Basic FreeBSD optimization: noatime, tmpfs, sudo, disable sendmail

When FreeBSD is installed, some things should be configured. Then the system will work faster and more optimized. Here we will put /tmp in memory, disable metadata of last access in a filesystem, install sudo and disable sendmail service.

Add noatime option to a filesystem

By default, FreeBSD doesn’t have this option enabled. Every time a file is read or modified a field of the last access is re-written, which slightly slows down reading and writing on the disk.

Filesystem noatime option disables “last access” field rewriting. By that applications will work faster (for example unpacking operations during package installing), because they will not waste time writing to this field.

To enable this option, open /etc/fstab with a text editor and add “noatime” to option list separated by commas:

nano /etc/fstab
...
#Device		Mountpoint	FStype		Options		Dump		Pass#
/dev/ada0s1a	/		           ufs		rw,noatime	1		1

After system reboot, the changes will take effect.

Note, in rare cases, some programs may use last file access field. For example, mail programs that use /var/mail.

Mounting /tmp as tmpfs filesystem located in memory

By default, /tmp is placed on a disk. Therefore, all operations in /tmp will occur on a disk, which slows down the system, especially the work of programs that use /tmp for resource intensive operations like unpacking archives.

An alternative way is to allocate a certain amount of memory for /tmp, then things will become faster and will not load the disk. I download files to /tmp that I need once. Files are automatically deleted after reboot.

Open /boot/loader.conf with a text editor:

nano /boot/loader.conf

And add the following line:

tmpfs_load="YES"

This means when FreeBSD starts, tmpfs.ko kernel module will automatically be loaded. Now we have to add the mount point.

Open /etc/fstab:

sudo nano -w /etc/fstab        # -w option allows me to disable line hard-wrapping

And add the following columns. By size= option we can specify the number of megabytes or gigabytes we are ready to allocate. Separate columns with tabs:

 # Device        Mountpoint        FStype  Options 			         Dump    Pass#
 ...
 tmpfs              /tmp                   tmpfs     rw,mode=1777,size=128M 	0       0

Here I have allocated 128 MB for /tmp.

mode=1777 option means “Access rights: For all”

Note, tmpfs has no noatime option, because it doesn’t exist.

Changes will take effect after reboot.

If we don’t want to reboot the system right now, we can do it for the present moment.

Load tmpfs.ko module manually:

kldload tmpfs

Then mount it. Use own memory size:

mount -t tmpfs -o rw,mode=1777,size=128M tmpfs /tmp

We can check the status of filesystems with the following command:

df -h
...
Filesystem	Size	Used	Avail	Capacity	Mounted on
tmpfs		128M	4.0K	128M	0%		/tmp

Install sudo, get root privileges to execute commands

First, install the package:

pkg install sudo

Then open sudoers file:

nano /usr/local/etc/sudoers

Look for:

##
## User privilege specification
##
root ALL=(ALL) ALL

Here are:
root – the user for which the rights are set.
ALL = – the names of hosts from which command execution is allowed.
(ALL) – users on whose behalf the user can execute commands. We can expand it to (ALL:ALL) – then the rule will include USER:GROUP.
last ALL – commands that can be executed.

Let’s add ours username with the same privileges as root has:

john ALL=(ALL) ALL

Now it is possible to run programs with root privileges:

sudo some_program -options

In order not to constantly enter sudo before each command we can do:

sudo -s

In this case, the user will get root privileges until he exits himself, for example, by using the Ctrl + D shortcut. Be careful with this, serious changes will take effect immediately and can damage your system.

Disable sendmail service

To my surprise sendmail continues to work, even after I have unchecked it during FreeBSD installation process. I don’t use this service, therefore I found how to completely disable it.

To disable sendmail service, open rc.conf:

nano /etc/rc.conf

And add the following lines:

sendmail_enable="NO"                        # Disable sendmail daemon for incoming messages
sendmail_submit_enable="NO"           # Disable a localhost-only MTA for mail submission
sendmail_outbound_enable="NO"       # Disable Dequeue stuck mail
sendmail_msp_queue_enable="NO"    # Disable Dequeue stuck clientmqueue mail

Save and quit. After FreeBSD reboot the changes will take effect.