FreeBSD for Linux Administrators: 7+ Features to Know

FreeBSD is another UNIX flavor that's known for speed. Learn more about FreeBSD UNIX, how you can apply Linux skills to FreeBSD.

Talk Tech to Me, brought to you by CompTIAIf you’re a Linux administrator, chances are you’ve explored more than one Linux distribution, whether it be Ubuntu, Fedora, Arch, SuSE, CentOS or Debian. This is because 95% of all Linux concepts apply well to every Linux distribution, and the other 5% likely consists of a different package manager, default software or locations for configuration files.

The same applies to FreeBSD, which is a direct descendant of the UNIX operating system that Linux is based on. FreeBSD is often used for cloud services, such as Netflix, as well as the operating system that powers FreeNAS, one of the most common Network Attached Storage operating systems, and pfSense, a powerful open source firewall.

The good news is that FreeBSD is almost identical to Linux. Thus, if you’ve ever installed and explored another Linux distribution, then exploring FreeBSD is going be somewhat similar with a few key differences. Keep reading to learn more about FreeBSD UNIX and some things to try.

How to Install FreeBSD

While FreeBSD has no graphical installation, the process is straightforward and similar to installing a server-based Linux distro. Just make sure you choose the local_unbound package when prompted if you want to cache DNS lookups locally, as FreeBSD doesn’t have a built-in local DNS resolver that does this.

Following installation, the directory structure is almost identical to Linux. Of course, you’ll notice some small differences here and there (e.g., regular user home directories are located under /usr/home instead of /home).

Standard UNIX commands such as ls, chmod, find, which, ps, nice, ifconfig, netstat, sockstat (the ss command in Linux) are exactly as you’d expect, but with some different options here and there that you’ll see in the man pages. And yes, reboot and poweroff are there too.

Why Should I Try FreeBSD?

The main benefit FreeBSD has over Linux is speed. You thought Linux was fast? Try FreeBSD. It has the fastest IP stack of any operating system by a long shot. Since it’s UNIX and you can provide the same services (e.g., Samba, Apache, NFS, Nginx), this means you can provide them faster and leaner. 

FreeBSD has also kept to its KISS (Keep It Simple Stupid) UNIX roots without compromising features, while Linux configuration gets more and more complex as time goes on.

Want to start a service at boot time? You just add a line that says servicename=”YES” to a small text file (described later). This small text file stores 90% of your system configuration, including your IP settings. In short, configuring a FreeBSD system is both fun and addictive.

While configuring FreeBSD is easy, it’s also incredibly powerful. There are granular security features and system configuration/recovery features in FreeBSD that you won’t find in other operating systems. And it has native support for ZFS. It is for all of these reasons that Netflix, FreeNAS and pfSense use FreeBSD.

In the following sections, I’ll describe some key differences and features of FreeBSD that you’ll want to know coming from a Linux sysadmin background.

If you are newer to Linux, check out these free tutorials first to get up to speed on the deep dive we’re about to take:

Legend
Key filenames and components are in red
Commands and configuration parameters are in code font

7+ Features of FreeBSD

1. FreeBSD System Configuration

/etc/rc.conf contains nearly all system configuration, including IP configuration, hostname, default GW, services (daemons) that should start at boot time, and so on. Lines within this file have parameter=value syntax and are easy to edit using a text editor, such as vi.

You can also use the sysrc -a command to show all of the configured values in /etc/rc.conf, or the sysrc parameter=value to modify or add configuration.

FreeBSD stores the default parameters for configuration files in a defaults subdirectory. For example, /etc/defaults/rc.conf stores a large number of system-configured defaults that are overridden by /etc/rc.conf.

Never change the entries in /etc/defaults/rc.conf.

Instead, just override them by adding the same lines to /etc/rc.conf with the values you want. There’s also a /etc/rc.conf.d/ directory where software packages can add files to that set system parameters. (It’s empty on a default installation of FreeBSD).

2. FreeBSD Boot Loader and Kernel Configuration

Boot loader configuration is stored in /boot/loader.conf (and /boot/defaults/loader.conf) and uses the same syntax as /etc/rc.conf.

To view modules inserted into the kernel, you can use kldstat. You can also load and unload modules manually.

For example:

kldload linprocfs.ko

Loads the Linux procfs filesystem module

kldunload linprocfs.ko

Unloads the same module

 

To make sure this module automatically loads each time you boot, add the following line to the /boot/loader.conf file:

[cmd=]kldload /boot/kernel/linprocfs.ko[/cmd]

The FreeBSD kernel also has many properties and parameters that you can view and configure. Use the kenv command to view the currently configured parameters on your system or the sysctl -o -a command to view all available parameters and their default values. The sysctl command can also be used to view specific parameters.

For example:

sysctl kern

Shows all parameters starting with kern

sysctl kern.securelevel

Shows current value of the kernel security level

sysctl hw.model

Shows your CPU model

 

To set a kernel parameter at boot time, add the appropriate line to the /etc/sysctl.conf file.

3. FreeBSD System Initialization

Just like the GRUB2 boot loader on Linux, FreeBSD has an interactive boot loader called boot0 that is much more user friendly. It displays a menu for 10 seconds by default that allows you to enter rescue mode or modify kernel values manually, among other things. If you are repairing a system, a copy of useful binary programs is stored under the /rescue/ directory and made available to boot0.

Once the kernel is loaded by boot0, the init daemon parses the large /etc/rc script to start the other daemons that you specified within /etc/rc.conf by executing the appropriate daemon scripts under the /etc/rc.d/ directory.

Other scripts are also executed by init at boot time. For example, /etc/netstart configures the network according to the parameters you specified in /etc/rc.conf.

After your system has booted, you can view the /var/run/dmesg.boot file to see the hardware detected and modules loaded by your kernel, or view the /var/log/messages file to view the daemons and components that were started by init (including any errors).

4. FreeBSD Storage Configuration

FreeBSD uses different device files for storage and different methods for partitioning and creating filesystems.

To see a list of the physical storage devices you have, use the following two commands:

camcontrol devlist
geom disk list

Some sample device files for these storage devices include:

/dev/cd0

First CD/DVD

/dev/da0

First SCSI/SAS disk or USB drive, which emulates SCSI

/dev/ada0

First IDE/SATA disk

/dev/nvme0

First NVMe SSD

/dev/nvme0ns1

First namespace on the first NVMe SSD

 

Say, for example, you have one SATA SSD in your system that has a GPT partition table. FreeBSD will likely create three partitions on it during the installation:

/dev/ada0p1

Usually a 512KB FreeBSD boot partition or UEFI boot partition

/dev/ada0p2

Usually a swap partition

/dev/ada0p3

Rest of disk - usually given to ZFS, or mounted to/if you use UFS

 

If you have older storage devices that use an MBR partition table, each primary partition is called a slice in FreeBSD. These are further subdivided into up to seven device nodes using a special BSD disk label.

For example, the first slice on /dev/ada0 could be subdivided into four device nodes, with each one assigned a letter:

/dev/ada0s1a

First device node in the first slice on ada0

/dev/ada0s1b

Second device node in the first slice on ada0

/dev/ada0s1c

Third device node in the first slice on ada0

/dev/ada0s1d

Fourth device node in the first slice on ada0

 

You can view your disk configuration using the gpart command, which can also create/manage partitions:

gpart show -p ada0

Shows partitions on ada0

gpart show -l ada0

Shows labels on ada0, which match files under /dev/gpt/

 

If you just want to see the partition labels for disks on the system, run the glabel list command instead.

5. FreeBSD Filesystem Configuration

FreeBSD commonly uses just two filesystems for storage: 

  • UFS: A very old filesystem that should only be used if you have legacy applications that require it
  • ZFS: A filesystem that’s also commonly configured on production Linux servers

After creating partitions on a GPT disk (or slices and device nodes on an MBR disk), you can use the following commands to create and work with UFS filesystems:

newfs

Creates a UFS filesystem

growfs

Extends the size of a UFS filesystem

tunefs

Tunes UFS filesystem parameters

mksnap_ffs

Creates a UFS filesystem snapshot

fsck

Checks a UFS filesystem for errors


Normally, you’d use ZFS instead of UFS on a FreeBSD system because it has superior enterprise features, including corruption protection and device fault tolerance. The same zpool and zfs commands you used to configure ZFS on Linux can also be used on FreeBSD.

For example, to create a RAID-Z1 dataset called lala from the space on three different SCSI disks and put a ZFS filesystem on it, you could use the following command:

zpool create lala raidz /dev/da1p1 /dev/da2p1 /dev/da3p1

Here are a few more sample zpool and zfs commands:

zpool status lala

View status of the lala dataset

zpool list

Lists all ZFS datasets

zpool get free

Displays free space information from all ZFS datasets

zfs create lala/stuff

Creates another ZFS dataset under the lala dataset

zfs list

Displays all ZFS datasets and where they are mounted

zfs get compression

Displays compression setting for all ZFS datasets

zfs set compression=lz4 lala/stuff

Enables compression for lala/stuff


When you run the zfs list command on a newly installed system, you’ll see a ZFS dataset called zroot that is created by the FreeBSD installer.

This dataset contains many other datasets underneath it for different system directories, such as the following:

zroot/ROOT/default is mounted to /

zroot/usr is mounted to /usr

zroot/usr/home is mounted to /usr/home

zroot/var is mounted to /var

What you may find odd is that zroot/ROOT/default is mounted to the root of the system. This is because FreeBSD supports different boot environments if you take ZFS snapshots of the / filesystem.

Before performing a risky configuration, take a snapshot of your system called zroot/ROOT/May2. Then, you can easily revert back to it if your risky configuration fails! You can even choose a previous boot environment at the FreeBSD boot loader menu when you boot the system.

Here are some useful boot environment commands:

pkg install beadm

Installs the boot environment package (pkg is discussed later)

beadm create May2

Create snapshot of system called May2

zfs list

You should seezroot/ROOT/defaultandzroot/ROOT/May2

beadm activate May2 && reboot

Reverts system to May2 snapshot


There is also a /etc/fstab file that mounts non-ZFS filesystems at boot, just as you’d expect on a Linux system. If you use ZFS exclusively, /etc/fstab just activates the swap partition only.

And just as Linux has udev rules for restricting access to storage devices, you can add lines to /etc/devfs.conf or /etc/devfs.rules to do so on FreeBSD.

The only other glaring difference between Linux and FreeBSD when it comes to the filesystem is the use of filesystem attributes. On Linux systems, you could set filesystem attributes using the chattr command, and list them with the lsattr command.

However, FreeBSD uses a different set of attributes called filesystem flags that can be set at the system or user level:

chflags sunlink file

Sets the system unlink flag on a file, to prevent file deletion

chkflags nosunlink file

Unsets the system unlink flag on a file

ls -lo file

Displays flags on a file

6. FreeBSD Users and Groups

As on Linux systems, FreeBSD stores user configuration in /etc/passwd (readable by everyone) but converts it to a /etc/pwd.db database for fast system access.

But instead of using the /etc/shadow file like Linux does, FreeBSD stores all user and password configuration in /etc/master.passwd (readable by root only) and converts it to /etc/spwd.db for fast system access.

Groups are stored in /etc/group, as you’d expect, but there is there is no sudo functionality. Instead, you must be part of the wheel (big wheel) group to use the su command to run commands as root or obtain a root shell.

Default home directory files for new users are copied from /usr/share/skel/. You can also create rules to allow or prevent user access in the /etc/login.access file, as well as define user classes for accessing system resources in the /etc/login.conf file.

Here are a few common commands to create and manage users:

adduser

Creates a user - defaults values are taken from/etc/adduser.conf

adduser -C

Creates the /etc/adduser.conf file with values you specify

rmuser

Removes a user

pw useradd/userdel/
usermod/lock/unlock

Creates and manages users

chpass

Modifies settings for a user using the vi editor

vipw

Edits /etc/master.passwd using vi, and then rebuilds /etc/spwd.db

 

7. FreeBSD Packages, Services and Monitoring

Installing and managing packages on FreeBSD is just as easy as using the Red Hat or Debian package managers on a Linux system. Instead of dnf or apt, use the pkg command:

pkg update

Updates package list from online repository

pkg search bash

Searches online repository for bash packages

pkg install bash

Installs bash package from online repository

pkg upgrade bash

Upgrades bash to latest version

pkg info bash

Displays package details

pkg info -l bash

Displays package file contents

pkg check bash

Checks bash package content for missing/corrupted files

pkg lock bash

Prevents modification or removal of package

pkg remove bash

Removes bash package

pkg clean

Cleans up files in the package repository, /var/cache/pkg/

pkg autoremove

Auto-removes unneeded dependency packages

pkg which /usr/local/bin/bash

Displays package the bash file belongs to

freebsd-update fetch

Downloads latest version of FreeBSD

freebsd-update install

Installs the latest version of FreeBSD and then reboots

 

After installing a daemon package, you must also configure it to start at boot time by adding a line to the /etc/rc.conf file.

For example, after installing the apache24 package (for the Apache web server daemon), you could start it at boot time by adding the following line to /etc/rc.conf:

apache24_enable=”YES”     

Yes, it’s that easy!

The configuration files for any daemons that you install are under /etc or /usr/local/etc. For example, you’ll find the httpd.conf configuration file for Apache in the /usr/local/etc/apache24/ directory on FreeBSD.

You can also manage daemons using the same service command used in Linux systems prior to Systemd:

service -e

Displays daemons that are enabled and the order they are started at boot

service sshd stop/start/restart

Stops/starts/restarts the sshd daemon

service sshd onestart

Starts the sshd daemon if it is not listed in /etc/rc.conf

service sshd extracommands

Displays additional options for working with sshd


Of course, loading additional daemons will impact the performance of your system, especially as the number of clients connecting to them increases.

You can monitor the performance of your FreeBSD system using the same vmstat and top commands you’re used to in Linux (the FreeBSD top command also lists ZFS performance statistics), as well as monitor disk performance using the gstat command.

Similarly, you can use a plethora of different network commands in FreeBSD to monitor network statistics.

Here are some of my favorites:

netstat -w 1 -d

Displays packet stats every 1 second

netstat -na -f inet

Displays active IPv4 connections

netstat -na -f inet6

Displays active IPv6 connections

netstat -m

Displays tunable memory buffer information for IP stack

sockstat -4

Displays IPv4 sockets

sockstat -6

Displays IPv6 sockets

8. Other Stuff to Know About FreeBSD

The previous sections outlined the main areas of FreeBSD that most Linux admins will want to know. In this final section, I’ll list some extra stuff (in no particular order).

Compiling software from source is very easy in FreeBSD. You can run the portsnap auto command to download the source code for the ready-to-compile ports tree from the FreeBSD repository to the /usr/ports/ directory and then use the appropriate make commands to compile and install it on your system.

If you want to configure a firewall, there are three firewall systems to choose from in the FreeBSD handbook, but the most common one is PF from OpenBSD. Place your rules in /etc/pf.conf and use the pfctl command to control the firewall.

You can also use blacklistd to block undesired connections (or too many connections). Use blacklistctl to control blacklistd and list connection rules in /etc/blacklistd.conf.

FreeBSD jails are one of the earliest examples of OS virtualization/containerization.

  1. Download a userland (filesystem) tarball from the FreeBSD repository and extract it to a directory of your choice (e.g. /jails/container1).
  2. Add a paragraph to the /etc/jail.conf file that configures the jail parameters (e.g., IP address).

Finally, you can start and manage your jail using a wide variety of different commands, including the following:

service jail start container1

Starts the container1 jail

service jail stop container1

Stops the container1 jail

jls

Views all jails running on the system

jexec container1 command

Executes a command in the container1 jail

pkg -j container1 install apache24

Installs Apache in the container1 jail

 

If you start the NFSv4 file sharing daemons (installed by default) by adding the appropriate entries to /etc/rc.conf, you can add lines to /etc/exports to share out directories on your system. Or use ZFS to share datasets using NFSv4. These datasets are listed in /etc/zfs/exports.

For example, to share out the /usr/home directory using NFS, use the following command:

zfs set sharenfs=on zroot/usr/home     

Some things on FreeBSD may remind longtime Linux or UNIX administrators of days gone by. For example, you can still start daemons on demand using inetd and entries within /etc/inetd.conf, and you can use the old LPD printing system by adding printer entries to /etc/printcap. (Please install and use CUPS instead....seriously.)

FreeBSD also uses the old syslogd to log system events using the entries in /etc/syslog.conf. (It works well so why change it, right?) However, instead of logrotate, FreeBSD uses newsyslog to rotate log files according to rules in /etc/newsyslog.conf.

And yes, if you want to use FreeBSD as a workstation, you can install X.org and GNOME. But given that Linux is leading the charge in that area, it’d be wiser to use Linux as your workstation and leverage FreeBSD as a wicked fast server.

Ready to upgrade your IT skills? We've got great news! You can save big on CompTIA certifications and training right now.

Email us at blogeditor@comptia.org for inquiries related to contributed articles, link building and other web content needs.

Read More from the CompTIA Blog

Leave a Comment