FreeBSD 15 on a Laptop | Cullum Smith
FreeBSD 15 really feels like a breakthrough release.
It’s always been my favorite operating system for servers, but with the arrival of<br>pkgbase, massive improvements to the<br>LinuxKPI drivers, and the launch of the Laptop<br>Support and Usability Project, it’s<br>become my primary desktop, too.
Since my last attempt with FreeBSD 14, a lot has<br>changed:
KDE Plasma 6 was ported
Wayland is now working
Intel WiFi gained full support (not stuck on 802.11g!)
I’m getting about 6-7 hours of battery life with my ThinkPad X1 Carbon.<br>Other than Bluetooth (which I have not attempted), everything on my device<br>functions well with FreeBSD.
There’s also a new Laptop Compatibility<br>Matrix where you can see<br>what works on your own hardware.
So let’s build a FreeBSD laptop system with KDE!
This guide assumes you’re using Intel graphics with an Intel wireless chipset.<br>I’m sure that other hardware configurations work fine, but I’m sticking with firsthand<br>experience here.
Installation
Grab a FreeBSD 15.1 memstick<br>image<br>and dd it to a USB stick:
curl -OJ https://download.freebsd.org/releases/amd64/amd64/ISO-IMAGES/15.1/FreeBSD-15.1-RELEASE-amd64-memstick.img<br>sudo dd if=FreeBSD-15.1-RELEASE-amd64-memstick.img of=/dev/sdX bs=1M conv=sync
The installation wizard is straightforward. Make sure your system is configured for UEFI<br>boot, and select ZFS (GPT) for the disk layout.
When prompted for base system installation type, choose Packages to get the new<br>pkgbase goodness.
You’ll want to enable SSH in the installer. Better to copy paste into an SSH session than<br>to type everything manually into a virtual console!
Once you reboot, login as root using the password you specified during installation.
Hardware Devices, Drivers, and Tuning
First, we’ll configure device drivers and make various tweaks to get optimum performance<br>and battery life out of a desktop system.
Many of these steps are not strictly necessary, but they work well for me. Use your own<br>judgment!
Bootloader Tunables
First, open up /boot/loader.conf and consider adding the following:
# /boot/loader.conf
# Timeout at the bootloader prompt (seconds).<br>autoboot_delay="3"
# HaRdEniNg: 99% of users will never need<br># destructive dtrace.<br>security.bsd.allow_destructive_dtrace="0"
# The defaults here are way too conservative<br># for desktop stuff like web browsers.<br>kern.ipc.shmseg="1024"<br>kern.ipc.shmmni="1024"<br>kern.maxproc="100000"
# If your system supports Intel Speed Shift<br># (check dmesg), then set this to 0. This will<br># allow each core to set its own power state.<br>machdep.hwpstate_pkg_ctrl="0"
# Enable PCI power saving.<br>hw.pci.do_power_nodriver="3"
# Enable faster soreceive() implementation.<br># Don't use this if you run a BIND DNS server.<br>net.inet.tcp.soreceive_stream="1"
# Increase network interface queue length.<br>net.isr.defaultqlimit="2048"<br>net.link.ifqmaxlen="2048"
# For laptops: increase ZFS transaction timeout<br># to save on battery life.<br>vfs.zfs.txg.timeout="10"
Kernel Modules
Enable querying CPU information and temperature:
sysrc -v kld_list+="cpuctl coretemp"
The H-TCP congestion control algorithm is designed to perform better over fast,<br>long-distance networks (like the Internet). You might consider using it:
sysrc -v kld_list+="cc_htcp"
If you’re using a ThinkPad, you’ll need this module to get all your buttons working:
sysrc -v kld_list+="acpi_ibm"
Sysctl Tweaks
Next, open up /etc/sysctl.conf and consider setting some of the following sysctls.<br>You can view the description of a sysctl using sysctl -d.
# /etc/sysctl.conf
# ==================<br># sEcuRitY HaRdeNinG<br># ==================
# These settings are pretty common sense for<br># the majority of people:<br>hw.kbd.keymap_restrict_change=4<br>kern.coredump=0<br>kern.elf32.aslr.pie_enable=1<br>kern.random.fortuna.minpoolsize=128<br>kern.randompid=1<br>net.inet.icmp.drop_redirect=1<br>net.inet.ip.process_options=0<br>net.inet.ip.random_id=1<br>net.inet.ip.redirect=0<br>net.inet.ip.rfc1122_strong_es=1<br>net.inet.tcp.always_keepalive=0<br>net.inet.tcp.drop_synfin=1<br>net.inet.tcp.icmp_may_rst=0<br>net.inet.tcp.syncookies=0<br>net.inet6.ip6.redirect=0<br>security.bsd.unprivileged_read_msgbuf=0
# Some guides will tell you use these.<br># More trouble than they're worth, IMO!<br>#kern.elf32.allow_wx=0<br>#kern.elf64.allow_wx=0<br>#security.bsd.hardlink_check_gid=1<br>#security.bsd.hardlink_check_uid=1<br>#security.bsd.see_other_gids=0<br>#security.bsd.see_other_uids=0<br>#security.bsd.unprivileged_proc_debug=0
# ==========================<br># Network Performance Tuning<br># ==========================
# The default values for many of these sysctls<br># are optimized for the TCP latencies of a LAN.<br># The modifications below should give you<br># better TCP performance over connections with<br># a larger RTT (like the Internet), at the<br># expense of higher memory utilization.<br># Source: it came to me in a...