If you’re a Linux administrator, chances are you’ve explored more than one Linux distribution, whether it be Ubuntu, Fedora, Arch, SuSE, CentOS or Debian. This is because 95% of all Linux concepts apply well to every Linux distribution, and the other 5% likely consists of a different package manager, default software or locations for configuration files.
The same applies to FreeBSD, which is a direct descendant of the UNIX operating system that Linux is based on. FreeBSD is often used for cloud services, such as Netflix, as well as the operating system that powers FreeNAS, one of the most common Network Attached Storage operating systems, and pfSense, a powerful open source firewall.
The good news is that FreeBSD is almost identical to Linux. Thus, if you’ve ever installed and explored another Linux distribution, then exploring FreeBSD is going be somewhat similar with a few key differences. Keep reading to learn more about FreeBSD UNIX and some things to try.
How to Install FreeBSD
While FreeBSD has no graphical installation, the process is straightforward and similar to installing a server-based Linux distro. Just make sure you choose the local_unbound package when prompted if you want to cache DNS lookups locally, as FreeBSD doesn’t have a built-in local DNS resolver that does this.
Following installation, the directory structure is almost identical to Linux. Of course, you’ll notice some small differences here and there (e.g., regular user home directories are located under /usr/home instead of /home).
Standard UNIX commands such as ls, chmod, find, which, ps, nice, ifconfig, netstat, sockstat (the ss command in Linux) are exactly as you’d expect, but with some different options here and there that you’ll see in the man pages. And yes, reboot and poweroff are there too.
Why Should I Try FreeBSD?
The main benefit FreeBSD has over Linux is speed. You thought Linux was fast? Try FreeBSD. It has the fastest IP stack of any operating system by a long shot. Since it’s UNIX and you can provide the same services (e.g., Samba, Apache, NFS, Nginx), this means you can provide them faster and leaner.
FreeBSD has also kept to its KISS (Keep It Simple Stupid) UNIX roots without compromising features, while Linux configuration gets more and more complex as time goes on.
Want to start a service at boot time? You just add a line that says servicename=”YES” to a small text file (described later). This small text file stores 90% of your system configuration, including your IP settings. In short, configuring a FreeBSD system is both fun and addictive.
While configuring FreeBSD is easy, it’s also incredibly powerful. There are granular security features and system configuration/recovery features in FreeBSD that you won’t find in other operating systems. And it has native support for ZFS. It is for all of these reasons that Netflix, FreeNAS and pfSense use FreeBSD.
In the following sections, I’ll describe some key differences and features of FreeBSD that you’ll want to know coming from a Linux sysadmin background.
If you are newer to Linux, check out these free tutorials first to get up to speed on the deep dive we’re about to take:
- All About Linux and Linux+ (2019 Refresh)
- The Different Faces of Open Source Software
- Using Linux BASH on Windows 10
- Configuring ZFS on Linux
- Become a Linux Foo Master with Piping and Redirection
- Managing Linux Shell Scripts Using Git
- How to Use Vi and Vim Text Editors in Linux
Legend
Key filenames and components are in red
Commands and configuration parameters are in code font
7+ Features of FreeBSD
1. FreeBSD System Configuration
/etc/rc.conf contains nearly all system configuration, including IP configuration, hostname, default GW, services (daemons) that should start at boot time, and so on. Lines within this file have parameter=value syntax and are easy to edit using a text editor, such as vi.
You can also use the sysrc -a command to show all of the configured values in /etc/rc.conf, or the sysrc parameter=value to modify or add configuration.
FreeBSD stores the default parameters for configuration files in a defaults subdirectory. For example, /etc/defaults/rc.conf stores a large number of system-configured defaults that are overridden by /etc/rc.conf.
Never change the entries in /etc/defaults/rc.conf.
Instead, just override them by adding the same lines to /etc/rc.conf with the values you want. There’s also a /etc/rc.conf.d/ directory where software packages can add files to that set system parameters. (It’s empty on a default installation of FreeBSD).
2. FreeBSD Boot Loader and Kernel Configuration
Boot loader configuration is stored in /boot/loader.conf (and /boot/defaults/loader.conf) and uses the same syntax as /etc/rc.conf.
To view modules inserted into the kernel, you can use kldstat. You can also load and unload modules manually.
For example:
| kldload linprocfs.ko | Loads the Linux procfs filesystem module |
| kldunload linprocfs.ko | Unloads the same module |
To make sure this module automatically loads each time you boot, add the following line to the /boot/loader.conf file:
[cmd=]kldload /boot/kernel/linprocfs.ko[/cmd]
The FreeBSD kernel also has many properties and parameters that you can view and configure. Use the kenv command to view the currently configured parameters on your system or the sysctl -o -a command to view all available parameters and their default values. The sysctl command can also be used to view specific parameters.
For example:
| sysctl kern | Shows all parameters starting with kern |
| sysctl kern.securelevel | Shows current value of the kernel security level |
| sysctl hw.model | Shows your CPU model |
To set a kernel parameter at boot time, add the appropriate line to the /etc/sysctl.conf file.
3. FreeBSD System Initialization
Just like the GRUB2 boot loader on Linux, FreeBSD has an interactive boot loader called boot0 that is much more user friendly. It displays a menu for 10 seconds by default that allows you to enter rescue mode or modify kernel values manually, among other things. If you are repairing a system, a copy of useful binary programs is stored under the /rescue/ directory and made available to boot0.
Once the kernel is loaded by boot0, the init daemon parses the large /etc/rc script to start the other daemons that you specified within /etc/rc.conf by executing the appropriate daemon scripts under the /etc/rc.d/ directory.
Other scripts are also executed by init at boot time. For example, /etc/netstart configures the network according to the parameters you specified in /etc/rc.conf.
After your system has booted, you can view the /var/run/dmesg.boot file to see the hardware detected and modules loaded by your kernel, or view the /var/log/messages file to view the daemons and components that were started by init (including any errors).
4. FreeBSD Storage Configuration
FreeBSD uses different device files for storage and different methods for partitioning and creating filesystems.
To see a list of the physical storage devices you have, use the following two commands:
camcontrol devlist
geom disk list
Some sample device files for these storage devices include:
| /dev/cd0 | First CD/DVD |
| /dev/da0 | First SCSI/SAS disk or USB drive, which emulates SCSI |
| /dev/ada0 | First IDE/SATA disk |
| /dev/nvme0 | First NVMe SSD |
| /dev/nvme0ns1 | First namespace on the first NVMe SSD |
Say, for example, you have one SATA SSD in your system that has a GPT partition table. FreeBSD will likely create three partitions on it during the installation:
| /dev/ada0p1 | Usually a 512KB FreeBSD boot partition or UEFI boot partition |
| /dev/ada0p2 | Usually a swap partition |
| /dev/ada0p3 | Rest of disk - usually given to ZFS, or mounted to/if you use UFS |
If you have older storage devices that use an MBR partition table, each primary partition is called a slice in FreeBSD. These are further subdivided into up to seven device nodes using a special BSD disk label.
For example, the first slice on /dev/ada0 could be subdivided into four device nodes, with each one assigned a letter:
| /dev/ada0s1a | First device node in the first slice on ada0 |
| /dev/ada0s1b | Second device node in the first slice on ada0 |
| /dev/ada0s1c | Third device node in the first slice on ada0 |
| /dev/ada0s1d | Fourth device node in the first slice on ada0 |
You can view your disk configuration using the gpart command, which can also create/manage partitions:
| gpart show -p ada0 | Shows partitions on ada0 |
| gpart show -l ada0 | Shows labels on ada0, which match files under /dev/gpt/ |
If you just want to see the partition labels for disks on the system, run the glabel list command instead.
5. FreeBSD Filesystem Configuration
FreeBSD commonly uses just two filesystems for storage:
- UFS: A very old filesystem that should only be used if you have legacy applications that require it
- ZFS: A filesystem that’s also commonly configured on production Linux servers
After creating partitions on a GPT disk (or slices and device nodes on an MBR disk), you can use the following commands to create and work with UFS filesystems:
| newfs | Creates a UFS filesystem |
| growfs | Extends the size of a UFS filesystem |
| tunefs | Tunes UFS filesystem parameters |
| mksnap_ffs | Creates a UFS filesystem snapshot |
| fsck | Checks a UFS filesystem for errors |
Normally, you’d use ZFS instead of UFS on a FreeBSD system because it has superior enterprise features, including corruption protection and device fault tolerance. The same zpool and zfs commands you used to configure ZFS on Linux can also be used on FreeBSD.
For example, to create a RAID-Z1 dataset called lala from the space on three different SCSI disks and put a ZFS filesystem on it, you could use the following command:
zpool create lala raidz /dev/da1p1 /dev/da2p1 /dev/da3p1
Here are a few more sample zpool and zfs commands:
| zpool status lala | View status of the lala dataset |
| zpool list | Lists all ZFS datasets |
| zpool get free | Displays free space information from all ZFS datasets |
| zfs create lala/stuff | Creates another ZFS dataset under the lala dataset |
| zfs list | Displays all ZFS datasets and where they are mounted |
| zfs get compression | Displays compression setting for all ZFS datasets |
| zfs set compression=lz4 lala/stuff | Enables compression for lala/stuff |
When you run the zfs list command on a newly installed system, you’ll see a ZFS dataset called zroot that is created by the FreeBSD installer.
This dataset contains many other datasets underneath it for different system directories, such as the following:
zroot/ROOT/default is mounted to /
zroot/usr is mounted to /usr
zroot/usr/home is mounted to /usr/home
zroot/var is mounted to /var
What you may find odd is that zroot/ROOT/default is mounted to the root of the system. This is because FreeBSD supports different boot environments if you take ZFS snapshots of the / filesystem.
Before performing a risky configuration, take a snapshot of your system called zroot/ROOT/May2. Then, you can easily revert back to it if your risky configuration fails! You can even choose a previous boot environment at the FreeBSD boot loader menu when you boot the system.
Here are some useful boot environment commands:
| pkg install beadm | Installs the boot environment package (pkg is discussed later) |
| beadm create May2 | Create snapshot of system called May2 |
| zfs list | You should seezroot/ROOT/defaultandzroot/ROOT/May2 |
| beadm activate May2 && reboot | Reverts system to May2 snapshot |
There is also a /etc/fstab file that mounts non-ZFS filesystems at boot, just as you’d expect on a Linux system. If you use ZFS exclusively, /etc/fstab just activates the swap partition only.
And just as Linux has udev rules for restricting access to storage devices, you can add lines to /etc/devfs.conf or /etc/devfs.rules to do so on FreeBSD.
The only other glaring difference between Linux and FreeBSD when it comes to the filesystem is the use of filesystem attributes. On Linux systems, you could set filesystem attributes using the chattr command, and list them with the lsattr command.
However, FreeBSD uses a different set of attributes called filesystem flags that can be set at the system or user level:
| chflags sunlink file | Sets the system unlink flag on a file, to prevent file deletion |
| chkflags nosunlink file | Unsets the system unlink flag on a file |
| ls -lo file | Displays flags on a file |
6. FreeBSD Users and Groups
As on Linux systems, FreeBSD stores user configuration in /etc/passwd (readable by everyone) but converts it to a /etc/pwd.db database for fast system access.
But instead of using the /etc/shadow file like Linux does, FreeBSD stores all user and password configuration in /etc/master.passwd (readable by root only) and converts it to /etc/spwd.db for fast system access.
Groups are stored in /etc/group, as you’d expect, but there is there is no sudo functionality. Instead, you must be part of the wheel (big wheel) group to use the su command to run commands as root or obtain a root shell.
Default home directory files for new users are copied from /usr/share/skel/. You can also create rules to allow or prevent user access in the /etc/login.access file, as well as define user classes for accessing system resources in the /etc/login.conf file.
Here are a few common commands to create and manage users:
| adduser | Creates a user - defaults values are taken from/etc/adduser.conf |
| adduser -C | Creates the /etc/adduser.conf file with values you specify |
| rmuser | Removes a user |
| pw useradd/userdel/ | Creates and manages users |
| chpass | Modifies settings for a user using the vi editor |
| vipw | Edits /etc/master.passwd using vi, and then rebuilds /etc/spwd.db |
7. FreeBSD Packages, Services and Monitoring
Installing and managing packages on FreeBSD is just as easy as using the Red Hat or Debian package managers on a Linux system. Instead of dnf or apt, use the pkg command:
| pkg update | Updates package list from online repository |
| pkg search bash | Searches online repository for bash packages |
| pkg install bash | Installs bash package from online repository |
| pkg upgrade bash | Upgrades bash to latest version |
| pkg info bash | Displays package details |
| pkg info -l bash | Displays package file contents |
| pkg check bash | Checks bash package content for missing/corrupted files |
| pkg lock bash | Prevents modification or removal of package |
| pkg remove bash | Removes bash package |
| pkg clean | Cleans up files in the package repository, /var/cache/pkg/ |
| pkg autoremove | Auto-removes unneeded dependency packages |
| pkg which /usr/local/bin/bash | Displays package the bash file belongs to |
| freebsd-update fetch | Downloads latest version of FreeBSD |
| freebsd-update install | Installs the latest version of FreeBSD and then reboots |
After installing a daemon package, you must also configure it to start at boot time by adding a line to the /etc/rc.conf file.
For example, after installing the apache24 package (for the Apache web server daemon), you could start it at boot time by adding the following line to /etc/rc.conf:
apache24_enable=”YES”
Yes, it’s that easy!
The configuration files for any daemons that you install are under /etc or /usr/local/etc. For example, you’ll find the httpd.conf configuration file for Apache in the /usr/local/etc/apache24/ directory on FreeBSD.
You can also manage daemons using the same service command used in Linux systems prior to Systemd:
| service -e | Displays daemons that are enabled and the order they are started at boot |
| service sshd stop/start/restart | Stops/starts/restarts the sshd daemon |
| service sshd onestart | Starts the sshd daemon if it is not listed in /etc/rc.conf |
| service sshd extracommands | Displays additional options for working with sshd |
Of course, loading additional daemons will impact the performance of your system, especially as the number of clients connecting to them increases.
You can monitor the performance of your FreeBSD system using the same vmstat and top commands you’re used to in Linux (the FreeBSD top command also lists ZFS performance statistics), as well as monitor disk performance using the gstat command.
Similarly, you can use a plethora of different network commands in FreeBSD to monitor network statistics.
Here are some of my favorites:
| netstat -w 1 -d | Displays packet stats every 1 second |
| netstat -na -f inet | Displays active IPv4 connections |
| netstat -na -f inet6 | Displays active IPv6 connections |
| netstat -m | Displays tunable memory buffer information for IP stack |
| sockstat -4 | Displays IPv4 sockets |
| sockstat -6 | Displays IPv6 sockets |
8. Other Stuff to Know About FreeBSD
The previous sections outlined the main areas of FreeBSD that most Linux admins will want to know. In this final section, I’ll list some extra stuff (in no particular order).
Compiling software from source is very easy in FreeBSD. You can run the portsnap auto command to download the source code for the ready-to-compile ports tree from the FreeBSD repository to the /usr/ports/ directory and then use the appropriate make commands to compile and install it on your system.
If you want to configure a firewall, there are three firewall systems to choose from in the FreeBSD handbook, but the most common one is PF from OpenBSD. Place your rules in /etc/pf.conf and use the pfctl command to control the firewall.
You can also use blacklistd to block undesired connections (or too many connections). Use blacklistctl to control blacklistd and list connection rules in /etc/blacklistd.conf.
FreeBSD jails are one of the earliest examples of OS virtualization/containerization.
- Download a userland (filesystem) tarball from the FreeBSD repository and extract it to a directory of your choice (e.g. /jails/container1).
- Add a paragraph to the /etc/jail.conf file that configures the jail parameters (e.g., IP address).
Finally, you can start and manage your jail using a wide variety of different commands, including the following:
| service jail start container1 | Starts the container1 jail |
| service jail stop container1 | Stops the container1 jail |
| jls | Views all jails running on the system |
| jexec container1 command | Executes a command in the container1 jail |
| pkg -j container1 install apache24 | Installs Apache in the container1 jail |
If you start the NFSv4 file sharing daemons (installed by default) by adding the appropriate entries to /etc/rc.conf, you can add lines to /etc/exports to share out directories on your system. Or use ZFS to share datasets using NFSv4. These datasets are listed in /etc/zfs/exports.
For example, to share out the /usr/home directory using NFS, use the following command:
zfs set sharenfs=on zroot/usr/home
Some things on FreeBSD may remind longtime Linux or UNIX administrators of days gone by. For example, you can still start daemons on demand using inetd and entries within /etc/inetd.conf, and you can use the old LPD printing system by adding printer entries to /etc/printcap. (Please install and use CUPS instead....seriously.)
FreeBSD also uses the old syslogd to log system events using the entries in /etc/syslog.conf. (It works well so why change it, right?) However, instead of logrotate, FreeBSD uses newsyslog to rotate log files according to rules in /etc/newsyslog.conf.
And yes, if you want to use FreeBSD as a workstation, you can install X.org and GNOME. But given that Linux is leading the charge in that area, it’d be wiser to use Linux as your workstation and leverage FreeBSD as a wicked fast server.
Ready to upgrade your IT skills? We've got great news! You can save big on CompTIA certifications and training right now.
