Kernel_Killer
October 24th, 2005, 12:59
has anyone successfully run FreeBSD on a Soekris? I've run across a lot of how-tos, but all of them being a very sloppy way in many variations. Nothing clean at all, and also leaving the OS pretty top-heavy. Does anyone know of a better method, or at least a method that worked, so that I can develop something that isn't so long-winded?

Strog
October 24th, 2005, 22:19
There's some projects ( m0n0BSD (http://m0n0.ch/bsd/)/m0n0wall (http://m0n0.ch/wall/)/pfSense (http://www.pfsense.org) /wifiBSD (http://www.wifibsd.org)/etc. ) that would be a good starting point but each has it's goals and might not fit what you are trying to accomplish. These are usually either older (i.e. stable) releases or riding the cutting edge with lots of things up in the air. It would definitely be nice to have something like flashdist (http://www.nmedia.net/~chris/soekris/) for FreeBSD so you can build off stable releases when you want.


There's a couple options out there to build your own images:

PicoBSD (http://www.freebsd.org/cgi/cvsweb.cgi/src/release/picobsd/) and I don't mean the premade images on the website built off FreeBSD 3.x tree (http://people.freebsd.org/~picobsd/picobsd.html). PicoBSD has been sitting in the source tree waiting to be built and most people didn't even realize it was there. It might not be all polished up but it might be a good place to start building.

miniBSD (https://neon1.net/misc/minibsd.html) could be another starting point. I first found this when it was included with an early version of the freesbie (http://www.freesbie.org) port (sysutils/freesbie). I used it to make a nice small (28mb if my memory serves) image to use for a Jail. It's not included with freesbie anymore but it's just scripts that you can grab from the website.

TinyBSD (http://www.tinybsd.org/tinybsd) is something I ran across in ports (sysutils/tinybsd) while writing this post. I don't really know anything about it beyond what the description says. It appears to be targetting RELENG_5 and RELENG_6 on embedded systems so it might be promising.

I'm guess you've already seen most (all?) of this but hopefully it will get some people thinking about it. :wink:

Kernel_Killer
October 25th, 2005, 10:14
Yeah, I'm looking for a method that doesn't consist of setting up the box to pxeboot, and run a remote install. IMO, that's a pretty weak way to run a Soekris install. So far I'm dropping files onto a flash, and going to do a few more tries of getting it bootable. Only thing I think I'm missing is the small MBR on the CF. I'll keep posting my progress, but probably on Journal instead.

Strog
October 25th, 2005, 23:45
The whole pxeboot is optional from what I've seen. It's supposed to speed the process because you can test images faster since you don't have to write images and transfer the media. It's still running a finished image, not an install (at least what I've been looking at).

I installed the tinyBSD port on my 5-STABLE box and tried it out. I used a 128MB USB pen drive for my test instead of a CF card. A diskinfo -v gives me the drive parameters to enter. I run it with the parameters, image I was building (firewall this test) and output file name. It builds a custom kernel, copies the files to the image and drops an image file in the directory.

You can mount the image with mdconfig and add/tweak/etc. the image to your hearts content. I used dd to write the image to the usb pen drive and hooked it up to a newer laptop from work. It boots up just fine but couldn't mount the drive. A quick look shows me that there isn't da(direct access) support in the kernel I used. It's using 21,806K on the firewall config without any tweaking and there's a ton of options in the kernel that you wouldn't need on a Soekris box. I might just go ahead and fix this kernel since this usb drive has been gathering dust since I got a 1Gb one for work. :wink:

Here's (http://strog.org/docs/tree.txt) a text file with the file listing on the firewall image. There's some stuff that could be scoured from this image to whittle it down some more. There's also a minimal config and others to play with.

Strog
October 26th, 2005, 10:16
I mounted the usb drive on my desktop and dropped my full kernel on there instead of the trimmed down one instead of going to bed. :rolleyes:

It booted up fine, mounted the drive and had a few issues ( generating ssh keys, etc.) because of being read only. I remounted it rw and set a root password, generated ssh keys, etc. and put it back to read only. Next boot came up pretty as can be. Obviously I made this a little more complicated using a USB drive instead of a compact flash since I had to add USB, direct access, passthrough, etc. to the kernel. I could have mounted the image and chrooted into it to make all the config changes before I even wrote the image.

I'm definitely going to build some Jails using TinyBSD as the base starting point. Should a be a farily small clean starting point instead of building a full Jail and stripping it.

I'll definitely keep playing with this USB key and adding apps to it. I think I'll borrow some Freesbie startup scripts and other ideas to make it more flexible.

Strog
November 6th, 2005, 00:00
I figured since FreeBSD 6.0 went stable/release that I would try setting up some jails. TinyBSD is just a script so I commented the kernel build since I don't really need a kernel in a jail. This saves a lot of time since I was just going to throw out the kernel and I didn't want to sit and wait for it to build. It wouldn't be hard to drop a custom or full kernel on the image if I want to use this on my USB drive or a flash drive.

I used the default image and the example image file size (60mb-ish) since I was going to use it on a hard drive in the end anyway. I ended up with 21Mb (no kernel) for my jail and it still has sshd, named, etc. in it. I added perl, couple irc clients, vim-lite and a few other things and it's over 90Mb now but my old jails were 135Mb before I added anything to them so I think this is slicker. The minimal image is around 14Mb w/ a kernel but it doesn't have sshd in it. There's a few other configurations that are probably in between the minimal and default images.

I set PREFIX=/path/to/jail/usr/local and PKG_DBDIR=/path/to/jail/var/db/pkg. This installed my ports directly into the jail and created pkgdb entries so it can be updated later. This should simplify keeping the jails up to date since you don't have to have all the files in the jail to support portupgrade, pkg_add, etc. This added 1.1Mb to my 90Mb-ish jail to have the pkgdb in there. My old jails used to have portupgrade, etc. and they grew to a larger size than I cared for.

This is looking pretty good so far and I can see a lot I can do with it. I have a lot to do to finish it up but I have a really solid starting point now. :biggrin:

Kernel_Killer
November 6th, 2005, 06:10
Looks like it's time to develop a better method for this. Drop the needed files in, set a rc.conf, alter the booting options, generate the ssh keys, set pass, and drop your mini-kernel in. Nice to see there are some other ways, but still it seems to be a lack of a project dedicated to Net or FreeBSD for Soekris installs. Not saying it's not being done, but for high production, these are not options.

Now that I'm officially off vacation, I believe I will start on such a project.