FreeBSD 12 as an alternative to the Linux desktop

Packages

The terminal is the linchpin in controlling and customizing FreeBSD, and it offers few surprises for experienced Linux users. FreeBSD's command set is very similar to Linux's, so you can use the common Linux commands in FreeBSD as well.

FreeBSD has features similar to Linux for installing additional software. Since the system installation including the desktop has virtually nothing in the way of additional programs, you can customize the installation to suit your own needs. The result is a lean and resource-saving system. However, even everyday users will spend a large amount of time adding applications, because there is no graphical front end to browse through the package sources.

The two common forms of software installation on FreeBSD are direct integration using prepared binary packages and sourcing the available ports. You can import binary packages from the repositories into the system using the pkg install package_name command. Ports, on the other hand, consist of makefiles and fixups, so you have to compile them from the source with a "recipe".

To retrieve the Ports collection, use the portsnap command. With the appropriate parameters, portsnap lets you download compressed snapshots of the file archive from the Internet and store them in the /usr/ports/ directory (Listing 3, first three lines). The programs can then be installed from the ports directories using the make install clean command sequence. If required, you can enter application-specific parameters for compiling after the make command.

Listing 3

portsnap Command

 

The last two lines of Listing 3 build the Filezilla FTP client from the source code and install it on the FreeBSD system. The make script automatically loads the dependencies required by the application and builds them at the same time. Especially when building the first ports, the system has to install numerous tools.

In the meantime, prompts for special options continually pop up on screen – asking you, for example, whether you want to build the documentation at the same time. You will not typically need to adjust anything and can simply press OK to close the dialog. The whole process takes more than 20 minutes even on a faster computer.

The FreeBSD project provides a well maintained manual with detailed documentation on ports and the software installation process [5]. The project shows which ports are available under which names in the web-based Ports collection, which fortunately has a search function [6].

Security

FreeBSD is considered an extremely secure operating system on server systems, and for good reason. The FreeBSD distribution provides multiple firewalls that all work at kernel level. The syntax of the packet filter firewall (Pf for short), which is ubiquitous in the BSD universe, is similar to the syntax of Ipfilter. The Netfilter/Iptables firewall used on Linux does not support FreeBSD. As with Linux, the packet filter firewall is controlled by easy-to-read rules.

FreeBSD also has jails [7] as an interesting security component. Jails are, as the name suggests, isolated instances that enhance the security of the operating system using a modified chroot environment. The virtual prison prevents individual processes from gaining access to resources outside the chroot environment.

Updates

The FreeBSD community keeps its system up to date. There are no fixed patch days for FreeBSD, as there are for other operating systems. The security and general system updates (which also include updates to new major and minor versions) are installed using the freebsd-update command (Figure 5) and corresponding options (Listing 4). If an update shows unwanted side effects, the last set of changes can be rolled back with freebsd-update rollback.

Listing 4

Installing an Update

 

Figure 5: The FreeBSD update routine has many options.

You can customize the update using the /etc/freebsd-update.conf configuration file. The configuration file is where you will find, for example, the IgnorePaths option, which lets you exclude certain directories from the update process. This setting prevents manual changes to the system from being overwritten by an update.

If you enter freebsd-update cron in /etc/crontab, you can automate the update process to execute once a day in the background. In this case, the process mails information on the updates and notes on system security to the root user. You can either read the mails using the spartan mail command or install a text-based email client like Mutt or Alpine (Figure 6). Comprehensive documentation [8] is available for the functions of the update tool.

Figure 6: The system mails important information about updates and status to the root account. You can read the information with text-based mail clients such as Alpine.

Buy this article as PDF

Express-Checkout as PDF
Price $2.95
(incl. VAT)

Buy Linux Magazine

SINGLE ISSUES
 
SUBSCRIPTIONS
 
TABLET & SMARTPHONE APPS
Get it on Google Play

US / Canada

Get it on Google Play

UK / Australia

Related content

  • Going Places

    As the FreeBSD Foundation approaches its 20th anniversary, we talk to its top brass about the project's growing visibility in the open source ecosystem.

  • This Month's DVD

    FreeBSD 12.0 and Ubuntu MATE 18.10

  • This Month's DVD

    FreeBSD 12.2 and GhostBSD

  • Free Software Projects

    Free software covers such a diverse range of utilities, applications, and other assorted projects that it can be hard to find the perfect tool. We pick the best of the bunch. This month we look at IPodder, FreeBSD 6, and SynCE.

  • This Month's DVD

    Linux Mint MATE 20.3 and FreeBSD 13.1

comments powered by Disqus
Subscribe to our Linux Newsletters
Find Linux and Open Source Jobs
Subscribe to our ADMIN Newsletters

Support Our Work

Linux Magazine content is made possible with support from readers like you. Please consider contributing when you’ve found an article to be beneficial.

Learn More

News