·          Clonezilla supports only UFS (and then not very well), but not ZFS

·          system partition can be primary partition only, not logical

·          PC-BSD (best) or GhostBSD

Create partitions:

·          boot to PC-BSD emergency console

·          write down list of existing partitions (/dev/ada0s*, /dev/ada1s*)

·          boot in Disk Director or other partitioning tool

o    create primary partition for system (unformatted)

o    create logical partition for swap  (unformatted)

·          boot to PC-BSD emergency console, check for new partition /dev/ada* names

·          BSD slice (= BIOS partition) contains BSD partitions:
    a = file system
    b = swap space
    c = whole enclosing slice
    d...h = other partitions
e.g.  ada0s10b

Install into primary partition

·          remove boot space from system partition

·          "install bootable MBR" = false

Create swap and change host name

gpart  show  -p
bsdlabel  /dev/ada1s10  (no label yet)
bsdlabel  -w  /dev/ada1s10  (create label)
export EDITOR=/usr/local/bin/nano
bsdlabel  -e  /dev/ada1s10  (edit label, change content from "a" to "b")
bsdlabel  /dev/ada1s10  (view result)
glabel  label  PCBSD64SWAP  /dev/ada1s10b  (note "b"!!)
glabel status  (or glabel list)
edit /etc/fstab:     /dev/label/PCBSD64SWAP  none  swap  sw  0  0
hostname  hhh
nano /etc/rc.conf  and  /etc/hosts
in /etc/rc.conf add dumpdev=...  (default is AUTO)

swapinfo [-h]
swapctl  -hl
swapctl  -s  (or -sh)
pstat  -s
vmstat  -h

swapon  /dev/...
swapoff  /dev/...

Desktop properties -> change fonts size


Terminal color scheme setup,  Terminal -> panel
AppCafe Firefox, add it to panel

Edit /usr/local/etc/sudoers

add at the very end :   sergey ALL=(ALL)  NOPASSWD: ALL

Keyboard shortcuts:

gnome-system-monitor (Ctrl+Alt+Del)
Terminal (Ctrl-Alt-T)

Change shell to BASH

chsh  -s  /usr/local/bin/bash
cp  .profile
cp  .bashrc
export CLICOLOR=true
alias grep='grep --color=auto'
alias fgrep='fgrep --color=auto'
alias egrep='egrep --color=auto'
export EDITOR=`which nano`

Enable telnet and ftp

edit  /etc/inetd.conf
edit  /etc/rc.conf  inetd_enable="YES"
/etc/rc.d/inetd  start
/etc/rc.d/inetd  reload
add telnet and ftp to Firewall Manager (in Control Panel) and restart firewall


Scroll Lock
        Pg Up  (or arrows)
        Pg Down
Scroll Lock

Ctrl-L  (clears)

Install ports:

portsnap  fetch
portsnap  extract
portsnap  update
cd  /usr/ports/converters/unix2dos
make  install  clean

control panel -> system manager -> tasks -> fetch system source

cd  /usr/ports/sysutils/lsof
make  install  clean

Disable automounts by Nautilus (Gnome)

gnome-mount  --display-settings  -p WINSWAP
gnome-mount  --write-settings  -p WINSWAP  --mount-options noauto

Enable Linux (before PC-BSD 10, only 32-bit executables):

/etc/rc.conf:   linux_enable="YES"
kldstat  |  grep  -i  linux
kldload  linux

cd  /usr/ports/emulators/linux_base-f10
make  reinstall distclean


Install SlickEdit

mount  -t  msdosfs   /dev/da0s1  /mnt

CPU temperature sensors:

kldload coretemp
sysctl -a | grep temperature

Create file system:

newfs ...
to label it:  tunefs  -L  mylabel   /dev/...
ls  /dev/label
glabel  status
glabel  list


ps aux | alx
list threads:  ps -H  

TODO: USB automount

Building kernel:

cd /usr/src/sys/amd64-or-i386/conf



alternatively, create and edit MYKERNEL as:

include GENERIC


options WITNESS

options KDB

options DDB

options GDB

options DDB_NUMSYM

options KDB_TRACE

(see next page for more options)


see /usr/sys/conf/NOTES
check /usr/src/UPDATING


cd /usr/src

make buildkernel KERNCONF=MYKERNEL

make installkernel KERNCONF=MYKERNEL

("installkernel" copies kernel to /boot/kernel/kernel;  old kernel will be moved to /boot/kernel.old/kernel)

mv /boot/kernel.old /boot/kernel.generic


if does not boot, at loader prompt enter "boot kernel.old" or "kernel.generic"


after booting, check /var/log/messages and dmesg


if running a different version of kernel, utilities like ps and vmstat may fail to work

should rebuild and install world with the same version of the source tree as kernel



ls -l  path
lsdev -v
lsmod -v
more file
boot  -s  [-v]   => boot single-user

set   =>  /boot/kernel/my/...
boot  [-s]  [-v]


show [variable]

set variable=value
unset variable
read-conf /boot/my.conf

after booting in single-user prompt, Ctrl-D proceeds to multi-user mode

break to DDB:  Ctrl-Alt-Esc   or  boot  -d


Kernel build configuration file


include GENERIC



# available commands: options/nooptions, device/nodevice, cpu/nocpu


# Build kernel with gdb(1) debug symbols
# default in GENERIC
#makeoptions               DEBUG=-g


options WITNESS

options KDB

options DDB

options GDB

options DDB_NUMSYM


# print stack trace on panic
# can also be enabled dynamically by sysctl debug.trace_on_panic=1
options KDB_TRACE


# on panic break into debugger
# can also be enabled dynamically by sysctl debug.debugger_on_panic=1

# on witness check failure enter debugger (other than printing message)
# can also be enabled dynamically by sysctl debug.witness.kdb=1
#options WITNESS_KDB

# Enable extra checks

options      INVARIANTS


# Enable extra-extra checks

options      DIAGNOSTIC


# track VNODE locks



# debug memory kernel corruption, see memguard (9) and redzone (9)
# will also need to configure vm.memguard.* in /boot/loader.conf or via sysctl

# extra assertions for network protocols


# Enable preemption of non-realtime threads
# May be unreliable: do not turn it on



# Enable DTrace


# Enable FireWire console (default in GENERIC)
#device dcons
#device dcons_crom



Obtaining crash dump



full memory,
kernel memory (aka minidumps) – default
textdumps (scripted output), see textdump (4)


Configuring dump device (may not be ZFS swap volume):

dumpon /dev/...
or in /etc/rc.conf  dumpdev=...  set to AUTO   (or whatever device)
in /etc/sysctl.conf:  kern.coredump=1

Automatically extracting crash dump

mkdir /var/crash
chmod 700  /var/crash
in /etc/rc.conf  dumpdir=/var/crash


Manually extracting crash dump


boot in single-user mode (boot -s)
fsck -p
mount  -o  rw  /     # remount /var as writable

savecore  /var/crash [ /dev/...]   =>  /var/crash/vmcore.xx   and info.xx  (for textdumps, textdump.tar.xx)
exit                          # to multiuser




DDB – interactive debugger on live system (one-machine).
            no access to source code.  
            can run on consoles: interactive, serial, firewire
            has built-in commands to dump kernel structures.
            no access to source code.
GDB – interactive remote debugger (two-machine) and dump analyzer.
            over serial cable and firewire.
            no built-in commands to analyze kernel structures.
            access to source code and debug symbols.
            DDD as visual front-end


To enter DDB:

boot -d
on PC console: Ctrl-Alt-Esc  (unless remapped by syscons)

on serial console: BREAK  (if BREAK_TO_DEBUGGER is enabled)

sysctl debug.kdb.enter=1

syctll debug.kdb.panic=1


Analyze crash dump with KGDB:


cd /usr/obj/usr/src/sys/MYKERNEL    (kernel sources, subdir ident, such as GENERIC or MYKERNEL)

kgdb kernel.debug  /var/crash/vmcore.0


Analyze crash dump with KGDB + DDD:


export LANG=C

cd /usr/obj/usr/src/sys/MYKERNEL    (kernel sources, subdir ident, such as GENERIC or MYKERNEL)

ddd -- debugger kgdb kernel.debug  /var/crash/vmcore.0

Remote debugging with KGDB  via serial line:

 kernel requires makeoptions DEBUG=-g



cd (kenel compile directory)
(kgdb)  target  remote-target   /dev/cuaa0   (or cuau0 etc.)



enter DDB by Ctrl-Alt-Esc or boot-b or  sysctl debug.kdb.enter=1
db> gdb
db> s

entered GDB


Remote debugging with KGDB  via firewire (can also use for DDB)

kernel requires makeoptions DEBUG=-g

on target machine (one time):

·          kernerl config requires devices dcons, dcons_crom, firewire

·          rebuild loader:

o    in /etc/make.conf add:  LOADER_FIREWIRE_SUPPORT=YES

o    cd /sys/boot/i386

o    make clean

o    make

o    make install

·          enable /dev/dcons  in /etc/ttys:
      dcons   "/usr/libexec/getty std.9600"   v100   on  secure

·          edit /boot/loader.conf
      # if dcons was not compiled into kernel statically with “device”
      # force dcons to be high-level console
      #hw.firewire.dcons_crom.force_console = 1

on host machine:

kldload firewire
dconschat  -br  -G 12345  -t target-eui64    =>  12345 is gdb connection port

CSA EUI64: E0-CB-4E-00-00-10-8E-A4
CSB EUI64: E0-CB-4E-00-00-12-00-14

kgdb  -r  :12345

for DDD:
        export LANG=C
        remote serial:                           ddd  --debugger    kgdb  -r  :12345
        live core debugging:             ddd  --debugger    kgdb  /dev/fwmem.2

key combinations:
        disconnect:                                 ~.
        ALT-BREAK                                    ~ Ctrl-B   or   Ctrl-C
        reset target                                 ~ Ctrl-R
        suspend dconschat                ~ Ctrl-Z
        spawn kgdb on this terminal                  ~ Ctrl-G  (implies dconchat … -N

get  console log from the crash dump:

      dconschat  -1  -M vmcore.0  -N

to use full speed of Firewire, optionally disable slow console drivers on the target:
        conscontrol delete ttyd0            # serial consolt
        conscontrol delete consolectl   # video/keyboard

DDB commands:







0x... – hex,   0t... – decimal,   0o... – octal

expr op expr,  where op is (+-*/)
*expr => indirection
$variable   (set $variable  expr)

register names: $eax, $rax etc.


x/[bhl][xou – unsigned  zd – signed   cs] addres,count

x/m  address =>   unsigned hex + chars
x/i    address  => instructions
x/a   address => display address itself
x/a   address => display address itself with line number
xf, xb  =>  examine with step forward, backward
show reg[isters]
p $eax


for example:

x/wx  0xf0133fe0, 40

x/s     stringbuf

x/bc   termbuf, 10
x/hd   db_symtab_space

x         ,10   => display next 0x10 items



w/[bhl]  addr expression => deposit, warning!!! use w/[bhl]  addr (expression) in brackets if multiple tokens

w/[bhl]  addr expr1  expr2 .... exprN
set $eax new-value


for example:

w/b  termbuf  0xa  0xb  0

w/w  0xf0010030  0  0


break  function-name

break 0x...

break  function-name + 0x....

show break

del   address-expression

del    => current breakpoint
del  #n => delete breakpoint by number



hwatch address, size => set hardware watchpoint
dhwatch addr, size => delete hardware watchpoint

watch address, size => set  watchpoint
show watches


s[tep]  –  step into  (s/p => step and print instruction)

c[ontinue] – until the breakpoint

next – stop when current stack frame returns,  next /p => print calls and returns inside

until – stop at the next call or return instruction, until /p => print depth
call func(arg1, arg2, ... )  – call function, return result is printed


t[race]  [pid or tid]  [,frame-count]  –  print stack trace

findstack addr  –  print thread address for kernel-mode stack containing addr

gdb –  toggle between remote GDB and DDB modes

kill  sig  pid  – send signal to process

capture {on,off,reset,status} -- control capture to sysctl

print ... –  print formatted output from script

search ... – search memory for value

system reset:

halt  –  halt the system
call boot(0)  –  cleanly sync and shutdown

reset (reboot)  or  call cpu_reset() – hard reset the system
panic; continue


script my=trace; show pcpu; show lockedvnods

run my

unscript my

(there are predefined names for system events)

DDB show commands (next page)

DDB show commands:

show all procs [/m]

ps [/m]

process information

/m => show per-process VM map addresses only

show  all ttys
show  tty addr

TTY structures

show  allchains

wait chains

show  alllocks

all locks currently held

show  allpcpu

all CPUs state

show  allrman

interrupt request lines, DMA request lines, IO ports and IO memory addresses

show  apic

APIC IDT vector mappings

show  buffer

struct buf structures

show  cbstat

brief information about TTY system

show  cdev

cdev table

show  cpusets

defined affinity sets

show  domain addr

struct sys/domain.h at addr

show  ffs[addr]

information about FFS mounts

show  files, show  file addr

struct file

show  freepages

number of physical pages on each free list

show  geom [addr]

GEOM topology

show  idt

IDT vectors

show  inodedeps [addr]

inodedep structures; if addr is given, then only for fs located at addr

show  inpcb

IP control block (struct in_pcb)

show  intr

interrupt handlers

show  intrcnt

interrupt statistics

show  irqs

interrupt lines and their respective threads

show  jails


show  lapic

local APIC info for this CPU

show  lock addr

lock information and state

show  lockchain addr

wait chain for this lock

show  lockedbuf

every locked struct buf

show  lockedvnodes

list of all locked vnodes on the system

show  locks

all locks currently acquired on the system (requires witness)

show  locktree


show  malloc

malloc statistics

show  map [/f] addr

VM map at addr;  /f => full

show  msgbuf


show  mount

all mounted file systems

show  object [/f] addr

VM object at addr

show  page

statistics on VM pages

show  pageq

VM page queues

show  pciregs

PCI registers

show  pcpu       

current processor state

show  pgrpdump

process groups

show  proc [addr]

current process or process at addr

show  procvm

process virtual memory layout

show  protosw addr

struct protosw at addr

show  registers [/u]

register set; /u = user mode

show  rman addr

resource manager (struct rman) at addr; see show allrman

show  rtc

RTC clock value

show  sleepchain

all threads a thread is waiting on based on sleepable locks

show  sleepq

sleep queue (struct sleepqueue)

show  socket addr
show  sockbuf addr

struct socket, struct sockbuf

show  sysregs

system registers (e.g. CR0-CR4)

show  tcpcb addr

TCP control block, struct tcpcb

show  threads
show  thread [addr]

all threads or specified thread

show  turnstile addr

struct turnstile

show  uma

UMA memory zone allocator statistcs

show  unpcb addr

UNIX domain socket control block (struct unpcb)

show  vmochk

check if some VM objects have zero reference count

show  vmopag

show physical addresses consumed by VM objects (incompatible with witness)

show  vnode [addr]

struct vnode

show  vnodebufs addr

clean/dirty buffer lists for vnode at addr

show  witness

lock acquisition info