1: **Contents**
2:
3: [[!toc levels=3]]
4:
5: # The first steps on NetBSD
6:
7: After installing and rebooting, the computer will boot from the hard disk. If
8: everything went well, you'll be looking at the login prompt within a few seconds
9: (or minutes, depending on your hardware). The system is not yet fully
10: configured, but basic configuration is easy. You will see how to quickly
11: configure some important things, and in doing so you will learn some basics
12: about how the system works.
13:
14: ## Troubleshooting
15:
16: ### Boot problems
17:
18: If the system does not boot it could be that the boot manager was not installed
19: correctly or that there is a problem with the *MBR* (*Master Boot Record*). Boot
20: the machine from your install medium (CD, DVD, floppy, etc.) and when you see
21: the boot menu, select the option to drop to the boot prompt.
22:
23: type "?" or "help" for help.
24: > ?
25: commands are:
26: boot [xdNx:][filename] [-12acdqsvxz]
27: (ex. "hd0a:netbsd.old -s")
28: ls [path]
29: dev xd[N[x]]:
30: consdev {pc|com[0123]|com[0123]kbd|auto}
31: modules {enabled|disabled}
32: load {path_to_module}
33: multiboot [xdNx:][filename] [<args>]
34: help|?
35: quit
36: > boot hd0a:netbsd
37:
38: The system should now boot from the hard disk. If NetBSD does not boot correctly
39: from the hard disk, there is probably a Master Boot Record problem. You can
40: install the boot manager or modify its configuration with the **fdisk -B**
41: command. See [[Installing the boot manager|guide/misc#bootmanager]] for a
42: detailed description.
43:
44: ### Misconfiguration of /etc/rc.conf
45:
46: If you or the installation software haven't done any configuration of
47: `/etc/rc.conf` (sysinst normally will), the system will drop you into *single
48: user mode* and show the message
49:
50: /etc/rc.conf is not configured. Multiuser boot aborted
51:
52: When the system asks you to choose a shell, simply press `RETURN` to get to a
53: /bin/sh prompt. If you are asked for a terminal type, respond with `vt220`
54: (or whatever is appropriate for your terminal type) and press RETURN. You may
55: need to type one of the following commands to get your delete key to work
56: properly, depending on your keyboard:
57:
58: # stty erase '^h'
59: # stty erase '^?'
60:
61: At this point, you need to configure at least one file in the `/etc` directory.
62: However, the root file system (`/`) is mounted read-only, so you will first need
63: to make it writable with:
64:
65: # mount -u -w /
66:
67: Next, take a look at the `/etc/rc.conf` file. Modify it to your tastes, making
68: sure that you set `rc_configured=YES` so that you don't end up in this position
69: again. Default values for the various programs can be found in
70: `/etc/defaults/rc.conf`. More complete documentation can be found in
71: [[!template id=man name="rc.conf" section="5"]].
72:
73: When you have finished, type `exit` at the prompt to leave the single-user shell
74: and continue with the multi-user boot.
75:
76: ## The man command
77:
78: If you have never used a Unix(-like) operating system before, your best friend
79: is now the
80: [[!template id=man name="man" section="1"]] command,
81: which displays a manual page. The NetBSD manual pages are among the best and
82: most detailed you can find, although they are very technical.
83:
84: A good manual to read after booting a new NetBSD system is
85: [[!template id=man name="afterboot" section="8"]].
86: It contains information about various necessary and useful configuration
87: settings.
88:
89: `man name` shows the man page of the `name` command and `man -k name` shows a
90: list of man pages dealing with `name`. The tool
91: [[!template id=man name="apropos" section="1"]] does
92: a full-text search on the manpages installed on your system, sorted by
93: relevance.
94:
95: To learn the basics of the `man` command, type:
96:
97: # man man
98:
99: Manual pages contain not only information about commands but also descriptions
100: of some NetBSD features and structures. For example, take a look at the
101: [[!template id=man name="hier" section="7"]] man
102: page, which describes in detail the layout of the filesystem used by NetBSD.
103:
104: # man hier
105:
106: Other similar pages are
107: [[!template id=man name="release" section="7"]]
108: and
109: [[!template id=man name="pkgsrc" section="7"]].
110:
111: Manual pages are divided in several sections, depending on what they document:
112:
113: 1. general commands (tools and utilities), see
114: [[!template id=man name="intro" section="1"]]
115: 2. system calls and error numbers, see
116: [[!template id=man name="intro" section="2"]]
117: 3. C libraries, see
118: [[!template id=man name="intro" section="3"]]
119: 4. special files and hardware support, see
120: [[!template id=man name="intro" section="4"]]
121: 5. file formats, see
122: [[!template id=man name="intro" section="5"]]
123: 6. games, see
124: [[!template id=man name="intro" section="6"]]
125: 7. miscellaneous information pages, see
126: [[!template id=man name="intro" section="7"]]
127: 8. system maintenance and operation commands, see
128: [[!template id=man name="intro" section="8"]]
129: 9. kernel internals, see
130: [[!template id=man name="intro" section="9"]]
131:
132: You can read the introduction to each of the sections by reading the `intro`
133: page of the specific section (in this case, 8):
134:
135: # man 8 intro
136:
137: A subject may appear in more than one section of the manual; to view a specific
138: page, supply the section number as an argument to the man command. For example,
139: `time` appears in section 1 (the time user command) and in section 3 (the time
140: function of the C library). To see the man page for the time C function, write:
141:
142: # man 3 time
143:
144: To see all the available pages:
145:
146: # man -w time
147: # man -a time
148:
149: ## Editing configuration files
150:
151: Other than a shell, a text editor is the most essential tool for NetBSD system
152: administration.
153:
154: Though there is the line-editor
155: [[!template id=man name="ed" section="1"]], you might
156: want to use the other editor provided with the NetBSD base system, named
157: [[!template id=man name="vi" section="1"]]. There is a
158: [separate chapter](guide/edit) about using vi. You should read this first, as
159: editing config files is essentially for using NetBSD.
160:
161: Though vi(1) is *the* standard on Unix systems, you maybe want to get a bit used
162: to ed(1). vi is an descendant of ed, and the commands used in ed are applicable
163: for vi as well.
164:
165: ## Login
166:
167: For the first login you will use the `root` user, which is the only user defined
168: at the end of the installation. At the password prompt type the password for
169: root that you set during the installation. If you didn't set a password, just
170: press `Enter`. Note that the password isn't echoed when you type it!
171:
172: NetBSD/i386 (Amnesiac) (ttyE0)
173: login: root
174: password:
175: We recommend creating a non-root account and using su(1) for
176: root access.
177: #
178:
179: ## Changing the root password
180:
181: If you did not set a password for `root` during the installation, you should use
182: the [[!template id=man name="passwd" section="1"]]
183: command to do so now:
184:
185: # passwd
186: Changing local password for root.
187: New password:
188: Retype new password:
189:
190: Passwords are not displayed on the screen while you type.
191:
192: Choose a password that has numbers, digits, and special characters (not space)
193: as well as from the upper and lower case alphabet. Do not choose any word in any
194: language. It is common for an intruder to use dictionary attacks.
195: Nonetheless, you should choose a password you can type independent of the
196: keyboard layout. When using some special characters, you might have problems
197: typing it with your local keymap later on.
198:
199: ## Adding users
200:
201: For security reasons, it is bad practice to login as root during regular use and
202: maintenance of the system. Instead, administrators are encouraged to add a
203: regular user, add the user to the `wheel` group, then use the
204: [[!template id=man name="su" section="1"]] command
205: when root privileges are required. NetBSD offers the
206: [[!template id=man name="useradd" section="8"]]
207: utility to create user accounts. For example, to create a new user:
208:
209: # useradd -m joe
210:
211: The defaults for the useradd command can be changed; see the
212: [[!template id=man name="useradd" section="8"]]
213: man page.
214:
215: User accounts that can `su` to root are required to be in the `wheel` group.
216: This can be done when the account is created by specifying a secondary group:
217:
218: # useradd -m -G wheel joe
219:
220: As an alternative, the
221: [[!template id=man name="usermod" section="8"]]
222: command can be used to add a user to an existing group:
223:
224: # usermod -G wheel joe
225:
226: In case you just created a user but forgot to set a password, you can still do
227: that later using
228: [[!template id=man name="passwd" section="1"]]:
229:
230: # passwd joe
231:
232: ### Note
233:
234: You can edit `/etc/group` directly to add users to groups, but do *not* edit the
235: `/etc/passwd` directly; use
236: [[!template id=man name="vipw" section="8"]].
237:
238: ## Shadow passwords
239:
240: Shadow passwords are enabled by default. This means is that all passwords in
241: `/etc/passwd` are set to `\*`; the encrypted passwords are stored in a file that
242: can only be read by root: `/etc/master.passwd`. When you start
243: [[!template id=man name="vipw" section="8"]] to edit
244: the password file, the program opens a copy of `/etc/master.passwd`; when you
245: exit, vipw checks the validity of the copy, creates a new `/etc/passwd` and
246: installs the new `/etc/master.passwd` file. Finally, vipw launches
247: [[!template id=man name="pwd\_mkdb" section="8"]],
248: which creates the files `/etc/pwd.db` and `/etc/spwd.db`, two databases which
249: are equivalent to `/etc/passwd` and `/etc/master.passwd` but faster to process.
250:
251: It is very important to *always* use `vipw` and the other tools for account
252: administration
253: ([[!template id=man name="chfn" section="1"]],
254: [[!template id=man name="chsh" section="1"]],
255: [[!template id=man name="chpass" section="1"]],
256: [[!template id=man name="passwd" section="1"]])
257: and to *never* directly modify `/etc/master.passwd` or `/etc/passwd`.
258:
259: ## Changing the keyboard layout
260:
261: If you do not have a US layout keyboard, you probably want to change keymaps.
262: For example, to use an italian keyboard, enter the following command:
263:
264: # wsconsctl -k -w encoding=it
265: encoding -> it
266:
267: To save the keyboard layout permanently, add the following line to the
268: `/etc/wscons.conf` file:
269:
270: encoding it
271:
272: See [[Keyboard mappings|guide/cons#keyboard_mappings]] for a list of
273: available keymaps.
274:
275: ## System time
276:
277: NetBSD, like all Unix systems, uses a system clock based on UTC
278: and this is what you should set your system clock to. If you want to keep the
279: system clock set to the local time (because, for example, you have a dual boot
280: system with Windows installed), you must notify NetBSD by adding
281: `rtclocaltime=YES` to `/etc/rc.conf`:
282:
283: # echo rtclocaltime=YES >> /etc/rc.conf
284: # sh /etc/rc.d/rtclocaltime restart
285:
286: The number of minutes west of GMT is calculated automatically and is set in the
287: `kern.rtc_offset` sysctl variable.
288:
289: To display the current setting of the `kern.rtc_offset` variable:
290:
291: # sysctl kern.rtc_offset
292: kern.rtc_offset = -60
293:
294: This automatic configuration only works if you have set the proper time zone by
295: a symbolic link `/etc/localtime`. Normally this is done as part of the install
296: procedure, but if for some reason it wasn't, you can set it by creating a
297: symbolic link from `/etc/localtime` to a file in the `/usr/share/zoneinfo`
298: directory.
299:
300: The following example sets the time zone to Eastern Europe Summer Time:
301:
302: # ln -fs /usr/share/zoneinfo/Europe/Helsinki /etc/localtime
303:
304: ## Secure Shell ssh(1)
305:
306: By default, all services are disabled in a fresh NetBSD installation, and
307: [[!template id=man name="ssh" section="1"]] is no
308: exception. You may wish to enable it so you can log in to your system remotely.
309: Set `sshd=YES` in `/etc/rc.conf` and then start the server with the command
310:
311: # /etc/rc.d/sshd start
312:
313: The first time the server is started, it will generate a new keypair, which will
314: be stored inside the directory `/etc/ssh`.
315:
316: Note that you can enable sshd also by using the configuration menu of `sysinst`.
317: If you did this, you don't have to do it by hand (and sshd should already have
318: started at boot time).
319:
320: ## Basic configuration in /etc/rc.conf
321:
322: NetBSD uses `/etc/rc.conf` to determine what will be executed when the system
323: boots. Understanding this file is important. The
324: [[!template id=man name="rc.conf" section="5"]]
325: manual page contains a detailed description of all available options.
326:
327: The `/etc/defaults/rc.conf` file contains the default values for most settings.
328: To override a default value, the new value must be put into `/etc/rc.conf`. The
329: definitions there override the ones in `/etc/defaults/rc.conf` (which you should
330: leave unchanged).
331:
332: # man rc.conf
333:
334: The first modifications are:
335:
336: * Set `rc_configured=YES` (this modification should already have been done by
337: the installation software.)
338: * Set `dhcpcd=YES` to configure your system's network using DHCP.
339: * Define a `hostname` for your machine (use a fully qualified hostname, i.e.,
340: one including domain). If you have a standalone machine you can use any name
341: (for example, `vigor3.your.domain`). If your machine is connected to a
342: network, you should supply the correct name.
343: * If your are connected to a local network or the Internet through a router,
344: set the `defaultroute` variable to the IP address of your router (sometimes
345: called a `default gateway`). For example, `defaultroute=192.168.1.1`.
346:
347: ## Basic network settings
348:
349: To resolve the names and IP addresses of remote hosts, the system needs access
350: to a (remote or local) *DNS nameserver*. Tell the system which nameserver(s) to
351: use by adding the IP address of one or more nameservers to the
352: `/etc/resolv.conf` file, using the following as an example:
353:
354: nameserver 145.253.2.75
355:
356: There are public name servers available, but your Internet Service Provider
357: should always provide some to you anyway.
358:
359: To set the names of local hosts that are not available through DNS, edit the
360: `/etc/hosts` file, which has the form:
361:
362: IP-address hostname host
363:
364: For example:
365:
366: 192.168.1.3 vigor3.your.domain vigor3
367:
368: ## Mounting a CD-ROM
369:
370: New users are often surprised by the fact that although the installation program
371: recognized and mounted their CD-ROM perfectly, the installed system seems to
372: have "forgotten" how to use the CD-ROM. There is no special magic for using a
373: CD-ROM; you can mount it like any other file system. All you need to know is the
374: device name and some options to the
375: [[!template id=man name="mount" section="8"]]
376: command. You can find the device name with the aforementioned
377: [[!template id=man name="dmesg" section="8"]]
378: command. For example, if dmesg displays:
379:
380: # dmesg | grep ^cd
381: cd0 at atapibus0 drive 1: <ASUS CD-S400/A, , V2.1H> type 5 cdrom removable
382:
383: the device name is `cd0`, and you can mount the CD-ROM with the following
384: commands:
385:
386: # mkdir /cdrom
387: # mount -t cd9660 -o ro /dev/cd0a /cdrom
388:
389: To make things easier, you can add a line to the `/etc/fstab` file:
390:
391: /dev/cd0a /cdrom cd9660 ro,noauto 0 0
392:
393: Without the need to reboot, you can now mount the CD-ROM with:
394:
395: # mount /cdrom
396:
397: When the CD-ROM is mounted you can't eject it manually; you will have to unmount
398: it before you can do that:
399:
400: # umount /cdrom
401:
402: There is also a software command which unmounts the CD-ROM and ejects it:
403:
404: # eject /dev/cd0a
405:
406: ## Mounting a floppy
407:
408: To mount a floppy you must know the name of the floppy device and the file
409: system type of the floppy. Read the
410: [[!template id=man name="fdc" section="4"]] manpage
411: for more information about device naming, as this will differ depending on the
412: exact size and kind of your floppy disk. For example, to read and write a
413: floppy in MS-DOS format you use the following command:
414:
415: # mount -t msdos /dev/fd0a /mnt
416:
417: Instead of `/mnt`, you can use another directory of your choice; you could, for
418: example, create a `/floppy` directory like you did for the CD-ROM. If you do a
419: lot of work with MS-DOS floppies, you will want to install the
420: [sysutils/mtools](http://pkgsrc.se/sysutils/mtools) package, which enables you
421: to access a MS-DOS floppy (or hard disk partition) without the need to mount it.
422: It is very handy for quickly copying a file to or from a floppy:
423:
424: # mcopy foo bar a:
425: # mcopy a:baz.txt baz
426: # mcopy a:\*.jpg .
427:
428: ## Installing additional software
429:
430: ### Using packages from pkgsrc
431:
432: If you wish to install any of the software freely available for UNIX-like
433: systems you are strongly advised to first check the NetBSD package system,
434: [pkgsrc](http://www.pkgsrc.org). pkgsrc automatically handles any changes
435: necessary to make the software run on NetBSD. This includes the retrieval and
436: installation of any other packages on which the software may depend.
437:
438: pkgsrc might have been installed already by `sysinst`, so you don't have to
439: install it manually.
440:
441: * See the [list of available
442: packages](http://ftp.netbsd.org/pub/pkgsrc/current/pkgsrc/README-all.html)
443:
444: * Precompiled binaries are available on the NetBSD FTP server for many ports.
445: To install them the `PKG_PATH` variable needs to be adjusted in the following
446: way (under the
447: [[!template id=man name="sh" section="1"]] shell):
448:
449: # export PKG_PATH="http://ftp.NetBSD.org/pub/pkgsrc/packages/NetBSD/$(uname -p)/$(uname -r)/All"
450: # export PKG_PATH
451:
452: Applications can now be installed by `root` with the pkg\_add command:
453:
454: # pkg_add -v perl
455: # pkg_add -v apache
456: # pkg_add -v firefox
457:
458: The above commands will install the Perl programming language, Apache web
459: server, and Firefox web browser, as well as all the packages they depend on.
460:
461: It is recommended you install and use pkgin for most non-trivial package
462: management tasks, and managing upgrades. pkgin can be installed from the
463: post-installation configuration menu in
464: [[!template id=man name="sysinst" section="8"]], or afterwards using
465: [[!template id=man name="pkg_add" section="1"]] on a live system.
466:
467: # pkg_add -v pkgin
468:
469: It maintains a local database of packages that are on the remote server,
470: you can fetch the database with:
471:
472: # pkgin update
473:
474: Its usage is oriented on the package tools you have with other operating
475: systems. To search the package database for a word `stat`, use
476:
477: # pkgin search WORD
478:
479: To install a package (in this case `fscd`), just type
480:
481: # pkgin install fscd
482:
483: To upgrade installed packages:
484:
485: # pkgin upgrade
486:
487: You should read the manpage to know about more actions you can do with pkgin.
488:
489: ### Storing third-party software
490:
491: On many UNIX-like systems the directory structure under `/usr/local` is reserved
492: for applications and files which are independent of the system's software
493: management. This convention is the reason why most software developers expect
494: their software to be installed under `/usr/local`. NetBSD has no `/usr/local`
495: directory, but it can be created manually if needed. NetBSD does not care about
496: anything installed under `/usr/local`, so this task is left to you as the system
497: administrator.
498:
499: ### Security alerts
500:
501: ## Security alerts
502:
503: By the time that you have installed your system, it is quite likely that bugs in
504: the release have been found. All significant and easily fixed problems will be
505: reported at
506: <http://www.NetBSD.org/support/security/>.
507: It is recommended that you check this page regularly.
508:
509: ## Stopping and rebooting the system
510:
511: Use one of the following two shutdown commands to halt or reboot the system:
512:
513: # shutdown -h now
514: # shutdown -r now
515:
516: Two other commands to perform the same tasks are:
517:
518: # halt
519: # reboot
520:
521: halt, reboot and shutdown are not synonyms: the latter is more sophisticated. On
522: a multiuser system you should really use shutdown, which allows you to schedule
523: a shutdown time and notify users. It will also take care to stop processes
524: properly. For more information, see the
525: [[!template id=man name="shutdown" section="8"]],
526: [[!template id=man name="halt" section="8"]] and
527: [[!template id=man name="reboot" section="8"]]
528: manpages.
529:
CVSweb for NetBSD wikisrc <wikimaster@NetBSD.org> software: FreeBSD-CVSweb