# The NetBSD Guide ## Purpose of this guide This guide describes the installation and the configuration of the NetBSD operating system as well as the setup and administration of some of its subsystems. It primarily addresses people coming from other Unix-like operating systems, and aims to be a useful guide in the face of the many small problems one encounters when using a new tool. This guide is not a Unix tutorial: basic knowledge of some concepts and tools is assumed. You should know, for example, what a file and a directory are, and how to use an editor. There are plenty of books explaining basic Unix and operating system concepts, and you should consult one if you need more background information. It is better to choose a general book and avoid titles like "Learning Unix-XYZ, version 1.2.3.4 in 10 days", but this is a matter of personal taste. Originally, the guide has been a book, which was subsequently moved to the wiki to make it easier to contribute. If you have additions or comments to the guide, but don't want to create an account, feel free to post your submissions to the [www team](mailto:www@netbsd.org) or the [docs mailing list](netbsd-docs@netbsd.org). The text is maintained in Markdown, and you can use the button in the top right corner to show the source of an article. ## Table of Contents ***I. About NetBSD*** * [[1. What is NetBSD?|guide/intro]] * [[1.1. The story of NetBSD]] * [[1.2. NetBSD features]] * [[1.3. Supported platforms]] * [[1.4. NetBSD's target users]] * [[1.5. Applications for NetBSD]] * [[1.6. How to get NetBSD]] ***II. System installation and related issues*** ***III. System configuration, administration and tuning*** * [[4. Upgrading NetBSD|guide/upgrading]] * [[4.1. Using sysinst]] * [[4.2. Using sysupgrade]] * [[5. The first steps on NetBSD|guide/boot]] * [[5.1. Troubleshooting]] * [[5.2. The man command]] * [[5.3. Editing configuration files]] * [[5.4. Login]] * [[5.5. Changing the root password]] * [[5.6. Adding users]] * [[5.7. Shadow passwords]] * [[5.8. Changing the keyboard layout]] * [[5.9. System time]] * [[5.10. Secure Shell ssh(1)]] * [[5.11. Basic configuration in /etc/rc.conf]] * [[5.12. Basic network settings]] * [[5.13. Mounting a CD-ROM]] * [[5.14. Mounting a floppy]] * [[5.15. Installing additional software]] * [[5.16. Security alerts]] * [[5.17. Stopping and rebooting the system]] * [[7. The rc.d System|guide/rc]] * [[7.1. Basics]] * [[7.2. The rc.d scripts]] * [[7.3. Order/dependencies of start determined by rcorder]] * [[7.4. rc.d scripts of additional services]] * [[7.5. Additional Reading]] * [[8. Console drivers|guide/cons]] * [[8.1. wscons]] * [[9. X|guide/x]] * [[9.1. What is X?]] * [[9.2. Configuration]] * [[9.3. The mouse]] * [[9.4. The keyboard]] * [[9.5. The monitor]] * [[9.6. The video card]] * [[9.7. Starting X]] * [[9.8. Customizing X]] * [[9.9. Other window managers or desktop environments]] * [[9.10. Graphical login with xdm]] * [[11. Audio|guide/audio]] * [[11.1. Basic hardware elements]] * [[11.2. Supported audio cards]] * [[11.3. BIOS settings]] * [[11.4. Configuring the audio device]] * [[11.5. Multiple audio devices]] * [[11.6. Configuring the kernel audio devices]] * [[11.7. Advanced commands]] * [[14. The cryptographic device driver (CGD)|guide/cgd]] * [[14.1. Overview]] * [[14.2. Components of the Crypto-Graphic Disk system]] * [[14.3. Example: encrypting your disk]] * [[14.4. Example: encrypted CDs/DVDs]] * [[14.5. Suggestions and Warnings]] * [[14.6. Further Reading]] * [[15. Concatenated Disk Device (CCD) configuration|guide/ccd]] * [[15.1. Install physical media]] * [[15.2. Configure Kernel Support]] * [[15.3. Disklabel each volume member of the CCD]] * [[15.4. Configure the CCD]] * [[15.5. Initialize the CCD device]] * [[15.6. Create a 4.2BSD/UFS filesystem on the new CCD device]] * [[15.7. Mount the filesystem]] * [[19. Tuning NetBSD|guide/tuning]] * [[19.1. Introduction]] * [[19.2. Tuning Considerations]] * [[19.3. Visual Monitoring Tools]] * [[19.4. Monitoring Tools]] * [[19.5. Network Tools]] * [[19.6. Accounting]] * [[19.7. Kernel Profiling]] * [[19.8. System Tuning]] * [[19.9. Kernel Tuning]] * [[20. NetBSD Veriexec subsystem|guide/veriexec]] * [[20.1. How it works]] * [[20.2. Signatures file]] * [[20.3. Strict levels]] * [[20.4. Veriexec and layered file systems]] * [[20.5. Kernel configuration]] * [[21. Bluetooth on NetBSD|guide/bluetooth]] * [[21.1. Introduction]] * [[21.2. Supported Hardware]] * [[21.3. System Configuration]] * [[21.4. Human Interface Devices]] * [[21.5. Personal Area Networking]] * [[21.6. Serial Connections]] * [[21.7. Audio]] * [[21.8. Object Exchange]] * [[21.9. Troubleshooting]] * [[22. Miscellaneous operations|guide/misc]] * [[22.1. Installing the boot manager]] * [[22.2. Deleting the disklabel]] * [[22.3. Speaker]] * [[22.4. Forgot root password?]] * [[22.5. Password file is busy?]] * [[22.6. Adding a new hard disk]] * [[22.7. How to rebuild the devices in /dev]] ***IV. Networking and related issues*** * [[25. The Internet Super Server inetd Allowing and denying hosts - /etc/hosts.allow, /etc/hosts.deny|guide/inetd]] * [[25.1. Overview]] * [[25.2. What is inetd?]] * [[25.3. Configuring inetd - /etc/inetd.conf]] * [[25.4. Services - /etc/services]] * [[25.5. Protocols - /etc/protocols]] * [[25.6. Remote Procedure Calls (RPC) - /etc/rpc]] * [[25.7. Adding a Service]] * [[25.8. When to use or not to use inetd]] * [[25.9. Other Resources]] * [[28. Introduction to the Common Address Redundancy Protocol (CARP)|guide/carp]] * [[28.1. CARP Operation]] * [[28.2. Configuring CARP]] * [[28.3. Enabling CARP Support]] * [[28.4. CARP Example]] * [[28.5. Advanced CARP configuration]] * [[28.6. Forcing Failover of the Master]] * [[28.7. License]] ***V. Building the system*** * [[30. Obtaining the sources|guide/fetch]] * [[30.1. Preparing directories]] * [[30.2. Terminology]] * [[30.3. Downloading tarballs]] * [[30.4. Fetching by CVS]] * [[30.5. Sources on CD (ISO)]] * [[31. Crosscompiling NetBSD with build.sh|guide/build]] * [[31.1. Building the crosscompiler]] * [[31.2. Configuring the kernel manually]] * [[31.3. Crosscompiling the kernel manually]] * [[31.4. Crosscompiling the kernel with build.sh]] * [[31.5. Crosscompiling the userland]] * [[31.6. Crosscompiling the X Window System]] * [[31.7. Changing build behaviour]] * [[32. Compiling the kernel|guide/kernel]] * [[32.1. Requirements and procedure]] * [[32.2. Installing the kernel sources]] * [[32.3. Creating the kernel configuration file]] * [[32.4. Building the kernel manually]] * [[32.5. Building the kernel using build.sh]] * [[32.6. Installing the new kernel]] * [[32.7. If something went wrong]] * [[33. Updating an existing system from sources|guide/updating]] * [[33.1. Manual build and update procedure]] * [[33.2. Using sysinst]] * [[33.3. Using sysbuild and sysupgrade]] * [[33.4. More details about the updating of configuration and startup files]] ## Guide history This guide was born as a collection of sparse notes that Federico Lupi, the original author of the NetBSD Guide, wrote mostly for himself. When he realized that they could be useful to other NetBSD users he started collecting them and created the first version of the guide using the groff formatter. In order to "easily" get a wider variety of output formats (e.g. HTML and PostScript/PDF), he made the "mistake" of moving to SGML/DocBook, which was the format of the sources. Maintainership was picked up by the NetBSD project and its developers later, and the format was changed to XML/DocBook later due to better tools and slightly more knowhow on customisations. In 2012/2013, the guide was converted in a Google Code-In task by Mingzhe Wang (wmzhere) to Markdown. In early 2013, it was integrated to the NetBSD wiki, along with removing old chapters, restricting numbering schemes and some reformulations. You can still get the [old version of the Guide](http://netbsd.org/docs/guide), which is not maintained anymore. ## Bibliography * [AeleenFrisch] Aeleen Frisch. Copyright © 1991. O'Reilly & Associates. *Essential System Administration*. * [CraigHunt] Craig Hunt. Copyright © 1993. O'Reilly & Associates. *TCP/IP Network Administration*. * [RFC1034] P. V. Mockapetris. Copyright © 1987. *RFC 1034: Domain names - concepts and facilities*. * [RFC1035] P. V. Mockapetris. Copyright © 1987. *RFC 1035: Domain names - implementation and specification*. * [RFC1055] J. L. Romkey. Copyright © 1988. *RFC 1055: Nonstandard for transmission of IP datagrams over serial lines: SLIP*. * [RFC1331] W. Simpson. Copyright © 1992. *RFC 1331: The Point-to-Point Protocol (PPP) for the Transmission of Multi-protocol Datagrams over Point-to-Point Links*. * [RFC1332] G. McGregor. Copyright © 1992. *RFC 1332: The PPP Internet Protocol Control Protocol (IPCP)*. * [RFC1933] R. Gilligan and E. Nordmark. Copyright © 1996. *RFC 1933: Transition Mechanisms for IPv6 Hosts and Routers*. * [RFC2004] C. Perkins. Copyright © 1996. *RFC 2003: IP Encapsulation within IP*. * [RFC2401] S. Kent and R. Atkinson. Copyright © 1998. *RFC 2401: Security Architecture for the Internet Protocol*. * [RFC2411] R. Thayer, N. Doraswamy, and R. Glenn. Copyright © 1998. *RFC 2411: IP Security Document Roadmap*. * [RFC2461] T. Narten, E. Nordmark, and W. Simpson. Copyright © 1998. *RFC 2461: Neighbor Discovery for IP Version 6 (IPv6)*. * [RFC2529] B. Carpenter and C. Jung. Copyright © 1999. *RFC 2529: Transmission of IPv6 over IPv4 Domains without Explicit Tunnels*. * [RFC3024] G. Montenegro. Copyright © 2001. *RFC 3024: Reverse Tunneling for Mobile IP*. * [RFC3027] M. Holdrege and P. Srisuresh. Copyright © 2001. *RFC 3027: Protocol Complications with the IP Network Address Translator*. * [RFC3056] B. Carpenter and K. Moore. Copyright © 2001. *RFC 3056: Connection of IPv6 Domains via IPv4 Clouds*. ## Acknowledgements The NetBSD Guide was originally written by Federico Lupi who managed the sources, coordinated updates, and merged all contributions on his own. Since then, it has been updated and maintained by the NetBSD www team. The Guide has progressed thanks to the contributions of many people who have volunteered their time and effort, supplied material and sent in suggestions and corrections. ### Original acknowledgements Federico's original credits are: * Paulo Aukar * Grant Beattie, converted to XML DocBook. * Manolo De Santis, Audio Chapter * Eric Delcamp, Boot Floppies * Hubert Feyrer, who contributed [[Introduction to TCP/IP Networking|guide/net-intro]] including Next generation Internet protocol - IPv6 and the section [[IPv6 Connectivity & Transition via 6to4|guide/net-practice#ipv6-6to4]] He also helped with the SGML to XML transition. * Jason R. Fink * Daniel de Kok, audio and linux chapters fixes. * Reinoud Koornstra, CVS chapter and rebuilding `/dev` in the Misc chapter. * Brian A. Seklecki [lavalamp@burghcom.com](mailto:lavalamp@burghcom.com), who contributed the CCD Chapter. * Guillain Seuillot * Martti Kuparinen, RAIDframe documentation. * David Magda ### Current acknowledgements This document is currently maintained by the NetBSD www team. Thanks to their efforts, the document is kept up to date and available online at all times. In addition, special thanks go to (in alphabetical order): * Hubert Feyrer, for getting the guide up to speed for NetBSD 2.0, and for making numerous improvements to all chapters. * Jason R. Fink, for maintaining this document and integrating changes. * Andreas Hallman, for his information in [[Tunneling 6to4 through an IPFilter firewall|guide/net-practice#chap-net-practice-ipv6-6to4-ipf]] * Joel Knight for the [[Introduction to the Common Address Redundancy Protocol (CARP)|guide/carp]]. See below for for the accompanying license. * Daniel de Kok, for constant contributions of new chapters, maintenance of existing chapters and his translation work. * Hiroki Sato, for allowing us to build PDF and PS versions of this document. * Jan Schaumann, for maintenance work and `www/htdocs` management. * Lubomir Sedlacik, for some details on using CGD for swap in [[Suggestions and Warnings|guide/cgd#suggestions]] * Dag-Erling Smørgrav, for the article on [[Pluggable Authentication Modules (PAM)|guide/pam]]. See below for the accompanying license. * Florian Stöhr, for [[Example: encrypted CDs/DVDs|guide/cgd#cryptocds]] ### Licenses #### Federico Lupi's original license of this guide Redistribution and use in source and binary forms, with or without modification, are permitted provided that the following conditions are met: 1. Redistributions of source code must retain the above copyright notice, this list of conditions and the following disclaimer. 2. Redistributions in binary form must reproduce the above copyright notice, this list of conditions and the following disclaimer in the documentation and/or other materials provided with the distribution. 3. All advertising materials mentioning features or use of this software must display the following acknowledgement: This product includes software developed by Federico Lupi for the NetBSD Project. 4. The name of the author may not be used to endorse or promote products derived from this software without specific prior written permission. THIS SOFTWARE IS PROVIDED BY THE AUTHOR "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. #### Networks Associates Technology's license on the PAM article Copyright (c) 2001-2003 Networks Associates Technology, Inc. All rights reserved. This software was developed for the FreeBSD Project by ThinkSec AS and Network Associates Laboratories, the Security Research Division of Network Associates, Inc. under DARPA/SPAWAR contract N66001-01-C-8035 ("CBOSS"), as part of the DARPA CHATS research program. Redistribution and use in source and binary forms, with or without modification, are permitted provided that the following conditions are met: 1. Redistributions of source code must retain the above copyright notice, this list of conditions and the following disclaimer. 2. Redistributions in binary form must reproduce the above copyright notice, this list of conditions and the following disclaimer in the documentation and/or other materials provided with the distribution. 3. The name of the author may not be used to endorse or promote products derived from this software without specific prior written permission. THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. #### Joel Knight's license on the CARP article Copyright (c) 2005 Joel Knight Permission to use, copy, modify, and distribute this documentation for any purpose with or without fee is hereby granted, provided that the above copyright notice and this permission notice appear in all copies. THE DOCUMENTATION IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES WITH REGARD TO THIS DOCUMENTATION INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS DOCUMENTATION #### The NetBSD Developers Copyright © 1999, 2000, 2001, 2002 Federico Lupi Copyright © 2003, 2004, 2005, 2006, 2007, 2008, 2009, 2010, 2011, 2012, 2013 The NetBSD Foundation All brand and product names used in this guide are or may be trademarks or registered trademarks of their respective owners. NetBSD® is a registered trademark of The NetBSD Foundation, Inc.