BaseTools¶
Einleitung¶
In diesem HowTo beschreibe ich Schritt für Schritt die Installation einiger Tools (Ports / Packages / Pakete) welche auf keinem FreeBSD 64 Bit BaseSystem auf einem dedizierten Server fehlen sollten.
Unsere BaseTools werden am Ende folgende Dienste umfassen.
- sudo 1.9.17p2
- bind-tools 9.20.20
- QEMU GuestAgent 10.2.1
- cloud-init 25.2
- smartmontools 7.5
- wget 1.25.0
- GIT 2.53.0
- GnuPG 2.4.9
- SQLite 3.50.4
- Subversion 1.14.5
- Nano 8.7.1
Voraussetzungen¶
Zu den Voraussetzungen für dieses HowTo siehe bitte: Remote Installation
Einloggen und zu root werden¶
PowerShell
putty -ssh -P 2222 -i "${Env:USERPROFILE}\VirtualBox VMs\FreeBSD\ssh\id_ed25519.ppk" admin@127.0.0.1
Software installieren¶
Wir installieren security/sudo und dessen Abhängigkeiten.¶
Bash
mkdir -p /var/db/ports/security_sudo
cat <<'EOF' > /var/db/ports/security_sudo/options
_OPTIONS_READ=sudo-1.9.17p2
_FILE_COMPLETE_OPTIONS_LIST=AUDIT DISABLE_AUTH DISABLE_ROOT_SUDO DOCS EXAMPLES INSULTS LDAP NLS NOARGS_SHELL OPIE PAM PYTHON SSL GSSAPI_BASE GSSAPI_HEIMDAL GSSAPI_MIT
OPTIONS_FILE_UNSET+=AUDIT
OPTIONS_FILE_UNSET+=DISABLE_AUTH
OPTIONS_FILE_UNSET+=DISABLE_ROOT_SUDO
OPTIONS_FILE_UNSET+=DOCS
OPTIONS_FILE_UNSET+=EXAMPLES
OPTIONS_FILE_SET+=INSULTS
OPTIONS_FILE_UNSET+=LDAP
OPTIONS_FILE_SET+=NLS
OPTIONS_FILE_SET+=NOARGS_SHELL
OPTIONS_FILE_UNSET+=OPIE
OPTIONS_FILE_SET+=PAM
OPTIONS_FILE_UNSET+=PYTHON
OPTIONS_FILE_SET+=SSL
OPTIONS_FILE_UNSET+=GSSAPI_BASE
OPTIONS_FILE_UNSET+=GSSAPI_HEIMDAL
OPTIONS_FILE_UNSET+=GSSAPI_MIT
EOF
portmaster -w -B -g -U --force-config security/sudo -n
Wir konfigurieren sudo und erlauben Mitgliedern der Gruppe wheel beliebige Kommandos als beliebiger User auszuführen.
Bash
cat <<'EOF' > /usr/local/etc/sudoers
# ------------------------------
# Secure sudoers for FreeBSD 15 Hardened
# ------------------------------
# Include additional sudoers.d files
# (makes management easier without editing main file)
# Directory must be 0750, owned by root:wheel
Defaults!/usr/local/sbin/visudo env_keep += "SUDO_EDITOR EDITOR VISUAL"
Defaults secure_path="/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin"
# Enable logging
Defaults logfile="/var/log/sudo.log"
Defaults log_input
Defaults log_output
Defaults requiretty # only allow sudo from TTY
# Security hardening
Defaults env_reset # reset environment
Defaults env_keep = "TZ PATH EDITOR PAGER" # allow only safe vars
Defaults !visiblepw # do not prompt for password on stdin
Defaults targetpw # Ask for the password of the target user
Defaults passprompt = "%p's password:"
# Unrestrict use for root
root ALL = (ALL:ALL) NOPASSWD:ALL
# Restrict use to specific users
# Replace 'admin' with your actual admin account
admin ALL = (ALL:ALL) NOPASSWD:ALL
joeuser ALL = (ALL:ALL) NOPASSWD:ALL
# Example of a group-based rule (wheel group)
%wheel ALL = (ALL:ALL) ALL
# Disable dangerous commands for non-admins
# Cmnd_Alias DANGEROUS = /bin/su, /bin/sh, /usr/bin/passwd
# %staff ALL = (ALL) ALL, !DANGEROUS
# Include additional per-host sudoers
# (keeps main file minimal)
@includedir /usr/local/etc/sudoers.d
EOF
cat <<'EOF' > /usr/local/etc/sudoers.d/20_joeuser
joeuser ALL = (ALL:ALL) NOPASSWD:ALL
EOF
chmod 440 /usr/local/etc/sudoers.d/*
Wir installieren dns/bind-tools und dessen Abhängigkeiten.¶
Bash
mkdir -p /var/db/ports/devel_fstrm
cat <<'EOF' > /var/db/ports/devel_fstrm/options
_OPTIONS_READ=fstrm-0.6.1
_FILE_COMPLETE_OPTIONS_LIST=DOCS DOXYGEN
OPTIONS_FILE_UNSET+=DOCS
OPTIONS_FILE_UNSET+=DOXYGEN
EOF
mkdir -p /var/db/ports/devel_libevent
cat <<'EOF' > /var/db/ports/devel_libevent/options
_OPTIONS_READ=libevent-2.1.12
_FILE_COMPLETE_OPTIONS_LIST=OPENSSL THREADS
OPTIONS_FILE_SET+=OPENSSL
OPTIONS_FILE_SET+=THREADS
EOF
mkdir -p /var/db/ports/devel_protobuf-c
cat <<'EOF' > /var/db/ports/devel_protobuf-c/options
_OPTIONS_READ=protobuf-c-1.5.1
_FILE_COMPLETE_OPTIONS_LIST=DOCS DOXYGEN
OPTIONS_FILE_UNSET+=DOCS
OPTIONS_FILE_UNSET+=DOXYGEN
EOF
mkdir -p /var/db/ports/devel_liburcu
cat <<'EOF' > /var/db/ports/devel_liburcu/options
EOF
mkdir -p /var/db/ports/dns_bind-tools
cat <<'EOF' > /var/db/ports/dns_bind-tools/options
_OPTIONS_READ=bind-tools-9.20.20
_FILE_COMPLETE_OPTIONS_LIST=DNSTAP FIXED_RRSET IDN LARGE_FILE GSSAPI_BASE GSSAPI_HEIMDAL GSSAPI_MIT GSSAPI_NONE
OPTIONS_FILE_SET+=DNSTAP
OPTIONS_FILE_UNSET+=FIXED_RRSET
OPTIONS_FILE_SET+=IDN
OPTIONS_FILE_UNSET+=LARGE_FILE
OPTIONS_FILE_UNSET+=GSSAPI_BASE
OPTIONS_FILE_UNSET+=GSSAPI_HEIMDAL
OPTIONS_FILE_UNSET+=GSSAPI_MIT
OPTIONS_FILE_SET+=GSSAPI_NONE
EOF
portmaster -w -B -g -U --force-config dns/bind-tools -n
Wir installieren emulators/qemu@guestagent und dessen Abhängigkeiten.¶
Bash
mkdir -p /var/db/ports/devel_glib20
cat <<'EOF' > /var/db/ports/devel_glib20/options
_OPTIONS_READ=glib-2.84.4
_FILE_COMPLETE_OPTIONS_LIST=DOCS MANPAGES NLS TEST
OPTIONS_FILE_UNSET+=DOCS
OPTIONS_FILE_SET+=MANPAGES
OPTIONS_FILE_SET+=NLS
OPTIONS_FILE_UNSET+=TEST
EOF
mkdir -p /var/db/ports/textproc_py-docutils
cat <<'EOF' > /var/db/ports/textproc_py-docutils/options
_OPTIONS_READ=py311-docutils-0.21.2
_FILE_COMPLETE_OPTIONS_LIST=PYGMENTS
OPTIONS_FILE_SET+=PYGMENTS
EOF
mkdir -p /var/db/ports/emulators_qemu
cat <<'EOF' > /var/db/ports/emulators_qemu/options
_OPTIONS_READ=qemu-guest-agent-10.2.1
_FILE_COMPLETE_OPTIONS_LIST=DOCS STRIP
OPTIONS_FILE_UNSET+=DOCS
OPTIONS_FILE_SET+=STRIP
EOF
portmaster -w -B -g -U --force-config emulators/qemu@guestagent -n
Wir installieren net/cloud-init und dessen Abhängigkeiten.¶
Bash
mkdir -p /var/db/ports/devel_py-babel
cat <<'EOF' > /var/db/ports/devel_py-babel/options
_OPTIONS_READ=py311-Babel-2.18.0
_FILE_COMPLETE_OPTIONS_LIST=DOCS
OPTIONS_FILE_UNSET+=DOCS
EOF
mkdir -p /var/db/ports/devel_py-Jinja2
cat <<'EOF' > /var/db/ports/devel_py-Jinja2/options
_OPTIONS_READ=py311-Jinja2-3.1.6
_FILE_COMPLETE_OPTIONS_LIST=BABEL EXAMPLES
OPTIONS_FILE_SET+=BABEL
OPTIONS_FILE_UNSET+=EXAMPLES
EOF
mkdir -p /var/db/ports/devel_py-pyyaml
cat <<'EOF' > /var/db/ports/devel_py-pyyaml/options
_OPTIONS_READ=py311-pyyaml-6.0.3
_FILE_COMPLETE_OPTIONS_LIST=EXAMPLES LIBYAML
OPTIONS_FILE_UNSET+=EXAMPLES
OPTIONS_FILE_SET+=LIBYAML
EOF
mkdir -p /var/db/ports/www_py-requests
cat <<'EOF' > /var/db/ports/www_py-requests/options
_OPTIONS_READ=py311-requests-2.32.5
_FILE_COMPLETE_OPTIONS_LIST=SOCKS
OPTIONS_FILE_SET+=SOCKS
EOF
mkdir -p /var/db/ports/net_py-urllib3
cat <<'EOF' > /var/db/ports/net_py-urllib3/options
_OPTIONS_READ=py311-urllib3-2.6.3
_FILE_COMPLETE_OPTIONS_LIST=BROTLI H2 SOCKS ZSTD
OPTIONS_FILE_SET+=BROTLI
OPTIONS_FILE_SET+=H2
OPTIONS_FILE_SET+=SOCKS
OPTIONS_FILE_SET+=ZSTD
EOF
mkdir -p /var/db/ports/comms_py-pyserial
cat <<'EOF' > /var/db/ports/comms_py-pyserial/options
_OPTIONS_READ=py311-pyserial-3.5
_FILE_COMPLETE_OPTIONS_LIST=EXAMPLES
OPTIONS_FILE_UNSET+=EXAMPLES
EOF
mkdir -p /var/db/ports/security_py-oauthlib
cat <<'EOF' > /var/db/ports/security_py-oauthlib/options
_OPTIONS_READ=py311-oauthlib-3.3.1
_FILE_COMPLETE_OPTIONS_LIST=RSA SIGNALS SIGNEDTOKEN
OPTIONS_FILE_SET+=RSA
OPTIONS_FILE_SET+=SIGNALS
OPTIONS_FILE_SET+=SIGNEDTOKEN
EOF
mkdir -p /var/db/ports/security_py-cryptography
cat <<'EOF' > /var/db/ports/security_py-cryptography/options
_OPTIONS_READ=py311-cryptography-46.0.5
_FILE_COMPLETE_OPTIONS_LIST=SSH
OPTIONS_FILE_UNSET+=SSH
EOF
mkdir -p /var/db/ports/www_py-pyjwt
cat <<'EOF' > /var/db/ports/www_py-pyjwt/options
_OPTIONS_READ=py311-pyjwt-2.11.0
_FILE_COMPLETE_OPTIONS_LIST=CRYPTO
OPTIONS_FILE_SET+=CRYPTO
EOF
mkdir -p /var/db/ports/net_py-urllib3
cat <<'EOF' > /var/db/ports/net_py-urllib3/options
_OPTIONS_READ=py311-urllib3-2.6.3
_FILE_COMPLETE_OPTIONS_LIST=BROTLI H2 SOCKS ZSTD
OPTIONS_FILE_SET+=BROTLI
OPTIONS_FILE_SET+=H2
OPTIONS_FILE_SET+=SOCKS
OPTIONS_FILE_SET+=ZSTD
EOF
portmaster -w -B -g -U --force-config net/cloud-init -n
Wir installieren sysutils/smartmontools und dessen Abhängigkeiten.¶
Bash
mkdir -p /var/db/ports/sysutils_smartmontools
cat <<'EOF' > /var/db/ports/sysutils_smartmontools/options
_OPTIONS_READ=smartmontools-7.5
_FILE_COMPLETE_OPTIONS_LIST=DOCS
OPTIONS_FILE_UNSET+=DOCS
EOF
portmaster -w -B -g -U --force-config sysutils/smartmontools -n
Wir konfigurieren smartmontools.
Bash
sed -e 's/^DEVICESCAN/#DEVICESCAN/' /usr/local/etc/smartd.conf.sample > /usr/local/etc/smartd.conf
echo '/dev/nvme0 -d nvme -a -o on -S on -s (S/../.././02|L/../../6/03)' >> /usr/local/etc/smartd.conf
echo '/dev/nvme1 -d nvme -a -o on -S on -s (S/../.././02|L/../../6/03)' >> /usr/local/etc/smartd.conf
sysrc smartd_enable=YES
Die /etc/periodic.conf wird um folgenden Inhalt erweitert.
Bash
cat <<'EOF' >> /etc/periodic.conf
daily_status_smart_enable="YES"
daily_status_smart_devices="/dev/nvme0 /dev/nvme1"
EOF
Wir installieren security/expiretable und dessen Abhängigkeiten.¶
Wir installieren ftp/wget und dessen Abhängigkeiten.¶
Bash
mkdir -p /var/db/ports/ftp_wget
cat <<'EOF' > /var/db/ports/ftp_wget/options
_OPTIONS_READ=wget-1.25.0
_FILE_COMPLETE_OPTIONS_LIST=DOCS IDN IPV6 MANPAGES METALINK NLS NTLM PCRE2 PSL GNUTLS OPENSSL
OPTIONS_FILE_UNSET+=DOCS
OPTIONS_FILE_SET+=IDN
OPTIONS_FILE_SET+=IPV6
OPTIONS_FILE_SET+=MANPAGES
OPTIONS_FILE_UNSET+=METALINK
OPTIONS_FILE_SET+=NLS
OPTIONS_FILE_UNSET+=NTLM
OPTIONS_FILE_SET+=PCRE2
OPTIONS_FILE_SET+=PSL
OPTIONS_FILE_UNSET+=GNUTLS
OPTIONS_FILE_SET+=OPENSSL
EOF
portmaster -w -B -g -U --force-config ftp/wget -n
Wir installieren databases/sqlite3 und dessen Abhängigkeiten.¶
Bash
mkdir -p /var/db/ports/databases_sqlite3
cat <<'EOF' > /var/db/ports/databases_sqlite3/options
_OPTIONS_READ=sqlite3-3.50.4
_FILE_COMPLETE_OPTIONS_LIST=ARMOR DBPAGE DBSTAT DIRECT_READ DQS EXAMPLES EXTENSION FTS3_TOKEN FTS4 FTS5 LIKENOTBLOB MEMMAN METADATA NORMALIZE NULL_TRIM RBU SECURE_DELETE SORT_REF STATIC STMT STRIP TCL THREADS TRUSTED_SCHEMA UNKNOWN_SQL UNLOCK_NOTIFY UPDATE_LIMIT URI URI_AUTHORITY TS0 TS1 TS2 TS3 STAT3 STAT4 LIBEDIT READLINE SESSION OFFSET SOUNDEX GEOPOLY RTREE RTREE_INT ICU UNICODE61
OPTIONS_FILE_UNSET+=ARMOR
OPTIONS_FILE_SET+=DBPAGE
OPTIONS_FILE_SET+=DBSTAT
OPTIONS_FILE_SET+=DIRECT_READ
OPTIONS_FILE_UNSET+=DQS
OPTIONS_FILE_UNSET+=EXAMPLES
OPTIONS_FILE_SET+=EXTENSION
OPTIONS_FILE_SET+=FTS3_TOKEN
OPTIONS_FILE_SET+=FTS4
OPTIONS_FILE_SET+=FTS5
OPTIONS_FILE_UNSET+=LIKENOTBLOB
OPTIONS_FILE_UNSET+=MEMMAN
OPTIONS_FILE_SET+=METADATA
OPTIONS_FILE_UNSET+=NORMALIZE
OPTIONS_FILE_UNSET+=NULL_TRIM
OPTIONS_FILE_UNSET+=RBU
OPTIONS_FILE_SET+=SECURE_DELETE
OPTIONS_FILE_UNSET+=SORT_REF
OPTIONS_FILE_UNSET+=STATIC
OPTIONS_FILE_UNSET+=STMT
OPTIONS_FILE_SET+=STRIP
OPTIONS_FILE_UNSET+=TCL
OPTIONS_FILE_SET+=THREADS
OPTIONS_FILE_UNSET+=TRUSTED_SCHEMA
OPTIONS_FILE_UNSET+=UNKNOWN_SQL
OPTIONS_FILE_SET+=UNLOCK_NOTIFY
OPTIONS_FILE_UNSET+=UPDATE_LIMIT
OPTIONS_FILE_SET+=URI
OPTIONS_FILE_UNSET+=URI_AUTHORITY
OPTIONS_FILE_UNSET+=TS0
OPTIONS_FILE_SET+=TS1
OPTIONS_FILE_UNSET+=TS2
OPTIONS_FILE_UNSET+=TS3
OPTIONS_FILE_UNSET+=STAT3
OPTIONS_FILE_UNSET+=STAT4
OPTIONS_FILE_SET+=LIBEDIT
OPTIONS_FILE_UNSET+=READLINE
OPTIONS_FILE_SET+=SESSION
OPTIONS_FILE_UNSET+=OFFSET
OPTIONS_FILE_UNSET+=SOUNDEX
OPTIONS_FILE_UNSET+=GEOPOLY
OPTIONS_FILE_SET+=RTREE
OPTIONS_FILE_UNSET+=RTREE_INT
OPTIONS_FILE_SET+=ICU
OPTIONS_FILE_SET+=UNICODE61
EOF
portmaster -w -B -g -U --force-config databases/sqlite3 -n
Wir installieren devel/git und dessen Abhängigkeiten.¶
Bash
mkdir -p /var/db/ports/security_p5-Authen-SASL
cat <<'EOF' > /var/db/ports/security_p5-Authen-SASL/options
_OPTIONS_READ=p5-Authen-SASL-2.1900
_FILE_COMPLETE_OPTIONS_LIST=KERBEROS
OPTIONS_FILE_UNSET+=KERBEROS
EOF
mkdir -p /var/db/ports/security_p5-IO-Socket-SSL
cat <<'EOF' > /var/db/ports/security_p5-IO-Socket-SSL/options
_OPTIONS_READ=p5-IO-Socket-SSL-2.098
_FILE_COMPLETE_OPTIONS_LIST=CERTS EXAMPLES IDN
OPTIONS_FILE_SET+=CERTS
OPTIONS_FILE_UNSET+=EXAMPLES
OPTIONS_FILE_SET+=IDN
EOF
mkdir -p /var/db/ports/security_p5-Net-SSLeay
cat <<'EOF' > /var/db/ports/security_p5-Net-SSLeay/options
_OPTIONS_READ=p5-Net-SSLeay-1.94
_FILE_COMPLETE_OPTIONS_LIST=EXAMPLES
OPTIONS_FILE_UNSET+=EXAMPLES
EOF
mkdir -p /var/db/ports/textproc_xmlto
cat <<'EOF' > /var/db/ports/textproc_xmlto/options
_OPTIONS_READ=xmlto-0.0.28
_FILE_COMPLETE_OPTIONS_LIST=DOCS DBLATEX FOP PASSIVETEX
OPTIONS_FILE_UNSET+=DOCS
OPTIONS_FILE_UNSET+=DBLATEX
OPTIONS_FILE_UNSET+=FOP
OPTIONS_FILE_UNSET+=PASSIVETEX
EOF
mkdir -p /var/db/ports/misc_getopt
cat <<'EOF' > /var/db/ports/misc_getopt/options
_OPTIONS_READ=getopt-2.41.3
_FILE_COMPLETE_OPTIONS_LIST=EXAMPLES
OPTIONS_FILE_UNSET+=EXAMPLES
EOF
mkdir -p /var/db/ports/textproc_xmlcatmgr
cat <<'EOF' > /var/db/ports/textproc_xmlcatmgr/options
_OPTIONS_READ=xmlcatmgr-2.2
_FILE_COMPLETE_OPTIONS_LIST=DOCS
OPTIONS_FILE_UNSET+=DOCS
EOF
mkdir -p /var/db/ports/textproc_docbook-xsl
cat <<'EOF' > /var/db/ports/textproc_docbook-xsl/options
_OPTIONS_READ=docbook-xsl-1.79.1
_FILE_COMPLETE_OPTIONS_LIST=DOCS ECLIPSE EPUB EXTENSIONS HIGHLIGHTING HTMLHELP JAVAHELP PROFILING ROUNDTRIP SLIDES TEMPLATE TESTS TOOLS WEBSITE XHTML11
OPTIONS_FILE_UNSET+=DOCS
OPTIONS_FILE_SET+=ECLIPSE
OPTIONS_FILE_SET+=EPUB
OPTIONS_FILE_SET+=EXTENSIONS
OPTIONS_FILE_SET+=HIGHLIGHTING
OPTIONS_FILE_SET+=HTMLHELP
OPTIONS_FILE_SET+=JAVAHELP
OPTIONS_FILE_SET+=PROFILING
OPTIONS_FILE_SET+=ROUNDTRIP
OPTIONS_FILE_SET+=SLIDES
OPTIONS_FILE_SET+=TEMPLATE
OPTIONS_FILE_UNSET+=TESTS
OPTIONS_FILE_SET+=TOOLS
OPTIONS_FILE_SET+=WEBSITE
OPTIONS_FILE_SET+=XHTML11
EOF
mkdir -p /var/db/ports/textproc_libxml2
cat <<'EOF' > /var/db/ports/textproc_libxml2/options
_OPTIONS_READ=libxml2-2.15.2
_FILE_COMPLETE_OPTIONS_LIST=ICU MANPAGES READLINE STATIC THREAD_ALLOC HTTP ZLIB
OPTIONS_FILE_SET+=ICU
OPTIONS_FILE_SET+=MANPAGES
OPTIONS_FILE_SET+=READLINE
OPTIONS_FILE_UNSET+=STATIC
OPTIONS_FILE_UNSET+=THREAD_ALLOC
OPTIONS_FILE_SET+=HTTP
OPTIONS_FILE_SET+=ZLIB
EOF
mkdir -p /var/db/ports/textproc_libxslt
cat <<'EOF' > /var/db/ports/textproc_libxslt/options
_OPTIONS_READ=libxslt-1.1.45
_FILE_COMPLETE_OPTIONS_LIST=CRYPTO PLUGINS STATIC
OPTIONS_FILE_SET+=CRYPTO
OPTIONS_FILE_SET+=PLUGINS
OPTIONS_FILE_UNSET+=STATIC
EOF
mkdir -p /var/db/ports/security_libgcrypt
cat <<'EOF' > /var/db/ports/security_libgcrypt/options
_OPTIONS_READ=libgcrypt-1.12.0
_FILE_COMPLETE_OPTIONS_LIST=DOCS INFO STATIC
OPTIONS_FILE_UNSET+=DOCS
OPTIONS_FILE_UNSET+=INFO
OPTIONS_FILE_UNSET+=STATIC
EOF
mkdir -p /var/db/ports/security_libgpg-error
cat <<'EOF' > /var/db/ports/security_libgpg-error/options
_OPTIONS_READ=libgpg-error-1.59
_FILE_COMPLETE_OPTIONS_LIST=DOCS NLS TEST
OPTIONS_FILE_UNSET+=DOCS
OPTIONS_FILE_SET+=NLS
OPTIONS_FILE_UNSET+=TEST
EOF
mkdir -p /var/db/ports/www_w3m
cat <<'EOF' > /var/db/ports/www_w3m/options
_OPTIONS_READ=w3m-0.5.6
_FILE_COMPLETE_OPTIONS_LIST=DOCS INLINE_IMAGE JAPANESE KEY_LYNX NLS
OPTIONS_FILE_UNSET+=DOCS
OPTIONS_FILE_UNSET+=INLINE_IMAGE
OPTIONS_FILE_UNSET+=JAPANESE
OPTIONS_FILE_UNSET+=KEY_LYNX
OPTIONS_FILE_SET+=NLS
EOF
mkdir -p /var/db/ports/devel_boehm-gc
cat <<'EOF' > /var/db/ports/devel_boehm-gc/options
_OPTIONS_READ=boehm-gc-8.2.10
_FILE_COMPLETE_OPTIONS_LIST=DEBUG DOCS
OPTIONS_FILE_UNSET+=DEBUG
OPTIONS_FILE_UNSET+=DOCS
EOF
mkdir -p /var/db/ports/devel_libatomic_ops
cat <<'EOF' > /var/db/ports/devel_libatomic_ops/options
_OPTIONS_READ=libatomic_ops-7.10.0
_FILE_COMPLETE_OPTIONS_LIST=DOCS
OPTIONS_FILE_UNSET+=DOCS
EOF
mkdir -p /var/db/ports/devel_git
cat <<'EOF' > /var/db/ports/devel_git/options
_OPTIONS_READ=git-2.53.0
_FILE_COMPLETE_OPTIONS_LIST=CONTRIB CURL DOCS GITWEB ICONV NLS PCRE2 PERL SEND_EMAIL SUBTREE
OPTIONS_FILE_SET+=CONTRIB
OPTIONS_FILE_SET+=CURL
OPTIONS_FILE_UNSET+=DOCS
OPTIONS_FILE_UNSET+=GITWEB
OPTIONS_FILE_SET+=ICONV
OPTIONS_FILE_SET+=NLS
OPTIONS_FILE_SET+=PCRE2
OPTIONS_FILE_SET+=PERL
OPTIONS_FILE_SET+=SEND_EMAIL
OPTIONS_FILE_SET+=SUBTREE
EOF
portmaster -w -B -g -U --force-config devel/git -n
Wir installieren security/gnupg und dessen Abhängigkeiten.¶
Bash
mkdir -p /var/db/ports/security_pinentry
cat <<'EOF' > /var/db/ports/security_pinentry/options
_OPTIONS_READ=pinentry-1.3.2
_FILE_COMPLETE_OPTIONS_LIST= EFL FLTK GNOME GTK2 NCURSES QT5 QT6 TTY
OPTIONS_FILE_UNSET+=EFL
OPTIONS_FILE_UNSET+=FLTK
OPTIONS_FILE_UNSET+=GNOME
OPTIONS_FILE_UNSET+=GTK2
OPTIONS_FILE_SET+=NCURSES
OPTIONS_FILE_UNSET+=QT5
OPTIONS_FILE_UNSET+=QT6
OPTIONS_FILE_UNSET+=TTY
EOF
mkdir -p /var/db/ports/security_pinentry-tty
cat <<'EOF' > /var/db/ports/security_pinentry-tty/options
EOF
mkdir -p /var/db/ports/security_gnupg
cat <<'EOF' > /var/db/ports/security_gnupg/options
_OPTIONS_READ=gnupg-2.4.9
_FILE_COMPLETE_OPTIONS_LIST=DOCS GNUTLS LARGE_RSA LDAP NLS SCDAEMON SUID_GPG WKS_SERVER
OPTIONS_FILE_UNSET+=DOCS
OPTIONS_FILE_UNSET+=GNUTLS
OPTIONS_FILE_UNSET+=LARGE_RSA
OPTIONS_FILE_UNSET+=LDAP
OPTIONS_FILE_SET+=NLS
OPTIONS_FILE_UNSET+=SCDAEMON
OPTIONS_FILE_UNSET+=SUID_GPG
OPTIONS_FILE_UNSET+=WKS_SERVER
EOF
portmaster -w -B -g -U --force-config security/gnupg -n
Wir installieren devel/subversion und dessen Abhängigkeiten.¶
Bash
mkdir -p /var/db/ports/archivers_liblz4
cat <<'EOF' > /var/db/ports/archivers_liblz4/options
_OPTIONS_READ=liblz4-1.10.0
_FILE_COMPLETE_OPTIONS_LIST=TEST
OPTIONS_FILE_UNSET+=TEST
EOF
mkdir -p /var/db/ports/devel_apr1
cat <<'EOF' > /var/db/ports/devel_apr1/options
_OPTIONS_READ=apr-1.7.6.1.6.3
_FILE_COMPLETE_OPTIONS_LIST=IPV6 BDB1 BDB5 BDB18 SSL NSS GDBM LDAP MYSQL NDBM ODBC PGSQL SQLITE
OPTIONS_FILE_SET+=IPV6
OPTIONS_FILE_UNSET+=BDB1
OPTIONS_FILE_SET+=BDB5
OPTIONS_FILE_UNSET+=BDB18
OPTIONS_FILE_SET+=SSL
OPTIONS_FILE_UNSET+=NSS
OPTIONS_FILE_UNSET+=GDBM
OPTIONS_FILE_UNSET+=LDAP
OPTIONS_FILE_UNSET+=MYSQL
OPTIONS_FILE_SET+=NDBM
OPTIONS_FILE_UNSET+=ODBC
OPTIONS_FILE_UNSET+=PGSQL
OPTIONS_FILE_UNSET+=SQLITE
EOF
mkdir -p /var/db/ports/textproc_utf8proc
cat <<'EOF' > /var/db/ports/textproc_utf8proc/options
_OPTIONS_READ=utf8proc-2.11.3
_FILE_COMPLETE_OPTIONS_LIST=DOCS
OPTIONS_FILE_UNSET+=DOCS
EOF
mkdir -p /var/db/ports/www_serf
cat <<'EOF' > /var/db/ports/www_serf/options
_OPTIONS_READ=serf-1.3.10
_FILE_COMPLETE_OPTIONS_LIST=DOCS GSSAPI_BASE GSSAPI_HEIMDAL GSSAPI_MIT
OPTIONS_FILE_UNSET+=DOCS
OPTIONS_FILE_UNSET+=GSSAPI_BASE
OPTIONS_FILE_UNSET+=GSSAPI_HEIMDAL
OPTIONS_FILE_UNSET+=GSSAPI_MIT
EOF
mkdir -p /var/db/ports/devel_subversion
cat <<'EOF' > /var/db/ports/devel_subversion/options
_OPTIONS_READ=subversion-1.14.5
_FILE_COMPLETE_OPTIONS_LIST=BDB DOCS GPG_AGENT NLS SASL SERF SVNSERVE_WRAPPER TEST TOOLS
OPTIONS_FILE_SET+=BDB
OPTIONS_FILE_UNSET+=DOCS
OPTIONS_FILE_SET+=GPG_AGENT
OPTIONS_FILE_SET+=NLS
OPTIONS_FILE_UNSET+=SASL
OPTIONS_FILE_SET+=SERF
OPTIONS_FILE_UNSET+=SVNSERVE_WRAPPER
OPTIONS_FILE_UNSET+=TEST
OPTIONS_FILE_SET+=TOOLS
EOF
portmaster -w -B -g -U --force-config devel/subversion -n
Wir installieren editors/nano und dessen Abhängigkeiten.¶
Bash
mkdir -p /var/db/ports/editors_nano
cat <<'EOF' > /var/db/ports/editors_nano/options
_OPTIONS_READ=nano-8.7.1
_FILE_COMPLETE_OPTIONS_LIST=DOCS EXAMPLES NLS
OPTIONS_FILE_UNSET+=DOCS
OPTIONS_FILE_UNSET+=EXAMPLES
OPTIONS_FILE_SET+=NLS
EOF
portmaster -w -B -g -U --force-config editors/nano -n
Wenn wir ein Programm nicht kennen, dann finden wir zu jedem Port eine Datei pkg-descr, die eine kurze Beschreibung sowie (meistens) einen Link zur Projekt-Homepage der Software enthält. Für smartmontools zum Beispiel würden wir die Beschreibung unter /usr/ports/sysutils/smartmontools/pkg-descr finden.
Software updaten¶
Warning
Da wir die Pakete/Ports nicht als vorkompilierte Binary-Pakete installieren sondern selbst kompilieren, müssen wir natürlich auch die Updates der Ports selbst kompilieren. Um uns das dazu notwendige Auflösen der Abhängigkeiten und etwas Tipparbeit zu ersparen, überlassen wir dies künftig einfach einem kleinen Shell-Script. Dieses Script können wir einfach mittels update-ports ausführen und es erledigt dann folgende Arbeiten für uns:
- Aktualisieren des Portstree mittels
git - Anzeigen neuer Einträge in
/usr/ports/UPDATING - Ermitteln der zu aktualisierenden Ports und deren Abhängigkeiten
- Aktualisieren der Ports und Abhängigkeiten mittels portmaster
- Aufräumen des Portstree und der Distfiles mittels portmaster
Wie geht es weiter?¶
Viel Spass mit den neuen FreeBSD BaseTools.