Tuesday, January 19, 2016

FreeBSD: configuring sudo

- In order to use the sudo program, it's necessary to log in as root and execute the following command to edit sudo configuration file:

sudo visudo

which is basically editing the configuration file /usr/local/etc/sudoers using vi text editor.

- To allow the admin user to use sudo program, the following line was added:

admin ALL=(ALL) ALL

- This is a very basic and straightforward configuration. For more options and security, it must be enhanced later on depending on your operating system configuration and purpose.


FreeBSD: easy way to find and install ports

- Use the command whereis to find ports e.g. sudo:

root@FreeBSD:/ # whereis sudo
sudo: /usr/ports/security/sudo

- cd into /usr/ports and use command make search name=program name

root@FreeBSD:/usr/ports # make search name=sudo
Port:   sudo-1.8.15
Path:   /usr/ports/security/sudo
Info:   Allow others to run commands as root
Maint:  garga@FreeBSD.org
B-deps: expat-2.1.0_3 gettext-runtime-0.19.6 gettext-tools-0.19.6 indexinfo-0.2.4
R-deps: gettext-runtime-0.19.6 indexinfo-0.2.4
WWW:    http://www.sudo.ws/

- Installing sudo:

cd /usr/ports/security/sudo/ && make install clean

FreeBSD Virtual Machine: Installing VMware tools

Following the VMware documentation on how to "Manually Install or Upgrade VMware Tools in a FreeBSD Virtual Machine"

Prerequisite: Perl must be installed in the guest operating system (see previous post).

FreeBSD Virtual Machine: Ports / Installing Perl

One of the ways to install additional software in the FreeBSD system is with ports. Here is a brief explanation on how to download the "ports tree" and install one of then (perl).

1. Use the portsnap command to download the ports tree into the local system:

portsnap fetch extract

2. The ports tree will be created under "/usr/ports/". Once it is populated with all the makefiles and patches, any of the ports can be installed by doing the following e.g. perl:

cd /usr/ports/lang/perl5.20/ && make install clean

3. At last, check whether the installation was successful:

perl -v

Sunday, January 17, 2016

FreeBSD Virtual Machine: Resizing and Growing Disks - VMware ESXi

Just for training purpose, I've decided to increase the virtual machine disk size from the default 21Gb to 32Gb, just by following the handbook guide. It would give the VM more run for FreeBSD ports and give a change to play around with disk resizing.

Error while using FreeBSD virtual image file in VMware ESXi host

While sniffing around FreeBSD ports collection using my fresh install of FreeBSD in ESXI virtual machine (refer to previous post),  I got an error while fetching the ports tree using the below command:

portsnap fetch extract 

Message from esxi_host: The operation on the file "/vmfs/devices/deltadisks/32b6d029-FreeBSD-10.2-RELEASE-amd64-s001.vmdk" failed (14 (Bad address)). The file system where disk "/vmfs/devices/deltadisks/32b6d029-FreeBSD-10.2-RELEASE-amd64-s001.vmdk" resides is full. Select button.retry to attempt the operation again. Select button.abort to end the session.

Now how to solve this issue?

Wednesday, January 13, 2016

FreeBSD 10.2-RELEASE as a virtual machine - VMware 6.0

The plan was to deploy a FreeBSD virtual machine in the ESXI 6 to play around and learn more about this operating system. My previous experience was with FreeNAS, which is based on the FreeBSD.

The minimum work to have a FreeBSD virtual machine up and running in my home lab:

Sunday, January 3, 2016

Allow ping (Echo request) in Kaspersky and Windows firewall

  • When using the Kaspersky (in my case, the internet security variant), in order to allow incoming Ping from same subnet or any address, the following Packet Rule must be added manually under Settings ->Protection -> Firewall -> Configure packet rules:

There is also a corresponding "Network rule template", so no need to fill in all these fields manually.

  • When using Windows Firewall, may be necessary to enable the following inbound rule "File and Printer Sharing (Echo Request - ICMPv4-Out)" for the corresponding profile (Public/Private/Domain):

In my case, a new subnet was added under Properties -> Scope -> Remote IP address in order to allow ping from a different subnet in the same Local Network: