tamagotchi if we ever decide to port FreeBSD to that
platform;</para>
<para>Seventy-three to complain about the SNR on -hackers and
-chat and unsubscribe in protest;</para>
<para>Thirteen to post "unsubscribe", "How do I unsubscribe?",
or "Please remove me from the list", followed by the usual
footer;</para>
<para>One to commit a working lightbulb while everybody is too
busy flaming everybody else to notice;</para>
<para>Thirty-one to point out that the new lightbulb would shine
0.364% brighter if compiled with TenDRA (although it will have
to be reshaped into a cube), and that FreeBSD should therefore
switch to TenDRA instead of EGCS;</para>
<para>One to complain that the new lightbulb lacks
fairings;</para>
<para>Nine (including the PR originators) to ask
"what is MFC?";</para>
<para>Fifty-seven to complain about the lights being out two
weeks after the bulb has been changed.</para>
<para><emphasis>&a.nik; adds:</emphasis></para>
<para><emphasis>I was laughing quite hard at
this.</emphasis></para>
<para><emphasis>And then I thought,
"Hang on, shouldn't there be '1 to document it.' in that list somewhere?"</emphasis></para>
<para><emphasis>And then I was enlightened :-)</emphasis></para>
<para><emphasis>This entry is Copyright (c) 1999 &a.des;.
Please do not reproduce without attribution.</emphasis></para>
</answer>
</qandaentry>
</qandaset>
</chapter>
<chapter id="hackers">
<title>For serious FreeBSD hackers only</title>
<qandaset>
<qandaentry>
<question id="define-snap-release">
<para>What are SNAPs and RELEASEs?</para>
</question>
<answer>
<para>There are currently three active/semi-active branches
in the FreeBSD <ulink
URL="http://www.FreeBSD.org/cgi/cvsweb.cgi">
CVS Repository</ulink> (the RELENG_2 branch is probably
only changed twice a year, which is why there are only three
active branches of development):</para>
<itemizedlist>
<listitem>
<para><literal>RELENG_2_2</literal> AKA
<emphasis>2.2-STABLE</emphasis></para>
</listitem>
<listitem>
<para><literal>RELENG_3</literal> AKA
<emphasis>3.X-STABLE</emphasis></para>
</listitem>
<listitem>
<para><literal>RELENG_4</literal> AKA
<emphasis>4-STABLE</emphasis></para>
</listitem>
<listitem>
<para><literal>HEAD</literal> AKA
<emphasis>-CURRENT</emphasis> AKA
<emphasis>5.0-CURRENT</emphasis></para>
</listitem>
</itemizedlist>
<para><literal>HEAD</literal> is not an actual branch tag,
like the other two; it's simply a symbolic constant for
<quote><emphasis>the current, non-branched development
stream</emphasis></quote> which we simply refer to as
<quote>-CURRENT</quote>.</para>
<para>Right now, <quote>-CURRENT</quote> is the 5.0 development
stream and the <literal>4-STABLE</literal> branch,
<symbol>RELENG_4</symbol>, forked off from
<quote>-CURRENT</quote> in Mar 2000.</para>
<para>The <literal>2.2-STABLE</literal> branch,
<symbol>RELENG_2_2</symbol>, departed -CURRENT in November
1996, and has pretty much been retired.</para>
</answer>
</qandaentry>
<qandaentry>
<question id="custrel">
<para>How do I make my own custom release?</para>
</question>
<answer>
<para>To make a release you need to do three things: First,
you need to be running a kernel with the
&man.vn.4;
driver configured in. Add this to your kernel config file
and build a new kernel:</para>
<programlisting>pseudo-device vn #Vnode driver (turns a file into a device)</programlisting>
<para>Second, you have to have the whole CVS repository at
hand. To get this you can use <ulink
URL="../handbook/synching.html#CVSUP">CVSUP</ulink> but in
your supfile set the release name to cvs and remove any tag or
date fields:</para>
<programlisting>*default prefix=/home/ncvs
*default base=/a
*default host=cvsup.FreeBSD.org
*default release=cvs
*default delete compress use-rel-suffix
## Main Source Tree
src-all
src-eBones
src-secure
# Other stuff
ports-all
www
doc-all</programlisting>
<para>Then run <command>cvsup -g supfile</command> to suck all
the good bits onto your box...</para>
<para>Finally, you need a chunk of empty space to build into.
Let's say it's in <filename>/some/big/filesystem</filename>,
and from the example above you've got the CVS repository in
<filename>/home/ncvs</filename>:</para>
<screen>&prompt.root; <userinput>setenv CVSROOT /home/ncvs</userinput> # or export CVSROOT=/home/ncvs
&prompt.root; <userinput>cd /usr/src</userinput>
&prompt.root; <userinput>make buildworld</userinput>
&prompt.root; <userinput>cd /usr/src/release</userinput>
&prompt.root; <userinput>make release BUILDNAME=3.0-MY-SNAP CHROOTDIR=/some/big/filesystem/release</userinput>
</screen>
<blockquote>
<note>
<para>Please note that you <emphasis>do not</emphasis>
need to build world if you already have a populated
<filename>/usr/obj</filename>.</para>
</note>
</blockquote>
<para>An entire release will be built in
<filename>/some/big/filesystem/release</filename> and you
will have a full FTP-type installation in
<filename>/some/big/filesystem/release/R/ftp</filename> when
you're done. If you want to build your SNAP along some other
branch than -CURRENT, you can also add
<literal>RELEASETAG=SOMETAG</literal> to the make release
command line above, e.g. <literal>RELEASETAG=RELENG_2_2</literal>
would build an up-to-the- minute 2.2-STABLE snapshot.</para>
</answer>
</qandaentry>
<qandaentry>
<question id="custom-install-disks">
<para>How do I create customized installation disks?</para>
</question>
<answer>
<para>The entire process of creating installation disks and
source and binary archives is automated by various targets in
<filename>/usr/src/release/Makefile</filename>. The information
there should be enough to get you started. However, it should
be said that this involves doing a <command>make
world</command> and will therefore take up a lot of time and
disk space.</para>
</answer>
</qandaentry>
<qandaentry>
<question id="makeworld-clobbers">
<para><command>make world</command> clobbers my existing
installed binaries.</para>
</question>
<answer>
<para>Yes, this is the general idea; as its name might suggest,
<command>make world</command> rebuilds every system binary from
scratch, so you can be certain of having a clean and consistent
environment at the end (which is why it takes so long).</para>
<para>If the environment variable <literal>DESTDIR</literal>
is defined while running <command>make world</command> or
<command>make install</command>, the newly-created binaries
will be deposited in a directory tree identical to the
installed one, rooted at <literal>&#36;{DESTDIR}</literal>.
Some random combination of shared libraries modifications and
program rebuilds can cause this to fail in <command>make
world</command> however.</para>
</answer>
</qandaentry>
<qandaentry>
<question id="bus-speed-defaulted">
<para>When my system boots, it says <quote>(bus speed
defaulted)</quote>.</para>
</question>
<answer>
<para>The Adaptec 1542 SCSI host adapters allow the user to
configure their bus access speed in software. Previous versions
of the 1542 driver tried to determine the fastest usable speed
and set the adapter to that. We found that this breaks some
users' systems, so you now have to define the
<symbol>TUNE_1542</symbol> kernel configuration option in order
to have this take place. Using it on those systems where it
works may make your disks run faster, but on those systems
where it doesn't, your data could be corrupted.</para>
</answer>
</qandaentry>
<qandaentry>
<question id="ctm">
<para>Can I follow current with limited Internet access?</para>
</question>
<answer>
<para>Yes, you can do this <literal>without</literal>
downloading the whole source tree by using the <ulink
URL="../handbook/synching.html#CTM">CTM facility.</ulink></para>
</answer>
</qandaentry>
<qandaentry>
<question id="split-240k">
<para>How did you split the distribution into 240k files?</para>
</question>
<answer>
<para>Newer BSD based systems have a <option>-b</option>
option to split that allows them to split files on arbitrary
byte boundaries.</para>
<para>Here is an example from
<filename>/usr/src/Makefile</filename>.</para>
<programlisting>bin-tarball:
(cd ${DISTDIR}; \
tar cf - . \
gzip --no-name -9 -c | \
split -b 240640 - \
${RELEASEDIR}/tarballs/bindist/bin_tgz.)</programlisting>
</answer>
</qandaentry>
<qandaentry>
<question id="submitting-kernel-extensions">
<para>I've written a kernel extension, who do I send it
to?</para>
</question>
<answer>
<para>Please take a look at <ulink
URL="../handbook/contrib.html">The Handbook entry on how to
submit code.</ulink></para>
<para>And thanks for the thought!</para>
</answer>
</qandaentry>
<qandaentry>
<question id="pnp-initialize">
<para>How are Plug N Play ISA cards detected and
initialized?</para>
</question>
<answer>
<para>By: <ulink URL="mailto:uhclem@nemesis.lonestar.org">
Frank Durda IV</ulink></para>
<para>In a nutshell, there a few I/O ports that all of the
PnP boards respond to when the host asks if anyone is out
there. So when the PnP probe routine starts, he asks if there
are any PnP boards present, and all the PnP boards respond with
their model # to a I/O read of the same port, so the probe
routine gets a wired-OR <quote>yes</quote> to that question. At
least one bit will be on in that reply. Then the probe code is
able to cause boards with board model IDs (assigned by
Microsoft/Intel) lower than X to go <quote>off-line</quote>. It
then looks to see if any boards are still responding to the
query. If the answer was <literal>0</literal>, then there are
no boards with IDs above X. Now probe asks if there are any
boards below <literal>X</literal>. If so, probe knows there are
boards with a model numbers below X. Probe then asks for boards
greater than X-(limit/4) to go off-line. If repeats the query.
By repeating this semi-binary search of IDs-in-range enough
times, the probing code will eventually identify all PnP boards
present in a given machine with a number of iterations that is
much lower than what 2^64 would take.</para>
<para>The IDs are two 32-bit fields (hence 2&circ;64) + 8 bit
checksum. The first 32 bits are a vendor identifier. They never
come out and say it, but it appears to be assumed that
different types of boards from the same vendor could have
different 32-bit vendor ids. The idea of needing 32 bits just
for unique manufacturers is a bit excessive.</para>
<para>The lower 32 bits are a serial #, ethernet address,
something that makes this one board unique. The vendor must
never produce a second board that has the same lower 32 bits
unless the upper 32 bits are also different. So you can have
multiple boards of the same type in the machine and the full 64
bits will still be unique.</para>
<para>The 32 bit groups can never be all zero. This allows the
wired-OR to show non-zero bits during the initial binary
search.</para>
<para>Once the system has identified all the board IDs present,
it will reactivate each board, one at a time (via the same I/O
ports), and find out what resources the given board needs, what
interrupt choices are available, etc. A scan is made over all
the boards to collect this information.</para>
<para>This info is then combined with info from any ECU files
on the hard disk or wired into the MLB BIOS. The ECU and BIOS
PnP support for hardware on the MLB is usually synthetic, and
the peripherals don't really do genuine PnP. However by
examining the BIOS info plus the ECU info, the probe routines
can cause the devices that are PnP to avoid those devices the
probe code cannot relocate.</para>
<para>Then the PnP devices are visited once more and given
their I/O, DMA, IRQ and Memory-map address assignments. The
devices will then appear at those locations and remain there
until the next reboot, although there is nothing that says you
can't move them around whenever you want.</para>
<para>There is a lot of oversimplification above, but you
should get the general idea.</para>
<para>Microsoft took over some of the primary printer status
ports to do PnP, on the logic that no boards decoded those
addresses for the opposing I/O cycles. I found a genuine IBM
printer board that did decode writes of the status port during
the early PnP proposal review period, but MS said
<quote>tough</quote>. So they do a write to the printer status
port for setting addresses, plus that use that address +
<literal>0x800</literal>, and a third I/O port for reading that
can be located anywhere between <literal>0x200</literal> and
<literal>0x3ff</literal>.</para>
</answer>
</qandaentry>
<qandaentry>
<question id="architectures">
<para>Does FreeBSD support architectures other than the
x86?</para>
</question>
<answer>
<para>Several groups of people have expressed interest in
working on multi-architecture ports for FreeBSD and the
FreeBSD/AXP (ALPHA) port is one such effort which has been
quite successful, now available at
<ulink URL="ftp://ftp.FreeBSD.org/pub/FreeBSD/alpha/">
ftp://ftp.FreeBSD.org/pub/FreeBSD/alpha</ulink>. The ALPHA port
currently runs on a growing number of ALPHA machine types,
among them the AlphaStation, AXPpci, PC164, Miata and Multia
models. For status information, please join the
<email>freebsd-alpha@FreeBSD.org</email> <link
linkend="mailing">mailing list</link>.</para>
<para>Interest has also been expressed in a port of FreeBSD to
the SPARC architecture, join the
<email>freebsd-sparc@FreeBSD.org</email> <link linkend="mailing">
mailing list</link> if you are interested in joining that
project. Most recent additions to the list of upcoming plaforms
are IA-64 and PowerPC, join the
<email>freebsd-ia64@FreeBSD.org</email> or/and
<email>freebsd-ppc@FreeBSD.org</email> <link
linkend="mailing">mailing lists</link> for more information.
For general discussion on new architectures, join
the <email>freebsd-platforms@FreeBSD.org</email>
<link linkend="mailing">mailing list</link>.</para>
</answer>
</qandaentry>
<qandaentry>
<question id="major-numbers">
<para>I need a major number for a device driver I've
written.</para>
</question>
<answer>
<para>This depends on whether or not you plan on making the
driver publicly available. If you do, then please send us a
copy of the driver source code, plus the appropriate
modifications to <filename>files.i386</filename>, a
sample configuration file entry, and the appropriate
&man.MAKEDEV.8;
code to create any special files your device uses. If you do
not, or are unable to because of licensing restrictions, then
character major number 32 and block major number 8 have been
reserved specifically for this purpose; please use them. In any
case, we'd appreciate hearing about your driver on
<email>freebsd-hackers@FreeBSD.org</email>.</para>
</answer>
</qandaentry>
<qandaentry>
<question id="alternate-directory-layout">
<para>Alternative layout policies for directories</para>
</question>
<answer>
<para>In answer to the question of alternative layout policies
for directories, the scheme that is currently in use is
unchanged from what I wrote in 1983. I wrote that policy for
the original fast filesystem, and never revisited it. It works
well at keeping cylinder groups from filling up. As several of
you have noted, it works poorly for find. Most filesystems are
created from archives that were created by a depth first search
(aka ftw). These directories end up being striped across the
cylinder groups thus creating a worst possible senario for
future depth first searches. If one knew the total number of
directories to be created, the solution would be to create
(total / fs_ncg) per cylinder group before moving on.
Obviously, one would have to create some heuristic to guess at
this number. Even using a small fixed number like say 10 would
make an order of magnitude improvement. To differentiate
restores from normal operation (when the current algorithm is
probably more sensible), you could use the clustering of up to
10 if they were all done within a ten second window. Anyway, my
conclusion is that this is an area ripe for
experimentation.</para>
<para>Kirk McKusick, September 1998</para>
</answer>
</qandaentry>
<qandaentry>
<question id="kernel-panic-troubleshooting">
<para>Making the most of a kernel panic</para>
</question>
<answer>
<para><emphasis>[This section was extracted from a mail
written by &a.wpaul; on the freebsd-current
<link linkend="mailing">mailing list</link> by &a.des;, who
fixed a few typos and added the bracketed comments]
</emphasis></para>
<programlisting>From: Bill Paul &lt;wpaul@skynet.ctr.columbia.edu&gt;
Subject: Re: the fs fun never stops
To: ben@rosengart.com
Date: Sun, 20 Sep 1998 15:22:50 -0400 (EDT)
Cc: current@FreeBSD.org</programlisting>
<para><emphasis>[&lt;ben@rosengart.com&gt; posted the following
panic message]</emphasis></para>
<programlisting>&gt; Fatal trap 12: page fault while in kernel mode
&gt; fault virtual address = 0x40
&gt; fault code = supervisor read, page not present
&gt; instruction pointer = 0x8:0xf014a7e5
^^^^^^^^^^
&gt; stack pointer = 0x10:0xf4ed6f24
&gt; frame pointer = 0x10:0xf4ed6f28
&gt; code segment = base 0x0, limit 0xfffff, type 0x1b
&gt; = DPL 0, pres 1, def32 1, gran 1
&gt; processor eflags = interrupt enabled, resume, IOPL = 0
&gt; current process = 80 (mount)
&gt; interrupt mask =
&gt; trap number = 12
&gt; panic: page fault</programlisting>
<para>[When] you see a message like this, it's not enough to just
reproduce it and send it in. The instruction pointer value that
I highlighted up there is important; unfortunately, it's also
configuration dependent. In other words, the value varies
depending on the exact kernel image that you're using. If
you're using a GENERIC kernel image from one of the snapshots,
then it's possible for somebody else to track down the
offending function, but if you're running a custom kernel then
only <emphasis>you</emphasis> can tell us where the fault
occured.</para>
<para>What you should do is this:</para>
<itemizedlist>
<listitem>
<para>Write down the instruction pointer value. Note that
the <literal>0x8:</literal> part at the begining is not
significant in this case: it's the
<literal>0xf0xxxxxx</literal> part that we want.</para>
</listitem>
<listitem>
<para>When the system reboots, do the following:
<screen>&prompt.user; <userinput>nm -n /kernel.that.caused.the.panic | grep f0xxxxxx</userinput></screen>
where <literal>f0xxxxxx</literal> is the instruction
pointer value. The odds are you will not get an exact
match since the symbols in the kernel symbol table are
for the entry points of functions and the instruction
pointer address will be somewhere inside a function, not
at the start. If you don't get an exact match, omit the
last digit from the instruction pointer value and try
again, i.e.:
<screen>&prompt.user; <userinput>nm -n /kernel.that.caused.the.panic | grep f0xxxxx</userinput></screen>
If that doesn't yield any results, chop off another
digit. Repeat until you get some sort of output. The
result will be a possible list of functions which caused
the panic. This is a less than exact mechanism for
tracking down the point of failure, but it's better than
nothing.</para>
</listitem>
</itemizedlist>
<para>I see people constantly show panic messages like this
but rarely do I see someone take the time to match up the
instruction pointer with a function in the kernel symbol
table.</para>
<para>The best way to track down the cause of a panic is by
capturing a crash dump, then using
<command>gdb(1)</command> to generate a stack trace on the
crash dump.</para>
<para>In any case, the method I normally use is this:</para>
<itemizedlist>
<listitem>
<para>Set up a kernel config file, optionally adding
<literal>options DDB</literal> if you think you need
the kernel debugger for something. (I use this mainly
for setting beakpoints if I suspect an infinite loop
condition of some kind.)</para>
</listitem>
<listitem>
<para>Use <command>config -g
<replaceable>KERNELCONFIG</replaceable></command> to set
up the build directory.</para>
</listitem>
<listitem>
<para><command>cd /sys/compile/
<replaceable>KERNELCONFIG</replaceable>; make
</command></para>
</listitem>
<listitem>
<para>Wait for kernel to finish compiling.</para>
</listitem>
<listitem>
<para><command>make install</command></para>
</listitem>
<listitem>
<para>reboot</para>
</listitem>
</itemizedlist>
<para>The &man.make.1; process will have built two kernels.
<filename>kernel</filename> and
<filename>kernel.debug</filename>. <filename>kernel</filename>
was installed as <filename>/kernel</filename>, while
<filename>kernel.debug</filename> can be used as the source of
debugging symbols for gdb(1).</para>
<para>To make sure you capture a crash dump, you need edit
<filename>/etc/rc.conf</filename> and set
<literal>dumpdev</literal> to point to your swap
partition. This will cause the <command>rc(8)</command> scripts
to use the <command>dumpon(8)</command> command to enable crash
dumps. You can also run <command>dumpon(8)</command> manually.
After a panic, the crash dump can be recovered using
<command>savecore(8)</command>; if
<literal>dumpdev</literal> is set in
<filename>/etc/rc.conf</filename>, the <command>rc(8)</command>
scripts will run <command>savecore(8)</command> automatically
and put the crash dump in
<filename>/var/crash</filename>.</para>
<para>
<note>
<para>FreeBSD crash dumps are usually the same size as the
physical RAM size of your machine. That is, if you have
64MB of RAM, you will get a 64MB crash dump. Therefore you
must make sure there's enough space in
<filename>/var/crash</filename> to hold the dump.
Alternatively, you run <command>savecore(8)</command>
manually and have it recover the crash dump to another
directory where you have more room. It's possible to limit
the size of the crash dump by using <literal>options
MAXMEM=(foo)</literal> to set the amount of memory the
kernel will use to something a little more sensible. For
example, if you have 128MB of RAM, you can limit the
kernel's memory usage to 16MB so that your crash dump size
will be 16MB instead of 128MB.</para>
</note></para>
<para>Once you have recovered the crash dump, you can get a
stack trace with <command>gdb(1)</command> as follows:</para>
<screen>&prompt.user; <userinput>gdb -k /sys/compile/KERNELCONFIG/kernel.debug /var/crash/vmcore.0</userinput>
<prompt>(gdb)</prompt> <userinput>where</userinput></screen>
<para>Note that there may be several screens worth of
information; ideally you should use
<command>script(1)</command> to capture all of them. Using the
unstripped kernel image with all the debug symbols should show
the exact line of kernel source code where the panic occured.
Usually you have to read the stack trace from the bottom up in
order to trace the exact sequence of events that lead to the
crash. You can also use <command>gdb(1)</command> to print out
the contents of various variables or structures in order to
examine the system state at the time of the crash.</para>
<para>Now, if you're really insane and have a second computer,
you can also configure <command>gdb(1)</command> to do remote
debugging such that you can use <command>gdb(1)</command> on
one system to debug the kernel on another system, including
setting breakpoints, single-stepping through the kernel code,
just like you can do with a normal user-mode program. I haven't
played with this yet as I don't often have the chance to set up
two machines side by side for debugging purposes.</para>
<para><emphasis>[Bill adds: "I forgot to mention one thing: if
you have DDB enabled and the kernel drops into the debugger,
you can force a panic (and a crash dump) just by typing 'panic'
at the ddb prompt. It may stop in the debugger again during the
panic phase. If it does, type 'continue' and it will finish the
crash dump." -ed]</emphasis></para>
</answer>
</qandaentry>
<qandaentry>
<question id="dlsym-failure">
<para>dlsym() stopped working for ELF executables!</para>
</question>
<answer>
<para>The ELF toolchain does not, by default, make the symbols
defined in an executable visible to the dynamic linker.
Consequently <function>dlsym()</function> searches on handles
obtained from calls to <function>dlopen(NULL,
flags)</function> will fail to find such symbols.</para>
<para>If you want to search, using <function>dlsym()</function>,
for symbols present in the main executable of a process, you
need to link the executable using the
<option>-export-dynamic</option> option to the
ELF
linker (&man.ld.1;).</para>
</answer>
</qandaentry>
<qandaentry>
<question id="change-kernel-address-space">
<para>Increasing or reducing the kernel address space</para>
</question>
<answer>
<para>By default, the kernel address space is 256 MB on
FreeBSD 3.x and 1 GB on FreeBSD 4.x. If you run a
network-intensive server (e.g. a large FTP or HTTP server),
you might find that 256 MB is not enough.</para>
<para>So how do you increase the address space? There are two
aspects to this. First, you need to tell the kernel to reserve
a larger portion of the address space for itself. Second, since
the kernel is loaded at the top of the address space, you need
to lower the load address so it doesn't bump its head against
the ceiling.</para>
<para>The first goal is achieved by increasing the value of
<literal>NKPDE</literal> in
<filename>src/sys/i386/include/pmap.h</filename>. Here's what
it looks like for a 1 GB address space:</para>
<programlisting>#ifndef NKPDE
#ifdef SMP
#define NKPDE 254 /* addressable number of page tables/pde's */
#else
#define NKPDE 255 /* addressable number of page tables/pde's */
#endif /* SMP */
#endif</programlisting>
<para>To find the correct value of <literal>NKPDE</literal>,
divide the desired address space size (in megabytes) by four,
then subtract one for UP and two for SMP.</para>
<para>To achieve the second goal, you need to compute the
correct load address: simply subtract the address space size
(in bytes) from 0x100100000; the result is 0xc0100000 for a 1
GB address space. Set <symbol>LOAD_ADDRESS</symbol> in
<filename>src/sys/i386/conf/Makefile.i386</filename> to that
value; then set the location counter in the beginning of the
section listing in
<filename>src/sys/i386/conf/kernel.script</filename> to the
same value, as follows:</para>
<programlisting>OUTPUT_FORMAT("elf32-i386", "elf32-i386", "elf32-i386")
OUTPUT_ARCH(i386)
ENTRY(btext)
SEARCH_DIR(/usr/lib); SEARCH_DIR(/usr/obj/elf/home/src/tmp/usr/i386-unknown-freebsdelf/lib);
SECTIONS
{
/* Read-only sections, merged into text segment: */
. = 0xc0100000 + SIZEOF_HEADERS;
.interp : { *(.interp) }</programlisting>
<para>Then reconfig and rebuild your kernel. You will probably
have problems with <command>ps(1)</command>,
<command>top(1)</command> and the like; <command>make
world</command> should take care of it (or a manual rebuild of
<filename>libkvm</filename>,
<command>ps</command> and <command>top</command>
after copying the patched <filename>pmap.h</filename> to
<filename>/usr/include/vm/</filename>.</para>
<para>NOTE: the size of the kernel address space must be a
multiple of four megabytes.</para>
<para>[&a.dg; adds: <emphasis>I think the kernel address space
needs to be a power of two, but I'm not certain about that. The
old(er) boot code used to monkey with the high order address bits
and I think expected at least 256MB
granularity.]</emphasis></para>
</answer>
</qandaentry>
</qandaset>
</chapter>
<chapter id="acknowledgments">
<title>Acknowledgments</title>
<blockquote>
<attribution>FreeBSD Core Team</attribution>
<para>If you see a problem with this FAQ, or wish to submit an
entry, please mail the &a.faq;. We appreciate your feedback,
and cannot make this a better FAQ without your help!</para>
</blockquote>
<variablelist>
<varlistentry>
<term>&a.jkh;</term>
<listitem>
<para>Occasional fits of FAQ-reshuffling and updating.</para>
</listitem>
</varlistentry>
<varlistentry>
<term>&a.dwhite;</term>
<listitem>
<para>Services above and beyond the call of duty on
freebsd-questions</para>
</listitem>
</varlistentry>
<varlistentry>
<term>&a.joerg;</term>
<listitem>
<para>Services above and beyond the call of duty on
Usenet</para>
</listitem>
</varlistentry>
<varlistentry>
<term>&a.wollman;</term>
<listitem>
<para>Networking and formatting</para>
</listitem>
</varlistentry>
<varlistentry>
<term>Jim Lowe</term>
<listitem>
<para>Multicast information</para>
</listitem>
</varlistentry>
<varlistentry>
<term>&a.pds;</term>
<listitem>
<para>FreeBSD FAQ typing machine slavey</para>
</listitem>
</varlistentry>
<varlistentry>
<term>The FreeBSD Team</term>
<listitem>
<para>Kvetching, moaning, submitting data</para>
</listitem>
</varlistentry>
</variablelist>
<para>And to any others we've forgotten, apologies and heartfelt
thanks!</para>
</chapter>
</book>
Reference in a new issue View git blame Copy permalink