Month: January 2025

Update USB Stick For Headless Server Installation

Update USB Stick For Headless Server Installation

By |

Last Updated on 2025-03-11 17:23 by Sture

List /dev setup on the USB stick da0 with:

user@freebsdsrv:~ $ ls /dev/da* [enter]
/dev/da0     /dev/da0s1   /dev/da0s2   /dev/da0s2a
user@freebsdsrv:~ $

In this example, /dev/da0s2a contains the FreeBSD-14.2-RELEASE-amd64 OS installation.

Mount /dev/da0s2a with read and write permissions on /mnt with:

user@freebsdsrv:~ $ sudo mount -o rw /dev/da0s2a /mnt [enter]
user@freebsdsrv:~ $

List directory contents of /mnt with:

user@freebsdsrv:~ $ ls -l /mnt [enter]
total 72
-r--r--r--   1 root wheel 6109 Nov 29 13:53 COPYRIGHT
drwxr-xr-x   2 root wheel 1024 Nov 29 13:51 bin
drwxr-xr-x  14 root wheel 1536 Nov 29 13:53 boot
dr-xr-xr-x   2 root wheel  512 Nov 29 13:50 dev
drwxr-xr-x  30 root wheel 2048 Nov 29 14:02 etc
drwxr-xr-x   4 root wheel 2048 Nov 29 13:51 lib
drwxr-xr-x   3 root wheel  512 Nov 29 13:50 libexec
drwxr-xr-x   2 root wheel  512 Nov 29 13:50 media
drwxr-xr-x   2 root wheel  512 Nov 29 13:50 mnt
drwxr-xr-x   2 root wheel  512 Nov 29 13:50 net
dr-xr-xr-x   2 root wheel  512 Nov 29 13:50 proc
drwxr-xr-x   2 root wheel  512 Nov 29 13:50 rescue
drwxr-x---   2 root wheel  512 Nov 29 13:53 root
drwxr-xr-x   2 root wheel 3072 Nov 29 13:51 sbin
drwxrwxrwt   2 root wheel  512 Nov 29 13:50 tmp
drwxr-xr-x  13 root wheel  512 Nov 29 13:53 usr
drwxr-xr-x  24 root wheel  512 Nov 29 13:50 var
user@freebsdsrv:~ $

Delete file /mnt/etc/rc.local with:

user@freebsdsrv:~ $ sudo rm /mnt/etc/rc.local [enter]
user@freebsdsrv:~ $

Update /etc/fstab

Update file fstab status from read-only to read-write with:

user@freebsdsrv:~ $ sudo sh -c 'sed -e "s/ro/rw/" -i "" /mnt/etc/fstab' ; cat /mnt/etc/fstab [enter]
/dev/ufs/FreeBSD_Install / ufs rw,noatime 1 1
user@freebsdsrv:~ $

Update /etc/rc.conf

Find a currently-unused IP address in your local network.
In this example, IP address 192.168.1.250 and netmask 255.255.255.0 will be hard-coded in file rc.conf.

user@freebsdsrv:~ $ sudo sh -c 'echo ifconfig_DEFAULT=\"inet 192.168.1.250 netmask 255.255.255.0\" >> /mnt/etc/rc.conf'; sudo sh -c 'echo defaultrouter=\"192.168.1.1\" >> /mnt/etc/rc.conf' ; sudo sh -c 'echo sshd_enable=\"YES\" >> /mnt/etc/rc.conf'; sudo sh -c 'echo keymap=\"se.kbd\" >> /mnt/etc/rc.conf'; cat /mnt/etc/rc.conf [enter]
sendmail_enable="NONE"
hostid_enable="NO"
ifconfig_DEFAULT="inet 192.168.1.250 netmask 255.255.255.0"
defaultrouter="192.168.1.1"
sshd_enable="YES"
keymap="se.kbd"
user@freebsdsrv:~ $

Update /boot/loader.conf

Add autoboot_delay=”0″ to file /mnt/boot/loader.conf and verify entries to file /mnt/boot/loader.conf with:

user@freebsdsrv:~ $ sudo sh -c 'echo -e "autoboot_delay=\"0\"" >> /mnt/boot/loader.conf' ; cat /mnt/boot/loader.conf  [enter]
vfs.mountroot.timeout="10"
kernels_autodetect="NO"
loader_menu_multi_user_prompt="Installer"
autoboot_delay="0"
user@freebsdsrv:~ $

Update /etc/ssh/sshd_config

user@freebsdsrv:~ $ sudo sed -e "s/#PermitRootLogin no/PermitRootLogin yes/" -i "" /mnt/etc/ssh/sshd_config ; sudo sed -e 's/#PasswordAuthentication no/PasswordAuthentication yes/' -i "" /mnt/etc/ssh/sshd_config ; sudo sed -e 's/#PermitEmptyPasswords no/PermitEmptyPasswords yes/' -i "" /mnt/etc/ssh/sshd_config ; sudo sed -e 's/#UsePAM yes/UsePAM no/' -i "" /mnt/etc/ssh/sshd_config ; sudo sed -e 's/#UseDNS yes/UseDNS no/' -i "" /mnt/etc/ssh/sshd_config ; cat /mnt/etc/ssh/sshd_config [enter]
#	$OpenBSD: sshd_config,v 1.104 2021/07/02 05:11:21 dtucker Exp $

# This is the sshd server system-wide configuration file.  See
# sshd_config(5) for more information.

# This sshd was compiled with PATH=/usr/bin:/bin:/usr/sbin:/sbin

# The strategy used for options in the default sshd_config shipped with
# OpenSSH is to specify options with their default value where
# possible, but leave them commented.  Uncommented options override the
# default value.

# Note that some of FreeBSD's defaults differ from OpenBSD's, and
# FreeBSD has a few additional options.

#Port 22
#AddressFamily any
#ListenAddress 0.0.0.0
#ListenAddress ::

#HostKey /etc/ssh/ssh_host_rsa_key
#HostKey /etc/ssh/ssh_host_ecdsa_key
#HostKey /etc/ssh/ssh_host_ed25519_key

# Ciphers and keying
#RekeyLimit default none

# Logging
#SyslogFacility AUTH
#LogLevel INFO

# Authentication:

#LoginGraceTime 2m
PermitRootLogin yes
#StrictModes yes
#MaxAuthTries 6
#MaxSessions 10

#PubkeyAuthentication yes

# The default is to check both .ssh/authorized_keys and .ssh/authorized_keys2
# but this is overridden so installations will only check .ssh/authorized_keys
AuthorizedKeysFile	.ssh/authorized_keys

#AuthorizedPrincipalsFile none

#AuthorizedKeysCommand none
#AuthorizedKeysCommandUser nobody

# For this to work you will also need host keys in /etc/ssh/ssh_known_hosts
#HostbasedAuthentication no
# Change to yes if you don't trust ~/.ssh/known_hosts for
# HostbasedAuthentication
#IgnoreUserKnownHosts no
# Don't read the user's ~/.rhosts and ~/.shosts files
#IgnoreRhosts yes

# Change to yes to enable built-in password authentication.
# Note that passwords may also be accepted via KbdInteractiveAuthentication.
PasswordAuthentication yes
PermitEmptyPasswords yes

# Change to no to disable PAM authentication
#KbdInteractiveAuthentication yes

# Kerberos options
#KerberosAuthentication no
#KerberosOrLocalPasswd yes
#KerberosTicketCleanup yes
#KerberosGetAFSToken no

# GSSAPI options
#GSSAPIAuthentication no
#GSSAPICleanupCredentials yes

# Set this to 'no' to disable PAM authentication, account processing,
# and session processing. If this is enabled, PAM authentication will
# be allowed through the KbdInteractiveAuthentication and
# PasswordAuthentication.  Depending on your PAM configuration,
# PAM authentication via KbdInteractiveAuthentication may bypass
# the setting of "PermitRootLogin prohibit-password".
# If you just want the PAM account and session checks to run without
# PAM authentication, then enable this but set PasswordAuthentication
# and KbdInteractiveAuthentication to 'no'.
UsePAM no

#AllowAgentForwarding yes
#AllowTcpForwarding yes
#GatewayPorts no
#X11Forwarding yes
#X11DisplayOffset 10
#X11UseLocalhost yes
#PermitTTY yes
#PrintMotd yes
#PrintLastLog yes
#TCPKeepAlive yes
#PermitUserEnvironment no
#Compression delayed
#ClientAliveInterval 0
#ClientAliveCountMax 3
UseDNS no
#PidFile /var/run/sshd.pid
#MaxStartups 10:30:100
#PermitTunnel no
#ChrootDirectory none
#UseBlacklist no
#VersionAddendum FreeBSD-20221019

# no default banner path
#Banner none

# override default of no subsystems
Subsystem	sftp	/usr/libexec/sftp-server

# Example of overriding settings on a per-user basis
#Match User anoncvs
#	X11Forwarding no
#	AllowTcpForwarding no
#	PermitTTY no
#	ForceCommand cvs server
user@freebsdsrv:~ $

Create /etc/resolve

user@freebsdsrv:~ $ sudo touch /mnt/etc/resolv.conf ; ee /mnt/etc/resolv.conf [enter]

Example:

domain local.lan
nameserver 192.168.1.1
nameserver 208.67.222.22
user@freebsdsrv:~ $ sudo umount /mnt [enter]
user@freebsdsrv:~ $

Insert the modified USB into the target machine, boot it, and wait for a minute or so. You should be able to SSH into it as root.

user@iMac ~ % ssh root@192.168.1.250 [enter]   
The authenticity of host '192.168.1.250 (192.168.1.250)' can't be established.
ED25519 key fingerprint is SHA256:fJc/6q4xKsatzWj5voqi/Pst6R3oPLZN0Tgrrnm2ujY.
This key is not known by any other names.
Are you sure you want to continue connecting (yes/no/[fingerprint])? yes [enter]
Warning: Permanently added '192.168.1.250' (ED25519) to the list of known hosts.
FreeBSD 14.2-RELEASE (GENERIC) releng/14.2-n269506-c8918d6c7412

Welcome to FreeBSD!

Release Notes, Errata: https://www.FreeBSD.org/releases/
Security Advisories:   https://www.FreeBSD.org/security/
FreeBSD Handbook:      https://www.FreeBSD.org/handbook/
FreeBSD FAQ:           https://www.FreeBSD.org/faq/
Questions List:        https://www.FreeBSD.org/lists/questions/
FreeBSD Forums:        https://forums.FreeBSD.org/

Documents installed with the system are in the /usr/local/share/doc/freebsd/
directory, or can be installed later with:  pkg install en-freebsd-doc
For other languages, replace "en" with a language code like de or fr.

Show the version of FreeBSD installed:  freebsd-version ; uname -a
Please include that output and any error messages when posting questions.
Introduction to manual pages:  man man
FreeBSD directory layout:      man hier

To change this login announcement, see motd(5).
root@:~ #

bsdinstall

Run bsdinstall to install FreeBSD on the target machine.

root@:~ # bsdinstall [enter]

bsdconfig

If you’ve already installed FreeBSD, you may use bsdconfig to customise the server to suit your particular configuration. Most importantly, you can use the Package utility to load extra ‘3rd party’ software not provided in the base distributions.

root@:~ # bsdconfig [enter]
Webmin & Usermin

Webmin & Usermin

By |

Last Updated on 2025-02-03 19:35 by Sture

Webmin

Description

Webmin is a web-based system administration tool for Unix-like servers and services, and it has about 1,000,000 installations worldwide yearly. Using it, it is possible to configure operating system internals, such as users, disk quotas, services, or configuration files, as well as modify and control open-source apps, such as BIND DNS Server, Apache HTTP Server, PHP, MySQL, and many more.

Required packages

Since Webmin will be installed outside the package manager, ensure the following recommended Perl modules and packages are present:
Perl modules:
– DateTime, DateTime::Locale, DateTime::TimeZone, Data::Dumper
– Digest::MD5, Digest::SHA, Encode::Detect, File::Basename
– File::Path, Net::SSLeay, Time::HiRes, Time::Local, Time::Piece
– lib, open
Packages:
– openssl – Cryptography library with TLS implementation
– shared-mime-info – Shared MIME information database
– tar gzip unzip – File compression and packaging utilities

Install required packages with:

user@freebsdsrv:~ $ sudo pkg install -y perl5 p5-DateTime-Locale p5-DateTime-TimeZone p5-Data-Dumper p5-Digest-MD5 p5-Digest-SHA p5-Encode-Detect p5-File-Path p5-JSON-XS p5-Time-HiRes p5-Time-Local p5-Time-Piece p5-Authen-PAM p5-Net-LDAP-Express p5-Net-SSLeay p5-IO-Tty gzip unzip shared-mime-info [enter]
Updating FreeBSD repository catalogue...
FreeBSD repository is up to date.
All repositories are up to date.
The following 77 package(s) will be affected (of 0 checked):

New packages to be INSTALLED:
	glib: 2.80.5_1,2
	gzip: 1.13_1
	libffi: 3.4.6
	libiconv: 1.17_1
	libxml2: 2.11.9
	mpdecimal: 4.0.0
	p5-Algorithm-C3: 0.11
	p5-Authen-PAM: 0.16_2
	p5-Authen-SASL: 2.17_1
	p5-B-Hooks-EndOfScope: 0.28
	p5-Class-C3: 0.35
	p5-Class-Data-Inheritable: 0.10
	p5-Class-Inspector: 1.36
	p5-Class-Method-Modifiers: 2.15
	p5-Class-Singleton: 1.6
	p5-Clone: 0.47
	p5-Convert-ASN1: 0.34
	p5-Data-Dumper: 2.183
	p5-Data-OptList: 0.114
	p5-DateTime-Locale: 1.44
	p5-DateTime-TimeZone: 2.63,1
	p5-Devel-StackTrace: 2.05
	p5-Digest-HMAC: 1.05
	p5-Digest-MD5: 2.59
	p5-Digest-SHA: 6.04
	p5-Dist-CheckConflicts: 0.11_1
	p5-Encode-Detect: 1.01_1
	p5-Eval-Closure: 0.14
	p5-Exception-Class: 1.45
	p5-File-Path: 2.18
	p5-File-ShareDir: 1.118
	p5-IO-Socket-IP: 0.43
	p5-IO-Socket-SSL: 2.089
	p5-IO-Tty: 1.20_1
	p5-JSON-XS: 4.03
	p5-MRO-Compat: 0.15
	p5-Module-Implementation: 0.09_1
	p5-Module-Runtime: 0.016
	p5-Mozilla-CA: 20240924
	p5-Net-LDAP-Express: 0.12_1
	p5-Net-SSLeay: 1.94
	p5-Package-Stash: 0.40
	p5-Package-Stash-XS: 0.30
	p5-Params-Util: 1.102
	p5-Params-ValidationCompiler: 0.31
	p5-Role-Tiny: 2.002004
	p5-Specio: 0.49
	p5-Sub-Exporter: 0.991
	p5-Sub-Exporter-Progressive: 0.001013
	p5-Sub-Identify: 0.14
	p5-Sub-Install: 0.929
	p5-Sub-Quote: 2.006008_1
	p5-Text-Soundex: 3.05
	p5-Time-HiRes: 1.9764,1
	p5-Time-Local: 1.35
	p5-Time-Piece: 1.3300
	p5-Try-Tiny: 0.32
	p5-Types-Serialiser: 1.01
	p5-URI: 5.31
	p5-Variable-Magic: 0.64
	p5-XML-Filter-BufferText: 1.01_1
	p5-XML-NamespaceSupport: 1.12
	p5-XML-SAX: 1.02
	p5-XML-SAX-Base: 1.09
	p5-XML-SAX-Writer: 0.57
	p5-XString: 0.005
	p5-common-sense: 3.75
	p5-namespace-autoclean: 0.31
	p5-namespace-clean: 0.27
	p5-perl-ldap: 0.6800
	pcre2: 10.43
	perl5: 5.36.3_2
	py311-packaging: 24.2
	python311: 3.11.11
	readline: 8.2.13_2
	shared-mime-info: 2.4_1
	unzip: 6.0_8

Number of packages to be installed: 77

The process will require 347 MiB more space.
57 MiB to be downloaded.
[1/77] Fetching p5-Try-Tiny-0.32.pkg: 100%   18 KiB  18.2kB/s    00:01    
[2/77] Fetching p5-XML-SAX-1.02.pkg: 100%   46 KiB  47.4kB/s    00:01    
[3/77] Fetching p5-Digest-MD5-2.59.pkg: 100%   20 KiB  20.5kB/s    00:01    
[4/77] Fetching p5-Net-SSLeay-1.94.pkg: 100%  281 KiB 288.2kB/s    00:01    
[5/77] Fetching p5-Sub-Quote-2.006008_1.pkg: 100%   25 KiB  25.2kB/s    00:01    
[6/77] Fetching gzip-1.13_1.pkg: 100%  177 KiB 181.4kB/s    00:01    
[7/77] Fetching p5-IO-Socket-SSL-2.089.pkg: 100%  194 KiB 198.7kB/s    00:01    
[8/77] Fetching p5-B-Hooks-EndOfScope-0.28.pkg: 100%   19 KiB  19.7kB/s    00:01    
[9/77] Fetching p5-Algorithm-C3-0.11.pkg: 100%   11 KiB  11.1kB/s    00:01    
[10/77] Fetching mpdecimal-4.0.0.pkg: 100%  156 KiB 159.3kB/s    00:01    
[11/77] Fetching p5-Module-Runtime-0.016.pkg: 100%   16 KiB  16.6kB/s    00:01    
[12/77] Fetching p5-perl-ldap-0.6800.pkg: 100%  305 KiB 311.9kB/s    00:01    
[13/77] Fetching p5-Package-Stash-XS-0.30.pkg: 100%   16 KiB  16.9kB/s    00:01    
[14/77] Fetching p5-Net-LDAP-Express-0.12_1.pkg: 100%   14 KiB  14.1kB/s    00:01    
[15/77] Fetching p5-IO-Socket-IP-0.43.pkg: 100%   29 KiB  29.3kB/s    00:01    
[16/77] Fetching p5-URI-5.31.pkg: 100%  101 KiB 103.0kB/s    00:01    
[17/77] Fetching p5-Digest-SHA-6.04.pkg: 100%   38 KiB  38.8kB/s    00:01    
[18/77] Fetching p5-Module-Implementation-0.09_1.pkg: 100%   10 KiB  10.2kB/s    00:01    
[19/77] Fetching p5-Params-Util-1.102.pkg: 100%   19 KiB  19.2kB/s    00:01    
[20/77] Fetching p5-Package-Stash-0.40.pkg: 100%   21 KiB  21.6kB/s    00:01    
[21/77] Fetching unzip-6.0_8.pkg: 100%  140 KiB 143.2kB/s    00:01    
[22/77] Fetching p5-Class-Method-Modifiers-2.15.pkg: 100%   19 KiB  19.1kB/s    00:01    
[23/77] Fetching p5-Data-OptList-0.114.pkg: 100%   14 KiB  14.4kB/s    00:01    
[24/77] Fetching p5-Class-Inspector-1.36.pkg: 100%   19 KiB  19.9kB/s    00:01    
[25/77] Fetching p5-XML-NamespaceSupport-1.12.pkg: 100%   17 KiB  17.0kB/s    00:01    
[26/77] Fetching pcre2-10.43.pkg: 100%    1 MiB   1.5MB/s    00:01    
[27/77] Fetching p5-Clone-0.47.pkg: 100%   11 KiB  11.3kB/s    00:01    
[28/77] Fetching p5-File-Path-2.18.pkg: 100%   25 KiB  26.0kB/s    00:01    
[29/77] Fetching libiconv-1.17_1.pkg: 100%  734 KiB 751.9kB/s    00:01    
[30/77] Fetching p5-XString-0.005.pkg: 100%   13 KiB  12.9kB/s    00:01    
[31/77] Fetching p5-Params-ValidationCompiler-0.31.pkg: 100%   21 KiB  21.8kB/s    00:01    
[32/77] Fetching p5-Time-Local-1.35.pkg: 100%   19 KiB  19.4kB/s    00:01    
[33/77] Fetching p5-Time-Piece-1.3300.pkg: 100%   31 KiB  31.8kB/s    00:01    
[34/77] Fetching p5-Types-Serialiser-1.01.pkg: 100%   12 KiB  12.7kB/s    00:01    
[35/77] Fetching p5-Class-Singleton-1.6.pkg: 100%   12 KiB  12.3kB/s    00:01    
[36/77] Fetching p5-Encode-Detect-1.01_1.pkg: 100%   81 KiB  82.9kB/s    00:01    
[37/77] Fetching p5-Authen-SASL-2.17_1.pkg: 100%   41 KiB  42.4kB/s    00:01    
[38/77] Fetching p5-Dist-CheckConflicts-0.11_1.pkg: 100%   10 KiB  10.4kB/s    00:01    
[39/77] Fetching libxml2-2.11.9.pkg: 100%  872 KiB 893.4kB/s    00:01    
[40/77] Fetching p5-DateTime-Locale-1.44.pkg: 100%    3 MiB   3.4MB/s    00:01    
[41/77] Fetching p5-Sub-Install-0.929.pkg: 100%   14 KiB  14.7kB/s    00:01    
[42/77] Fetching p5-XML-Filter-BufferText-1.01_1.pkg: 100%    7 KiB   7.0kB/s    00:01    
[43/77] Fetching p5-namespace-autoclean-0.31.pkg: 100%   11 KiB  10.9kB/s    00:01    
[44/77] Fetching p5-Time-HiRes-1.9764,1.pkg: 100%   29 KiB  30.0kB/s    00:01    
[45/77] Fetching py311-packaging-24.2.pkg: 100%  127 KiB 129.9kB/s    00:01    
[46/77] Fetching p5-Variable-Magic-0.64.pkg: 100%   33 KiB  33.4kB/s    00:01    
[47/77] Fetching p5-Class-Data-Inheritable-0.10.pkg: 100%    8 KiB   8.1kB/s    00:01    
[48/77] Fetching p5-Data-Dumper-2.183.pkg: 100%   41 KiB  42.4kB/s    00:01    
[49/77] Fetching p5-Sub-Exporter-0.991.pkg: 100%   53 KiB  53.9kB/s    00:01    
[50/77] Fetching glib-2.80.5_1,2.pkg: 100%    4 MiB   4.3MB/s    00:01    
[51/77] Fetching p5-Convert-ASN1-0.34.pkg: 100%   35 KiB  35.7kB/s    00:01    
[52/77] Fetching p5-Authen-PAM-0.16_2.pkg: 100%   24 KiB  24.6kB/s    00:01    
[53/77] Fetching p5-Role-Tiny-2.002004.pkg: 100%   20 KiB  20.5kB/s    00:01    
[54/77] Fetching p5-Exception-Class-1.45.pkg: 100%   28 KiB  28.6kB/s    00:01    
[55/77] Fetching perl5-5.36.3_2.pkg: 100%   15 MiB  16.1MB/s    00:01    
[56/77] Fetching p5-namespace-clean-0.27.pkg: 100%   13 KiB  13.7kB/s    00:01    
[57/77] Fetching p5-Sub-Identify-0.14.pkg: 100%   10 KiB  10.5kB/s    00:01    
[58/77] Fetching p5-JSON-XS-4.03.pkg: 100%   81 KiB  83.3kB/s    00:01    
[59/77] Fetching p5-Mozilla-CA-20240924.pkg: 100%  129 KiB 132.3kB/s    00:01    
[60/77] Fetching p5-Sub-Exporter-Progressive-0.001013.pkg: 100%   12 KiB  11.8kB/s    00:01    
[61/77] Fetching p5-Specio-0.49.pkg: 100%  129 KiB 132.1kB/s    00:01    
[62/77] Fetching libffi-3.4.6.pkg: 100%   45 KiB  46.0kB/s    00:01    
[63/77] Fetching readline-8.2.13_2.pkg: 100%  397 KiB 406.3kB/s    00:01    
[64/77] Fetching p5-Digest-HMAC-1.05.pkg: 100%   15 KiB  15.5kB/s    00:01    
[65/77] Fetching p5-MRO-Compat-0.15.pkg: 100%   11 KiB  11.0kB/s    00:01    
[66/77] Fetching p5-common-sense-3.75.pkg: 100%    8 KiB   8.6kB/s    00:01    
[67/77] Fetching shared-mime-info-2.4_1.pkg: 100%  631 KiB 645.7kB/s    00:01    
[68/77] Fetching p5-XML-SAX-Writer-0.57.pkg: 100%   22 KiB  22.9kB/s    00:01    
[69/77] Fetching p5-Devel-StackTrace-2.05.pkg: 100%   18 KiB  18.9kB/s    00:01    
[70/77] Fetching p5-File-ShareDir-1.118.pkg: 100%   18 KiB  18.8kB/s    00:01    
[71/77] Fetching p5-Class-C3-0.35.pkg: 100%   19 KiB  19.2kB/s    00:01    
[72/77] Fetching p5-DateTime-TimeZone-2.63,1.pkg: 100%  260 KiB 266.2kB/s    00:01    
[73/77] Fetching p5-Text-Soundex-3.05.pkg: 100%   17 KiB  17.8kB/s    00:01    
[74/77] Fetching python311-3.11.11.pkg: 100%   27 MiB  28.0MB/s    00:01    
[75/77] Fetching p5-XML-SAX-Base-1.09.pkg: 100%   25 KiB  25.2kB/s    00:01    
[76/77] Fetching p5-Eval-Closure-0.14.pkg: 100%   11 KiB  11.0kB/s    00:01    
[77/77] Fetching p5-IO-Tty-1.20_1.pkg: 100%   30 KiB  30.9kB/s    00:01    
Checking integrity... done (0 conflicting)
[1/77] Installing perl5-5.36.3_2...
[1/77] Extracting perl5-5.36.3_2: 100%
[2/77] Installing p5-Params-Util-1.102...
[2/77] Extracting p5-Params-Util-1.102: 100%
[3/77] Installing p5-Sub-Install-0.929...
[3/77] Extracting p5-Sub-Install-0.929: 100%
[4/77] Installing p5-Data-OptList-0.114...
[4/77] Extracting p5-Data-OptList-0.114: 100%
[5/77] Installing p5-Try-Tiny-0.32...
[5/77] Extracting p5-Try-Tiny-0.32: 100%
[6/77] Installing p5-Module-Runtime-0.016...
[6/77] Extracting p5-Module-Runtime-0.016: 100%
[7/77] Installing p5-XML-NamespaceSupport-1.12...
[7/77] Extracting p5-XML-NamespaceSupport-1.12: 100%
[8/77] Installing p5-Sub-Exporter-0.991...
[8/77] Extracting p5-Sub-Exporter-0.991: 100%
[9/77] Installing p5-XML-SAX-Base-1.09...
[9/77] Extracting p5-XML-SAX-Base-1.09: 100%
[10/77] Installing p5-XML-SAX-1.02...
[10/77] Extracting p5-XML-SAX-1.02: 100%
could not find ParserDetails.ini in /usr/local/lib/perl5/site_perl/XML/SAX
[11/77] Installing p5-Algorithm-C3-0.11...
[11/77] Extracting p5-Algorithm-C3-0.11: 100%
[12/77] Installing mpdecimal-4.0.0...
[12/77] Extracting mpdecimal-4.0.0: 100%
[13/77] Installing p5-Package-Stash-XS-0.30...
[13/77] Extracting p5-Package-Stash-XS-0.30: 100%
[14/77] Installing p5-Module-Implementation-0.09_1...
[14/77] Extracting p5-Module-Implementation-0.09_1: 100%
[15/77] Installing p5-Dist-CheckConflicts-0.11_1...
[15/77] Extracting p5-Dist-CheckConflicts-0.11_1: 100%
[16/77] Installing p5-Variable-Magic-0.64...
[16/77] Extracting p5-Variable-Magic-0.64: 100%
[17/77] Installing p5-Sub-Exporter-Progressive-0.001013...
[17/77] Extracting p5-Sub-Exporter-Progressive-0.001013: 100%
[18/77] Installing libffi-3.4.6...
[18/77] Extracting libffi-3.4.6: 100%
[19/77] Installing readline-8.2.13_2...
[19/77] Extracting readline-8.2.13_2: 100%
[20/77] Installing p5-Net-SSLeay-1.94...
[20/77] Extracting p5-Net-SSLeay-1.94: 100%
[21/77] Installing p5-B-Hooks-EndOfScope-0.28...
[21/77] Extracting p5-B-Hooks-EndOfScope-0.28: 100%
[22/77] Installing p5-IO-Socket-IP-0.43...
[22/77] Extracting p5-IO-Socket-IP-0.43: 100%
[23/77] Installing p5-Package-Stash-0.40...
[23/77] Extracting p5-Package-Stash-0.40: 100%
[24/77] Installing p5-Class-Method-Modifiers-2.15...
[24/77] Extracting p5-Class-Method-Modifiers-2.15: 100%
[25/77] Installing p5-XString-0.005...
[25/77] Extracting p5-XString-0.005: 100%
[26/77] Installing p5-XML-Filter-BufferText-1.01_1...
[26/77] Extracting p5-XML-Filter-BufferText-1.01_1: 100%
[27/77] Installing p5-Class-Data-Inheritable-0.10...
[27/77] Extracting p5-Class-Data-Inheritable-0.10: 100%
[28/77] Installing p5-Mozilla-CA-20240924...
[28/77] Extracting p5-Mozilla-CA-20240924: 100%
[29/77] Installing p5-Digest-HMAC-1.05...
[29/77] Extracting p5-Digest-HMAC-1.05: 100%
[30/77] Installing p5-Devel-StackTrace-2.05...
[30/77] Extracting p5-Devel-StackTrace-2.05: 100%
[31/77] Installing p5-Class-C3-0.35...
[31/77] Extracting p5-Class-C3-0.35: 100%
[32/77] Installing python311-3.11.11...
[32/77] Extracting python311-3.11.11: 100%
[33/77] Installing p5-Sub-Quote-2.006008_1...
[33/77] Extracting p5-Sub-Quote-2.006008_1: 100%
[34/77] Installing p5-IO-Socket-SSL-2.089...
[34/77] Extracting p5-IO-Socket-SSL-2.089: 100%
[35/77] Installing p5-URI-5.31...
[35/77] Extracting p5-URI-5.31: 100%
[36/77] Installing p5-Class-Inspector-1.36...
[36/77] Extracting p5-Class-Inspector-1.36: 100%
[37/77] Installing pcre2-10.43...
[37/77] Extracting pcre2-10.43: 100%
[38/77] Installing p5-Clone-0.47...
[38/77] Extracting p5-Clone-0.47: 100%
[39/77] Installing libiconv-1.17_1...
[39/77] Extracting libiconv-1.17_1: 100%
[40/77] Installing p5-Authen-SASL-2.17_1...
[40/77] Extracting p5-Authen-SASL-2.17_1: 100%
[41/77] Installing py311-packaging-24.2...
[41/77] Extracting py311-packaging-24.2: 100%
[42/77] Installing p5-Convert-ASN1-0.34...
[42/77] Extracting p5-Convert-ASN1-0.34: 100%
[43/77] Installing p5-Role-Tiny-2.002004...
[43/77] Extracting p5-Role-Tiny-2.002004: 100%
[44/77] Installing p5-Exception-Class-1.45...
[44/77] Extracting p5-Exception-Class-1.45: 100%
[45/77] Installing p5-namespace-clean-0.27...
[45/77] Extracting p5-namespace-clean-0.27: 100%
[46/77] Installing p5-Sub-Identify-0.14...
[46/77] Extracting p5-Sub-Identify-0.14: 100%
[47/77] Installing p5-MRO-Compat-0.15...
[47/77] Extracting p5-MRO-Compat-0.15: 100%
[48/77] Installing p5-common-sense-3.75...
[48/77] Extracting p5-common-sense-3.75: 100%
[49/77] Installing p5-XML-SAX-Writer-0.57...
[49/77] Extracting p5-XML-SAX-Writer-0.57: 100%
[50/77] Installing p5-Text-Soundex-3.05...
[50/77] Extracting p5-Text-Soundex-3.05: 100%
[51/77] Installing p5-Eval-Closure-0.14...
[51/77] Extracting p5-Eval-Closure-0.14: 100%
[52/77] Installing p5-perl-ldap-0.6800...
[52/77] Extracting p5-perl-ldap-0.6800: 100%
[53/77] Installing p5-Params-ValidationCompiler-0.31...
[53/77] Extracting p5-Params-ValidationCompiler-0.31: 100%
[54/77] Installing p5-Types-Serialiser-1.01...
[54/77] Extracting p5-Types-Serialiser-1.01: 100%
[55/77] Installing p5-Class-Singleton-1.6...
[55/77] Extracting p5-Class-Singleton-1.6: 100%
[56/77] Installing libxml2-2.11.9...
[56/77] Extracting libxml2-2.11.9: 100%
[57/77] Installing p5-namespace-autoclean-0.31...
[57/77] Extracting p5-namespace-autoclean-0.31: 100%
[58/77] Installing glib-2.80.5_1,2...
[58/77] Extracting glib-2.80.5_1,2: 100%
[59/77] Installing p5-Specio-0.49...
[59/77] Extracting p5-Specio-0.49: 100%
[60/77] Installing p5-File-ShareDir-1.118...
[60/77] Extracting p5-File-ShareDir-1.118: 100%
[61/77] Installing p5-Digest-MD5-2.59...
[61/77] Extracting p5-Digest-MD5-2.59: 100%
[62/77] Installing gzip-1.13_1...
[62/77] Extracting gzip-1.13_1: 100%
[63/77] Installing p5-Net-LDAP-Express-0.12_1...
[63/77] Extracting p5-Net-LDAP-Express-0.12_1: 100%
[64/77] Installing p5-Digest-SHA-6.04...
[64/77] Extracting p5-Digest-SHA-6.04: 100%
[65/77] Installing unzip-6.0_8...
[65/77] Extracting unzip-6.0_8: 100%
[66/77] Installing p5-File-Path-2.18...
[66/77] Extracting p5-File-Path-2.18: 100%
[67/77] Installing p5-Time-Local-1.35...
[67/77] Extracting p5-Time-Local-1.35: 100%
[68/77] Installing p5-Time-Piece-1.3300...
[68/77] Extracting p5-Time-Piece-1.3300: 100%
[69/77] Installing p5-Encode-Detect-1.01_1...
[69/77] Extracting p5-Encode-Detect-1.01_1: 100%
[70/77] Installing p5-DateTime-Locale-1.44...
[70/77] Extracting p5-DateTime-Locale-1.44: 100%
[71/77] Installing p5-Time-HiRes-1.9764,1...
[71/77] Extracting p5-Time-HiRes-1.9764,1: 100%
[72/77] Installing p5-Data-Dumper-2.183...
[72/77] Extracting p5-Data-Dumper-2.183: 100%
[73/77] Installing p5-Authen-PAM-0.16_2...
[73/77] Extracting p5-Authen-PAM-0.16_2: 100%
[74/77] Installing p5-JSON-XS-4.03...
[74/77] Extracting p5-JSON-XS-4.03: 100%
[75/77] Installing shared-mime-info-2.4_1...
[75/77] Extracting shared-mime-info-2.4_1: 100%
[76/77] Installing p5-DateTime-TimeZone-2.63,1...
[76/77] Extracting p5-DateTime-TimeZone-2.63,1: 100%
[77/77] Installing p5-IO-Tty-1.20_1...
[77/77] Extracting p5-IO-Tty-1.20_1: 100%
==> Running trigger: gio-modules.ucl
Generating GIO modules cache
==> Running trigger: glib-schemas.ucl
Compiling glib schemas
No schema files found: doing nothing.
==> Running trigger: shared-mime-info.ucl
Building the Shared MIME-Info database cache
=====
Message from python311-3.11.11:

--
Note that some standard Python modules are provided as separate ports
as they require additional dependencies. They are available as:

py311-gdbm       databases/py-gdbm@py311
py311-sqlite3    databases/py-sqlite3@py311
py311-tkinter    x11-toolkits/py-tkinter@py311
user@freebsdsrv:~ $

Download Webmin Code

Download the current version of the Webmin code with:

user@freebsdsrv:~ $ fetch https://github.com/webmin/webmin/releases/download/2.202/webmin-2.202.tar.gz [enter]
webmin-2.202.tar.gz                                   44 MB   27 MBps    02s
user@freebsdsrv:~ $

Extract the Webmin code

user@freebsdsrv:~ $ tar zxvf webmin-2.202.tar.gz [enter]
x webmin-2.202/
x webmin-2.202/acl/
x webmin-2.202/acl/module.info.fi
...
x webmin-2.202/change-user/module.info.pt_BR.auto
x webmin-2.202/password_change.cgi
x webmin-2.202/config-irix
user@freebsdsrv:~ $

Webmin setup

Create directory /usr/local/etc/rc.d with:

user@freebsdsrv:~ $ sudo mkdir /usr/local/etc/rc.d [enter]
user@freebsdsrv:~ $

Change directory to the Webmin installation directory with:

user@freebsdsrv:~ $ cd webmin-2.202 [enter]
user@freebsdsrv:~/webmin-2.202 $

Run the Webmin installtion script with:

user@freebsdsrv:~/webmin-2.202 $ sudo ./setup.sh /usr/local/webmin [enter]
****************************************************************************
           Welcome to the Webmin setup script, version 2.202
****************************************************************************
Webmin is a web-based interface that allows Unix-like operating
systems and common Unix services to be easily administered.

Installing Webmin from /home/user/webmin-2.202 to /usr/local/webmin

****************************************************************************
Webmin uses separate directories for configuration files and log files.
Unless you want to run multiple versions of Webmin at the same time
you can just accept the defaults.

Config file directory [/etc/webmin]: [enter]
Log file directory [/var/webmin]: [enter]

****************************************************************************
Webmin is written entirely in Perl. Please enter the full path to the
Perl 5 interpreter on your system.

Full path to perl (default /usr/local/bin/perl): [enter]

Testing Perl ..
.. done

****************************************************************************
Operating system name:    FreeBSD
Operating system version: 14.2

****************************************************************************
Webmin uses its own password protected web server to provide access
to the administration programs. The setup script needs to know :
 - What port to run the web server on. There must not be another
   web server already using this port.
 - The login name required to access the web server.
 - The password required to access the web server.
 - If the web server should use SSL (if your system supports it).
 - Whether to start webmin at boot time.

Web server port (default 10000): [enter]
Login name (default admin): [enter]
Login password: AdminPassWd [enter]
Password again: AdminPassWd [enter]
Use SSL (y/n): y [enter]
Start Webmin at boot time (y/n): y [enter]

****************************************************************************
Copying files to /usr/local/webmin ..
.. done

Creating web server config files ..
.. done

Creating access control file ..
.. done

Inserting path to perl into scripts ..
.. done

Creating start and stop scripts ..
.. done

Copying config files ..
.. done

Configuring Webmin to start at boot time ..
.. done

Creating uninstall script /usr/local/etc/webmin/uninstall.sh ..
.. done

Changing ownership and permissions ..
.. done

Running postinstall scripts ..
.. done

Enabling background status collection ..
.. done

Attempting to start Webmin web server ..
.. done

****************************************************************************
Webmin has been installed and started successfully.

Since Webmin was installed outside the package manager, ensure the
following recommended Perl modules and packages are present:
 Perl modules:
  - DateTime, DateTime::Locale, DateTime::TimeZone, Data::Dumper
  - Digest::MD5, Digest::SHA, Encode::Detect, File::Basename
  - File::Path, Net::SSLeay, Time::HiRes, Time::Local, Time::Piece
  - lib, open
 Packages:
  - openssl - Cryptography library with TLS implementation
  - shared-mime-info - Shared MIME information database
  - tar gzip unzip - File compression and packaging utilities

Use your web browser to go to the following URL and login
with the name and password you entered previously:

  https://freebsdsrv:10000

Because Webmin uses SSL for encryption only, the certificate
it uses is not signed by one of the recognized CAs such as
Verisign. When you first connect to the Webmin server, your
browser will ask you if you want to accept the certificate
presented, as it does not recognize the CA. Say yes.

user@freebsdsrv:~/webmin-2.202 $

Change directory with:

user@freebsdsrv:~/webmin-2.202 $ cd [enter]
user@freebsdsrv:~ $

Configure permissions for access to the Webmin service with:

user@freebsdsrv:~ $ sudo sh -c 'echo -e "allow=127.0.0.1 192.168.1.0/24" >> /etc/webmin/miniserv.conf' ; sudo cat /etc/webmin/miniserv.conf [enter] 
port=10000
root=/usr/local/webmin
mimetypes=/usr/local/webmin/mime.types
addtype_cgi=internal/cgi
realm=Webmin Server
logfile=/var/log/webmin/miniserv.log
errorlog=/var/log/webmin/miniserv.error
pidfile=/var/log/webmin/miniserv.pid
logtime=168
ssl=0
no_ssl2=1
no_ssl3=1
ssl_honorcipherorder=1
no_sslcompression=1
env_WEBMIN_CONFIG=/usr/local/etc/webmin
env_WEBMIN_VAR=/var/log/webmin
atboot=1
logout=/usr/local/etc/webmin/logout-flag
listen=10000
denyfile=\.pl$
log=1
blockhost_failures=5
blockhost_time=60
syslog=1
ipv6=1
session=1
premodules=WebminCore
server=MiniServ/2.202
userfile=/usr/local/etc/webmin/miniserv.users
keyfile=/usr/local/etc/webmin/miniserv.pem
passwd_file=/etc/master.passwd
passwd_uindex=0
passwd_pindex=1
passwd_mode=0
preroot=authentic-theme
passdelay=1
logout_script=/usr/local/etc/webmin/logout.pl
cipher_list_def=1
login_script=/usr/local/etc/webmin/login.pl
failed_script=/usr/local/etc/webmin/failed.pl
allow=127.0.0.1 192.168.1.0/24
user@freebsdsrv:~ $

Restart the Webmin service with:

user@freebsdsrv:~ $ sudo service webmin.sh restart [enter]
Stopping Webmin server in /usr/local/webmin
Starting Webmin server in /usr/local/webmin
user@freebsdsrv:~ $

The Webmin service should be listening on port 10000. Verify this with:

user@freebsdsrv:~ $ sudo sockstat -4 -6 | grep 10000 [enter]
root     perl        3724 5   tcp4   *:10000               *:*
root     perl        3724 6   udp4   *:10000               *:*
user@freebsdsrv:~ $

You can now access the Webmin service at https://192.168.1.50:10000/ from a client computer in the network you allowed. When the Webmin login form is displayed, log in as the admin user you set during the installation.

Delete downloaded file

user@freebsdsrv:~ $ rm -R webmin-* [enter]
user@freebsdsrv:~ $

Usermin

Usermin is a web-based interface for webmail, password changing, mail filters, fetchmail and much more. It is designed for use by regular non-root users on a Unix system, and limits them to tasks that they would be able to perform if logged in via SSH or at the console.

Most users of Usermin are sysadmins looking for a simple webmail interface to offer their customers. Unlike most other webmail solutions, it can be used to change passwords, read email with no additional servers installed (like IMAP or POP3), and setup users’ configurations for forwarding, spam filtering and autoreponders.

Download Usermin Code

Download the current version of the Userbmin code with:

user@freebsdsrv:~ $ fetch https://github.com/webmin/usermin/releases/download/2.102/usermin-2.102.tar.gz [enter]
usermin-2.102.tar.gz                                    17 MB   36 MBps    00s
user@freebsdsrv:~ $

Extract the Usermin code

user@freebsdsrv:~ $ tar zxvf usermin-2.102.tar.gz [enter]
x usermin-2.102/
x usermin-2.102/update-from-repo.sh
x usermin-2.102/forward/
...
x usermin-2.102/ui-lib.pl
x usermin-2.102/password_change.cgi
x usermin-2.102/config-irix
user@freebsdsrv:~ $

Usermin setup

Change the directory to the Webmin installation directory with:

user@freebsdsrv:~ $ cd usermin-2.102 [enter]
user@freebsdsrv:~/usermin-2.102 $

Run the Userbmin installation script with:

user@freebsdsrv:~/usermin-2.102 $ sudo ./setup.sh /usr/local/usermin [enter]
****************************************************************************
          Welcome to the Usermin setup script, version 2.102
****************************************************************************
Usermin is a web-based interface that allows Unix-like operating
systems and common Unix services to be easily administered.

Installing Usermin from /root/usermin-2.102 to /usr/local/usermin

****************************************************************************
Usermin uses separate directories for configuration files and log files.
Unless you want to run multiple versions of Usermin at the same time
you can just accept the defaults.

Config file directory [/etc/usermin]: [enter]
Log file directory [/var/usermin]: [enter]

****************************************************************************
Usermin is written entirely in Perl. Please enter the full path to the
Perl 5 interpreter on your system.

Full path to perl (default /usr/local/bin/perl): [enter]

Testing Perl ..
.. done

****************************************************************************
Operating system name:    FreeBSD
Operating system version: 14.2

****************************************************************************
Usermin uses its own password protected web server to provide access
to the administration programs. The setup script needs to know :
 - What port to run the web server on. There must not be another
   web server already using this port.
 - If the web server should use SSL (if your system supports it).

Web server port (default 20000): [enter]

Use SSL (y/n): y [enter]
****************************************************************************
Copying files to /usr/local/usermin ..
.. done

Creating web server config files ..
.. done

Creating access control file ..
.. done

Inserting path to perl into scripts ..
.. done

Creating start and stop init scripts ..
.. done

Creating start and stop init symlinks to scripts ..
.. done

Copying config files ..
.. done

Creating uninstall script /usr/local/etc/usermin/uninstall.sh ..
.. done

Changing ownership and permissions ..
.. done

Attempting to start Usermin web server ..
.. done

****************************************************************************
Usermin has been installed and started successfully.

Since Usermin was installed outside the package manager, ensure the
following recommended Perl modules and packages are present:
 Perl modules:
  - DateTime, DateTime::Locale, DateTime::TimeZone, Data::Dumper
  - Digest::MD5, Digest::SHA, Encode::Detect, File::Basename
  - File::Path, Net::SSLeay, Time::HiRes, Time::Local, Time::Piece
  - lib, open
 Packages:
  - openssl - Cryptography library with TLS implementation
  - shared-mime-info - Shared MIME information database
  - tar gzip unzip - File compression and packaging utilities

Use your web browser to go to the following URL and login
with the name and password you entered previously:

  http://freebsdsrv:20000

user@freebsdsrv:~/usermin-2.102 $

Change directory with:

user@freebsdsrv:~/usermin-2.102 $ cd [enter]
user@freebsdsrv:~ $

Enable Usermin to start on system boot with:

user@freebsdsrv:~ $ sudo sysrc usermin_enable="YES" [enter]
usermin_enable: -> YES
user@freebsdsrv:~ $

Configure permissions for access to the Usermin service with:

user@freebsdsrv:~ $ sudo sh -c 'echo -e "allow=127.0.0.1 192.168.1.0/24" >> /etc/usermin/miniserv.conf' ; sudo cat /etc/usermin/miniserv.conf [enter]
port=20000
root=/usr/local/usermin
mimetypes=/usr/local/usermin/mime.types
addtype_cgi=internal/cgi
realm=Usermin Server
logfile=/var/usermin/miniserv.log
errorlog=/var/usermin/miniserv.error
pidfile=/var/usermin/miniserv.pid
logtime=168
ppath=
ssl=1
no_ssl2=1
no_ssl3=1
env_WEBMIN_CONFIG=/etc/usermin
env_WEBMIN_VAR=/var/usermin
atboot=
logout=/etc/usermin/logout-flag
listen=20000
denyfile=\.pl$
log=1
blockhost_failures=5
blockhost_time=60
session=1
unixauth=user
pam=usermin
premodules=WebminCore
server=MiniServ/2.102
userfile=/etc/usermin/miniserv.users
keyfile=/etc/usermin/miniserv.pem
passwd_file=/etc/master.passwd
passwd_uindex=0
passwd_pindex=1
passwd_mode=2
sidname=usid
preroot=authentic-theme
passdelay=1
allow=127.0.0.1 192.168.1.0/24
user@freebsdsrv:~ $

The Usermin service should be listening on port 20000. Verify this with:

user@freebsdsrv:~ $ sudo sockstat -4 -6 | grep 20000 [enter]
root     perl        4619 4   tcp4   *:20000               *:*
root     perl        4619 5   udp4   *:20000               *:*
user@freebsdsrv:~ $

You can now access the Usermin service at https://192.168.1.50:20000/ from a client computer in the network you allowed. When the Usermin login form is displayed, log in as a local FreeBSD Server user.

Delete downloaded file

user@freebsdsrv:~ $ rm -R usermin-* [enter]
user@freebsdsrv:~ $