[ home ]
The instructions on this page will result in a machine with an Xfce4 desktop with graphical log-in, graphical usb stick mounting, Firefox, pdf viewer, image management, music playback and office. I have used the instructions in this page to install OpenBSD 6.3 on a Thinkpad X220 in legacy boot mode.
Print and read this page before proceeding.
Background reading: FAQ 4: The OpenBSD installation guide.
The steps below assume that you have successfully installed the base
OpenBSD system from the USB stick installer (install63.fs)
or the CD-ROM image (install63.iso).
Background reading: OpenBSD FAQ 6.2.1, 6.13.
Jack into your router with a cable and...
# dhclient em0 DHCPDISCOVER on em0 - interval 3 DHCPOFFER from 192.168.0.1 (00:1b:2f:42:41:42) DHCPREQUEST on em0 to 255.255.255.255 DHCPACK from 192.168.0.1 (00:1b:2f:42:41:42) bound to 192.168.0.4 -- renewal in 43200 seconds. #
Then install any non-free firmware that your laptop might need...
# fw_update
Pull the cable out and set up a wifi connection. Most Thinkads have Intel wifi cards...
$ su -l # ifconfig -a # shows a list of all the interfaces # ifconfig iwn0 up # ifconfig iwn0 scan # ifconfig iwn0 nwid connection_name wpakey password wpaprotos wpa1,wpa2 # dhclient iwn0 DHCPREQUEST on iwn0 to 255.255.255.255 # lots more output
Warning: You need to use the wpaprotos
option with argument wpa1 to enable connections using
wpa1. The wpa1 protocol is now considered
insecure.
Background reading: OpenBSD FAQ 15.2.
The pkg_add command reads the URL of the package
mirror from the /etc/installurl file.
If you installed the OpenBSD package sets from the Internet, you will
already have the/etc/installurl file in place and you can
skip this section. If, like me, you prefer to install OpenBSD from the
install.iso or install.fs images, you will
need to create the /etc/installurl file as below...
$ su -l # echo "https://www.mirrorservice.org/pub/OpenBSD" >> /etc/installurl # exit
To install applications, you need to become root and run
pkg_add.
$ su -l # pkg_add nano quirks-2.114 signed on 2015-08-09T15:30:39Z nano-2.4.2: ok # exit $
Once the command returns, exit root and try editing a text file with nano.
# pkg_add -v consolekit2 xfce xfce-extras evince firefox shotwell audacious audacious-plugins libreoffice
The consolekit2 package is needed to allow the user to
shut down or reboot from within xfce4 without using terminal commands.
pkg_add will stop when it reaches the document reader
Evince and offer you a choice of two versions of the package, each
compiled with different configuratons...
# pkg_add evince quirks-2.114 signed on 2015-08-09T15:30:39Z Ambiguous: choose package for evince a 0:1: evince-3.16.1p0 2: evince-3.16.1p0-light Your choice: 2
Option 1 will pull in a large number of Gnome libraries. Option 2 has been provided by the packager for those of us who wish to use Evince to read pdf files with a different desktop or window manager.
Some of the more complex packages - especially those that install
daemons - come with readme files installed to
/usr/local/share/doc/pkg-readmes/. It is best to read these
to complete configuration of the package.
Don't reboot yet. You need to configure the graphical login and set up some daemons. See below...
/etc/rc.conf.local to
enable apmd and graphical log-inBackground reading: Comparison
of Desktop Environments, ConsoleKit Github
readme with definitions, xenodm man page and
the package_readme for consolekit2 at
/usr/local/share/doc/pkg-readmes/consolekit2-1.0.2p1 .
As root add some lines to
/etc/rc.conf.local to enable power management
(apmd) so that you can use Fn-F4 to suspend your thinkpad,
and to enable the graphical log-in manager xenodm. Xenodm
is an OpenBSD fork of the venerable xdm.
# nano /etc/rc.conf.local multicast_host=YES # Some avahi shenanigans apmd_flags="-A" # Laptop power saving xenodm_flags="" # Starts xenodm graphical login pkg_scripts="messagebus" # Enables dbus/ConsoleKit stuff
Then as user add an .xsession file with
a line that will start consolekit so that you can shutdown &c from
within xfce4.
$ cat .xsession exec ck-launch-session startxfce4
Reboot and you'll get the xenodm login greeter. When you log in, Xfce4 will ask you to specify a layout, and then show you the desktop.
/etc/doas.conf to allow
user mounting of an external USB stickBackground reading: OpenBSD FAQ sections 10 (doas), 14 (File Systems Intro)
as well as man doas and man mount.
You must use doas and a few lines in
/etc/doas.conf to allow user mounting of USB sticks. My
/etc/doas.conf file looks like this...
$ cat /etc/doas.conf # http://daemonforums.org/showthread.php?t=9774 permit nopass keith as root cmd mount permit nopass keith as root cmd umount
Then you can mount a USB stick like this...
doas mount /dev/sd1i /home/keith/usb # mounts my USB on ~/usb doas umount /dev/sd1i # un-mounts the drive
Once mounted, you can use a graphical file manager like Thunar to
copy and paste files to and from your storage stick. You can't unmount
the USB stick from Thunar, remember to use the umount
/dev/sd1i command before removing the USB stick.
xfce4-mount-plugin and an /etc/fstab
entry to allow graphical mount/unmount of a USB thumb driveBackground reading: xfce4-mount-plugin page on the Xfce Web site.
A note on how disks get numbered: My laptop has SATA
hard drive as its fixed disc, and that device will appear as
/dev/sd0 to OpenBSD. Your vfat formatted USB
thumb drive will appear as /dev/sd1i.
$ mount /dev/sd0a on / type ffs (local) /dev/sd0k on /home type ffs (local, nodev, nosuid) /dev/sd0d on /tmp type ffs (local, nodev, nosuid) /dev/sd0f on /usr type ffs (local, nodev) /dev/sd0g on /usr/X11R6 type ffs (local, nodev) /dev/sd0h on /usr/local type ffs (local, nodev, wxallowed) /dev/sd0j on /usr/obj type ffs (local, nodev, nosuid) /dev/sd0i on /usr/src type ffs (local, nodev, nosuid) /dev/sd0e on /var type ffs (local, nodev, nosuid) /dev/sd1i on /home/keith/usb type msdos (local, uid=1000, gid=1000)
The xfce4-mount package is installed as part of the xfce4 package set. Add an icon for the plugin to the XFCE4
panel by right-clicking on the panel and selecting
Panel | Add New Items and searching for 'mount'.
By default, xfce4-mount-plugin lists all the devices
including the default local hard drive including all the partitions on
sd0. I can set options to prevent that and to use a custom mount
command. Right click over the xfce4-mount icon and select
Properties | File Systems tab. Add the pattern
/dev/sd0* to the Exclude specified file systems textbox so
the local drive is not listed.
Right-click on the xfce4-mount icon, and selected Preferences | Commands and write the following in the Custom Commands textboxes, after ensuring that the Custom Commands checkbox was ticked...
doas mount %m doas umount %m
Now to ensure that a USB stick is listed in the
xfce4-mount-popup list, you have to add a line for the device to
/etc/fstab. My extra line looks like this (adapted from the
examples in man fstab...
/dev/sd1i /home/keith/usb msdos rw,noauto 0 0
Using an fstab entry like this means that only one vfat
formatted USB thumb drive will be listed and available with mouse
clicks.
Background reading: pages about following the
-stable branch or following the
-current branch, and the OpenBSD 6.2 Errata
page.
The syspatch command provides binary updates to the core system. Running the
syspatch command without arguments while connected to the Internet resulted in
the first three errata for OpenBSD 6.2 being installed as you can see in the
transcript below.
$ su Password: # syspatch Get/Verify syspatch62-002_fktrace... 100% |*************| 77434 00:00 Installing patch 002_fktrace Get/Verify syspatch62-003_mpls.tgz 100% |***************| 29798 00:00 Installing patch 003_mpls Relinking to create unique kernel... done.
M:Tier sponsors OpenBSD and has provided binpatches for the packages in the
stable release for use together with the openup script. Their update page has not yet been updated for OpenBSD 6.3. They
recommend using openup to upgrade packages that you have installed in addition
to the base system.
Background reading: OpenBSD FAQ sections 14.1, 14.2 and 14.3.
In OpenBSD 6.3 I used the commands detailed in the FAQ to create an encrypted softraid device and then install OpenBSD within that device. I omitted the command to over-write the disk with random numbers because of time.
Because I install from a USB stick, the drive numbering is 'off by one' compared to the example commands in the FAQ, so the fixed disk in the laptop is sd0 and the USB stick that I am installing from is sd1. The softraid device I use to install OpenBSD is therefore sd2. The commands I actually used in the installer shell session are shown below.
Boot from the installer USB stick and then select
[S]hell to get a command prompt...
# fdisk -iy sd0 # MBR not GPT # disklabel -E sd0 >a a offset:[64] size:[the size of your drive] FS type:[4.2BSD] RAID >w >q No label changes # bioctl -c C -l sd0a softraid0 New pass phrase: re-type passphrase # cd /dev && sh MAKEDEV sd2 # dd if=/dev/zero of=/dev/rsd2c bs=1m count=1 # exit
The exit command starts the installer script and you
type in the root password, your user and the user password and so on.
Then you select sd2 as the installer disk. You also have to
specify [disk] as the location of the package sets and then
answer 'no' when asked if the disk is mounted, select sd1,
mount the a partition. The installer script should then
find the package sets.
There is no graphical wifi manager available on OpenBSD. I like this little script that
runs from my user account and simply automates the typing in of the
ifconfig commands. None of the network related
configuration files are changed so I can always fall back on the
ifconfig commands in a new place. The script itself also
serves as a reminder of the syntax of the commands.
$ cat bin/wifi
#!/bin/sh
# adapted from http://marc.info/?l=openbsd-tech&m=146490607627340&w=2
if [[ $1 == "home" ]]; then
doas ifconfig iwn0 nwid home_wifi_name wpa wpakey home_wifi_password wpaprotos wpa1,wpa2
doas dhclient iwn0
fi
if [[ $1 == "blackberry" ]]; then
doas ifconfig iwn0 nwid phone_hotspot_name wpa wpakey phone_hotspot_password
doas dhclient iwn0
fi
The script requires the following lines to be added to
/etc/doas.conf.
permit nopass keith as root cmd ifconfig permit nopass keith as root cmd dhclient
Keith Burnett, 3rd April 2018: Updated for OpenBSD 6.3. Still working through the release notes, so this page might change.