Changes between Version 97 and Version 98 of FreeBSD10_Guide


Ignore:
Timestamp:
Dec 9, 2014, 12:13:58 PM (10 years ago)
Author:
huub
Comment:

--

Legend:

Unmodified
Added
Removed
Modified
  • FreeBSD10_Guide

    v97 v98  
    1515- update scripts to use 'drill' instead of 'dig'
    1616- remove the "rcvar='set_rcvar'" statement from startup scripts in /etc/rc.d/ and /usr/local/etc/rc.d
    17 
    18 ToDo:
    1917- based on FreeBSD-10.1-RELEASE
    2018- [http://unbound.net/ unbound] replaces bind; recursive dns server on standard-node; authorative server for wleiden.net domain on two special servers in the network; [https://calomel.org/unbound_dns.html unbound tutorial]. Unbound optimizes forwarders automatically, so nameservershuffle is no longer needed.
     19- replaced thttpd by [http://httpd.apache.org/ apache-2.4]
     20
     21ToDo:
    2122- Patch unbound for security flaw. The patch is available: http://unbound.net/downloads/patch_cve_2014_8602.diff
    2223Apply this patch with patch -p0 < the_patch_file.
    23 - update captive portal to increase speed: use static html pages or write in C
     24- update captive portal to increase speed: use static html pages and/or rewrite in C
    2425- add 'welcome back' page to captive portal (activated when connection interrupted)
    25 - replace thttpd:light version of [http://httpd.apache.org/ apache-2.4] ? [http://nginx.org/en/ nginx]?
    2626- bsnmp replaces net-snmp
    2727- patch isc-dhcpd (#580.3) or use dnsmasq as dhcpd-server (?)
    28 - wl-web pagina redesign for local users / maintainance
     28- wl-web page redesign for local users / maintainance
    2929- add ssh-guard or no password-login, only keys
    3030- watchdog for critical daemons?
     31- evaluate use of nsd for wleiden.net local domain dns service
     32- get rid of perl (comes with apache24)
    3133
    3234Will keep
     
    3941
    4042
    41 Gradually we are implementing the various changes, starting from the present software configuration (9.0-RELEASE) on FreeBSD10-STABLE with the next generation package management system (pkgng). The procedure to build this 'work-in-progress' nodefactory-host is described below.
     43Gradually we are implementing the various changes, starting from the present software configuration (9.0-RELEASE) on FreeBSD10.1-RELEASE with the next generation package management system (pkgng). The procedure to build this 'work-in-progress' nodefactory-host is described below.
    4244
    4345A [http://svn.wirelessleiden.nl/svn/node-config/genesis/nodes/HybridTestTienThuis/wleiden.yaml test-node-configuration] is available in svn.
    44 This wleiden.yaml file can be used to test the image by installing on an Alix-board with connection to the local network.
     46This wleiden.yaml file can be used to test the image by installing on an Alix-board with connection to the local network. We are also evaluating the new APU-board, see the wiki-page.
    4547
    4648==  A. Setup a FreeBSD host ==
     
    5254Get yourself a fresh i386 freebsd host with ports and subversion installed as follows:
    5355=== A.1. Run the basic CD installer  ===
    54 The procedure below has been tested with 10.0 (standard developer install - no ports -, e.g. with default partitioning will fit our needs). Installing FreeBSD is outside the scope of this document, take a look into [http://www.freebsd.org/doc/en_US.ISO8859-1/books/handbook/bsdinstall.html the FreeBSD handbook Chapter 2 Installing FreeBSD] if you do not know the details.
     56The procedure below has been tested with 10.1 (standard developer install - no ports -, e.g. with default partitioning will fit our needs). Installing FreeBSD is outside the scope of this document, take a look into [http://www.freebsd.org/doc/en_US.ISO8859-1/books/handbook/bsdinstall.html the FreeBSD handbook Chapter 2 Installing FreeBSD] if you do not know the details.
    5557
    5658Please do mind that all commands below need to be executed as root, because of the many mounts and unmounts done in various phases. It maybe convenient to ''' permit ssh root login''' (''modify /etc/ssh/sshd_config'' accordingly).