FreeBSD 9 on Lenovo ThinkPad X60s

Here are my notes for configuring FreeBSD 9 on a Lenovo ThinkPad X60s after the operating system has successfully been installed.

Introduction

When selecting optional system components to install in the BSDInstall, make sure the following is selected:

  • ports
  • src

Also, uncheck all services listed to be started at boot as we’ll cover that in the /etc/rc.conf section.

Once FreeBSD has been installed, reboot, then log in as the root user. Start with checking for new updates to the base system, and install them if there are any available.

# freebsd-update fetch install

When that’s done, install Vim and tmux.

# pkg_add -r vim tmux

After the packages have been installed, you’ll get a security note related to Vim saying that there has been security issues within the modeline support. As a result, the FreeBSD Security Team suggests adding ‘set nomodeline’, to the ~/.vimrc file. This will avoid the possibility of trojaned text files, so it’s a good idea to do so.

When you install a new command on a FreeBSD system, it won’t be found until you run rehash. This is because the superuser’s shell is tcsh, and tcsh only looks for new binaries when the shell is started. Once a new program has been installed, do a rehash when you’re faced with a command not found error.

Now that the system is up-to-date, and we’ve installed a decent editor together with a terminal multiplexer, we’re ready to start the configuration process.

System configuration

In this section we’ll take care of configuring files used during the operating system bootstrap. Additionally, we’ll also handle system configuration files located in the /etc directory.

/boot/loader.conf

Inside /boot/loader.conf resides information on bootstrapping the system. Don’t worry if it doesn’t exist yet, it’ll be created when the file is saved. Open it or create a new one with

# vim /boot/loader.conf

then add the following

# /boot/loader.conf

# allow CPU frequency to be modified
cpufreq_load="YES"

# reduce kernel interrupt rate to increase inactivity periods
kern.hz=100

# enable ThinkPad specific functions like the ThinkPad keys etc.
acpi_ibm_load="YES"

# load the SEM module
sem_load="YES"

# wireless
if_wpi_load="YES"

# get sound to work properly
snd_hda_load="YES"

/etc/sysctl.conf

The system’s default kernel settings are specified within the /etc/sysctl.conf file. We need to add quite a few, so go ahead and open it by issuing

# vim /etc/sysctl.conf

and add the following

# /etc/sysctl.conf

hw.acpi.verbose=1
hw.acpi.reset_video=1

hw.acpi.lid_switch_state=S3
hw.acpi.sleep_button_state=S3
hw.acpi.sleep_delay=3
hw.acpi.power_button_state=S5

# enable ThinkPad buttons
dev.acpi_ibm.0.events=1

# allow regular users to mount removable devices
vfs.usermount=1

# disable speaker beep
hw.syscons.bell=0

/etc/rc.conf

The file /etc/rc.conf has information regarding the local host name, configuration settings for network interfaces, and it also controls which services that should be started at boot time.

Open it with

# vim /etc/rc.conf

then add the following to the file

# /etc/rc.conf

# power saving
powerd_enable="YES"
performance_cx_lowest="C3"
economy_cx_lowest="C3"

# wireless
wlans_wpi0="wlan0"
ifconfig_wlan0="WPA DHCP"

# Hardware Abstraction Layer daemon
hald_enable="YES"

# Desktop Bus daemon
dbus_enable="YES"

# Network Time Protocol daemon
ntpd_enable="YES"
ntpd_sync_on_start="YES"

# disable sendmail
sendmail_enable="NONE"

# trackpad scrolling
moused_enable="YES"
moused_flags="-V"

/etc/devd.conf

The device state change daemon (devd) “provides a way to have userland programs run when certain kernel events happen.” Furthermore, “whenever a device is added to or removed from the device tree, devd will execute actions specified in devd.conf” (1). The /etc/devd.conf file, therefore, is the configuration file for the devd daemon.

Open it with

# vim /etc/devd.conf

and change the section to look like the following

# /etc/devd.conf

notify 10 {
        match "system" "ACPI";
        match "subsystem” "IBM";
        match "notify” "0x04";
        action "/usr/sbin/acpiconf -s 3";
};

/etc/devfs.conf

With /etc/devfs.conf we can we can “set ownership and permissions, or create links for devices that are available at boot.” It holds “boot-time devfs configuration information” (2).

Open it with

# vim /etc/devfs.conf

then add

# /etc/devfs.conf

# allow all users to access CDs
perm /dev/acd0 0666
perm /dev/acd1 0666
perm /dev/cd0 0666
perm /dev/cd1 0666

# allow all USB devices to be mounted
perm /dev/da0 0666
perm /dev/da1 0666
perm /dev/da2 0666
perm /dev/da3 0666
perm /dev/da4 0666

# misc devices
# perm /dev/pass0 0666
# perm /dev/xpt0 0666
# perm /dev/agpart 0666
# perm /dev/uscanner0 066

/etc/fstab

Then there’s the /etc/fstab file which comprises “static information about the file systems” (3).

Open it with

# vim /etc/fstab

and add a line for the /cdrom, but keep it inactive by inserting it as a comment since it’s not normally attached to the laptop

# /etc/fstab

# /dev/acd0 /cdrom cd9660 ro,noauto 0 0

User configuration

In this section, we’ll deal with the main user’s configuration files. These files add a personal touch to everything from text editor to window manager.

Dotfiles

Before carrying on, Git needs to be installed to get the dotfiles from the Git repositories. To install Git, do

# pkg_add -r git

Up next is cloning the repositories and creating appropriate symlinks in the main user’s home directory. To start, we need to change user from root to the normal user account. This can be done with

# su - <username>

As the normal user, grab oh-my-zsh from GitHub,

% git clone git://github.com/robbyrussell/oh-my-zsh.git ~/.oh-my-zsh

create a directory to save the dotfiles

% mkdir -p ~/scm/git/dotfiles; cd ~/scm/git/dotfiles

then clone the repositories

% git clone git://repo.no/dotfiles/Xdefaults.git
% git clone git://repo.no/dotfiles/git.git
% git clone git://repo.no/dotfiles/oh-my-zsh.git
% git clone git://repo.no/dotfiles/scrotwm.git
% git clone git://repo.no/dotfiles/xmonad.git

change directory to ~/.

% cd

then add appropriate symlinks to ~/.

% ln -s scm/git/dotfiles/Xdefaults/Xdefaults .Xdefaults
% ln -s scm/git/dotfiles/git/gitconfig .gitconfig
% ln -s scm/git/dotfiles/git/gitignore .gitignore
% ln -s scm/git/dotfiles/oh-my-zsh/zshrc .zshrc
% ln -s scm/git/dotfiles/scrotwm/scrotwm.conf .scrotwm.conf

Create the directory and the symbolic link needed for the xmonad configuration file

% mkdir ~/.xmonad
% ln -s /home/username/scm/git/dotfiles/xmonad/xmonad.hs .xmonad/xmonad.hs

Clone the xinitrc repository making sure to get the correct branch depending on what window manager you want. For xmonad issue the following

% cd ~/scm/git/dotfiles; git clone git://repo.no/dotfiles/xinitrc.git; cd
% ln -s scm/git/dotfiles/xinitrc/xinitrc .xinitrc

or for scrotwm do

% cd ~/scm/git/dotfiles; git clone -b scrotwm git://repo.no/dotfiles/xinitrc.git; cd
% ln -s scm/git/dotfiles/xinitrc/xinitrc .xinitrc

Switch back to the root user

% exit

Configure Vim

Below we’ll set up Vim with dotfiles for the terminal and the GUI version of the program. Then we’ll install Vundle to handle the Vim plugins. After the plugins have been installed, we create a symlink for the Solarized color scheme to the default theme directory, before we build the Command-T C extension so that the Command-T plugin works correctly.

Switch user from root to the main user account

# su - <username>

Head over to the directory which contains the dotfiles

% cd ~/scm/git/dotfiles

Clone the repository containing the Vim configuration files

% git clone git://repo.no/dotfiles/vim.git

Change directory to ~/.

% cd

Then add appropriate symlinks to ~/.

% ln -s scm/git/dotfiles/vim/vimrc .vimrc
% ln -s scm/git/dotfiles/vim/gvimrc .gvimrc

Setup Vundle

% git clone http://github.com/gmarik/vundle.git ~/.vim/bundle/vundle

Launch Vim, then run

:BundleInstall

Add Solarized color scheme

% ln -s ~/.vim/bundle/vim-colors-solarized/colors ~/.vim/colors

Build the Command-T C extension

% cd ~/.vim/bundle/command-t/ruby/command-t
% ruby extconf.rb
% make

Switch back to the root user

% exit

Reboot

In order for all the new settings to take effect do a quick reboot with

# reboot

Message of the day

Directly after you log in, the contents of /etc/motd (for “message of the day”) is displayed. It’s fun the first few times, but tends to get in the way. To not have the message shown each time you log in with your main account, do

# su - <username> -c 'touch ~/.hushlogin'

Master of ports

The FreeBSD Ports Collection is a package management system for installing third-party software from source. There are many ways to interact with the ports tree, but the programs used below get the job done with minimal fuss.

However, before we continue we need to get a snapshot of the ports tree

# portsnap fetch extract

Portmaster

Portmaster is a tool for managing ports. It uses /var/db/pkg and the ports infrastructure to keep track of what’s installed. Another feature of Portmaster is that it doesn’t depend on other ports, meaning that it can be used with only the base system installed.

Portmaster can be installed by issuing the following commands

# cd /usr/ports/ports-mgmt/portmaster
# make install clean

You can now use Portmaster to install ports. Below is an example that uses whereis to locate “bash,” and then Portmaster to install it

# whereis bash
bash: /usr/ports/shells/bash

# portmaster shells/bash

Portsclean

The Portsclean program helps keep your ports collection tidy. That is, it deletes unneeded files such as work files, distfiles, outdated package files and shared libraries that are not used anymore.

Since Portsclean is part of the Portupgrade port, we need to install Portupgrade by issuing

# portmaster ports-mgmt/portupgrade

Once installed, it’s now possible to clean up the ports collection. To clean all the working directories, distribution files that are no longer referenced by any packages, old libraries, outdated package tarballs and dead symlinks, do

# portsclean -CDLP

Portaudit

In addition to managing ports, there’s also the need to check for security vulnerabilities on installed programs. The Portaudit program let’s you know if there are any security advisories for packages you’ve got installed.

To install it do

# portmaster ports-mgmt/portaudit

Checking if there are any vulnerabilities is done by running Portaudit like so

# portaudit -Fad

where

  • -F fetches the current database from the FreeBSD servers
  • -a prints the vulnerability report for all installed packages
  • -d gives you the date of the database

(The description of options is from the Portaudit man page.)

Add additional software

Install the scrotwm and xmonad window managers together with the xmonad third party extensions, as well as dmenu (which creates a dynamic menu from stdin items) and unclutter (which hides the mouse cursor in X after a period of inactivity) by issuing

# pkg_add -r hs-xmonad hs-xmonad-contrib scrotwm dmenu unclutter

Next, install a terminal emulator, an OpenSSH key manager, sudo, the Z shell and a screensaver for X with

# pkg_add -r rxvt-unicode keychain sudo zsh xscreensaver

Edit the sudoers file

# visudo

Find the following lines

## Uncomment to allow members of group wheel to execute any command
# %wheel ALL=(ALL) ALL

uncomment it so that it looks like

## Uncomment to allow members of group wheel to execute any command
%wheel ALL=(ALL) ALL

then add the main user to the wheel group with

# pw groupmod wheel -m <username>

Lastly, change the user’s default shell to Zsh with

# su -m <username> -c 'chsh -s /usr/local/bin/zsh'

switching username with the name of your actual user account.

Xorg

Xorg is the open source implementation of the X Window System released by the X.org Foundation. It provides low level functionality desktop environments are designed upon.

Install Xorg with

# pkg_add -r xorg

Have the Xorg server probe for hardware, then write an xorg.conf file based on what was detected.

# Xorg -configure

Move the configuration file to its proper location

# mv /root/xorg.conf.new /etc/X11/xorg.conf

/usr/local/etc/PolicyKit/PolicyKit.conf

PolicyKit is a framework for handling authorization of privileged operations, such as mounting volumes. Below, which is a copy of PC-BSD’s PolicyKit.conf file, all members of the operator group can mount removable media.

<config version="0.1">
  <define_admin_auth group="operator"/>

  <match action="org.freedesktop.hal.storage.mount-removable">
    <return result="yes"/>
  </match>

  <match action="org.freedesktop.hal.storage.mount-fixed">
    <return result="yes"/>
  </match>

  <match action="org.freedesktop.hal.storage.eject">
    <return result="yes"/>
  </match>
</config>

Add the user to the operator group with

# pw groupmod operator -m <username>

switching username with the name of the actual user account.

PolicyKit relies on /proc entries so this needs to be mounted. Without it, mounting volumes as described above won’t work. Edit /etc/fstab agin with

# vim /etc/fstab

and add the following line

proc            /proc           procfs  rw      0       0

Start X

Start an X session as the normal user with

% startx

Fonts

Install fonts

% sudo portmaster x11-fonts/urwfonts x11-fonts/urwfonts-ttf x11-fonts/freefonts \
x11-fonts/freefont-ttf x11-fonts/webfonts x11-fonts/liberation-fonts-ttf

Open /etc/X11/xorg.conf with

% sudo vim /etc/X11/xorg.conf

In the “Modules” section add the following

Section "Module"
  Load "freetype"
EndSection

and then in the “Files” section add

Section "Files"
        FontPath     "/usr/local/lib/X11/fonts/freefont/"
        FontPath     "/usr/local/lib/X11/fonts/freefont-ttf/"
        FontPath     "/usr/local/lib/X11/fonts/urwfonts-ttf"
        FontPath     "/usr/local/lib/X11/fonts/webfonts/"
        FontPath     "/usr/local/lib/X11/fonts/Liberation/"
        FontPath     "/usr/local/lib/X11/fonts/URW/"
EndSection

Restart X.

Mouse theme

Install the neutral cursor theme

% sudo portmaster x11-themes/cursor-neutral-theme

The theme will be enabled the next time X is started because we’ve already configured .Xdefaults to load it with the line Xcursor.theme: neutral.

Screensaver

Configure the XScreenSaver by issuing the following command

% xscreensaver-demo

then select the mode “Blank Screen Only” and “Lock Screen After 0 minutes” in the display modes tab.

Enable power management under “Advanced”, and set up the display power management with “Standby After 30 minutes,” “Suspend After 40 minutes,” and “Off After 50 Minutes.”

Disable “Fade to Black when Blanking” so that the screen immediately turns black when the screen saver activates or when the screen is locked (with MOD-Shift-l).

Sound volume

Set the sound volume with

% mixer vol 90:90
% mixer pcm 90:90

Wireless with wpa_gui

Now it’s time to configure the wireless network. We’ll do that with the wpa_gui program which is a graphical front end to wpa_supplicant. Install it with

# pkg_add -r wpa_gui

Configure it by issuing the following

% echo '
ctrl_interface=/var/run/wpa_supplicant
ctrl_interface_group=wheel
update_config=1
' > /etc/wpa_supplicant.conf

The above settings basically says where to save socket files, which group members can access the control interface file and, finally, that network information should be saved to wpa_supplicant.conf.

Change the file permissions to prevent other users from reading it since the file contains passwords

% chmod 640 /etc/wpa_supplicant.conf

Web browser

Here we’ll first install the latest version of the Firefox web browser. When it’s been installed, we’ll move on to getting the Flash plugin set up. Then we’ll remove the download complete notification Firefox gives us by default.

Install Firefox

Get the latest version of Firefox from the ports tree (this will take a while to compile)

% sudo portmaster www/firefox

Install the Flash plugin

Load the Linux module into the kernel

% sudo kldload linux

Open /etc/rc.conf

# sudo vim /etc/rc.conf

and add

# enable Linux emulation
linux_enable="YES"

Next, install Linux runtime libraries

% sudo portmaster /usr/ports/emulators/linux_base-f10

Mount the Linux process file system

% sudo mount -t linprocfs linproc /compat/linux/proc

Open /etc/fstab with

% sudo vim /etc/fstab

and add the following

linproc         /compat/linux/proc  linprocfs   rw  0   0

Install the nspluginwrapper (a cross-platform compatibility plugin which enables browsers to run plugins built for a different plattform)

% sudo portmaster www/nspluginwrapper

Then install the flash plugin

% sudo portmaster www/linux-f10-flashplugin10

Create the /usr/local/lib/browser_plugins/ directory and add a symlink

% sudo mkdir /usr/local/lib/browser_plugins/
% sudo ln -s /usr/local/lib/npapi/linux-f10-flashplugin/libflashplayer.so \
  /usr/local/lib/browser_plugins/

Finally, install the plugin as a regular user

% nspluginwrapper -v -a -i

Flash tends to leave behind the ‘npviewer.bin’ process which can consume a lot of memory. Have a look at the thread in the FreeBSD Forums titled Flash leaving behind npviewer.bin ‘stuff’ for ideas on how to kill the process regularly. Specifically posts number five and six.

Disable the “Download complete” notification

To disable the notification when downloads in Firefox completes, type the following in the location bar and hit enter

about:config

Find

browser.download.manager.showAlertOnComplete

Double-click it to change its value to “false.”

TeXLive

To install TeXLive from the FreeBSD-TeXLive repository, we’ll need a tool for handling several ports trees. Portshaker is such a tool, so we’ll go ahead and install it first. Make sure that TEXLIVE is selected, and that BSDSHARP is unchecked.

% sudo portmaster ports-mgmt/portshaker-config

When the installation completes do

% sudo portshaker -v

The FreeBSD-TeXLive repository is now available in /usr/ports/print. A good idea is to download all the packages first to avoid stops when compiling. This is done in the following manner

% cd /usr/ports/print/texlive-scheme-full
% sudo make fetch-recursive

When you start getting “size mismatch errors”, try running portshaker again to make sure everything is up-to-date. If that doesn’t solve it, find an updated mirror at http://mirrors.ctan.org and download the mismatched files from there.

Install texlive-scheme-full with

% sudo portmaster -D --no-confirm print/texlive-scheme-full

To keep the TeXLive repository updated, portshaker needs to be run periodically like so

% sudo portshaker -v

Bear in mind that if you use Portshaker with multiple ports trees, you need to run the above command instead of using portsnap fetch update.

Afterword

This post relies heavily on the work of others, especially the “System configuration” section which is based on How to install and configure a FreeBSD 8 Desktop with Xorg and KDE? by Jared Barneck, FreeBSD 8.1 on ThinkPad X60 by Lyubomir Grigorov, Installing FreeBSD 7 (i386) on a ThinkPad T43 from the ThinkWiki and FreeBSD on the Lenovo Thinkpad X60s by Michael Cardell Widerkrantz.

In terms of getting wireless up and running, FreeBSD Wireless – Configuring a wireless interface on FreeBSD 8.1 by Jared Barneck was a tremendous help.

Installing TeXLive would have been a much more painfull experience had it not been for the FreeBSD ports for TeXLive Wiki and the teXlive port from the FreeBSD Forums.

In addition, I sincerely recommend reading the FreeBSD Handbook as well as Adding, Deleting, and Managing Software which goes into great detail into explaining packages and ports on FreeBSD.