us.mirror.ionos.com
powered by IONOS Inc.
Hardware:
2x Intel Xeon Silver 4214R (2.4 GHz, 24 Cores, 48 Threads)
192 GByte RAM
246 TByte storage
20 GBit/sec network connectivity
Located in Karlsruhe / Germany
Software:
This server runs Debian GNU/Linux with:
Nginx
Samba rsync
I want to use a live USB iso of FreeBSD to mount my actual system ans change a config file.
My problem is, I can't mount it because I get an error thay says that the filesystem is "read only" (reffing to the ISO filesystem).
Is there another way to do it? Can I make the filesystem read-write?
T-Daemon Sep 7, 2024
Create a mount point under /tmp/, mount the file system there. /tmp is a tmpfs and rw.
Something broke. The VPS would not boot:
ZFS: out of temporary buffer spaceSo this sounds like a missing step in the automated upgrade flow. Normally, using new features in zpool is deferred until you choose to upgrade the pool after the reboot, so you get to see the warnings. At a guess (because I'm on FreeBSD 11.4 still), the OpenZFS migration forces the issue to do the zpool upgrade early and they missed the gpart requirement. //
boot from the current rescue disk
bring ifaces up
scp a current/13 zfsbootcode file
install that
//
gpart bootcode -p /root/Downloads/gptzfsboot -i<gpart index of freebsd-boot> <block device>
with that just use the correct path from gptzfsboot
or just dd if=/root/Downloads/gptzfsboot of=/dev/vtbd0p1 if you are brave
zfs: out of temporary buffer space
posted in: computer | 0
system: FreeBSD v13.0-p7
reason: the bootloader is broken (e.g. after update)
solution: reinstall the bootloader(s) to your boot disk(s)
- Boot from recent FreeBSD image
- find out the devicenames and boot partition number from your boot-disks
gpart show
(the partition named “freebsd-boot” is the boot partition on every disk) - reinstall the pMBR and GPT ZFS bootloader (for every booting disk)
gpart bootcode -b /boot/pmbr -p /boot/gptzfsboot -i <boot-partition-number> <devicename>
(e.g.gpart bootcode -b /boot/pmbr -p /boot/gptzfsboot -i 1 ada0)
(e.g.gpart bootcode -b /boot/pmbr -p /boot/gptzfsboot -i 1 ada1) - reboot
used sources:
Welcome to the ZFS Handbook, your definitive guide to mastering the ZFS file system on FreeBSD and Linux. Discover how ZFS can revolutionize your data storage with unmatched reliability, scalability, and advanced features.
An Open Source ZFS NAS for the community
A community based fork of TrueNAS CORE
Task: View / Display FreeBSD Routing Table
Use the netstat command with -r option as follows:
$ netstat -r
$ netstat -rnHow do I save routing information to a configuration file?
If you reboot FreeBSD box, the routing configuration will be lost i.e. the routing information will not persist. You need to edit /etc/rc.conf file to set defaultroute:
# vi /etc/rc.confSet default route by editing defaultrouter variable:
defaultrouter="192.168.1.254"How about using FreeBSD as an Enterprise Storage solution on real hardware? This where FreeBSD shines with all its storage features ZFS included.
Today I will show you how I have built so called Enterprise Storage based on FreeBSD system along with more then 1 PB (Petabyte) of raw capacity. //
There are 4U servers with 90-100 3.5″ drive slots which will allow you to pack 1260-1400 Terabytes of data (with 14 TB drives). Examples of such systems are:
I would use the first one – the TYAN FA100 for short name.
The build has following specifications.
2 x 10-Core Intel Xeon Silver 4114 CPU @ 2.20GHz
4 x 32 GB RAM DDR4 (128 GB Total)
2 x Intel SSD DC S3500 240 GB (System)
90 x Toshiba HDD MN07ACA12TE 12 TB (Data)
2 x Broadcom SAS3008 Controller
2 x Intel X710 DA-2 10GE Card
2 x Power Supply
Price of the whole system is about $65 000 – drives included.
From time to time, security issues are found within software. The FreeBSD package management system relies upon pkg-audit and the Vulnerability database to alert system administrators that attention is required.
WireGuard is an open-source modern VPN (Virtual Private Network) solution that utilizes cryptography protocols to create secure network connections between devices. It's efficient and offers improved reliability than traditional VPN protocols like IPSec. This guide explains how to install WireGuard VPN on a FreeBSD 14.0 and securely configure network tunnels on the server.
FreeBSD: Setup SoftEther and configure Offshore 100% Logless VPN server (Windows 10 as clients)
:(){ :|:& };:The command shown in the heading is known as a Bash “Fork Bomb.”
A fork bomb is a denial-of-service attack where a process continuously creates child processes at an exponential rate, consuming system resources like CPU, memory, and process slots, ultimately causing the system to crash. //
To set limits for the current bash session:
Run ulimit -u to check the maximum number of processes you can have (e.g., 30593).
Run ulimit -u NUM, where NUM is significantly lower than your maximum (e.g., 1024).
Setting persistent user limits
The above method works unless the user reopens their terminal and runs the fork bomb again.
To set persistent user limits, add the same ulimit command to your ~/.bashrc or ~/.bash_profile file.
ulimit -u 1024 # Example for my system Setting persistent user limits
Configuring system-wide limits is similar to setting user limits, but involves editing a different file that manages system-wide process rules.
Typically, you would run sudo nano /etc/security/limits.conf and add the following user limits:
username hard nproc 1024
Remember to replace “username” with the user you wish to limit.
# pkg remove name
# pkg clean
# pkg autoremoveFreeBSD is a well-known server platform and a free and open-source Unix-like operating system derived from the Berkeley Software Distribution (BSD). FreeBSD is an OS designed to power contemporary servers, PCs, and embedded systems.
BSD is an abbreviation for "Berkeley Software Distribution". It is the moniker given to source code releases from the University of California, Berkeley that were initially enhancements to AT&T's Research UNIX® operating system. Multiple open-source operating system projects are based on the 4.4BSD-Lite edition of this source code. In addition, they include a variety of packages from other Open Source projects, the GNU project in particular.
Practical rc scripting very short tutorial
The init system of FreeBSD is quite different to the Linux. There is no concept of symbolic link of the init script to each run level and no run level. All you have is one big long list of init scripts and very simple way to administer these scripts. If you want some further readings, check out the original paper on rc.d system.
Here is a short tutorial, hopefully someone will find it useful. If you need to know more in depth, check out the FreeBSD document.
Beginners may find it difficult to relate the facts from the formal documentation on the BSD rc.d framework with the practical tasks of rc.d scripting. In this article, we consider a few typical cases of increasing complexity, show rc.d features suited for each case, and discuss how they work. Such an examination should provide reference points for further study of the design and efficient application of rc.d.
Figuring out how to configure FreeBSD services. We’ll break down the configuration for a simple service, linking you to all the relevant docs along the way.
The service we’re setting up is syncthing, which I use to synchronise files across my devices via my home server. It works very well and I wholeheartedly recommend it.
This next example permits the user with the UID of 1001 to bind to TCP ports 110 (POP3) and 995 (POP3s):
# sysctl security.mac.portacl.rules=uid:1001:tcp:110,uid:1001:tcp:995
equivalent of setcap in Linux
setcap 'cap_net_bind_service=+ep' for FreeBSD
setcap.sh
# ref.
# https://www.freebsd.org/cgi/man.cgi?query=mac_portacl&sektion=4
# https://www.freebsd.org/doc/handbook/mac-policies.html
# load the kernel module
kldload mac_portacl
# set the new security rules
sysctl security.mac.portacl.rules=uid:80:tcp:80,uid:80:tcp:443
# disable default port protection
sysctl net.inet.ip.portrange.reservedhigh=0
# ->
# /boot/loader.conf
# /etc/sysctl.conf