Creating a NanoBSD Access Point (AP) and Router
  May 01, 2009

NanoBSD is an awesome set of scripts contained in the FreeBSD source tree that enables you to easily prepare and install a custom FreeBSD system for an embedded device. It is also highly optimized for Compact Flash media, providing a Read-Only file system and memory disks for the heavily written mount points, namely /etc and /var, to protect against wear-leveling.

I have provided a number of config files for a NanoBSD system that provides various services to get you started on an overlay of custom files that are geared towards making an AP (access point) out of an ALIX2C2 board from http://pcengines.ch (purchased at NetGate [US]), although these files require minor tweaks if you are using another ALIX board or even completely different hardware (mainly just network device names!).

2010-06-22 I just updated this guide to use the FreeBSD 8.0 tree. There were only minor changes, but keep that in mind if you see undefined behavior!

NanoBSD is a great project that offers the full FreeBSD operating system for embedded devices instead of the ultra trimmed down TinyBSD.

This is not a let-down on TinyBSD. It has it's uses and can even get down to the 8MB range for total disk space. It has it's uses, but can be hard to work with after the image has been flashed onto the device.

This tutorial assumes you have a working FreeBSD system and the ability to console into your embedded board with the RS232 serial interface (or what ever your board uses for that matter!).

The following setup allows for your NanoBSD box to act as a few useful things:

  • Wireless Access Point
  • Gateway/Firewall
  • Name Server
  • Switch (if more then RJ45)
  • DHCP server

FreeBSD Source Tree

Since NanoBSD is contain in the FreeBSD source tree, you will need to make sure you have the source tree on your system. The easiest way is to check if there are files in /usr/src.

If you do have a bunch of files in that directory, you are golden. If you need to get a source tree, or even want to update your existing tree, use csup with a simple config. It comes on FreeBSD by default. man csup for more information.

  1. # vi /etc/csup.conf
  2. *default host=cvsup2.freebsd.org
  3. *default base=/var/db
  4. *default prefix=/usr
  5. # 8.0-STABLE
  6. *default release=cvs tag=RELENG_8
  7. *default delete use-rel-suffix
  8. *default compress
  9. src-all
  10. # csup -g -L2 /etc/csup.conf

NanoBSD Configuration Layout

The NanoBSD configuration system is pretty straight forward. I will briefly go over a few of the default files and directories.

  1. # cd /usr/src/tools/tools/nanobsd
  2. # ls
  3. Files
  4. FlashDevice.sub
  5. nanobsd.sh
  6. --- snip --- snip ---

Everything inside this directory will be dumped over / (the root directory) on the new file system after you copy the NanoBSD image to the media. This is great if you want to prepopulate the /etc or /usr/local/etc directories with prewritten config files or make an extensive overlay. You ideally want to do it now, rather then do it on the actual device.

FlashDevice.sub

This file contains a list of popular flash card media and their respective geometries.

Hopefully, you will have one of the cards listed in this file, but if not there are alternative methods that will inform you of your geometry. Though you can get pretty good information with diskinfo -v /dev/da0, this information is MISLEADING if you are using a USB flash card reader. The umass driver will use a fictitious geometry for the heads and sectors. We will deal with this.

Take a peek and you will get the idea.

  1. $ less FlashDevice.sub
  2. --- snip --- snip ---

You would specify your brand and size in your config file by appending FlashDevice sandisk 1g to your config file.

If you have an ALIX/WRAP board and know how to console in, plug the flash card into the ALIX or WRAP board and notice the info immediately after POST. I would assume you could do this with any device if it spits out similar info.

  1. PC Engines ALIX.3 v0.99
  2. 640 KB Base Memory
  3. 261120 KB Extended Memory
  4. 01F0 Master 848A SanDisk SDCFB-1024
  5. Phys C/H/S 1986/16/63 Log C/H/S 993/32/63

HEADS: 16

SECTORS: 63

MEDIASIZE: 16 * 63 * 1986 = 2001888

Also, a sure way to get around the geometry issue is to get a IDE flash card reader. This allows the flash card to be viewed as a regular IDE harddrive. The one draw back to the IDE flash card reader is that it is not hot-swappable. You must have the flash card in the IDE reader (amazon link) when you boot the computer up.

The use of an IDE flash card reader will cause the drive's device name to be /dev/adXX instead of /dev/daXX.

You can also try looking up the manufacturers data sheet on the device and hopefully it will tell you.

nanobsd.sh

This is the main script that compiles NanoBSD and holds the default configuration options for when the NanoBSD image is compiled and created. These options can be overridden with a custom NanoBSD configuration file, allowing you to hack away at unneeded functionality or customize the build functions to your liking.

Check this file out in your editor to get a feel for what you can hack at to better suit the image for your particular requirements.

  1. # cd /usr/src/tools/tools/nanobsd
  2. # sh nanobsd.sh -h
  3. Usage: ./nanobsd.sh [-bikqvw] [-c config_file]
  4.   -b      suppress builds (both kernel and world)
  5.   -i      suppress disk image build
  6.   -k      suppress buildkernel
  7.   -n      add -DNO_CLEAN to buildworld, buildkernel, etc
  8.   -q      make output more quite
  9.   -v      make output more verbose
  10.   -w      suppress buildworld
  11.   -c      specify config file

Prepare a Kernel

I have trimmed down a GENERIC kernel (/usr/src/sys/i386/conf/GENERIC) to include only the basics. I do, though, include some SCSI stuff because it is a dependency for the USB modules. If you do not plan to use USB, you may comment out those as well.

If you do not have an ALIX board, just comment out the options GEODE line. That is the only thing that really make it "for" an ALIX board.

Note that if you plan on trimming down your own GENERIC kernel, you will often run into compile time errors when you are running your NanoBSD script. Just read the log that it stops on and try to debug as necessary. You might have to add some of what you cut back to the kernel to track down an option or device that is preventing a successfull build. It will be real fun, I promise!

Just to note, you can get some ideas from the kernels in ~/nbsd/src/tools/tools/tinybsd/conf directory (TINYBSD). They might offer some optimizations and ideas for a specific system you had in mind.

If I left something commented out, I figured you might need it. Look at /usr/src/sys/i386/conf/GENERIC for descriptions of these devices and options. If you do not have an ALIX board, you will probably want almost the same config but you will probably need a different ethernet or wireless driver.

Download Full ALIX_USB Config

  1. # cd /usr/src/sys/i386/conf
  2. # vi ALIX_USB
  3. cpu I586_CPU
  4. ident ALIX_USB
  5. options CPU_GEODE
  6.  
  7. options SCHED_4BSD
  8. options INET
  9. #options INET6
  10. options FFS
  11. options SOFTUPDATES
  12. options UFS_DIRHASH
  13. options MD_ROOT
  14. #options NFSCLIENT
  15. #options NFSSERVER
  16. #options NFSLOCKD
  17. #options NFS_ROOT
  18. options MSDOSFS
  19. options CD9660
  20. options PROCFS
  21. options PSEUDOFS
  22. options GEOM_PART_GPT
  23. options GEOM_LABEL
  24. options COMPAT_43TTY
  25. options COMPAT_FREEBSD4
  26. options COMPAT_FREEBSD5
  27. options COMPAT_FREEBSD6
  28. options COMPAT_FREEBSD7
  29. options SYSVSHM
  30. options SYSVMSG
  31. options SYSVSEM
  32. options P1003_1B_SEMAPHORES
  33. options _KPOSIX_PRIORITY_SCHEDULING
  34. options PRINTF_BUFR_SIZE=128
  35. options KBD_INSTALL_CDEV
  36. options HWPMC_HOOKS
  37. options INCLUDE_CONFIG_FILE
  38.  
  39. device pci
  40.  
  41. device ata
  42. device atadisk
  43.  
  44. # SCSI
  45. device scbus
  46. device da
  47. device sa
  48. device cd
  49. device pass
  50. device ses
  51.  
  52. # Serial
  53. device uart
  54.  
  55. # PCI Ethernet
  56. device miibus
  57. device sis # SOEKRIS boards (sub GEODE for ELAN)
  58. device vr # ALIX boards
  59.  
  60. # Wireless
  61. device wlan
  62. options IEEE80211_SUPPORT_MESH
  63. device wlan_wep
  64. device wlan_ccmp
  65. device wlan_tkip
  66. device wlan_amrr
  67. device ath
  68. device ath_hal
  69. options AH_SUPPORT_AR5416
  70. device ath_rate_sample
  71.  
  72. # Pseudo Devices
  73. device loop
  74. device random
  75. device ether
  76. device vlan
  77. device tun
  78. device pty
  79. device mdv
  80. device gif
  81. device faith
  82. device firmware
  83. device bpf
  84.  
  85. # USB
  86. device uhci
  87. device ohci
  88. device ehci
  89. device usb
  90. device umass
  91.  
  92. # Custom
  93. device pf
  94. device pflog
  95. #device pfsync
  96. #device carp
  97.  
  98. #options ALTQ
  99. #options ALTQ_CBQ
  100. #options ALTQ_RED
  101. #options ALTQ_RIO
  102. #options ALTQ_HFSC
  103. #options ALTQ_CDNR
  104. #options ALTQ_PRIQ
  105. #options ALTQ_NOPCC
  106.  
  107. device if_bridge
  108.  
  109. options DEVICE_POLLING

Creating a Custom NanoBSD Configuration File

To customize your NanoBSD installation, override default options outlined in the /usr/src/tools/tools/nanobsd.sh script by creating a config file that consists of variables that you would like to change.

The following is my a typical config for my home routers and will get you started in the right direction. This install leaves a small foot print and gives me a great foundation to work from. If you would like to look at more options, take a peak at /usr/src/tools/tools/nanobsd.sh again and take note of what you want to override.

  1. # cd /usr/src/tools/tools/nanobsd/
  2. # vi accesspoint.nanobsd.conf
  3. # directory under obj to put these files in
  4. NANO_NAME=ACCESSPOINT_1024mb
  5.  
  6. # how many parallel makes during compilation
  7. # rule of thumb: number of cores x2
  8. NANO_PMAKE="make -j 4"
  9.  
  10. # kernel in /usr/src/sys/i386/conf to use
  11. NANO_KERNEL=ALIX_USB
  12.  
  13. # specify arch if you are on amd64
  14. NANO_ARCH="i386"
  15. # how many images to install on disk
  16. NANO_IMAGES=1
  17.  
  18. # Controls the options passed to boot0cfg
  19. # !! important for ALIX boards !!
  20. NANO_BOOT0CFG="-o nopacket -s 1 -m 3"
  21.  
  22. # /cfg size
  23. NANO_CONFSIZE=40960
  24.  
  25. # /etc size
  26. NANO_RAM_ETCSIZE=20480
  27.  
  28. # /tmp size
  29. NANO_RAM_TMPVARSIZE=327680
  30.  
  31. # make.conf knobs for both buildworld & installworld
  32. CONF_WORLD='
  33. #WITHOUT_BIND=YES
  34. WITHOUT_MODULES=YES
  35. WITHOUT_KERBEROS=YES
  36. WITHOUT_GAMES=YES
  37. WITHOUT_RESCUE=YES
  38. WITHOUT_LOCALES=YES
  39. WITHOUT_SYSCONS=YES
  40. WITHOUT_INFO=YES
  41. '
  42.  
  43. # make.conf knobs for buildworld only
  44. CONF_BUILD='
  45. WITHOUT_KLDLOAD=YES
  46. WITHOUT_PAM=YES
  47. '
  48.  
  49. # make.conf knobs for installworld only
  50. CONF_INSTALL='
  51. WITHOUT_ACPI=YES
  52. WITHOUT_BLUETOOTH=YES
  53. WITHOUT_CVS=YES
  54. WITHOUT_FORTRAN=YES
  55. WITHOUT_HTML=YES
  56. WITHOUT_LPR=YES
  57. WITHOUT_MAN=YES
  58. WITHOUT_SENDMAIL=YES
  59. WITHOUT_SHAREDOCS=YES
  60. WITHOUT_EXAMPLES=YES
  61. WITHOUT_CALENDAR=YES
  62. WITHOUT_MISC=YES
  63. WITHOUT_SHARE=YES
  64. '
  65.  
  66. # media definition from FlashDevice.sub
  67. #FlashDevice sandisk 512mb
  68. FlashDevice sandisk 1g
  69.  
  70. #install files from Files
  71. customize_cmd cust_install_files
  72.  
  73. # allow root to login via SSH
  74. customize_cmd cust_allow_ssh_root

Prepare an Overlay of Config Files

Instead of creating a vanilla NanoBSD image, copying it to the disk device, and then going through the hassle of configuring each config file on each live disk, we can create a filesystem hierarchy under /usr/src/tools/tools/nanobsd/Files that gets overlayed on the root filesystem on the NanoBSD image. Consequently, when the NanoBSD image file is created, we are all configured and ready to go!

Note that these files become "defaults" for the read-only filesystem of NanoBSD. For example, if you populate /usr/src/tools/tools/nanobsd/Files/etc or /usr/src/tools/tools/nanobsd/Files/usr/local/etc with custom config files, they will be a permanent part of the read-only filesystem. If you wish to later override these files, you will have a NanoBSD specific directory to place newer custom files (/cfg and /cfg/local which we will get into later) so that when the NanoBSD system is later boot, the newer custom files will be "overlayed" over the default files. Basically, the newer custom files take priority.

If you are confused, hang in there! I am discussing some things we have not gotten to. The above paragraph will make more sense in a few minutes.

/boot/loader.conf

  1. # mkdir /usr/src/tools/tools/nanobsd/Files/boot
  2. # vi /usr/src/tools/tools/nanobsd/Files/boot/loader.conf
  3. comconsole_speed="9600"
  4. console="comconsole"
  5. autoboot_delay="1"

/etc/csh.cshrc

These are aliases I use for fancy ls listing and a few variables to make me feel at home.

  1. # vi /usr/src/tools/tools/nanobsd/Files/etc/csh.cshrc
  2. alias l         ls -GaF
  3. alias ls        ls -GF
  4. alias ll        ls -GaFl
  5. alias vim       vi
  6. setenv EDITOR     vi
  7.  
  8. if ($?prompt) then
  9.    set prompt = "`/bin/hostname -s`# "
  10.    set filec
  11.    set history = 100
  12.    set savehist = 100
  13. endif

/root/sync_cfg

Script I wrote that mirrors /etc and /usr/local/etc to /cfg and /cfg/local, respectively.

  1. # vi ~/sync_cfg
  2. #!/bin/sh
  3.  
  4. # files that you want copied from /etc
  5. ETC="rc.conf pf.conf resolv.conf hosts.conf"
  6.  
  7. # see if there is anything in the /cfg directory
  8. N=`mount | grep /cfg | wc -l | awk '{print $1}'`
  9.  
  10. # mount /cfg if it isn't already
  11. if [ $N -eq 0 ]; then
  12.     echo "### Mounting /cfg"
  13.     mount /cfg
  14. else
  15.     echo "### /cfg already mounted"
  16. fi
  17.  
  18. # used for /usr/local/etc/*
  19. mkdir -p /cfg/local
  20.  
  21. echo "### Copying /usr/local/etc/* to /cfg/local..."
  22. cp -a /usr/local/etc/* /cfg/local
  23.  
  24. echo "### Copying /etc files to /cfg..."
  25. for F in $ETC; do
  26.     FILE=/etc/$F
  27.     if [ -e $FILE ]; then
  28.         cp -af $FILE /cfg
  29.     fi
  30. done
  31.  
  32. # unmount if this program mounted /cfg
  33. if [ $N -eq 0 ]; then
  34. echo "### Unmounting /cfg"
  35.     sleep 3
  36.     umount /cfg
  37. fi
  38.  
  39. echo "### Done!"

/etc/exports

You really only need this if you plan to use a remote ports tree.

The IP is the box with the NFS share of the ports tree

  1. $ vi /usr/src/tools/tools/nanobsd/Files/etc/exports
  2. /usr/ports -maproot=root 10.10.11.1

/etc/hostapd.conf

This file is used to configure authentication mechanisms for IEEE 802.11 (wireless) networks. In the follow case, I did a simple WPA setup..

From the man page: "The hostapd utility is an authenticator for IEEE 802.11 networks. It provides full support for WPA/IEEE 802.11i and can also act as an IEEE 802.1X Authenticator with a suitable backend Authentication Server (typically FreeRADIUS)."

Look at man hostapd and in /usr/share/examples/hostapd/hostapd.conf for further information.

MAKE SURE you do not have any extra spaces after any line in the config file. It will make hostapd fail to start and drive you crazy! ;)

  1. # vi /usr/src/tools/tools/nanobsd/Files/etc/hostapd.conf
  2. # CHANGE WIRELESS INTERFACE (alias)
  3. interface=wlan0
  4. driver=bsd
  5. ctrl_interface=/var/run/hostapd
  6. ctrl_interface_group=wheel
  7. dump_file=/tmp/hostapd.dump
  8. auth_algs=1
  9. # disable logging
  10. logger_syslog=-1
  11. logger_syslog_level=0
  12. logger_stdout=-1
  13. logger_stdout_level=0
  14. debug=2
  15. # CHANGE TO YOUR SSID
  16. ssid=CHANGE_SSID_HERE
  17. wpa=2
  18. # CHANGE TO WPA PASSWORD
  19. wpa_passphrase=CHANGE_PASSWORD_HERE
  20. wpa_key_mgmt=WPA-PSK
  21. wpa_pairwise=CCMP TKIP

/etc/motd

You can make some cool ASCII art or something, but I usually just clobber it so I don't have to see the MOTD every time I log in.

  1. # touch /usr/src/tools/tools/nanobsd/Files/etc/motd

/etc/pf.conf

This is super basic config to get you going, bt feel free to prepopluate yours with a more extensive rule set. :)

OpenBSD hosts a great resource if you want to look more into the power of pf (packet filter firewall)

  1. # vi /usr/src/tools/tools/nanobsd/Files/etc/pf.conf
  2. wan_if="vr0"       # CHANGE WIRED INTERFACE
  3. wifi_if="wlan0"    # CHANGE WIRELESS INTERFACE
  4. #lan_if="vr1"      # UNCOMMENT AND CHANGE IF LAN INTERFACE
  5.  
  6.  
  7. ##### options
  8. ########################################
  9. set skip on lo
  10.  
  11. ##### scrub
  12. ########################################
  13. scrub in all
  14.  
  15. ##### nat
  16. ########################################
  17. nat on $wan_if from !($wan_if) to any -> ($wan_if:0)
  18.  
  19.  
  20. ##### translation
  21. ########################################
  22. # bit torrent example (also ALLOW these ports in filtering)
  23. #rdr on $wan_if proto {tcp,udp} from any to any port 6881:6999 -> 10.10.11.230
  24.  
  25. ########################################
  26. ##### filtering
  27. ########################################
  28. antispoof quick for { lo $wan_if }
  29.  
  30. ### WAN interface (block all incoming, later allow specific access)
  31. block in on $wan_if
  32. pass out on $wan_if
  33.  
  34. ### WIFI interface
  35. pass in on $wifi_if
  36. pass out on $wifi_if
  37.  
  38. ### LAN interface
  39. #pass in on $lan_if
  40. #pass out on $lan_if
  41.  
  42. # example to allow access to SSHd and a Web Server on #WAN_IF
  43. pass in on $wan_if proto tcp from any to any port 22
  44. pass in on $wan_if proto tcp from any to any port 80

/etc/rc.conf

It can come in handy knowing the IP address of the box when it boots up. Since SSHd is enabled here, we should be able to plug into the LAN port, put your IP in the same range, and SSH in the embedded board... bypassing the hassles of a serial connection!

  1. $ vi /usr/src/tools/tools/nanobsd/Files/etc/rc.conf
  2. ### NETWORK
  3. ########################################
  4. gateway_enable="YES"
  5. ifconfig_vr0="DHCP"
  6. #ifconfig_vr1="inet 10.10.11.1 netmask 255.255.255.0"
  7. wlans_ath0="wlan0"
  8. create_args_wlan0="wlanmode hostap mode 11b channel 7"
  9. ifconfig_wlan0="inet 10.10.12.1 netmask 255.255.255.0"
  10.  
  11. ### APPS
  12. ########################################
  13. dhcpd_enable="YES"
  14. dhcpd_ifaces="wlan0"
  15. #dhcpd_ifaces="wlan0 vr1"
  16. dhcpd_withuser="_dhcp"
  17. dhcpd_withgroup="_dhcp"
  18.  
  19. ### SYSTEM
  20. ########################################
  21. hostapd_enable="YES"
  22. named_enable="YES"
  23. named_chrootdir="/var/named"ooo;
  24. nfs_client_enable="YES"
  25. nfs_client_flags="-n 4"
  26. ntpd_enable="YES"
  27. pf_enable="YES"
  28. pflog_enable="YES"
  29. sendmail_enable="NO"
  30. sendmail_submit_enable="NO"
  31. sendmail_outbound_enable="NO"
  32. sendmail_msp_queue_enable="NO"
  33. sshd_enable="YES"
  34.  
  35. # NFS server (incase we need it)
  36. #rpcbind_enable="YES"
  37. #nfs_server_enable="YES"
  38. #mountd_enable="YES"
  39. #mountd_flags="-r"

/etc/exports

  1. # vi /usr/src/tools/tools/nanobsd/Files/etc/exports
  2. /usr/ports -maproot=root 10.10.11.229

/etc/ttys

Change the baud rate if you must. Be sure to reflect the change in /usr/src/tools/tools/nanobsd/Files/boot/loader.conf.

If you are on a FreeBSD release before 8.x, use ttyd0 as the device name!

  1. # vi /usr/src/tools/tools/nanobsd/Files/etc/ttys
  2. ttyu0    "/usr/libexec/getty std.9600"   vt220 on secure

/usr/local/etc/dhcpd.conf

The follow config is a typical DHCP config. To expand this config to more then 1 network interface, uncomment where it specifies multiple interfaces and uncomment the extra subnet block.

Read the DHCP man page or search Google for some more example configs.

  1. # cd /usr/src/tools/tools/nanobsd/Files
  2. # mkdir -p usr/local/etc
  3. # vi usr/local/etc/dhcpd.conf
  4. authoritative;
  5.  
  6. ###
  7. ### Global Settings
  8. ###
  9. ddns-update-style none;
  10. default-lease-time 600;
  11. max-lease-time 7200;
  12. #option domain-name "digitalfoo.local";
  13.  
  14.  
  15. ###
  16. ### Wireless Interface (wlan0)
  17. ###
  18. subnet 10.10.12.0 netmask 255.255.255.0 {
  19.     range 10.10.12.100 10.10.12.254;
  20.     option broadcast-address 10.10.12.255;
  21.     option routers 10.10.12.1;
  22.     option domain-name-servers 10.10.12.1;
  23. }
  24.  
  25.  
  26. ###
  27. ### Wired Interface 1 (vr1... if available)
  28. ###
  29. subnet 10.10.11.0 netmask 255.255.255.0 {
  30.     range 10.10.11.100 10.10.11.254;
  31.     option broadcast-address 10.10.11.255;
  32.     option routers 10.10.11.1;
  33.     option domain-name-servers 10.10.11.1;
  34. }
  35.  
  36. ###
  37. ### Static Hosts
  38. ###
  39. # example of host that needs a static address
  40. host main_desktop {
  41.     hardware ethernet 00:19:db:69:e5:ee;
  42.     fixed-address 10.10.11.100;
  43. }

/var/named/etc/namedb/*

  1. # cd /usr/src/tools/tools/nanobsd/Files
  2. # mkdir -p var/named/etc/namedb
  3. # cd var/named/etc/namedb
  4. # rndc-confgen -a -c rndc.key
  5. # cp /etc/namedb/named.conf ./
  6. # vi named.conf
  7. ### addresses for DNS server to listen on
  8. acl "interfaces" {
  9.     127.0.0.1;
  10.     10.10.11.1;
  11.     #10.10.12.1;
  12. };
  13. ... ... snip ... ... snip ... ...
  14. options {
  15. ... ... snip ... ... snip ... ...
  16.     directory     "/etc/namedb";
  17. ... ... snip ... ... snip ... ...
  18.     listen-on     { interfaces; };
  19. ... ... snip ... ... snip ... ...
  20. };
  21. ... ... snip ... ... snip ... ...
  22. include "rndc.key";

Compile NanoBSD

Now that we have the config files written, we can run the nanobsd.sh script. If you created a config file, do not forget to tell the script to use it!

  1. # cd /usr/src/tools/tools/nanobsd
  2. # sh nanobsd.sh -v -c accesspoint.nanobsd.conf
  3. # NanoBSD image ACCESSPOINT_1024MB build starting
  4. ## Clean and create object directory (/usr/obj/nanobsd.ACCESSPOINT_1024MB/)
  5. ## Construct build make.conf (/usr/obj/nanobsd.ACCESSPOINT_1024MB//make.conf)
  6. ## run buildworld
  7. ### log: /usr/objbw
  8. ## build kernel (ALIX_USB_v3)
  9. ### log: /usr/objbk
  10. ## Clean and create world directory (/usr/objw)
  11. ## Construct install make.conf (/usr/obj/nanobsd.ACCESSPOINT_1024MB//make.conf)
  12. ## installworld
  13. ### log: /usr/objiw
  14. ## install /etc
  15. ### log: /usr/objetc
  16. ## configure nanobsd /etc
  17. ## install kernel
  18. ### log: /usr/objik
  19. ## run customize scripts
  20. ## customize "cust_install_files"
  21. ### log: /usr/objcust.cust_install_files
  22. #### cust_install_files is a shell function
  23. ## customize "cust_allow_ssh_root"
  24. ### log: /usr/objcust.cust_allow_ssh_root
  25. #### cust_allow_ssh_root is a shell function
  26. ## configure nanobsd setup
  27. ### log: /usr/objdl
  28. ## run late customize scripts
  29. ## build diskimage
  30. ### log: /usr/objdi
  31. # Created NanoBSD disk image: /usr/objdisk.full
  32. # NanoBSD image ACCESSPOINT_1024MB completed

Now go have a few beers and relax because this could take a while. The script will cycle through it's build phases and start populating /usr/obj/nanobsd.<$NANO_NAME> with log files of what it has done and various images it has created. When it is all finished, you should get a directory listing similar to the following:

# ls /usr/obj/nanobsd.{$NANO_NAME}
_.bk _.dl _.iw
_.bw _.du _.mnt
_.cust_cust_install_files _.env _.mtree
_.di _.etc _.w
_.disk.full _.fdisk make.conf
_.disk.image _.ik usr

The log files in here are priceless when you have an image that won't compile. For example, the log for the install world phase is in _.iw. The file we need to write to our media is _.disk.full. This is the actual disk image plus the extra padding nessesary to fulfill the specified size of the filesystem.

Do not write _.disk.image by accident. This is only the naked compiled system, without the needed padding.

Copy NanoBSD Image to Flash

All the files are compiled, now we have to put our system on media.

If you used a USB flash card reader, /dev/daX will be your device name. If you used an IDE interface for your card reader, /dev/adX will be your device name.Just change X to the device number.

  1. # cd /usr/obj/nanobsd.{$NANO_NAME}
  2. # dd if=_.disk.full of=/dev/da0 bs=64k

Conclusion

We should have a well rounded system at our hands! Now plug your flash card into your embedded board and (attempt to) boot it up.

NOW CHANGE THE ROOT PASSWORD

  1. # sh ~/change_password
  2. Changing local password for root
  3. New Password: <password_here>
  4. Retype New Password: <password_here>

How to Use /cfg for Persistent Config Files

One thing that is awesome about NanoBSD is the fact that it is mostly a read-only system, with the read/write heavy hitters (/var and /tmp) remaining as memory disks.

This is great until you need to make changes or additions to /etc/* or /usr/local/etc/* that will still be there when you reboot (persistent). To accomplish this, you will have to use the /cfg mount point to store a structured overlay for /etc and /usr/local/etc. For example, a persistent change would be made simply by mounting /cfg , writing the changes to the respective directory (read on) under /cfg, and unmount it when you are done.


Directory Equivilent
/etc /cfg
/usr/local /cfg/local

Make sure you mount the /cfg file system BEFORE copying stuff there. ;)

The /etc Directory

Think of /cfg == /etc on a regular FreeBSD system. Any file you place here will be overlayed/mirrored to /etc when the NanoBSD system is next booted. If you need the change now as well, copy the file to the normal location and don't forget to mirror the change in the respective directory in /cfg!

  1. # # mount -u -o rw /
  2. # vi /etc/resolv.conf
  3. nameserver 4.2.2.1
  4. # mount -u -o ro /
  5. # mount /cfg
  6. # cp /etc/resolv.conf /cfg
  7. # umount -f /cfg

The /usr/local/etc Directory

/usr/local/etc is actually symlinked to /etc/local.

Similarly, the /usr/local/etc/* files are supposed to be mirrored to /cfg/local. Remember this when you install a port or configure a service.

  1. # mount /cfg
  2. # cp -R /usr/local/etc/* /cfg/local/
  3. # umount -f /cfg

Installing Ports

I have moved this section to their individual posts. I strongly recommend you read the installing ports via chroot guide, but if you would like to remotely install ports take a moment to view the installing ports from a remote FreeBSD ports tree guide.

NanoBSD Notes

Clobber (erase filesystem) on Flash Card

Make sure you use the right device name here!

  • # dd if=/dev/zero of=/dev/da0 bs=1k count=1

Mounting/Unmounting Filesystem

  1. # mount -u -o rw /
  2. # mount -u -o ro /

Save SSH Keys

Now the keys are generated every time the system boots.

  1. # sh save_sshkeys

Download NanoBSD File Set

The following archives contain the config files pertaining to this guide.

Download NanoBSD File Set
FreeBSD, embedded, NanoBSD :tags Comments (5)



Post a New Comment

Name

Message

Security
Code
        (case insensitive & space between words)


Posted Comments
Ed Johnstone  Nov 29, 2010
Awesome, I'm looking for all the documentation I can get my hands on, for Nanobsd, and this looks great, on the first read. I'm printing to study over. Thanks Ed