The Shortlist #10: PHP modules

I really just meant to post a quick note this morning on two gotchas I tripped over when trying to integrate the cell phone and my FreeBSD Jail of WordPress.

Bah. Good luck with that.

Error #1: WordPress detonates when I try to post and becomes unresponsive. /var/log/nginx/error.log shows:

PHP message: PHP Fatal error: Uncaught Error: Call to undefined function ctype_digit()

Bah, why did the WP->Twitter plugin explode on this today? I’m assuming that PHP 7.2 has changed its packaging on FreeBSD so … build and install php72-ctype. Let’s try this again.

Error #2: WordPress detonates when I try to post and becomes unresponsive. /var/log/nginx/error.log shows:

PHP message: PHP Fatal error: Uncaught Error: Call to undefined function filter_var()

Same kind of deal. More explosions in the WP->Twitter plugin. Build and install php72-filter. Excellent. I can now annoy everyone with my ignorance again.


The Shortlist #9: Blogging from your cell phone

After years of running my own instance of WordPress, I finally configured my iPhone to upload images and whatnot. Turns out, I needed two things:

  1. You have to know that the cell phone app wants the URL of the PHP xml RPC web address. It doesn’t assume anything when you enter in the address of your personal, self-hosted WordPress instance.
  2. If you’re like me, you also probably need to up the limit on file uploads that is set by default in nginx.
server {
    listen 80;
    location / {
            proxy_read_timeout 40;
            client_max_body_size 300m;



One pxeboot to find them and in the darkness bind them

Irritatingly, I couldn’t find a decent cut-n-paste how to on the Internet for using a much loved and mostly overlooked FreeBSD installation and boot up process using a fully cooked diskless image fetched via TFTP instead of the really well documented and fantastic howto on NFS booting.

Primarily, I wanted to switch off of NFS booting as it tends to be really troublesome if one is doing development or debugging of the FreeBSD network stack or Ethernet drivers. I couldn’t reliably screw around with the network interfaces without disturbing the NFS root mount and inflicting relatively long timeouts on my tests. I decided to try and switch to MFS root based testing so that I didn’t run into these types of problems, however I didn’t realize that the boot loader had gone through some overhauls recently and the documentation that *is* floating around on the Internet, is a bit out of date. So, here is the beginning of what I hope will be the inception of a new FreeBSD handbook entry before version 12 is released.

I want to cover the actual construction of the entire process, so I will not be hand copying binaries from a release and all files will be constructed from source where possible.  This means that I can fully automate a build and regression from source to ensure that this document stays relatively up to date.  I’m an active FreeBSD contributor, so I have many checkouts of FreeBSD lying around.  If you’re a sysadmin, you probably use /usr/src for most of the projects like this, which is fine for our purposes.

Assuming that you have a fresh checkout of FreeBSD somewhere, lets start by crafting a “src.conf” and a “make.conf” to minimize a bit of build time and a bit of space.

I turn a lot of stuff off in the build here.  Since I’m running the same major revision of FreeBSD that I’ll be building, I can get away with some shenanigans regarding not building toolchains.  If you are trying to build 12-CURRENT on 11-STABLE, you may have to play around with the knobs a bit in src.conf:


My make.conf is much shorter, and only set’s a few things to make life easier:


Set/export a couple of variables to your local shell to use these:

setenv SRCCONF /path/to/src.conf
setenv __MAKE_CONF /path/to/make.conf

Since I’m not building as root here, I set one more variable:

setenv MAKEOBJDIRPREFIX /var/tmp/mfsroot

Execute a buildworld and turn some electrons into heat for a while.  You’ll probably note a big difference in build times here.  Also note that you’re building a much smaller FreeBSD system with a lot of missing pieces.  No local mail agent, no ntp services, no compilers/debuggers, no wireless bits … etc.  Your mileage may vary here, but I needed a small world as I’m debugging/testing kernel/network drivers, not userland.

You can make a choice here of kernels to build.  Most folks will want GENERIC-NODEBUG, but if you want, you can base a customized kernel configuration from MINIMAL that will do the trick.  You’ll need to include drivers specific to your systems and this will void all your warantees if you were given one.  Here is an example that I’m using to build and test various bits and things.  Note that I’ve added em(4) to my configuration as that’s the network interface I’m using.

include MINIMAL

nomakeoptions DEBUG # Build kernel with gdb(1) debug symbols
nomakeoptions WITH_CTF # Run ctfconvert(1) for DTrace support

nooptions COMPAT_FREEBSD32
nooptions COMPAT_FREEBSD10
nooptions COMPAT_FREEBSD11
nooptions KTRACE
nooptions AUDIT
nooptions MAC
nooptions DDB_CTF

# Debugging support. Always need this:
nooptions KDB
nooptions KDB_TRACE
# For full debugger support use (turn off in stable branch):
nooptions DDB
nooptions GDB
nooptions DEADLKRES
nooptions INVARIANTS
nooptions WITNESS
# Xen HVM Guest Optimizations
# NOTE: XENHVM depends on xenpci. They must be added or removed together.
nooptions XENHVM # Xen HVM kernel infrastructure
nodevice xenpci # Xen HVM Hypervisor services driver

options GEOM_RAID
options GEOM_LABEL
options GEOM_UZIP

options IFLIB
device em

# Serial (COM) ports
device uart # Generic UART driver

# Needed to actually boot from an MFS root
device md # Memory “disks”

This will do the bare minimum and give you a functioning system, at least it does for me on my 2core Atom box.  There’s little to no debugging enabled here, so if you chose to go this route remember that all of the facilities to debug are deactivated.

Allow me a short digression here.  One should NEVER create their own kernel configs from scratch and not derive them from one of the base kernel configs (GENERIC for example).  When you hand craft a kernel config, you allow yourself to get into situations where new options and devices can be added or removed.  This can lead to scenarios where your systems can be unusable and cost you many hours of hair pulling and gnashing of teeth.  It is far simpler to include a base configuration and unset the devices and options you don’t want.  Judicious use of noptions, nodevice and nomakeoptions can be used to remove things that you don’t want.  Use them, please.

Anywho, back to the task at hand.

FreeBSD has shipped a directory to disk image creation tool for quite some time.  makefs(8) does a great job of turning a directory tree into a disk image without all the the magical hand waving of creating a file backed md(4) device.  Its a shortcut and you should use it.  Embedded folks have been using it to boot up their MIPS and ARM devices for a while now.

We’ll need to install the build somewhere that we can then access with makefs.  I tend to just put it in a throw-away directory in /var/tmp, e.g. /var/tmp/netboot_mfs

So, something like ‘make installworld DESTDIR=/var/tmp/netboot_mfs’ should do the trick here.  At this point, we can modify this installed directory with whatever configuration changes needed for your system boot up.  At a minimum, I modify /boot/loader.conf and /boot.config.  These may not be needed for your environment, but I make the following changes:



You can now build your disk image:
makefs -M 192m /var/tmp/mfs_root.img /var/tmp/netboot_mfs
Calculated size of `mfs_root.img’: 201326592 bytes, 3800 inodes
Extent size set to 8192
mfs_root.img: 192.0MB (393216 sectors) block size 8192, fragment size 1024
using 4 cylinder groups of 54.38MB, 6960 blks, 1152 inodes.
super-block backups (for fsck -b #) at:
32, 111392, 222752, 334112,
Populating `mfs_root.img’
Image `mfs_root.img’ complete

I add the “-M 192m” to the command line here to give my image a bit of space to do stuff and things on the running system without running out of space.  makefs(8) will create an image big enough to fit the files regardless of the command line arguments, but the -M will “pad” the image to 192MB if its smaller.

Go ahead and compress your diskimage with either bzip2 or gzip. I won’t judge.

-rw-r–r– 1 root sbruno 35235255 Feb 7 16:14 mfs_root.img.bz2
-rw-r–r– 1 root sbruno 39516593 Feb 7 16:17 mfs_root.img.gz
(use bzip2).

Don’t think that I haven’t forgotten about the kernel either.  We’ll compress that beastie directly.  One does not install it however, one does not need it, one does not simply install a kernel into Mordor.  Recall that we set a MAKEOBJDIRPREFIX when doing out kernel and world builds.

/var/tmp/sbruno % find . -name kernel

In this example, I’ve built both so you kind of have an idea of what you’re looking for, it can be a bit strange to *not* install a kernel, but as we are fond of saying these days, EVERYTHING IS FINE. 

You’re also going to need the pxeboot binary.  On 12-CURRENT nowadays you don’t have to recompile it for TFTP installations as it’ll do the right thing depending on DHCP options.

/var/tmp/sbruno % find . -name pxeboot

Speaking of DHCP and TFTP, we should probably set those up now.  Remember when I linked you to The Outstanding FreeBSD Handbook?  It has the correct setting for the setup of inetd(8) and tftp(8) on your sever.  Ignore all the NFS bits, those don’t apply.

Install your dhcp server, you can use the same one from The Outstanding FreeBSD Handbook as I did.

The dhcpd.conf settings are a little different here.  We don’t need to pass in a root-path option, but need a custom dhcp option code 150:

option tftp-server code 150 = { ip-address };

subnet netmask {
option routers;
option domain-name-servers;
host router {
hardware ethernet xx:xx:xx:xx:xx:xx;
option tftp-server;
filename “/boot/pxeboot”;

Now we can populate /tftpboot with the files we’ve created and add *one* last configuration file, this time with FORTH to ensure we’ve done the right thing.

/tftpboot/boot # ls -l /tftpboot/boot
total 34844
drwxr-xr-x 2 root wheel 3 Feb 7 16:45 kernel
-rw-r–r– 1 root wheel 21 Feb 7 12:45 loader.conf
-r–r–r– 1 root wheel 174 Feb 7 09:47 loader.rc
-rw-r–r– 1 root wheel 35234122 Feb 7 12:04 netboot.img.bz2
-r–r–r– 1 root wheel 337920 Feb 7 08:34 pxeboot

/tftpboot/boot # ls -l /tftpboot/boot/kernel
total 2564
-rwxr-xr-x 1 root wheel 2565979 Feb 7 15:36 kernel.bz2

echo Loading kernel
load /boot/kernel/kernel
echo Loading md_image …
load -t md_image /boot/netboot.img
set vfs.root.mountfrom=”ufs:/dev/md0″
set console=”comconsole”

Here dear readers, is where I leave you.  If you’ve done all the right things … you should end up booting up into your newly built MFS root.  If you haven’t done all the right things or I’ve omitted something, then the Nazgul will find you.


#FreeBSD Vim port updated … ewwwww

I just ran across a system with ports/vim-lite updated to version 8. I now know why a coworker of mine, in the past, said using vim was like “running your fingers down a chalkboard, but for your eyes.”

In order to make vim usable for what I do, I asked the friendly folks in #bsdports on EFNet for suggestions. They suggested the following for my use, but your mileage may vary:

set bg=dark
set nohlsearch
set mouse=v

This seemed to turn off some of the new search features that people like in Vim 8 that caught me off guard. Hope this helps folks if you’re like me and were caught off guard by the whole thing.


Sometimes less is more. Checkout individual #FreeBSD ports for testing.

I needed to test a single FreeBSD port today for a specific release.  The FreeBSD project maintains a series of reference build machines for this type of work, but normally I maintain an entire ports tree checkout for this type of work.

The FreeBSD ports tree has 20k+ individual software packages maintained in it, and I was not in the mood to checkout all of that onto a host for the purpose of validating a build of QEMU on FreeBSD 10.

Turns out, if you pay attention, you can indeed do some individual checkouts of things in a sparse fashion and get results that are useful.  Your mileage may vary here depending on the needed dependencies, but this should be a useful hint to getting started.

I will only address how to do this with Subversion, but I’m sure that the folks who use git will have no trouble seeing how to duplicate this scenario.

  • svn co –depth files svn+ssh:// fbsd_ports
  • cd fbsd_ports
  • svn co svn+ssh://
  • svn co svn+ssh://
  • svn co –depth files svn+ssh://
  • cd lang
  • svn co svn+ssh://
  • svn co svn+ssh://
  • cd ..
  • svn co –depth files svn+ssh://
  • cd emulators
  • svn co svn+ssh://
  • svn co svn+ssh://

My goal, was to build qemu-user-static for FreeBSD 10.  There’s a bunch of dependencies here, so I’ll try and unwind them a bit.

In order to build any port, you need the files contained in the top of tree.  The support Makefiles in Mk/ and Templates/ are required to do a lot of things and may or may not be used as short cuts/helpers in the Makefiles of individual ports.

The Makefile of any directory that you traverse to get to your port will need to exist (emulators/Makefile for example)

The lang/perl and lang/python ports are needed here as there is some pollution in the Makefiles that requires something to be parsed during builds.  This probably shouldn’t be there, but is beyond the scope of what I wanted to get done this morning.

Checking out the individual ports into their proper locations and setting PORTSDIR in your environment to your new directory structure (/home/sbruno/fbsd_ports) will now allow you to use your new checkout in some fashion to build.


The EEPROM you have reached is no longer in service, #FreeBSD recovery of em(4) devices

Ran into a very strange error with legacy em(4) devices on FreeBSD this week.  Something I was doing while working on the EM_MULTIQUEUE kernel config option for em(4) seems to have blown up the PXE configuration in the EEPROM of one of my lem(4) devices.  Else, cosmic rays did it:

em3: <Intel(R) PRO/1000 Legacy Network Connection 1.1.0> port 0xe880-0xe8bf mem 0xfeb80000-0xfeb9ffff,0xfeb60000-0xfeb7ffff irq 19 at device 6.0 on pci5
em3: The EEPROM Checksum Is Not Valid
device_attach: em3 attach returned 5

It took me a while, but it seems when this happens, you can sometimes recover the device with Intel’s Ethernet Connections Boot Utility.

There is a DOS utility in this self-extracting CAB file called “bootutil” that can be used to reset your device to defaults.  After prepping a DOS usb stick, I booted my host from it and ran the tool against all devices as I couldn’t quite tell which device was actually having the issues:

bootutil -all -defcfg

This cleared the error and now I get a successful attach.  I literally have no idea what the problem was in the first place, but solved.

Props to the IPXE folks for having a great HOWTO on generically manipulating the firmware flash that gave me the clue on what to do.