Home→Archive↴

FreeBSD: After the First Boot

Last edited on 2025-06-22 • Tagged under  #freebsd   #bsd 

Part of the "Exploring FreeBSD on a Laptop" series.

Tested on FreeBSD 14.3

After the first boot of my new FreeBSD installation, these are some extra steps I like to make right away to get a system off to a good start!

• Use a larger font in console
• Update system
• Automatically check for updates
• Package management
• Set pkg manager to default to yes
• Add user to additional groups
• Alias for root mail
• Allow designated users to run commands as root

Use a larger font in console

On some of the higher-resolution displays I find the default font size in the console pretty small. The base system includes a selection of console fonts in /usr/share/vt/fonts.

Try a different, larger font size using vidcontrol(1):

# vidcontrol -f spleen-16x32

Here is a nice selection of terminus fonts of different sizes, converted for use in the FreeBSD console. Download, unpack, and place the all the ter-u*.fnt files in /usr/share/vt/fonts.

Try the different sizes:

# vidcontrol -f ter-u32

Use sysrc(8) to make a selection permanent by editing rc.conf(5):

# sysrc allscreens_flags="-f ter-u32"

Save changes and exit.

See: Fix small font in FreeBSD

Update system

Update the core system (not the user-installed packages; in FreeBSD the two are cleanly separated, see Package management below).

Use freebsd-update(8) to fetch security patches, if any, and list the files to be modified if the patches are applied. Next, apply the patches:

# freebsd-update fetch
# freebsd-update install

If the update applies any kernel patches, the system will need to be rebooted:

# shutdown -r now

Automatically check for updates

Configure the system to automatically check for security patches daily using the cron(8) utility.

Use crontab(1) to create a new job for the root user:

# crontab -e

Add this entry:

@daily          freebsd-update cron

Save changes and exit.

A new crontab is created for root in /var/cron/tabs.

Package management

Package management is one area where the differences between the Linux philosophy and the BSD philosophy about how to build a system becomes apparent.

Linux is an operating system kernel. Developers take this kernel and combine it with various independent software projects in a collection of packages that is released as a Linux distribution (Ubuntu, Debian, Fedora, etc.).

In contrast, each of the BSDs develop their own kernel and combine it with system components that are developed together "in-house" and released as a whole. The idea being that this approach leads to a more robust and tightly integrated core operating system. Third-party "userland" packages not included in the core may still be installed at the discretion of the user, with source code and binary packages provided from a ports repository.

Manage these packages using the pkg command. The first time the command is run, it will bootstrap the full pkg(8) from a remote repository.

To add a package:

# pkg install [package]

One of the first packages I like to install on any BSD or Linux system is htop(1):

# pkg install htop

To keep packages up-to-date, compare installed packages to the versions in ports and generate a list of packages due for an upgrade:

# pkg upgrade

See: FreeBSD Handbook - Chapter 4. Installing Applications: Packages and Ports

Set pkg manager to default to yes

From pkg.conf(5):

DEFAULT_ALWAYS_YES: boolean When this option is enabled pkg(1) will default to "yes" for all questions which require user confirmation before doing anything. Default: NO.

Open the file for editing:

# vi /usr/local/etc/pkg.conf

Set default:

DEFAULT_ALWAYS_YES = true;

Save changes and exit.

Add user to additional groups

Use pw(8) to add my user account created during installation to a group with the syntax:

# pw groupmod <group_name> -m <username>

Example: Permit powering off the system as a non-root user using shutdown(8) by adding my user foo to the operator group:

# pw groupmod operator -m foo

Alias for root mail

Rather than login to root to collect system mail, I forward the root user's mail to my non-root user's inbox.

Open the aliases(5) file for editing:

# vi /etc/aliases

Look for the following line:

# root: me@my.domain

Uncomment that line and replace me@my.domain with my username (example: foo):

root: foo

Save changes and exit.

Let the MTA know about the change by running the newaliases(1) command (no arguments):

# newaliases

Test whether mail is indeed being forwarded by using the mail(1) command as my user to send root a message:

$ mail root
Subject: Test new alias 
Is it working?

Press CTRL-d to exit and send message.

It works!

$ mail
Mail version 8.1 6/6/93.  Type ? for help.
"/var/mail/foo": 1 message 1 new
>N  1 foo@bsdbox.home.arp  Thu May 10 10:14  15/467   "Test new alias"

See: How to Forward Root’s Mail

Allow designated users to run commands as root

A user account foo was created during installation and assigned to the wheel group.

Install doas(1) to run root-level access commands, and allow members of wheel to do so by default, by creating doas.conf(5):

# pkg install doas
# echo "permit keepenv :wheel" > /usr/local/etc/doas.conf

Allow user foo to run commands as root without asking for a password:

# echo "permit nopass keepenv foo as root" >> /usr/local/etc/doas.conf

Log out as root, and re-login as your user and use doas to run any commands that require root privileges.

You can like, share, or comment on this post on the Fediverse 💬

» Next: Getting Started with ZFS Snapshots

« Previous: Getting Started with Fish