Well, there is this.
There are several things described in this Beginners Guide that I don't see in the Handbook. So I am confused on what I should follow. I assume I can combine this Beginners Guide with the Handbook. It seems logical, but I am a beginner and don't know what I really need to get the desktop working.
make install clean
. Then I was able to restart portmaster and it finished the build from there. pkg install
instead of make install clean
because in previous installs, there would be missing dependencies when compiling from the ports which didn't appear when using the packages. I had zero issues with your tutorial. It is excellent. http:localhost:631
into any browser I had installed (Firefox, Chromium (which I hate), and even Lynx) resulted in all of them returning a timeout, file not found error. I could only get it to work by commenting out of rc.conf all of those lines dealing with pf. I am sure that by correctly tweaking pf, that problem would go away, but I don't know enough yet to fix it.Good job, Trihex. I followed your tutorial...mostly....although I usedpkg install
instead ofmake install clean
because in previous installs, there would be missing dependencies when compiling from the ports which didn't appear when using the packages. I had zero issues with your tutorial. It is excellent.
make deinstall clean
the old version before building an up-to-date version from ports. make install clean
all through the build instead of letting ports-mgmt/portmaster build all your 3rd party programs that is where I would say you ended up with missing dependencies. make installl clean
to build it from ports and watched every minute of it to make sure my T43 wasn't going to over heat. make install clean
and ports-mgmt/portupgrade before I ever used portmaster so it's perfectly OK to do so. You just have to work that kind of thing out by hand and build the dependencies yourself as part of the learning experience.The only problem I have run into so far is that using your set up for pf made it impossible for CUPS to work.
shutdown now
. Let me just fix mine to work for you and post it. SirDice can comment on if that's right or not and enough to do it without hosing your ruleset. Or trading pf for ipfw which shouldn't be necessary under any circumstances.### CUPS_pf_rules_included
### Macro name for external interface
ext_if = "em0"
netbios_tcp = "{ 22, 23, 25, 110, 111, 123, 512, 513, 514, 515, 6000, 6010 }"
netbios_udp = "{ 123, 512, 513, 514, 515, 5353, 6000, 6010 }"
### Allow CUPS to use tcp and udp port 631
cups_tcp = "{ 631 }"
cups_udp = "{ 631 }"
### Allow CUPS to be accessible (change to your other machines ifconfig -a LAN designation )
table <local> { 192.168.0.11, 192.168.0.12, 192.168.0.13 }
### Reassemble fragmented packets
scrub in on $ext_if all fragment reassemble
### Default deny everything
block log all
### Pass loopback
set skip on lo0
### Allow LAN to talk to CUPS on your machine
pass in log quick from <local> to any keep state
### Block spooks
antispoof for lo0
antispoof for $ext_if inet
block in from no-route to any
block in from urpf-failed to any
block in quick on $ext_if from any to 255.255.255.255
block in log quick on $ext_if from { 10.0.0.0/8, 172.16.0.0/12, 192.168.0.0/16, 255.255.255.255/32 } to any
### Block all IPv6
block in quick inet6 all
block out quick inet6 all
### Block to and from port 0
block quick proto { tcp, udp } from any port = 0 to any
block quick proto { tcp, udp } from any to any port = 0
### Block specific ports
block in quick log on $ext_if proto tcp from any to any port $netbios_tcp
block in quick log on $ext_if proto udp from any to any port $netbios_udp
### Allow CUPS to talk to clients on LAN
pass out log on $ext_if proto tcp to any port $cups_tcp keep state
pass out log on $ext_if proto udp to any port $cups_udp keep state
### Keep and modulate state of outbound tcp, udp and icmp traffic
pass out on $ext_if proto { tcp, udp, icmp } from any to any modulate state
No comment...I've built 4 different 12.2 machines so far and on 3 there was an issue that prevented portmaster from continuing. Each time I manually installed the port that was the problem usingmake install clean
. Then I was able to restart portmaster and it finished the build from there.
Oh pleaseNo comment...
(Sorry I couldn't resist to add this note)
pkg deinstall cups
, which resulted in the deinstallation of a ton of other executables, all of which I had to manually reinstall. That was kind of annoying, but simply told me that I didn't know enough....yet.I'm glad that fixed it. I have never used anything but FTP to establish a remote connection to another box. Not telnet, SSH, rlogin, Xwindows, PCAnywhere, installed a trojan on mine or connected to a machine that isn't on my LAN. Only FTP, so I have aways blocked everything.Ha ha! You guys are a real kick!
Anyway, thanks Trihex. I must say that your solution to my CUPS issue seems rather involved for what should be such a simple task. Nonetheless, I'll give it a try.
I will say that what I first thought was a CUPS issue at least made me make certain my CUPS install was correct. Anyway, it works just fine now.
portsnap fetch update
at this time.desktop-installer
When did you discover you couldn't do it for yourself?
Yes, sysutils/desktop-installer has been in the ports tree since Jan, 31 2010.Just install freebsd, then install the tool desktop-installer and run it.
It is an automated desktop installer.
You may benefit from their sysutils/auto-admin program as well.Just made an error clicking to fast and had to run it again so maybe there was a mistake or bug but I had to add manually sddm enabled to rc.conf in order to have kde booting.
Unless your goal is to learn how to integrate the components of a Unix desktop environment, manual configuration would not be a good use of your valuable time.
There are some important issues that new FreeBSD users are unlikely to know about, such as ensuring that your ports tree and packages are in sync, how to correctly configure devd, sound devices and graphics drivers, to name a few.
fluxbox-generate_menu
Damn, this is a good one. My sentiments exactly. Yeah, some methods do have their drawbacks. The challenge here is to be professional enough to recognize the drawbacks, have a technical solution for them, and to avoid personal attacks by calling other methods stupid.There's a saying that in Unix, there's always more than one way to do things. The corollary is Yeah, and someone will think your way is stupid.
Trihex is saying his way is *the* way, it is *a* way that will help people new to FreeBSD get started with a working desktop solution.
What are you basing your opinion on?I'd like to subscribe here since I am going to switch to FreeBSD in the very next few days.
p.s. I think that ipfw is better for a basic firewall protection.
What I am saying is that this is the way I install FreeBSD on my laptops line for line and it works for me every time.Wow, I left out an important word. I *meant* to say "Trihex is *not* saying his way is the way, Sorry. (Though I don't pretend to speak for him, either).
portsnap fetch extract
and portsnap fetch update
work just like they always have. I have yet to have to use a GIT client and there is no need to change the tutorial till I do..