Chinaunix首页 | 论坛 | 博客
  • 博客访问: 738653
  • 博文数量: 235
  • 博客积分: 4309
  • 博客等级: 中校
  • 技术积分: 2325
  • 用 户 组: 普通用户
  • 注册时间: 2011-01-17 11:25
个人简介

If you don\\\\\\\\\\\\\\\'t wanna do it, you find an EXCUSE; if you do, you\\\\\\\\\\\\\\\'ll find a WAY :-)

文章分类

全部博文(235)

文章存档

2014年(3)

2013年(2)

2012年(31)

2011年(199)

分类: BSD

2011-10-03 22:33:08

官方简体中文安装手册:
官方en_US安装手册:
官方简体中文安装手册 下载: 

1: 使用 USB 安装 FreeBSD(设备编号自行修改

  1. # dd if=9.1-RELEASE-amd64-memstick.img of=/dev/da1 bs=10240 conv=sync
Tips: Windows环境下如何将 *.img 写入USB ? 
Image Writer for Windows:  https://launchpad.net/win32-image-writer/+download

安装source 和 ports
  1. 等待重启完成 ...
  2. # vi /boot/loader.conf
  3. loader_logo="beastie" (boot menu logo)
  4. autoboot_delay="3" (boot delay)
  5. :wq

  6. # vi /etc/rc.conf
  7. blanktime="600"
  8. saver="daemon"
  9. hald_enable="YES"
  10. dbus_enable="YES"
  11. powerd_enable="YES"
  12. powerd_flags="-a adaptive -b adaptive -n adaptive"  # 保持温度不会过高就是了
  13. :wq

  14. # kldload coretemp
  15. # sysctl -a |grep temper
  16. hw.acpi.thermal.tz0.temperature: 60.0C
  17. dev.cpu.0.temperature: 59.0C
  18. dev.cpu.1.temperature: 59.0C
  19. dev.cpu.2.temperature: 59.0C
  20. dev.cpu.3.temperature: 59.0C
  21. dev.cpu.4.temperature: 61.0C
  22. dev.cpu.5.temperature: 62.0C
  23. dev.cpu.6.temperature: 59.0C
  24. dev.cpu.7.temperature: 59.0C
检查一下硬件信息

  1. # dmesg | grep attached 列出没有被驱动的硬件) 
  2. # pciconf -lv 更加详细)   /var/run/dmesg.boot (see also)
  3. 找到声卡 和 显卡加载相应驱动
声卡 驱动


  1. # kldload snd_driver 加载所有声卡驱动自动匹配
  2. # cat /dev/sndstat (查看声卡驱动信息
  3. # dmesg | grep hdac
  4. # cat filename > /dev/dsp (测试声卡,filename为任意文件产生噪音说明正常工作

  5. # vi /boot/device.hints
  6. hint.pcm.0.vol="50" (pcm Module加载时,音量默认为50
  7. :wq

  8. # Microphone     (话筒)
  9. # mixer

  10. # sysctl dev.pcm.0.play.vchans=4
  11. # sysctl dev.pcm.0.rec.vchans=4 ( 虚拟声道(Virtual Sound Channels)4个音源能够同时播放)
  12. # sysctl hw.snd.maxautovchans=4

 # less /boot/defaults/loader.conf
 /snd (找到所有声卡驱动支持项)
 # pciconf -lv | egrep -i -A3 -B5 'audio|multimedia' (查看device 类型)
 # vi /boot/loader.conf
 snd_hda_load="YES" (启动时加载 声卡驱动/添加自己的声卡驱动)
:wq



2: 时间校准 (很重要)

  1. # tzsetup 时区设置 CST
  2. # ntpdate cn.pool.ntp.org 校准

  3. # vi /etc/rc.conf
  4. ntpd_enable="YES" 配置开机启动 ntpd
  5. ntpd_sync_on_start="YES"
  6. :wq
  7. # /etc/rc.d/ntpd start

  8. # vi /etc/ntp.conf
  9. server 1.cn.pool.ntp.org
  10. server 1.asia.pool.ntp.org
  11. server 2.asia.pool.ntp.org 配置time server
  12. :wq
  13. # /etc/rc.d/ntpd restart


3:更新 source 和 doc

  1. # cp /usr/share/examples/cvsup/standard-supfile /etc
  2. # cd /etc/; vi standard-supfile
  3. *default host=cvsup.tw.freebsd.org (修改此项)
  4. *default base=/var/db
  5. *default prefix=/usr
  6. *default release=cvs tag=RELENG_9_0
  7. *default delete use-rel-suffix
  8. *default compress
  9. src-all
  10. doc-all tag=.   (添加此项)
  11. :wq
 # csup /etc/standard-supfile

4:ports 和 package 文件下载地址设置

  1. # vi /etc/make.conf (详情:man make.conf)
  2. MASTER_SITE_BACKUP?= \
  3. ftp://ftp.hk.freebsd.org/pub/FreeBSD/distfiles/${DIST_SUBDIR}/\
  4. ftp://ftp.tw.freebsd.org/pub/FreeBSD/distfiles/${DIST_SUBDIR}/\
  5. ftp://ftp.freebsd.org/pub/FreeBSD/distfiles/${DIST_SUBDIR}/ (注意这里没换行了)
  6. MASTER_SITE_OVERRIDE?= ${MASTER_SITE_BACKUP}
  7. CPUTYPE?=core2 (根据情况调整,起到优化作用:me -> i7)
  8. # sysctl hw.model (more /usr/share/example/etc/make.conf)
  9. # dmidecode (DMI table decoder)
  10. INSTALL=install -C (比对已安装文件与最新文件 版本号,低于新版本才安装)
  11. :wq

  1. tcsh/csh:
  2. # vi ~/.cshrc
  3. setenv        PACKAGEROOT        ftp://ftp.tw.freebsd.org
  4. setenv        PKG_TMPDIR        /var/garbage        (package安装后来这里看看:/var/db/pkg)
  5. :wq
  6. # exit            (注销生效)


  7. sh/bash:
  8. $ vi ~/.profile
  9. export PACKAGEROOT=ftp://ftp.tw.freebsd.org
  10. export PKG_TMPDIR=/var/garbage
  11. :wq
  12. # exit            (注销生效)

 #
 # pkg_add -r vim (使用远程服务器安装)
 # pkg_version -v  (list outdated ports that have a newer version available in the Ports)

 # pkg_version -v |grep vim (首先查出版本号)
 # pkg_delete vim-7.3.81
 或者:
 # pkg_delete /var/db/pkg/vim-7.3.81
 # pkg_delete xchat\* (使用通配符)

 # pkg_info |grep -i vim (首先查出版本号)
 # pkg_info -L vim-7.3.81 |less (显示这个软件包安装的所有文件)
 # pkg_info vim-7.3.81
 
查看CPU支持指令集合:
  1. # grep -i features /var/run/dmesg.boot
  2. Features=0xbfebfbff
  3.   Features2=0x98e3fd
  4.   AMD Features=0x28100800
  5.   AMD Features2=0x1

查看当前操作系统开启的指令集合:

  1. # cd /usr/share/mk
  2. # make -V CPUTYPE
  3. core2
  4. # make -V MACHINE_CPU
  5. ssse3 sse3 amd64 sse2 sse mmx


5: 更新 ports ( portmaster)

  1. # portsnap fetch extract   首次更新port使用此命令)
  2. # portsnap fetch update 日后更新port使用此命令)
  3. vi /etc/crontab
  4. 0 5 * * * root /usr/sbin/portsnap cron update  (自动更新port)
  5. :wq

  6. 安装 portmaster 用于更新 软件包:
  7. # cd /usr/ports/ports-mgmt/portmaster && make install clean
  8. ---------------------------------------------------------------------
  9. # ls /usr/local/etc/portmaster.rc.sample
  10. # vim /usr/local/etc/portmaster.rc
  11. # Do not create temporary backup packages before pkg_delete (-B)
  12. NO_BACKUP=Bopt

  13. # Always delete stale distfiles without prompting (-d)
  14. ALWAYS_SCRUB_DISTFILES=dopt

  15. # Do not run 'make config' for ports that need updating (-G)
  16. PM_NO_MAKE_CONFIG=Gopt

  17. # Be verbose (-v)
  18. PM_VERBOSE=vopt

  19. # Save copies of old shared libraries (recommended) (-w)
  20. SAVE_SHARED=wopt
  21. :wq
  22. ----------------------------------------------------------------------
  23. # /usr/local/sbin/portmaster -L > portmaster.out (列出可更新的软件)
  24. ===>>> linux_base-fc-4_8
  25. ===>>> New version available: linux_base-fc-4_9

  26. /usr/local/sbin/portmaster linux_base-fc-4_8 (更新 某软件)
  27. /usr/local/sbin/portmaster -e openoffice.org-2.2.0 (卸载某软件与其依赖)
  28. #
  29. # portmaster -a (升级所有已安装的 ports)
  30. # portmaster -af (always rebuild ports overrides -i)
  31. # portmaster -aG -x ? --no-confirm
  1. # portmaster -r

    [-R] -r name/glob of port directory in /var/db/pkg
             rebuild the specified port, and all ports that depend on it.  The
             list of dependent ports is built according to origin (i.e.,
             category/portname) not by the version number of the installed port.
             So if you do portmaster -r fooport-1.23 and it is necessary to
             restart using -R but the newly installed port is now fooport-1.24 you
             can do portmaster -R -r fooport-1.24 and it should pick up where you
             left off.  The -r option can be specified more than once.

    # cd /usr/ports/sysutils/bsdadminscripts/ && make install clean
    > pkg_libchk                   (检查缺失的动态库,找出有问题的 ports)
    Thunar-1.3.0: /usr/local/lib/thunarx-2/thunar-sbr.so misses libpng.so.6
    Thunar-1.3.0: /usr/local/lib/thunarx-2/thunar-sbr.so misses libpng.so.6
    Thunar-1.3.0: /usr/local/lib/thunarx-2/thunar-uca.so misses libpng.so.6
    Thunar-1.3.0: /usr/local/lib/thunarx-2/thunar-uca.so misses libpng.so.6
    Thunar-1.3.0: /usr/local/lib/thunarx-2/thunar-uca.so misses libpng.so.6
    Thunar-1.3.0: /usr/local/lib/thunarx-2/thunar-uca.so misses libpng.so.6
    Thunar-1.3.0: /usr/local/lib/thunarx-2/thunar-wallpaper-plugin.so misses libpng.so.6
    Thunar-1.3.0: /usr/local/lib/thunarx-2/thunar-wallpaper-plugin.so misses libpng.so.6
    Thunar-1.3.0: /usr/local/lib/thunarx-2/thunar-wallpaper-plugin.so misses libpng.so.6
    Thunar-1.3.0: /usr/local/lib/xfce4/panel/plugins/libthunar-tpa.so misses libpng.so.6
    Thunar-1.3.0: /usr/local/lib/xfce4/panel/plugins/libthunar-tpa.so misses libpng.so.6
    Thunar-1.3.0: /usr/local/lib/xfce4/panel/plugins/libthunar-tpa.so misses libpng.so.6
    ...
    ...
  2. ports替换升级法(以perl为例):
    1. > more /usr/ports/UPDATING
    2. AFFECTS: users of lang/perl*
    3. AUTHOR: skv@FreeBSD.org

    4. lang/perl5.16 is out. If you want to switch to it from, for example
    5. lang/perl5.12, that is:

    6. Portupgrade users:
    7. 0) Fix pkgdb.db (for safety):
    8. pkgdb -Ff

    9. 1) Reinstall new version of Perl (5.16):
    10. env DISABLE_CONFLICTS=1 portupgrade -o lang/perl5.16 -f perl-5.12.\*

    11. 2) Reinstall everything that depends on Perl:
    12. portupgrade -fr perl

    13. Portmaster users:
    14. portmaster -o lang/perl5.16 lang/perl5.12

    15. Conservative:
    16. portmaster p5-

    17. Comprehensive (but perhaps overkill):
    18. portmaster -r perl-

    19. Note: If the "perl-" glob matches more than one port you will need to
    20. specify the name of the Perl directory in /var/db/pkg explicitly.

    21. The default version for Perl has also been changed from 5.12 to 5.14.

  3. 另一种更新 软件包 的方法:
  4. # make deinstall && make install clean (前提是你的ports 已经更新!)

  5. 下面方法多用于 测试不同版本软件:
  6. # make install (注意没有:clean ,保留下载的源码!)
  7. # make deinstall && make reinstall (前提是下载的源码没有被清理!)

  8. # make PREFIX=/usr/pkg install clean (Changing the Install Path)

  9. Cleaning Up Ports:
  10. # make install clean (clean a port immediately upon install)

  11. You might also want to remove the original distfiles, stored in /usr/ports/distfiles.
  12. # make distclean (removes the distfiles for the current port and all dependencies)
  13. OR:
  14. # portmaster --clean-distfiles
  15. To clean the entire ports tree
  16. # make clean -DNOCLEANDEPENDS  run directly under /usr/ports)

  17. Building Packages
  18. # make package
  19. This installs the program on the local machine and creates a package in the port’s directory.
  20. Simply copy this package to other systems and run pkg_add(1) to install it.
  21. If you create the directory /usr/ports/packages, the Ports Collection will
  22. create a packages tree in that location. Instead of placing the new package
  23. in the port’s directory, the port will place the package in the appropriate
  24. category under /usr/ports/packages.
  25. --------------------------------------------------------------------------------
LOCAL PACKAGE REPOSITORIES
Remember the PACKAGESITE environment variable? Set that to a path on your local
anonymous FTP server (Chapter 17) or an NFS share (Chapter 8) and put your custom
packages there. You can then use pkg_add -r on your other machines, and they will
automatically grab packages from your local repository.



6:Binary Updates ( only provides patches to the GENERIC kernel)

  1. # freebsd-update fetch (download the latest updates to your errata branch)
  2. ( files stored in /var/db/freebsd-update)
  3. # freebsd-update install (install the downloaded files)
  4. #
  5. # vi /etc/crontab
  6. 0 5 * * * root /usr/sbin/freebsd-update cron (自动更新至 errata-branch)
  7. :wq
  8. Reboot your system ..


7:安装 Vim

  1. # cd /usr/ports/editors/vim/
  2. # make WITHOUT_X11=yes install clean
  3. # exit (注销)

  4. # vim ~/.vimrc
  5. set nomodeline (这个一定要写,目前有这个安装漏洞
  6. set nocp
  7. set hls is
  8. set ic
  9. set autoindent
  10. set backspace=2
  11. syntax on
  12. "set bg=dark (更改背景色调/默认为light, " 为注释!)
  13. :wq (详情:vimtutor)

  14. # vim ~/.cshrc
  15. setenv EDITOR vim
  16. :wq
8:使用本地化语言
  1. 方法一:Class Definitions
  2. # vim /etc/login.conf
  3. chinese:Chinese Users Account:\
  4. :charset=UTF-8:\
  5. :lang=zh_CN.UTF-8:\
  6. :tc=default:
  7. :wq
  8. # cap_mkdb /etc/login.conf (rebuilds the database file /etc/login.conf.db)
  9. # pw usermod jacky -L chinese (修改 jacky 的 语言环境)
  10. # pw useradd jacky -L chinese (添加 jacky 并使用中文)

  11. # pw usershow jacky
  12. jacky:*:1001:1001:chinese:0:0:jacky:/home/jacky:/bin/tcsh
  13. # su - jacky
  14. > locale
  15. LANG=zh_CN.UTF-8
  16. LC_CTYPE="zh_CN.UTF-8"
  17. LC_COLLATE="zh_CN.UTF-8"
  18. LC_TIME="zh_CN.UTF-8"
  19. LC_NUMERIC="zh_CN.UTF-8"
  20. LC_MONETARY="zh_CN.UTF-8"
  21. LC_MESSAGES="zh_CN.UTF-8"
  22. LC_ALL=

 方法二:User Definitions
# vim ~/.login_conf
me:\
:lang=zh_CN.UTF-8:\
:setenv=LC_CTYPE=zh_CN.UTF-8:\ (字符类型)
:setenv=LC_COLLATE=zh_CN.UTF-8:\ (字符对比规则)
:setenv=LC_TIME=zh_CN.UTF-8:\ (时间类型)
:setenv=LC_NUMERIC=zh_CN.UTF-8:\ (数字类型)
:setenv=LC_MONETARY=zh_CN.UTF-8:\ (货币类型)
:setenv=LC_MESSAGES=zh_CN.UTF-8:\ (消息/提示类型)
:setenv=LC_ALL=zh_CN.UTF-8:\
:charset=UTF-8:
:wq

 PS: 自定义 prompt 和 alias

 方法一:全局设置

  1. vim /etc/csh.cshrc
  2. set prompt = "%B%n@%m [%/] $ " (详情:man csh /%m)
  3. set autolist (TAB命令补全功能)
 方法二:自定义设置
 vim ~/.cshrc
 set prompt = "%B%n@%m [%/] # " (注意空格)
 set autolist (TAB 命令补全功能)
 alias cl clear
 alias vi vim
 alias df df -h
 

 History: (默认记录文件:~/.history)
 # history -c (清理当前历史记录)
 # history -S (保存当前历史记录)
 

9: Axel / Aria2下载大文件利器 (MP3、影片、软件等)   wget

  1. # cd /usr/ports/ftp/axel && make install clean
  2. # axel -a -n 3 ftp://ftp.kernel.org/pub/linux/kernel/v2.4/linux-2.4.17.tar.bz2 (详情:man axel)

  3. # axel -S4 ftp://ftp.kernel.org/pub/linux/kernel/v2.4/linux-2.4.17.tar.bz2 (自动寻找 4 个最快mirror进行下载)

  4. 通常我用 wget 下网站 (找到资料就下吧!说不准那天站点没了,还是弄下来方便!)
  5. wget -r -np -p -k --level=2 (wget默认安装)

  6. Aria2 :多链接下载,轻量,平均4-9MB内存使用量,BitTorrent下载速度2.8MiB/s时CPU占用约6%
  7. # cd /usr/ports/www/aria2 && make install clean

  8. (详情:man aria2c)
  9. # aria2c "" (直接下载)

  10. # aria2c "http://host/file.zip" "ftp://host2/file.zip" (同时从 2 个不同源下载 某文件)

  11. # aria2c -x2 -k1M "" (-x2:一个server只建立 2 个连接 -k1M:man很详细)

  12. # aria2c -s4 (-s:总共启用多少个连接)

  13. # aria2c mylinux.torrent (BT 下载)

  14. # aria2c 'magnet:?xt=urn:btih:248D0A1CD08284299DE78D5C1ED359BB46717D8C'  (BT Magent URI)

  15. # aria2c mylinux.metalink (Metalink)

  16. # aria2c -i files.txt -j2 (Download URIs found in text file -j:同时进行任务数)

  17. Resuming Download:
  18. Usually, you can resume transfer by just issuing same command (aria2c URI)
  19.  if the previous transfer is made by aria2.
  20.  If the previous transfer is made by a browser or wget like sequential download manager,
  21.  then use -c option to continue the transfer (aria2c -c URI)

  22. BitTorrent Download:

  23. # aria2c --follow-torrent=mem "" (download files from remote BT file)
  24. # aria2c --max-upload-limit=40k file.torrent (download using a local torrent file)

  25. Using Proxy:
  26. For HTTP
  27. aria2c --http-proxy="" ""
  28. aria2c --http-proxy="" \
  29. --no-proxy="localhost,127.0.0.1,192.168.0.0/16" ""
    For FTP
  30. aria2c --ftp-proxy="" "ftp://host/file"
    Proxy with Authorization
  31. aria2c --http-proxy="" ""
  32. aria2c --http-proxy="" \
  33. --http-proxy-user="username" --http-proxy-passwd="password" ""

  1. -------------------------------------------------------------------------------------------------------
  2. 也可以应用到ports下载中!(非必需,一般来说FreeBSD的 fetch够用了)
  3. # vim /etc/make.conf
  4. FETCH_CMD=/usr/local/bin/axel -a -S4 (-a:显示每个线程状态信息  -n:连接数)
  5. DISABLE_SIZE=yes (开启 此功能!)
  6. :wq

  7. 穿越模式:
  8. FETCH_ENV=http_proxy=ur address
  9. FETCH_ENV=ftp_proxy=ur address

  10. 或者 使用其他工具: (proxychains / runsocks)
  11. FETCH_CMD=proxychains axel
  12. FETCH_CMD=runsocks axel

  13. PS:wget  axel aria2 配置均一样!

  14. FETCH_CMD=/usr/local/bin/wget -c -t 3 (-c:继续以前的下载  -t:默认tries =20)
  15. DISABLE_SIZE=yes (开启 此功能!)

  16. FETCH_CMD=/usr/local/bin/aria2c -s 4 (-s:开启4 个连接)
  17. DISABLE_SIZE=yes (开启 此功能!)

  18. (在Aria2速度不行的时候,我发现Axel速度确实可以!正常情况匹敌!)
 

10:Scim-pinyin (fcitx-sunpinyin) (ibus-pinyin)输入法

  1. # cd /usr/ports/chinese/scim-pinyin && make install clean
  2. > vim ~/.cshrc
  3. # set scim as the XIM  input server
  4. setenv XMODIFIERS @im=SCIM
  5. :wq

  6. # xfce环境下,支持中文默认用英文情况下(Terminal内右键 Input Methods -SCIM)

  7. cd /usr/ports/chinese/fcitx-sunpinyin && make install clean
  8. # cd /usr/ports/chinese/fcitx-configtool && make install clean
  9. > vim ~/.cshrc
  10. setenv XMODIFIERS @im=fcitx
  11. setenv GTK_IM_MODULE xim
  12. setenv QT_IM_MODULE xim
  13. :wq
  14. > vim ~/.xinitrc 
  15. #!/bin/sh
  16. /usr/local/bin/fcitx &    # 确保比xfce提前运行!
  17. /usr/local/bin/startxfce4
  18. :wq

  19. # cd /usr/ports/chinese/ibus-pinyin && make install clean
  20. # more /usr/ports/textproc/ibus/pkg-message

  21. -------------------------------------------------------------------
  22. ibus installation finished. To use ibus, please do the following:

  23. If you are using bash, please add following lines to your $HOME/.bashrc:

  24. export XIM=ibus
  25. export GTK_IM_MODULE=ibus
  26. export QT_IM_MODULE=xim
  27. export XMODIFIERS=@im=ibus
  28. export XIM_PROGRAM="ibus-daemon"
  29. export XIM_ARGS="--daemonize --xim"

  30. If you are using tcsh, please add following lines to your $HOME/.cshrc:

  31. setenv XIM ibus
  32. setenv GTK_IM_MODULE ibus
  33. setenv QT_IM_MODULE xim
  34. setenv XMODIFIERS @im=ibus
  35. setenv XIM_PROGRAM ibus-daemon
  36. setenv XIM_ARGS "--daemonize --xim"

  37. If you are using KDE4, you may create a shell script in $HOME/.kde4/env, 
  38. and add following lines:

  39. #!/bin/sh
  40. export XIM=ibus
  41. export GTK_IM_MODULE=ibus
  42. export QT_IM_MODULE=xim
  43. export XMODIFIERS=@im=ibus
  44. export XIM_PROGRAM="ibus-daemon"
  45. export XIM_ARGS="--daemonize --xim"

  46. Following input methods/engines are available in ports:

  47. chinese/ibus-chewing            Chewing engine for IBus
  48. chinese/ibus-pinyin             The PinYin input method
  49. japanese/ibus-anthy             Anthy engine for IBus
  50. japanese/ibus-mozc              Mozc engine for IBus
  51. japanese/ibus-skk               SKK engine for IBus
  52. korean/ibus-hangul              Hangul engine for IBus
  53. textproc/ibus-kmfl              KMFL IMEngine for IBus framework
  54. textproc/ibus-m17n              The m17n IMEngine for IBus framework
  55. textproc/ibus-table             Table based IM framework for IBus

  56. and QT4 input method module, textproc/ibus-qt.

  57. If ibus cannot start or the panel does not appear, please ensure
  58. that you are using up-to-date python.
  59. There's a bug in python 2.5, which may prevent the panel from appearing.
  60. -------------------------------------------------------------------
  61. # vim ~/.xinitrc
  62. #!/bin/sh
  63. /usr/local/bin/ibus-daemon --xim -d    # 确保比xfce提前运行!
  64. /usr/local/bin/startxfce4
  65. :wq


  66. # vim ~/.cshrc
  • setenv XIM ibus
  • setenv GTK_IM_MODULE ibus
  • setenv QT_IM_MODULE xim
  • setenv XMODIFIERS @im=ibus
  • setenv XIM_PROGRAM ibus-daemon
  • setenv XIM_ARGS "--daemonize --xim"
  • :wq



  • 11:Xorg 和 WQY 字库

    1. # cd /usr/ports/x11/xorg && make BATCH=YES install clean

    2. (BATCH=YES: 启用默认配置选项, 不会出现对话框来烦你!)

    3. # Xorg -configure
    4. # mv xorg.conf.new /etc/X11/xorg.conf (生成 xorg 配置文件)

    5. # vim /etc/rc.conf (使用 HAL 自动检测键盘和鼠标)
    6. hald_enable="YES"
    7. dbus_enable="YES"
    8. :wq

    9. # cd /usr/ports/x11-fonts/wqy && make install clean
    10. # vim /etc/X11/xorg.conf
    11.  Section "Files
    12.   FontPath "/usr/local/lib/X11/fonts/wqy" (添加 wqy 路径支持)
    13.  EndSection

    14.  Section "Monitor"
    15. Identifier "Monitor0"
    16. VendorName "Monitor Vendor"
    17. ModelName "Monitor Modle"
    18. HorizSync 30-107 (水平刷新频率)
    19. VertRefresh 48-120 (垂直刷新频率)
    20. Option "DPMS" (能源之星/EnergyStar)
    21.  EndSection
    1.  Section "Screen"
    2. Identifier "Screen0"
    3. Device "Card0"
    4. Monitor "Monitor0"
    5. DefaultDepth 24
    6. SubSection "Display"
    7. Viewport 0 0
    8. Depth 24
    9.               Modes "1024x768"
    10.               Virtual   1366 768
    11. EndSubsection
    12.  EndSection
    13. :wq

    PS: 使用 GTF 命令输出刷新频率 如下! 一定要安装 nvidia-settings 否则分辨率永远是 50Hz!

    # gtf 1366 768 60

    # 1366x768 @ 60.00 Hz (GTF) hsync: 47.70 kHz; pclk: 85.86 MHz
    Modeline "1366x768_60.00"  85.86  1366 1440 1584 1800  768 769 772 795  -HSync +Vsync

    1. ection "Monitor"
    2. Identifier "Monitor0"
    3. VendorName "Monitor Vendor"
    4. ModelName "Monitor Modle"
    5. HorizSync 30-107 (水平刷新频率)
    6. VertRefresh 48-120 (垂直刷新频率)
    7.      #  1368x768 @ 60.00 Hz (GTF) hsync: 47.70 kHz; pclk: 85.86 MHz
              Modeline "1368x768_60.00"  85.86  1368 1440 1584 1800  768 769 772 795  -HSync +Vsync
    8. Option "DPMS" (能源之星/EnergyStar)
    9.  EndSection
    1.  Section "Screen"
    2. Identifier "Screen0"
    3. Device "Card0"
    4. Monitor "Monitor0"
    5. DefaultDepth 24
    6. SubSection "Display"
    7. Viewport 0 0
    8. Depth 24
    9.               Modes "1366x768"
    10.               Virtual   1366 768
    11. EndSubsection
    12.  EndSection
    13. :wq

    PS:启用 ctrl+alt+backspace 退出 Xorg (默认已关闭该功能)
    方法一:
    # setxkbmap -option terminate:ctrl_alt_bksp

    方法二:
    # vim /usr/local/etc/hal/fdi/policy/x11-input.fdi (hald 会读取该文件)
     
       
          terminate:ctrl_alt_bksp
       
     

    #  vim /etc/X11/xorg.conf
    Section "ServerLayout"
    Option "DontZap" "off"
    EndSection
    :wq

    方法三:使用 Xfce4-session-logout
    # vim ~/.cshrc
    alias logout xfce4-session-logout --logout
    alias   lock    xflock4
    :wq
    # source ~/.cshrc
    12:Nvidia 驱动
    1. # cd /usr/ports/x11/nvidia-driver && make BATCH=YES install clean
    2. # vim /boot/loader.conf
    3. nvidia_load="YES" (启动时加载 driver)
    4. linux_enable="YES"
    5. :wq

    6. # cd /usr/ports/x11/nvidia-xconfig/ && make install clean
    7. # rehash

    8. 方法一:不开启 compiz-fusion 
    9. # nvidia-xconfig (自动替换/etc/X11/xorg.conf 并备份原文件为:org.conf.backup)

    10. 方法二:开启 compiz-fusion
    11. nvidia-xconfig --add-argb-glx-visuals (Enable OpenGL)
    12. nvidia-xconfig --composite (Enable Composite X extension)
    13. nvidia-xconfig --depth=24

    14. 显卡信息查看 和 分辨率 刷新频率 查看与修改!
    15. (Xorg 内 配置无法起作用,只能通过nvidia-settings来调整!)

    16. # cd /usr/ports/x11/nvidia-settings && make install clean
    17. # rehash
    18. nvidia-settings

    13:xfce4
    1. # cd /usr/ports/x11-wm/xfce4 && make BATCH=YES install clean
    2. # vim /usr/local/etc/PolicyKit/PolicyLit.conf (允许用户在 xfce4模式下 reboot 和 shutdown)
    3.  

    4. reboot">
    5.      
    6. shutdown">
    7.    


    8. 还需要进行如下操作:
    9. # vim /usr/local/etc/polkit-1/localauthority/50-local.d/.pkla

    10. [Restart]
    11. Identity=unix-group:wheel
    12. Action=org.freedesktop.consolekit.system.restart
    13. ResultAny=yes
    14. ResultInactive=yes
    15. ResultActive=yes

    16. [Shutdown]
    17. Identity=unix-group:wheel
    18. Action=org.freedesktop.consolekit.system.stop
    19. ResultAny=yes
    20. ResultInactive=yes
    21. ResultActive=yes


    1. % vim ~/.xinitrc (告诉X 下次启动时执行 Xfce4)
    2. #!/bin/sh
    3. /usr/local/bin/startxfce4
    4. #exec startxfce4 (也可这样写)
    5. :wq
    6.  

    7. PS: 如果使用了 XDM
    8. % vim ~/.xsession
    9. #!/bin/sh
    10. /usr/local/bin/startxfce4
    11. :wq
    12. % chmod +x ~/.xsession
    ---------------------------------------------------
    Xfce4 回收站地址: ~/.local/share/Trash/files

    Xfce4 注销命令:
    # vim ~/.cshrc
    alias logout xfce4-session-logout --logout
    alias   lock    xflock4
    :wq
    # source ~/.cshrc
    ---------------------------------------------------
    Xfce 4 Setting Manager
    Themes/Shortcuts/:  Window Manager
    Background/Icons/display: Desktop Display
    File Manager:Display-date
    Style: Appearance -xfce dust
    Desktop Panel Setup

    Terminal Preferences
    Appearance - Font - Background(Transparent)
    滚动 滑轮 - 收起(打开)终端窗口
    1. ----------------------------------------------------------------
    2. How to install new themes:
     
    1. ----------------------------------------------------------------
    2. Xfce4 Plugins:

    3. #安装 Ristretto (微型图片查看工具)
    4. # cd /usr/ports/graphics/ristretto && make install clean

    5. 安装 Task (图形任务管理器)
    1. # cd /usr/ports/x11/xfce4-taskmanager && make install clean

    2. 安装 Power (电源管理)
    3. # cd /usr/ports/sysutils/xfce4-power-manager && make install clean
    4. # cd /usr/ports/sysutils/xfce4-battery-plugin && make install clean

    5. 安装 Notes (便签)
    6. # cd /usr/ports/deskutils/xfce4-notes-plugin && make install clean

    7. 安装 Netload  (网络负载)
    8. # cd /usr/ports/sysutils/xfce4-netload-plugin && make install clean

    9. 安装 Weather (天气预报)
    10. # cd /usr/ports/misc/xfce4-weather-plugin && make install clean

    11. 安装 Wavelan (无线上网)
    12. # cd /usr/ports/sysutils/xfce4-wavelan-plugin && make install clean

    13. PS: 将以上项目在 panel上右键 添加 new item 才可以显示出来!!

    14. # cd /usr/ports/ 
      # make quicksearch name=xfce4-screenshooter-plugin
      # cd /usr/ports/x11/xfce4-screenshooter-plugin && make install clean
      touch ~/.config/xfce4/xfce4-screenshooter (没有他工作不了!)
      进入 keyboard 设置 shotcut (PrtScr) 或 从菜单栏点击程序


    15. 安装 Xfburn (CD/DVD 刻录工具)
    16. # cd /usr/ports/sysutils/xfburn && make install clean

    17. 强大的 命令行刻录工具: (建议使用)
    18. # cd /usr/ports/sysutils/dvd+rw-tools && make install clean
    19. growisofs -dvd-compat -Z /dev/cd0 -J -R /path/to/data (刻录 数据DVD)
    20. growisofs -dvd-compat -Z /dev/cd0=imagefile.iso (刻录 映像文件)



    14:Mplayer/Office/Reader/Gimp/Ristretto/Galculator/Thunderbird/Pidgin/VirtualBox/unix2dos
    1. # cd /usr/ports/editors/libreoffice (安装libreoffice)
    2. # make LOCALIZED_LANG=zh-CN install clean (添加中文支持)

    3. # cd /usr/ports && make search key=adobe|less (安装AdobeReader)
    4. # cd /usr/ports/chinese/acroread8-zh_CN && make install clean
    5. # cd /usr/ports/graphics/mupdf && make install clean    (安装mupdf)
    6. # cd /usr/ports/graphics/epdfview && make install clean    (安装epdfview)

    7. # cd /usr/ports/graphics/gimp-help && make config (保留:EN 和 ZH_CN)
    8. # cd /usr/ports/graphics/gimp && make BATCH=YES install clean  (安装图像处理)
    9. # cd /usr/ports/graphics/gimp-manual-pdf && make install clean

    10. # cd /usr/ports/graphics/ristretto && make install clean (安装微型图片查看工具)
    11. # cd /usr/ports/math/galculator && make install clean (安装图形计算器)

    12. # cd /usr/ports/mail/thunderbird && make BATCH=YES install clean (安装雷鸟)
    13. # cd /usr/ports/mail/thunderbird-i18n && make install clean

    14. # cd /usr/ports/net-im/pidgin/ && make install clean (IM Client 注意端口用8001)
    15. # 成功登陆IRC(irc.freenode.net)之后:
    16. /cs register #ChannelName Password  ChannelDescription  (注册自己的Channel) 

    17. # cd /usr/ports/converters/unix2dos && make install clean   (unix2dos and dos2unix)

    18. unix2dos and dos2unix are utilities that convert
    19. ASCII files from the DOS cr/lf format to the UNIX
    20. lf format..


    21. VirtualBox:
    22. # cd /usr/ports/emulators/virtualbox-ose && make install clean

    23. # kldload vboxdrv
    24. or
    25. # echo 'vboxdrv_load="YES"'>>/boot/loader.conf
    26. # pw groupmod vboxusers -m yourusername
    27. % VirtualBox &

    28. =====================================

    29. VirtualBox was installed.

    30. You need to load the vboxdrv kernel module via /boot/loader.conf:

    31. vboxdrv_load="YES"

    32. You also have to add all users to your vboxusers group in order to use vbox.

    33. % pw groupmod vboxusers -m jerry

    34. Reboot the machine to load the needed kernel modules.


    35. Bridging Support:
    36. =================

    37. For bridged networking please add the following line to your /etc/rc.conf:

    38. vboxnet_enable="YES"


    39. USB Support:
    40. ============

    41. For USB support your user needs to be in the operator group and needs read
    42. and write permissions to the USB device.

    43. % pw groupmod operator -m jerry

    44. Add the following to /etc/devfs.rules (create if it doesn't exist):

    45. [system=10]
    46. add path 'usb/*' mode 0660 group operator

    47. To load these new rule add the following to /etc/rc.conf:

    48. devfs_system_ruleset="system"

    49. Then restart devfs to load the new rules:

    50. % /etc/rc.d/devfs restart


    51. ========================================
    52. Qemu:
    53. # cd /usr/ports/emulators/qemu && make install clean (add kqemu option)
    54. # kldload {kqemu,if_bridge,if_tap,aio}  (必备module)
    55. # kldstat

    56. Create a 10GB qcow2 image to install Windows XP
    57. # qemu-img create -f qcow2 winxp.img 20G

    58. Installing Windows XP ...
    59. # qemu -m 1024 -hda winxp.img -cdrom xp_sp3_vol_x86.iso -boot d -localtime

    60. Boot Windows XP ...
    61. qemu-system-x86_64  -m 1500 -hda winxp.img -cdrom xp_sp3_vol_x86.iso \
    62. -localtime -M pc -smp 2 -soundhw es1370 -usb -enable-kqemu -kernel-kqemu  -name winxp

    63. PS: Windows XP 占用CPU 100% 很无奈,所以还是模拟 Windows2000吧(这个速度是最快的!)
    64. 或者 用 VirtualBox 安装 Windows XP ...

    65. Qemu 模拟 Win2000
    66. qemu-img create -f qcow2 win2000.img 10G
    67. qemu -m 1024 -hda win2000.img -cdrom win2000.iso -boot d -win2k-hack
    68. qemu-system-x86_64  -m 1500 -hda win2000.img -cdrom win2000.iso \
    69. -localtime -M pc -smp 2 -soundhw es1370 -usb -enable-kqemu -kernel-kqemu  -name win2000

    1. Mplayer 具体使用:

    2. 1. xdpyinfo (获得使用您的显卡的X服务器所支持的扩展列表
    3. 常见图像接口列表:

      1. X11: 一般性的使用共享内存的X11输出。

      2. XVideo: 一种X11接口扩展,支持任何X11图像的可拖拉。

      3. SDL: 简单直接媒体层。

      4. DGA: 直接图片存取。

      5. SVGAlib: 低层次掌控图片层。


    4. XVideo (X11扩展接口,用于提高 画面质量)
    5. # xvinfo
    6. X-Video Extension version 2.2
    7. screen #0
    8. no adapters presnet (表示显卡不支持 XVideo)

    9. 2. 安装
    10. # cd /usr/ports/multimedia/mplayer (安装mplayer)
    11. # make WITH_LANG=zh_CN install clean (选中vdpau显卡加速等需要的选项!)

    1. 3. 第一次启动前
    2. % cd /usr/ports/multimedia/mplayer
    3. % make install-user (自动建立: ~/.mplayer)


    4. 要播放一个文件,如 testfile.avi, 可以通过各种视频接口当中的某一个去设置 -vo 选项:

    5. % mplayer -vo xv testfile.avi
    6. % mplayer -vo sdl testfile.avi
    7. % mplayer -vo x11 testfile.avi
    8. # mplayer -vo dga testfile.avi
    9. # mplayer -vo 'sdl:dga' testfile.avi
    10. (详情:man mplayer /-vo)
    11. # mplayer -gui -vo x11 testfile.avi (图形界面, 我保证你不会用)

    12. 常用命令:
    13. # mplayer -fs -zoom -vo xv,x11 testfile.avi (全屏模式,不支持xv 则使用x11,你会不支持xv?)
    14. # mplayer -ontop -vo xv testfile.avi (置顶播放)
    15. # mplayer -vf screenshot -vo xv testfile.avi (屏幕截图,截图保存到当前目录,按键:s)
    16. # mplayer -ss 01:33:00 -vo xv testfile.avi (选择播放起始位置)

    17. mplayer -osdlevel 3 testfile.avi (音量 + 搜索 + 计时器 + 百分比 + 总时间)
    18. # mplayer -cache 4096 testfile.avi (设定缓冲区:KBytes)

    1. cd ~/audio/;ls |cut -d' ' -f1 > music.lst (制作文件列表,文件名不要留空格)
    2. # mplayer -loop 0 -playlist ~/audio/music.lst (无限循环播放列表)

    3. # mplayer \
    4. \
    5. Special_40202/M0040202001.mp3 (Stream From HTTP)

    6. # mplayer 不支持 SWF,建议拖到 浏览器里播放!

    1. KeyBoard Control:
    2. up and down (Seek forward/backward 1 minute)
    3. pgup and pgdown (Seek forward/backward 10 minutes)
    4. [ and ] (Decrease/Increase current playback speed by 10%)
    5. { and } (Halve/Double current playback speed)
    6. BACKSPACE (Reset playback speed to normal)

    7. Playlist:
    8. < and > (Go backward/forward in the playlist)
    9. ENTER (Go forward in the playlist, even over the end)
    10. p / SPACE (Pause, pressing agin unpauses)
    11. q / ESC (Stop playing and quit)

    12. Sound:
    13. 9 and 0 (Decrease/Increase volume)
    14. ( and )  (Adjust audio balance in favor of left/right channel)
    15. m (Mute sound)

    16. OSD States:
    17. o (Toggle OSD states: none/ seek/ seek+ timer/seek+ timer+ total time)
    18. # mplayer -osdlevel 3 testfile.avi
    19. 设定开始的OSD模式.


      0


      只有字幕



      1


      音量 + 搜索(默认)



      2


      音量 + 搜索 + 计时器 + 百分比



      3


      音量 + 搜索 + 计时器 + 百分比 + 总时间

    1. Subtitle:
    2. v (Toggle subtitle visibility)
    3. j (Cycle through the available subtitles)
    4. y and g (Step forward/backward in the subtile list)
    5. F (Toggle displaying "forced subtitles")
    6. a (Toggle subtitle alignment: top/ middle/ bottom)
    7. r and t (Move subtitles up/ down)

    8. ScreenShot:
    9. s (-vf screenshot only)
    10. S (-vf screentshot only, Start/ Stop taking screenshots)
    11. I (Show filename on the OSD)
    12. P (show progression bar, elapsed time and total duration on the OSD)

    13. FullScreen & Stay-On-Top :
    14. f (Toggle fullscreen, also see -fs -zoom)
    15. T (Toggle stay-on-top, also see -ontop)
    1. -------------------------------------------------------------
    2. 为了让 mplayer 的命令行不是太长,使用者可以通过建立一个文件  
    3. 来设定如下默认选项:
    4. # vim ~/.mplayer/config
    5. vo=vdpau # 使用 vdpau 输出设备播放
    6. fs=yes # 全屏
    7. ontop=yes # 置顶
    8. zoom=yes # 允许改变窗口大小
    9. noaspect=yes # 缩放时保持高宽比
    10. osdlevel=3 # 显示 当前播放时间 和 总时间
    11. :wq
    12. -------------------------------------------------------------
    1. 要播放 DVD, 需要把 testfile.avi 改为 dvd://N -dvd-device DEVICE。 
    2. 这里 N 是要播放的节目编号, 而 DEVICE 则是 DVD-ROM 的设备节点。例如,要播放 /dev/dvd 的第三个节目

    3. # mplayer -vo xv dvd://3 -dvd-device /dev/dvd

    4. 注意: 可以在编译 MPlayer 时, 通过 WITH_DVD_DEVICE 来指定默认的 DVD 设备。 
    5. 系统内定的默认设备是 /dev/acd0。 更多细节, 请参考 port 的 Makefile。
    6. 最后,mplayer 可以把DVD题目(title)抓取成为 .vob 文件。
    7. 为了从DVD中导出第二个题目,请输入:

    8. # mplayer -dumpstream -dumpfile out.vob dvd://2 -dvd-device /dev/dvd
    9.   输出文件 out.vob 将是 MPEG 并且可以被这部份描述的其它 “包” 利用。
    10. --------------------------------------------------------------------
    11. 文件:

    12. /etc/mplayer/mplayer.conf


      系统范围的设置


      ~/.mplayer/config


      用户设置


      ~/.mplayer/input.conf


      输入绑定(完整按键列表参见’mplayer −input keylist’的输出)


      ~/.mplayer/gui.conf


      GUI配置文件


      ~/.mplayer/gui.pl

      GUI播放列表


      ~/.mplayer/font/


      字体目录(里面必须有一个font.desc文件和.RAW后缀的文件)


      ~/.mplayer/DVDkeys/


      破解的CSS密钥


      字幕文件按以下顺序搜索(比如播放/mnt/movie/movie.avi文件):


      /mnt/cdrom/movie.sub
      ~/.mplayer/sub/movie.sub
      ~/.mplayer/default.sub



    15:Using Linux Mode (MacromediaFlash插件没有FBSD版,用Linux wrapper运行其flash版本)
    1. # kldload linux (加载进来一会用)
    2. # cd /usr/ports/emulators/linux_base-f10 && make BATCH=YES install distclean
    3. # vim /etc/rc.conf
    4. linux_enable="YES"
    5. :wq


    16:Firefox 和 MacromediaFlash 和 Add-ons  and Chromium

    1. # cd /usr/ports/www/firefox/ && make BATCH=YES install clean
    2. vim /boot/loader.conf
    3. sem_load="YES" (加载module)
    4. :wq

    5. # cd /usr/ports/www/firefox-i18n/ && make install clean (中文支持)
    6. # cd /usr/ports/www/nspluginwrapper && make install clean (提供flash支持)
    7. # cd /usr/ports/www/linux-f10-flashplugin10 && make install clean (安装flash插件)

    8. # 安装版本11的话不需要 挂载 linproc , 我安装的11 ..
    9. # cd /usr/ports/www/linux-f10-flashplugin11 && make install clean (安装flash插件)
    10.  
    11. #  ln -s /usr/local/lib/npapi/linux-f10-flashplugin/libflashplayer.so \
    12. /usr/local/lib/browser_plugins/ (做个symbolic Link,官方文档:browser_plugins是个目录,没有的话要创建)
    13. (目录不行:请直接连接,我就是 直接链接的!)
    14. # rehash (Updates FreeBSD's path environment variables)
    15. <For instance when you have installed software you may not be able 
    16. to run the executables without specifying the path.
    17. rehash solves your problem most of the times>

    18. % nspluginwrapper -v -a -i (插件必须由每个用户运行 nspluginwrapper 安装)
    19. <上面的命令会复制 browser_plugins目录下生成的文件 到:~/.mozilla/plugins/npwrapper.libflashplayer.so>

    20. # 安装版本11(linux-f10-flashplugin11)的话不需要 进行下面的操作 挂载 linproc , 我安装的11 ..

    21. 实现播放flash 动画效果:
    22. # mount  -t linprocfs linproc /usr/compat/linux/proc (挂载 linproc ,事实上 procfs存在安全问题FBSD早就废弃了)

    23. # vim /etc/fstab
    24. linproc /usr/compat/linux/proc linprocfs rw 0 0 (开机自动挂载)
    25. :wq

    26. Add-ons:
    27. firefox - Edit - Preferences - Manage Add-ons - Search
    28. Ease Link: (转换迅雷、QQ旋风、快车专用链接)
    29. Adblock Plus: (屏蔽广告)
    30. Adblock Plus Preferences - Filters -Add filter subscription - Update all subscriptions

    31. NetVideoHunter Video Downloader: (视频地址检测)
    32. NetVideoHunter Options - Show in statusbar - Enable the capturing of SWF files

    33. PS: 
      npviewer.bin 该进程为flash进程,当关闭flash后不会自动
    34. 结束,sockstat |grep npviewer.bin 会看到N多 占用内存超多
    35. 我的办法是:
    36. # echo 'alias killflash killall npviewer.bin'>>~/.cshrc

    37. Chromium
    38. # cd /usr/ports/www/chromium/ && make install clean
    39. echo 'alias chrome chrome --incognito'>>~/.cshrc

    17:compiz-fusion (3D效果)
    1. # cd /usr/ports/x11-wm/compiz-fusion && make BATCH=YES install clean

    2. % vim start-compiz
    3. #!/bin/sh
    4. compiz --replace --sm-disable --ignore-desktop-hints ccp &
    5. emerald --replace &
    6. :wq
    7. % chmod +x start-compiz
    8. % echo "start-compiz" >> ~/.xinitrc

    9. PS: 如果使用了 XDM
    10. % echo "start-compiz" >> ~/.xsession
    11. % startx
     简单设置:
     在CompizConfig设置管理器>首选项>在后端选择GConf Configuration Backed (开启即时生效) 
     接着> 启用 最小化效果、窗口装饰、震颤窗口、移动窗口、调整窗口大小、应用程序切换条,基本的3D桌面竣工!

    18:Security
    1. 监视ports所有软件包安全:
    2. # cd /usr/ports/ports-mgmt/portaudit && make all install clean (portaudit)
    3. # portaudit -Fda (更新数据库, periodic每天自动更新!)
    4. # portaudit -a (开始检查)
    5. 输出如下:

    6. Affected package: cups-base-1.1.22.0_1
    7. Type of problem: cups-base -- HPGL buffer overflow vulnerability.
    8. Reference: <
    9. 1 problem(s) in your installed packages found.
    10. You are advised to update or deinstall the affected package(s) immediately.
    11. <如果你执意要安装不安全的软件请:make install DISABLE_VULNERABILITIES=YES clean>
    12. ----------------------------------------------------------------------------------------------------------
    13. # cd /usr/ports/ports-mgmt/pkg_cleanup && make install clean       (关于删除冗余ports )
    14. FROM: http://wiki.freebsdchina.org/software/p/pkg_cutleaves

    1. RootKit:
    2. # cd /usr/ports/security/rkhunter && make install clean (rkhunter )

    3. Sudo:
    4. # cd /usr/ports/security/sudo && make install clean
    5. # visudo
    6. ko ALL=(root) !/usr/bin/passwd, /usr/bin/passwd [A-Za-z]*, !/usr/bin/passwd root, /usr/bin/su -

    7. Integrity:
    8. # cd /usr/ports/security/aide && make install clean (aide )
    9. # cd /usr/ports/security/tripwire && make install clean (tripwire )

    10. 可用 mtree检查完整性:
    11. # mtree -x -ic -K cksum -K md5digest -K sha256digest -p / \

      -X /home/mwlucas/mtree-exclude > /tmp/mtree.savedspec

      (Use -X  to specify a file containing a list of paths not to match)


      # mtree -f savedspec -f newspec > mtree.differences


    12. AntiVirus:
    13. # cd /usr/ports/security/clamav && make install clean (clamav )
    14. # cd /usr/ports/security/squidclamav && make install clean (squidclamav )

    15. Monitor:
    16. # cd /usr/ports/net-mgmt/cacti && make install clean (cacti)
    17. # cd /usr/ports/net-mgmt/nagios && make install clean (nagios)
    18. # cd /usr/ports/security/nessus && make install clean (nessus)

    19. # cd /usr/ports/sysutils/lsof && make install clean (lsof)

    20. # cd /usr/ports/sysutils/pidof && make install clean (pidof)
    21. # cd /usr/ports/security/nmap && make install clean (nmap)
    22. # cd /usr/ports/net/wireshark && make install clean (wireshark)
    23. # cd /usr/ports/net/tcpdump && make install clean (tcpdump: 系统自带)

    1. Unix Password Cracker:
    2. # cd /usr/ports/security/crack && make install clean (/usr/local/crack/Crack)

    3. Rar Zip 7Z Password Cracker:
    4. # cd /usr/ports/security/rarcrack && make install clean (rarcrack )

    5. Ciphertext Cracker:
    6. # cd /usr/ports/security/rainbowcrack && make install clean (rainbowcrack )

    7. ----------------------------------------------------------------------------------------------------------
    8. Tweaking User Security

      # vim /etc/login.access (Rules are checked on a first-fit basis)

      -:ALL EXCEPT wheel:console

      -:ALL EXCEPT wheel dns webmasters:ALL


      # vim /etc/login.conf (Restricting System Usage)

      :maxproc-cur: 30:\ (Current Resource Limits)

      :maxproc-max: 60:\ (Maximum Resource Limits)


      :passwd_format=md5:\ (md5 or  blf)

      :minpasswordlen=28:\ (Password length Limits)

      :mixpasswordcase=true:\ (Password case Limits)

      :wq

      If present, FreeBSD complains if the user changes his password to an all lowercase word.

      # cap_mkdb /etc/login.conf (rebuilds the database file /etc/login.conf.db)


    9. PS:
    10. in fact, /etc/hosts.equiv and its related services have bitten even

      top-notch security experts who thought they could use it safely. I suggest

      leaving this file empty and perhaps even making it immutable !


    19:SSH
    1. Client: 

      ssh user@host (需要密码 ,远程主机信息保存在:~/.ssh/known_hosts)

      scp filename user@host:~/

      sftp user@host


    2. # ssh-keygen -lf /etc/ssh/ssh_host_dsa_key.pub (检查SSH 主机 PubKey 的 fingerprint,Client端会自动下载并比对)


      用户密码被强制到28位怎么记得住啊? (用PubKey实现无密码登录 !)


      Client:

      ssh-keygen -t rsa -b 2048 (为本机 生成 一对密匙)

      scp .ssh/id_rsa.pub user@host:~/ (把PubKey 发到Server 用户家目录)


      Server:

      cd ~user; mkdir .ssh

      cat id_rsa.pub >> .ssh/authorized_keys (Server 把Client端 PubKey添加到 授权文件内)


      Client:

      ssh user@host (现在可以无密码登录喽!)

    20:Insecure Console (Single-user mode)

    1. When you boot FreeBSD in single-user mode, you get a root command
    2. prompt. This is fine for your laptop and works nicely for servers in your
    3. corporate datacenter, but what about machines in untrusted facilities?

    4. # vim /etc/ttys
    5. console none unknown off secure

    6. To make the console require a root login when booted into single-usermode, 
    7. change the secure to insecure.
    8. # vim /etc/ttys
    9. console none  unknown off insecure
    10. :wq
      开源赛车Vdrift 

    Heroes of Newerth 是一款类似于“魔兽争霸3”中 DotA 场景的游戏,支持 Windows,Linux,Mac 操作系统。

    HON 提供了比 Warcraft III DotA 场景更好的图形效果,并且支持 VoIP。

    Heroes of Newerth 游戏特点:

    • 自动选择水平相近的队友和对手
    • 个人战绩统计
    • 包括来自 DotA 和 Savage 2 世界的各种英雄
    • 内嵌地图编辑器
    • 掉线的玩家可以再度加入游戏
    • 可以创建不允许早退玩家的房间
    • 服务器-客户端联网模式,不再“一人卡众人杯具”
    • 快捷键自定义
    • 内嵌语音聊天
    # 平衡球 Neverball () 支持Windows/Linux/BSD/Mac
    1. # cd /usr/ports/games/neverball && make install clean
    #
    配置文件一览:
    1. # ~/.cshrc
    2. # added by ko BEGIN
    3. setenv PACKAGEROOT ftp://ftp.freebsd.org
    4. setenv PKG_TMPDIR /var/garbage
    5. set autolist
    6. alias cl clear
    7. alias df df -h
    8. alias lock xflock4
    9. alias chrome chrome --incognito
    10. alias adobe acroread8
    11. alias killflash killall npviewer.bin
    12. # ps axo pid,comm,pcpu,pmem
    13. # history -c (clear history)
    14. # wget -r -np -p -k --level=2
    15. # added by ko END
    有意思的命令,或许阁下用得上哦! ^_^
    N:MLDonkey(电驴、BT )
    1. # cd /usr/ports/net-p2p/mldonkey
    2. # make WITHOUT_GUI=yes WITHOUT_X11="YES" WITHOUT_TK="YES" install clean
    3. %ln -s ~/.mldonkey/incoming ~
    4. 在/etc/rc.conf加入mlnet_enable=“YES” 和 mlnet_user=“用户名非root“

    5. %/usr/local/etc/rc.d/mlnet start (注意是%)
    6. 1.%telnet 127.0.0.1 4000
    7. 2.>auth admin ""
    8. 3.>passwd 键入你想设置的密码
    9. 4.>set allowed_ips "127.0.0.1 192.168.0.0/24" (根据你自己的情况设置)
    10. 5.>save
    11. 6.>exit
    12. (mldonkey需要一个非root用户来运行。我习惯在装系统的时候就建立一个wheel组的用户,所以这里我就不用在建立用户了。)


    13. 现在就可以在浏览器里输入:localhost:4080来设置和下载文件了。

    14. 默认mldonkey的文件夹是隐藏的,在用户目录下。找下载好的电影有点不方便,把incoming连接到你的用户目录下就好了。当然你也可以自己修改默认下载路径。

    15. mldonkey简单设置:

    16. enable_kademlia的选项为true――打开kad减少对服务器的依赖。
    17. max_hard_upload_rate默认是10 (全局最大上传,根据自己情况设置)
    18. max_hard_download_rate默认是50 (全局最大下载,根据自己情况设置)
    19. mldonkey有两组两组带宽控制模式,通过点击Bandwidth toggle来更改带宽控制模式。
    20. =添加服务器列表:=

    21. 先删除原先的服务器列表下载地址。点击Options>Web infos找到server.met行然后点击前面的Remove
    22. 然后点击Add Url输入“server.met ”(不包括引号,放心都是安全服务器列表。)再点击前面的DL也就是DownLoad。
    23. =添加kad节点信息=

    24. 点击Options>Web infos>Add Url输入nodes.gzip
    25. =添加firefox for mldonkey插件=

    26. 下载地址:~dyna/mldonkey/
    阅读(11910) | 评论(2) | 转发(4) |
    给主人留下些什么吧!~~

    zongg2012-07-05 11:27:39

    好详细,非常不错.

    ulovko2012-04-20 17:13:26