NetBSD Install Afterboot
- - CHANGING /etc FILES
  - SYSTEM TESTING

NetBSD Install Afterboot

See man afterboot for a guideline as to what to do next

Starting out

man ls

As the man page suggests, going through these steps will give you a warm fuzzy that you've at least got the basics going. Like the man page, this also assumes you have a basic knowledge of UNIX.

Security alerts

man daily.conf
man security.conf
Security and NetBSD

Set system to automatically update the database of known vulnerable packages:

echo fetch_pkg_vulnerabilities=YES >> /etc/daily.conf

Root logins over SSH are disabled by default. You can enable them if you want:

vi /etc/ssh/sshd_config
PermitRootLogin yes
:x!
/etc/rc.d/sshd restart

Root password

man passwd
man su

Change the root password if you didn't already do it during the install.

/usr/bin/passwd

System date

man date

Change the system timezone if you need to:

ln -fs /usr/share/zoneinfo/America/Denver /etc/localtime

See what the timezone is set to:

readlink /etc/localtime

Console settings

man 5 wscons.conf

Setup your keyboard map and console settings, if needed. The defaults are most likely fine.

vi /etc/wscons.conf

Check hostname

Set the system hostname, if needed.

vi /etc/rc.conf
hostname=my-netbsd-server

Verify network interface configuration

man 8 ifconfig
man 8 dhclient
man 5 dhclient.conf

Run ifconfig to get your device name, and make sure the driver is loaded. The first word on the first line is the device name. For example, wm0.

Setup the system to get an IP address through DHCP:

echo dhclient=YES >> /etc/rc.conf

Checking routing tables

Verify you can get online:

netstat -rn

The default gateway address is set in the defaultroute variable in /etc/rc.conf or in the file /etc/mygate. If you edit either file, restart the network:

/etc/rc.d/network restart

Secure Shell (SSH)

By default, all services are disabled on boot with a fresh install. Go ahead and start the SSH server if you haven't already, to get remote access:

/etc/rc.d/sshd start

Update rc.conf to start sshd on boot:

echo sshd=YES >> /etc/rc.conf

BIND Name Server (DNS)

Unless you want to setup a nameserver, you can ignore this.

RPC-based network services

Skip it for beginner setups.

YP (NIS) Setup

Skip it for beginner setups.

Check disk mounts

man 8 mount
man 8 umount
man df

Verify that everything is partitioned and mounted correctly. If this is a clean install, and you just booted into it, it'd be pretty obvious if it wasn't.

cat /etc/fstab
mount
df
pstat -s

Concatenated disks (ccd)

Automounter daemon (AMD)

Clock synchronization

man date
man 8 ntpdate
man 8 ntpd
man 8 rdate
man 8 timed

echo ntpdate=YES >> /etc/rc.conf
echo ntpd=YES >> /etc/rc.conf

CHANGING /etc FILES

Add new users

man 8 useradd
man 8 groupadd
man 8 user

System boot scripts and /etc/rc.local

rc.conf

X Display Manager

Printers

Tighten up security

Kerberos

Mail aliases

Postfix

DHCP server

Bootparam server

NFS server

HP remote boot server

Daily, weekly, monthly scripts

Other files in /etc

Crontab (background running processes)

man 5 crontab

Next day cleanup

Packages

Check the running system

man ps
man netstat
man fstat
man systat
man top

SYSTEM TESTING

man 7 tests
man 7 atf
man atf-run
man atf-test-program

Download the tests.tgz file set, and extract it to the root directory.

tar -C / -zxf tests.tgz

Run the system tests, saving the output for review:

atf-run | tee ~/tests.log | atf-report

Table of Contents