DragonFlyBSD

DragonFly BSD is a UNIX-like operating system, forked from FreeBSD 4.8 in 2003 by Matthew Dillon, diverges from other BSDs with unique features like the HAMMER2 filesystem, virtual kernels, advanced SMP optimization, and SSD caching to enhance performance and efficiency.

• Latest Version: 6.4.0
• Previous Version: 6.2.2
• Release Cycle: 6 to ~12 months
• Primary Focus: Performance

Objectives of this document

Get an overview of DragonFlyBSD, starting with version 5.8.3:

• Configuring network
• Installing nginx
• Configuring the firewall
• Updating the system
• Upgrading the system to 6.4.0

Context

• Virtual Machine Setup: Oracle VirtualBox
• Resources: 10GB storage, 1GB RAM
• Network Configuration:
  • NETWORK: 192.168.1.0/24
  • GATEWAY: 192.168.1.1
  • DNS: 8.8.8.8, 8.8.4.4

Installation release (5.8.3)

ISO: https://mirror-master.dragonflybsd.org/iso-images/dfly-x86_64-5.8.3_REL.iso.bz2 (255 MB)

Installation Note

• Installer: installer, a Bourne shell script, the source code is available at https://gitweb.dragonflybsd.org/dragonfly.git/blob/HEAD:/usr.sbin/installer/installer/installer.sh

• Default install

• Disk Layout: ad0, auto (Hammer2)

• Hostname: dfbsd.local

• Network Interface: em0, configured via DHCP

• Root: password set

• SSH: enabled by default (password auth disabled -> PasswordAuthentication no)

Shutdown the box

Type:shutdown -p now

Configuring the network

The hostname

Change the hostname and apply now:hostname dfbsd.lab.local

To keep the change at startup, you need to add|modify the file /etc/rc.conf:hostname="dfbsd.lab.local"

For a Static IP Address (IP: 192.168.1.26):

Set the static IP address modifying the file /etc/rc.conf:ifconfig_em0="inet 192.168.1.26/24"
defaultrouter="192.168.1.1"

Resolving DNS, change the file /etc/resolv.conf:nameserver 8.8.8.8
nameserver 8.8.4.4
lookup file bind

Restart the network stack to apply the changes:pkill dhclient # if necessary (pgrep dhclient)
service netif restart
service routing restart

DHCP Configuration:

Change the file /etc/rc.conf:ifconfig_hn0="DHCP"
defaultrouter="NO"

Restart the network stack to apply the changes:service netif restart
service routing restart
dhclient em0

Don't forget to change your /etc/hosts file.

Finally, check the result with: ifconfig em0

Adding a User

You can interactively use the command:adduser

The hard way:

To add a user named admin:pw user add -m -n admin

To allow admin to use sufor administration: pw group mod wheel -m admin

Assign a password to admin:passwd admin

Check the results with: id admin

You can now use ssh to administrate the box remotely:ssh admin@IP_ADDRESS

If you can't access the remote host using ssh, just apply the following:

Change the file /etc/ssh/sshd_config:PasswordAuthentication yes

Restart sshd: service sshd restart

Sudo?

DragonFlyBSD does not include sudo or doas by default.

Before being able to do that, you need to get root access using the command:suThen update your pkg database:pkg update && pkg upgrade

If any of the above commands fail, run the following:cp /usr/local/etc/pkg/repos/df-latest.conf.sample /usr/local/etc/pkg/repos/df-latest.confThen, retry both commands.

And finally install sudo: pkg install sudo

Or If you prefer to use doas:pkg install doas

Alternatively, you can use the built-insu For example:su root -c "pkg update && pkg upgrade"

Installing nginx

Let's install nginx:pkg install nginx

The configuration file is here: /usr/local/etc/nginx/nginx.conf

No need to tune it. It is enough for our test.

By default the root web directory is /usr/local/www/nginx.

Configuring Daemons

Enable nginx at startup and start it:rcenable nginx

You can manage the nginx daemon: service nginx start|stop|etc.

Creating an HTML File

cd /usr/local/www/nginx
mv index.html index.html.backup
echo '<h1>It works!</h1>' > index.html

You can now browse the test page from another computer by navigating to http://<IP_ADDRESS>.

Configuring the Firewall

DragonFlyBSD has three firewalls built into the base system: IPFW, IPFW3(gets regular updates) and PF.

We will use PF:rcenable pf

Logging support for PF is provided by pflog(4):rcenable pflog

Change the file /etc/pf.conf (allow only ping/ssh/www from anywhere):set skip on lo0
block log all
pass in on em0 inet proto icmp all icmp-type echoreq
pass in on em0 inet proto tcp from any to any port {ssh, www}
pass out

Updating the System

You need to upgrade.

Upgrading DragonFlyBSD

To upgrade from version 5.8.3 to 6.4.0:

Upgrade the userland and kernel by following the -STABLE branch:cd /usr
make src-create
cd /src
git checkout DragonFly_RELEASE_6_4
git pull
#
# Read carefully /usr/src/UPDATING.
#
make build-all
make install-all
reboot

Upgrade the packages:pkg upgrade -f
pkg autoremove
reboot

You can check your version, using: uname -a

Then, If everything works fine, you can finally rebuild the rescue system with:cd /usr/src && make initrd

Disk usage (sample)

Type: df -hThe results:Filesystem Size Used Avail Capacity Mounted on
serno/VB3874f423-9fac53ce.s1d 6812M 5078M 1734M 75% /
devfs 1024B 1024B 0B 100% /dev
/dev/serno/VB3874f423-9fac53ce.s1a 1022M 737M 203M 78% /boot
/build/usr.obj 6812M 5078M 1734M 75% /usr/obj
/build/var.crash 6812M 5078M 1734M 75% /var/crash
/build/var.cache 6812M 5078M 1734M 75% /var/cache
/build/var.spool 6812M 5078M 1734M 75% /var/spool
/build/var.log 6812M 5078M 1734M 75% /var/log
/build/var.tmp 6812M 5078M 1734M 75% /var/tmp
tmpfs 239M 0B 239M 0% /tmp
procfs 4096B 4096B 0B 100% /proc
tmpfs 239M 0B 239M 0% /var/run/shm

What else?

The kernel (generally -> /boot/kernel/kernel):sysctl kern.bootfile

Hypervisor: nvmm(4)

Default MTA: sendmail

Pros vs. Cons

Pros

• HAMMER2 filesystem
• Virtual kernels
• SMP performance
• swapcache

Cons

• slower release cycle
• documentation is somewhat lacking