Category Archives: Unix/Linux

Changing a User’s Password on FreeBSD

Before getting into how to change a user’s password on FreeBSD, let’s have a quick revision on how that can be done on a Linux system.

As a user we can change the password by typing:

$ passwd
Changing password for user kenno.
Changing password for kenno.
Current password: 
...

Or with a root account, we can change/set the password for another user:

# passwd kenno
Changing password for user kenno.
New password: 
...

How about a FreeBSD? It should be the same way as how it’s done on Linux right? Right? Well, not quite.

On a FreeBSD system, in addition to run the passwd command, we also need to generate the password databases to be “in sync” with the plain text files.

# pwd_mkdb /etc/master.passwd

You can learn more about both passwd and pwd_mkdb, by running:

$ man passwd
$ man pwd_mkdb

Ref: Can’t change user password

FreeBSD upgrade pool ‘zroot’

Today I successfully upgraded my FreeBSD home nas server from 10.3 to 11.0. This is the final release of version 11.0, though the official announcement is expected to be made on September 28.

After the system upgrade, I need to also upgrade the 2 zpools (tank and zroot) so they can have new features. Upgrading tank was easy, all I needed to do was running this command:

# zpool upgrade tank
This system supports ZFS pool feature flags.

Enabled the following features on 'tank':
  sha512
  skein

For zroot, in addition to running the above command (by replacing the actually zpool name to zroot), I also need to update the boot code.

root@nas:~ # zpool upgrade zroot
This system supports ZFS pool feature flags.

Enabled the following features on 'zroot':
  sha512
  skein

If you boot from pool 'zroot', don't forget to update boot code.
Assuming you use GPT partitioning and da0 is your boot disk
the following command will do it:

        gpart bootcode -b /boot/pmbr -p /boot/gptzfsboot -i 1 da0

What’s the boot code? Good question. Not sure what it is, I’ll find out later by reading the FreeBSD document.

The boot disk in my server is not da0. How do we find out what it is?

root@nas:~ # gpart show
=>       34  125045357  ada4  GPT  (60G)
         34       1024     1  freebsd-boot  (512K)
       1058    4194304     2  freebsd-swap  (2.0G)
    4195362  120850029     3  freebsd-zfs  (58G)

In my case, it’s ada4, and the partition the boot sits on is ada4p1.
So, I can now proceed to update the boot code:

root@nas:~ # gpart bootcode -b /boot/pmbr -p /boot/gptzfsboot -i 1 ada4
partcode written to ada4p1
bootcode written to ada4

Reboot the machine, and voilla it’s “still” working.

FreeBSD git fatal: Unable to find remote helper for ‘https’

I just found out that git is not fully functional on my FreeBSD (11) box. It was installed from port (using portmaster git). I can clone a repo using SSH key, but not with HTTPS.

I’m not quite sure if it’s always been this way. Here is how to fix it:

1) Reinstall curl

# pkg remove curl
# portmaster curl

2) Reinstall git

# pkg remove git
# portmaster git

Why did I install git from port? Well, ‘cuz there is no binary package for FreeBSD 11 arm, which runs on my Raspberry Pi B+.

Installing Pip with Python 3.5 on FreeBSD

Here is a quick note serves as a self-reminder on how to get pip working or installed on FreeBSD 10.3.

# pkg install python35

There is no package for pip, at least at the time of this writing, on FreeBSD. To have it install, run the following command:

# python3.5 -m ensurepip

While you’re at it, you might as well update pip:

# pip3.5 install --upgrade pip

Thanks to this post in the FreeBSD forum: https://forums.freebsd.org/threads/52702/.

PF firewall rule for DNS server

A reminder to readers, most of these blog posts are to remind me what I have done or fixed some problems. What works for me may not work for you. Most of the time, they aren’t even the best practice.

Here’s a snippet of the PF firewall rule on my FreeBSD box which acts as a DNS server. Basically, the firewall opens up UDP port 53 to allow LAN access it.

ext_if = "ue0"
...
pass in on $ext_if proto udp from 192.168.1.0/24 to any port 53 keep state

Reference: IPFW rules for DNS Resolvers