I’ve today posted an update to the original 03 July 2007 article about the demise of the venerable Microsoft Trackball Explorer pointing device. Check out the original article, the update (following the original article), and the countless comments the post has received over the past year. What’s the matter with Microsoft?!
Author Archive for Ville Walveranta
I often want to open random files in my favorite text editor, UltraEdit Studio to take a quick peek at the contents. However, often the files don’t have a recognized extension, have an extension that is associated with something else, or have no extension at all. Some time ago I added a link to the “Send to” menu, which works, but it’s always an extra step to navigate to the Send to sub-menu first. This is a common operation. Google search quickly produced a post in Wes’s Puzzling Blog that outlines how to add a context-menu option for Notepad. It worked, almost. I had to make one small change (besides the cosmetic text change from “Notepad” to “UE Studio”).
Here’s my version:
—
[HKEY_CLASSES_ROOT\*\shell]
[HKEY_CLASSES_ROOT\*\shell\openuestudio]
@=”Open with UE Studio”
[HKEY_CLASSES_ROOT\*\shell\openuestudio\command]
@=”c:\\Program Files\\UEStudio 06\\uestudio.exe” %1
—
I had to move the file variable %1 outside of the quote marks in order for it to work, possibly because there is a space in the file path.
You can also download open_with_uestudio.reg that, once saved (with .reg extension) to a local hard drive, can be used to add the necessary keys into the registry by double-clicking on the file (obviously it only works unmodified if you have UE Studio installed, and in the same path as on my system). This works on Windows XP and Windows 2003 Server, not sure about Vista.
Disclaimer: Always be careful when editing/modifying registry. This worked for me but I’m not responsible for broken installs if you mess it up!
I’ve been using Van Dyke Software’s SecureFX for a long time for FTP transfers. It’s a decent software, but I’ve always found its user interface a bit clumsy (floating windows inside a master window..). Recently the need for secure connections has become increasingly important, and SecureFX doesn’t support Explicit FTPS, or “FTPES”. The difference of the “explicit” and “implicit” FTPS was well described on a page found on Enterprise Distributed Technologies site:
Before the FTPS Internet Draft was published a somewhat abortive attempt at offering a secure version of FTP was made. This is now referred to as implicit FTPS. It is a very simplistic technique which involves using standard secure TLS sockets in place of plain sockets at all points. Since standard TLS sockets require an exchange of security data immediately upon connection, it is not possible to offer standard FTP and implicit FTPS on the same port. For this reason another port needs to be opened – usually port 990.
Implicit FTPS is in the process of being phased out in favour of FTPS as described in the Internet Draft. This newer variant of FTPS is now referred to as explicit FTPS. It has a some substantial advantages over implicit FTPS:
- It is a standard extension of FTP and is therefore supported by most FTP servers.
- It uses standard FTP ports meaning that there is no need to open addition ports in firewalls when upgrading from FTP to FTPS.
- It is more flexible in that it allows security to be turned off and on in a single session.
- It is compatible with the RFC2228 standard.
I decided to review some other FTP clients at hand. The excellent Filezilla would be perfect, except it doesn’t yet support RSA-key based SFTP authentication making it unsuitable for accessing the roots of remote systems. Its Explorer integration was also imperfect in that attempting to drag a file from a connected ftp site to the desktop (outside of the program window) resulted in an error.
I tried FTPRush, but gave up on it after a while — could not get FTPES working properly. It probably would work, but the reason for why it did not work was not obvious.
WinSCP offers SCP/SFTP (both key and password based), but it doesn’t support FTPS, explicit or implicit.
CuteFTP Pro supports all three connectivity types, but while existing key types can be defined, it’s finicky on the format of the key (I could not get an externally generated key working). Additionally it only supports *one* RSA key globally for all profiles AND it doesn’t allow dragging-and-dropping items from a connected remote site to the local desktop or other explorer location (i.e. outside of the application window). I crossed it out.
I looked at the screen shots of CoreFTP.. and they were enough to convince me I would not want to try it.
Finally, I gave the latest version of the ‘ol WS_FTP Professional by Ipswich systems a try, and found all three connectivity types easily configured. It also wants to generate RSA keys itself, but at least each profile can have its own key and drag-and-drop out of the application window works. Seems it’s the winner, for now (Filezilla holds a lot of promise — once they implement RSA key authentication it may well come out at the top.. especially since it’s free software).
N.B.
Two other slightly different kind of FTP clients worth mentioning here are WebDrive and SFTP Drive which map Windows drive letter(s) to remote FTP site(s). Both work very well; WebDrive is a bit more configurable (and a bit more expensive) of the two. Both support SFTP (password or RSA key pair authentication), WebDrive additionally supports WebDAV, Amazon S3, and insecure FTP. Neither program offers support for FTP(E)S. (Update: read the post comments regarding FTPS support in WebDrive.)
I’ve been using Marteau’s Total Uninstall for quite some time now, and generally it works very well. It keeps the system clean of the junk programs generally leave behind when they’re uninstalled. However, couple of days ago Total Uninstall totally uninstalled my system. I needed to print a listing of the contents of a folder, and I remembered a program I had tried at some point, ExpPrint. I downloaded and installed the latest version of ExpPrint, 3.1.0.1, and printed the directory. Few hours later it occurred to me that the excellent file manager that has long been part of my core utilities, Directory Opus, might have the directory printing functionality built in — something which I confirmed quickly. It also turned out that that the directory printing features of Directory Opus worked better and were more configurable than those of ExpPrint… so I decided to uninstall ExpPrint. I fired up Total Uninstall, selected ExpPrint, and started application uninstall which quickly completed. I then clicked on the “Uninstall” button of Total Uninstall to remove the scraps left behind by the software.
Only this time I would be treated to a total uninstall of my Windows XP as I was about to find out. Total Uninstall first displayed few items that “were added after the program [to be uninstalled] was installed”. They were generic context-menu items, so I made sure they were unselected, and proceeded. Program worked for some 20 seconds and then produced a lengthy list of all the registry values it had deemed part of the ExpPrint, and thus removed. Only the list contained good part of my XP’s registry values including all context-menu items, all file associations, etc. Needless to say, after that nothing worked, including the system restore.
Nor did it help to attempt to restore system state (there would have been a very recent system state available) from the recovery console as outlined in a TechTarget article. Windows would just not start. Realizing that even if I were able to get it back up and running, the configuration would likely never work very well, I resigned to a full reinstall with a sigh. Since the filesystem was intact and since I keep good backups, I lost no data, just time.
Lesson learned: it’s worth keeping a restorable image backup of the system/program files partition in addition to data backups.
Update 17 September 2008: I’m still using Total Unintall, or at least “have been using it”. Yesterday I was installing some Photoshop plugins, and while doing so accidentally installed a plugin into inDesign’s plugin folder. So I fired up Total Uninstall to remove the software. The result: the entire plugins folder of inDesign was wiped out. Fortunately only files were touched, and fortunately Total Uninstall removed them to Recycle Bin, so restoring them was fairly easy without a lengthy repair/reinstall of inDesign. But as it seems Total Uninstall doesn’t have a feature to preview what is about to be uninstalled, I’m now questioning how good of an idea its continued use is. I’ve found the program quite effective, but errors like this make it hazardous to use. I’m going to suggest a preview as a new feature, but meanwhile—until/if such feature is added; see my feature request on Martau.com—I may opt to use some other uninstaller that does provide the preview as well as the option to choose whether or not to remove the “left over” items the uninstaller has found, or if no software provides such feature I may lay off 3rd party uninstallers for now—it’s better to have clutter in the system than to have to have to reinstall everything. I took a quick peek at Total Install’s competition (including Your Uninstaller!, Advanced Uninstaller PRO, free Revo Uninstaller, and the popular, also free CCleaner), and I wasn’t impressed. Let’s hope Martau adds the uninstall preview; it’s otherwise the best tool for the job!
Update 21 September 2008: My over-zealous spam-filter had caught Martau’s response to the initial problem in August. It has been addressed in the current release and “total uninstall” should no longer happen! Also, it turns out that the detected changes display (the “Changes” tab) in Total Uninstall displays all the changes that the program has detected for each installed program, and that will be reverted or removed during the uninstall. Thus, by reviewing the detected changes in prior to starting the uninstallation process any unpleasant surprises can be avoided. This is pretty much what I was looking for with the “uninstall preview” feature (as outlined in 17 September 2008 update above). Good job, Martau! Now I can continue to recommend Total Uninstall as the best uninstall tool available for Windows!
I like Yahoo! Widgets (formerly known as “Konfabulator”). I use XP for some time to come and thus don’t have the option to use Vista’s widgets (the only thing in Vista that currently has some draw to it is DirectX 10, but I digress..). Every now and then a widget “gets lost”. For example, when starting a program (like a game) that changes the display resolution, the widgets get tossed around seemingly randomly, and sometimes they end up outside of the active (and possibly maximum) resolution of the display. Closing a widget and reopening it won’t help. Uninstalling Yahoo! Widget Engine probably helps, but who wants to do that regularly? There’s an easy registry fix (and if the problem is frequent, one could even write a small batch file that would place the widgets at their desired locations).
Shut down Widget Engine first (also from the system tray), then find the following key in your registry with regedit (you may want to use search especially if the system has many users and thus many SIDs).
The keys that determine the widget locations can be found at
HKEY_USERS \
user’s security ID, or “SID”,
… e.g. S-1-5-21-1482476501-362288127-1801674531-1233 \
Software \
Yahoo \
Widget Engine \
Widgets \
widget name, e.g. “Calendar” \
Windows \
Main Windows \
Positions <- delete this binary value
Then restart Widget Engine (and reload the “lost” widget if it’s not loaded by default). It the default placement is in the middle of the screen (or middle of the “active” screen on some multi-monitor systems).
Disclaimer: As always, the usual disclaimers and warnings apply to any registry mods. Know what you’re doing since it is possible to destroy your Windows installation with careless registry edits.
bcron is a better cron (though the “b” in the name probably comes from the first name of its writer, Bruce Guenter). It was created with security in mind, and is especially well suited for multi-user systems where the individual users need to be given access to their respective crontabs. With bcron this can be accomplished without compromising the system security. Here’s a quote from the bcron page:
This is bcron, a new cron system designed with secure operations in mind. To do this, the system is divided into several seperate programs, each responsible for a seperate task, with strictly controlled communications between them. The user interface is a drop-in replacement for similar systems (such as vixie-cron), but the internals differ greatly.
As of writing of this bcron can not be found in the FreeBSD 7.0 ports system. Fortunately its installation is fairly straightforward. Yet the included documentation is rather spartan so I provide a more complete outline below.
- Install latest bglibs if not yet installed** bglibs is best to install from a downloaded tarball rather than from the ports (while the ports version installs the libs in a more logical location at /usr/local/lib/bglibs/ the programs that utilize the library (bcron, ucspi-unix, etc.) have difficulty locating it.
** few symlinks are required (these refer to the locations bglibs installs itself when compiled from the tarball rather than from the ports):
/usr/local/bglibs -> /usr/local/lib/bglibs
/usr/local/bglibs/lib/libbg-sysdeps.so.2 -> /usr/local/lib/libbg-sysdeps.so.2
/usr/local/bglibs/lib/libbg.so.2 -> /usr/local/lib/libbg.so.2 - Install ucspi-unix if not yet installed as bcron components communicate via UNIX sockets. This requires bglibs and also compiles and installs well using a downloaded tarball (it’s also available in ports at /usr/ports/sysutils/ucspi-unix, but I prefer to compile it from the downloaded tarball).
- Make sure /var has been moved off the root to /usr/var before proceeding. See an older post for details.
- Make sure daemontools (and hence supervise) has been installed and is operational as bcron will be started with it.
- Create a system user “cron” (for example by using vipw command) and group “cron” (by editing /etc/group). This user/group will own all the crontab files (though not /etc/crontab as it’s system crontab and needs to be owned by root:wheel).
user:
cron:*:50:50::0:0:BCron Sandbox:/nonexistent:/usr/sbin/nologingroup:
cron:*:50: - Create the spool & tmp directories:
mkdir -p /var/spool/cron/crontabs /var/spool/cron/tmp
mkfifo /var/spool/cron/trigger
sh
for i in crontabs tmp trigger; do
chown cron:cron /var/spool/cron/$i
chmod go-rwx /var/spool/cron/$i
done - Create the configuration directory /usr/local/etc/bcron:mkdir -p /usr/local/etc/bcron** You can put any common configuration settings into this directory (it is an “ENVDIR”), like alternate spool directories in BCRON_SPOOL.
- Create the bcron service directories (there are three services) and add the scripts below it:
mkdir -p /var/bcron/supervise/bcron-sched/log
mkdir /var/bcron/supervise/bcron-spool
mkdir /var/bcron/supervise/bcron-updateSet their permissions to 1750 for security purposes (no world access, sticky bit):
chmod 1750 /var/bcron/supervise/bcron-sched
chmod 1750 /var/bcron/supervise/bcron-spool
chmod 1750 /var/bcron/supervise/bcron-updateMake all the run and log/run scripts executable by root, readable by group:
chmod 740 /var/bcron/supervise/bcron-sched/run
chmod 740 /var/bcron/supervise/bcron-sched/log/run
chmod 740 /var/bcron/supervise/bcron-spool/run
chmod 740 /var/bcron/supervise/bcron-update/runand make log bcron-sched subdir accessible by root, group:
chmod 750 /var/bcron/supervise/bcron-sched/log
RUN SCRIPTS:
/var/bcron/supervise/bcron-sched/run:#!/bin/sh
exec 2>&1
exec envdir /usr/local/etc/bcron bcron-start | multilog t /var/log/bcron/var/bcron/supervise/bcron-sched/log/run:
#!/bin/sh
exec >/dev/null 2>&1
exec \
multilog t /var/log/bcron/var/bcron/supervise/bcron-spool/run:
#!/bin/sh
exec >/dev/null 2>&1
exec \
envdir /usr/local/etc/bcron \
envuidgid cron \
sh -c ‘
exec \
unixserver -U ${BCRON_SOCKET:-/var/run/bcron-spool} \
bcron-spool
‘/var/bcron/supervise/bcron-update/run:
#!/bin/sh
exec >/dev/null 2>&1
exec \
bcron-update /etc/crontab - Kill the deafult cron daemon and add the following to rc.conf so it won’t restart on reboot:
#disable default cron; bcron is used instead (started by supervise)
cron_enable=”NO” - Symlink bcron services’ primary supervise directories to under /var/service to start bcron services (you can also use svc-add command if you have installed supervise-scripts):
ln -s /var/bcron/supervise/bcron-sched /var/service/bcron-sched
ln -s /var/bcron/supervise/bcron-spool /var/service/bcron-spool
ln -s /var/bcron/supervise/bcron-update /var/service/bcron-update - Set /etc/crontab permissions to 600, and make sure it’s owned by the root.
chmod 600 /etc/crontab
chown root:wheel /etc/crontab** For other users the owner of the crontab file in their respective home folders would be cron:cron.
- Edit /etc/crontab and test that it gets updated. Note that there is a brief delay, perhaps one minute or so, after you save the crontab until the change becomes effective. Also note that the default shell for the crontab is /bin/sh. You might want to change it to something more powerful like c-shell (/bin/csh) or bash (/bin/bash) that you’re familiar with. You may also want to augment the default path, for example, by including /usr/local/bin for user-installed commands.
D. J. Bernstein’s daemontools includes a service supervisor which ensures services it supervises are restarted should they ever stop due to a program/system error. Daemontoos is easy to install, and is best installed from FreeBSD’s ports system at /usr/ports/sysutils/daemontools. Be sure to also install the manual, which you can find in a sub-directory work/daemontools-man. The README file that can be found within instructs to [manually] install the manual entries using the command gzip *.8 ; cp *.8.gz /usr/share/man/man8/ (while residing in the daemontools-man directory). Once installed, there are few additional steps to do:
- Copy /usr/ports/sysutils/daemontools/work/svscan.sh.sample to
/usr/local/etc/rc.d/svscan.sh and give it owner execute privileges with
chmod 700 /usr/local/etc/rc.d/svscan.sh - Create /var/service and create a symlink to it from /service
mkdir /var/service
ln -s /var/service /service - Add following to /etc/rc.conf:
#start /var/service scanning
svscan_enable=”YES” - Reboot the system (svscan will *not* start on a BSD system before the system is rebooted)
Optionally you can also install Bruce Guenter’s supervise-scripts that make life a whole lot easier with daemontools’ supervise.
- Install latest bglibs if not yet installed
** bglibs is best to install from a downloaded tarball rather than from the ports (while the ports version installs the libs in a more logical location at /usr/local/lib/bglibs/ the programs that utilize the library (bcron, ucspi-unix, etc.) have difficulty locating it.** few symlinks are required (these refer to the locations bglibs installs itself when compiled from the tarball rather than from the ports):
/usr/local/bglibs -> /usr/local/lib/bglibs
/usr/local/bglibs/lib/libbg-sysdeps.so.2 -> /usr/local/lib/libbg-sysdeps.so.2
/usr/local/bglibs/lib/libbg.so.2 -> /usr/local/lib/libbg.so.2 - Download, compile, and install supervise-scripts. Once installed, you’ll find new commands svc-start, svc-stop, svc-restart, svc-add, svc-remove, svc-isdown, svc-isup, svc-waitdown, svc-waitup, and svc-status in /usr/local/bin. These make scripting and managing services much easier.
When switching programs to be svscan-started and svscan-managed, remember to make sure they’re not being started either as default services by the system, or that a prior startup setting doesn’t exist in /etc/rc.conf. Disable them (depending on the service) by commenting out the startup in /etc/rc.conf, by adding a “NO” clause in /etc/rc.conf (such as cron_enable=”NO”), or by disabling the corresponding startup script in /usr/local/etc/rc.d.
If you mess up a service initialization, uninstall the failed service (i.e. unlink the service’s primary service directory from /var/service), delete the “supervise” subfolders (and “down” file if present) from the service’s primary service directory (there’s one also in the “log” subfolder). Then reboot the system, and reinstall the service either by using the supervise-scripts command svc-add, or by simply symlinking the service’s primary service directory to /var/service (for example ln -s /var/db/mysql-supervise /var/service/mysql).
One one of the first things I do on a newly installed FreeBSD system is to move /var and /tmp to under /usr. Since I usually allocate about 4Gb for the root slice and the rest of a disk—usually several hundred gigabytes—goes to /usr (well, there’s also the swap slice that takes few gigabytes) having /var and /tmp there is more comfortable as some log files, database files, or some temp files can sometimes grow to multi-gigabyte size and exhaust the root space.
Below is a simple procedure to move the /var to /usr/var and /tmp to /usr/var/tmp. This is best to do early on in a new system installation since many services tend to hook into /tmp and/or /var, and may thus lock files in those directories making the move more difficult. If you’re making this move on an established system, at least stop all the services that might interfere with the process (such as database services). It might even be a good idea to boot into a single user mode (if you do so, remember to correctly mount your disks before proceeding). I usually do this early in a new system install, before installing any major services, or at least before scripting them to run.
- Move /var to /usr/var
mkdir /usr/var
cd /var
tar cvf - . | (cd /usr/var; tar xvf - )
cd /
chflags -R noschg /var
rm -rf /var
ln -s /usr/var /var
- Move /tmp to /usr/var/tmp
mkdir /usr/var/tmp
cd /tmp
tar cvf - . | (cd /usr/var/tmp; tar xvf - )
cd /
chflags -R noschg /tmp
rm -rf /tmp
ln -s /usr/var/tmp /tmp
chmod -h 777 /tmp
chmod 1777 /usr/var/tmp
Below is my FreeBSD 7.0 kernel configuration file. I created it on my reference system, to be used on four production servers whose hardware configurations differ some. For that reason there’re few options (indicated as “[OPTION]“) that are conditional for the configurations. I’ve also left in IPv6 options which are currently commented out, but that I may take into use later if/when IPv6 becomes more prevalent in the environment these servers operate.
Edit: Because Wordpress doesn’t allow the tabulated configuration file to be presented in a readable manner, rather than including the configuration file in this post I made it available as a separate text file.
I’ve been running various versions of FreeBSD since 2001, and over that time the installation procedure has changed several times as new versions of the operating system have been released. Since I’m jack of all trades (or at least many trades), often several months or more passes without significant work in the UNIX environment, and my memory fades as I’m engrossed in something completely different such as software development work. I’m still running FreeBSD 6.1 in production environments, but want to make the move to 7.0 soon. Before doing so, however, I decided to set up a reference system and document the setup process to avoid major surprises (or my own memory glitches) as I reinstall the OS on the production systems — and hopefully have as a result minimum downtime possible.
Step one… FreeBSD installation using the Custom install. I post my notes below; perhaps someone will find this useful. The system is being set up as a web/db/mail server that is administered remotely; no X11 is needed or desired.
- Use custom install w/defaults except..
Skip PCCARD: YES
Media Type: CDROM - Set keymap if not ASCII (I use Finnish keyboard so I selected “Finnish ISO”) and timezone in post install.
- Old mount point & label info is ok (from the older installations). I use “4069M” for boot, “6100M” for swap, and rest for application data (generally a largish RAID-5 or RAID-6 array is used), the respective mount point labels are “/”, swap, and “/usr”. I use standard boot record since no other operating systems are installed on the system. Boot drive is made bootable, softupdates is enabled on the data slice.
- Configure network, system name, keyboard map (sysinstall should’ve created delta for it) in /etc/rc.conf. Much more should and will go into it, but the basics that will get the system online are:
keymap="finnish.iso" #obviously optional
hostname="this.systemname.com"
defaultrouter="192.168.1.1"
ifconfig_em0="inet 192.168.1.99 netmask 255.255.255.0" #currently installing behind a firewall
fsck_y_enable="yes" #this is good to set in case your system crashes during setup without orderly shutdown.. you don't have to press "yes" a million times
Note that you may have a different kind of network interface and you might have to adjust the “ifconfig_em0 accordingly. - Configure DNSes in /etc/resolv.conf. I use OpenDNS servers, like so:
domain this.systemname.com
nameserver 208.67.222.222
nameserver 208.67.220.220 - If you’re basing this installation on an older install, import your old .cshrc or the equivalent alias/setting file of your favorite shell (makes the life easier as aliases work, etc).
- If you’re not using X11, enter `WITHOUT_X11′ in /etc/make.conf so you don’t have to set it in the environment every time.
WITHOUT_X11=yes #don't compile GUI to ports apps
CPUTYPE=i686 #set this for modern Intel CPUs
KERNCONF=YOUR_KERNEL_CONF_FILE_NAME
OPENSSLBASE=/usr/local #obviously if you use OpenSSL - Build /usr/ports/net/cvsup with WITHOUT_X11 set in make.conf (as above) or in the environment, or use /usr/ports/net/cvsup-without-gui/ and update the ports tree.First create /usr/local/etc/cvsup/supfile.ports containing:
*default host=cvsup12.FreeBSD.org
*default base=/usr/local/etc/cvsup
*default prefix=/usr
*default release=cvs tag=.
*default delete use-rel-suffix
ports-all
If you want to use the fastest cvs server available, install /usr/ports/sysutils/fastest_cvsup/ and run with fastest_cvsup -c us (replace ‘us’ with your local country code if you’re not in the U.S. :-)), then use the cvs server indicated as the default host. Then update ports with
/usr/local/bin/cvsup -g -L 2 /usr/local/etc/cvsup/supfile.portsYou can use an optional `-d 100′ to limit file deletions to 100 initially to make sure update is working and the entire ports tree won’t be wiped out. Then remove it for full run (intial run *will* need to delete more than 100 files, but they’re not all in sequence)
- Build & install /usr/ports/editors/joe (or whatever your favorite editor might be); this makes life easier as configuration progresses.
- Build & install /usr/ports/security/openssh-portable. Use defaults + select `Enable CHROOT support’ (for later use)
- Create a non-root user for remote login. vipw is an easy way to manage users.
- Configure OpenSSH daemon in /usr/local/etc/ssh/sshd_config & make sure sshd starts (set openssh_enable=”yes” in /etc/rc.conf, and make sure the start file is called /usr/local/etc/rc.d/openssh.sh; reboot may be required to create the necessary server keys & start the service (confirm with ps -waux | grep “ssh”).sshd_config params of note (for initial access) are..
AllowUsers root MyUserName
PermitRootLogin without-password #allow root login only with a RSA-key
PasswordAuthentication yes
UsePAM no
UseDNS no
** remote login should be possible at this point ** - Create /usr/local/etc/cvsup/supfile.sources with the below content, then update sources with /usr/local/bin/cvsup -g -L 2 /usr/local/etc/cvsup/supfile.sources
*default host=cvsup17.FreeBSD.org
*default base=/usr/local/etc/cvsup
*default prefix=/usr
*default release=cvs tag=RELENG_7_0
*default delete use-rel-suffix
src-all
doc-all - Review kernel configuration at /usr/src/sys/i386/conf (see my kernel defaults in the next post).
- Build & install new world if any deltas were applied in source update:
cd /usr/src && make buildworld.
If there are problems, try the following, then run buildworld again.
cd /usr/obj
chflags -R noschg *
rm -rf *
When buildworld completes, reboot the system, select option 4, or interrupt the reboot (option 6) and type boot -s to boot into single user mode; accept /bin/sh as the shell, then continue with the following commands to install new world:
mount -u /
mount -a -t ufs
swapon -acd /usr/src
make installworldexit (goes multi-user)
- Build custom kernel & install with below commands:
cd /usr/src
make cleandir
make buildkernel
- Make a backup copy of the old kernel and install the new:
cp -Rp /boot/kernel /boot/kernel.recent
make installkernel - Reboot & confirm that the latest kernel version is running with uname -a (or uname -rs).
- Make a copy of the functional kernel if boot is ok:chflags -R noschg /boot/kernel && cp -Rp /boot/kernel /boot/kernel.save && chflags -R schg /boot/kernel
- Set /boot/loader.conf parameters, like so:
kern.ipc.nmbclusters=16384 # Set the number of mbuf clusters
kern.ipc.maxsockets=16384 # Set the number of tcp sockets
kern.ipc.maxpipekva=67108864
kern.maxusers=128
Basic install & kernel setup is now complete.