FreeBSD

FreeBSD is a free and open-source Unix-like operating system descended from the Berkeley Software Distribution (BSD), which was based on Research Unix. The first version of FreeBSD was released in 1993. In 2005, FreeBSD was the most popular open-source BSD operating system, accounting for more than three-quarters of all installed and permissively licensed BSD systems.

FreeBSD has similarities with Linux, with two major differences in scope and licensing: FreeBSD maintains a complete system, i.e. the project delivers a kernel, device drivers, userland utilities, and documentation, as opposed to Linux only delivering a kernel and drivers, and relying on third-parties for system software; FreeBSD source code is generally released under a permissive BSD license, as opposed to the copyleft GPL used by Linux.

The FreeBSD project includes a security team overseeing all software shipped in the base distribution. A wide range of additional third-party applications may be installed from binary packages using the pkg package management system or from source via FreeBSD Ports, or by manually compiling source code.

Much of FreeBSD's codebase has become an integral part of other operating systems such as Darwin (the basis for macOS, iOS, iPadOS, watchOS, and tvOS), TrueNAS (an open-source NAS/ SAN operating system), and the system software for the PlayStation 3 and PlayStation 4 game consoles. The other BSD systems (OpenBSD, NetBSD, and DragonFly BSD) also contain a large amount of FreeBSD code, and vice-versa.

History

Background

In 1974, Professor Bob Fabry of the University of California, Berkeley, acquired a Unix source license from AT&T. Supported by funding from DARPA, the Computer Systems Research Group started to modify and improve AT&T Research Unix. They called this modified version "Berkeley Unix" or "Berkeley Software Distribution" (BSD), implementing features such as TCP/IP, virtual memory, and the Berkeley Fast File System. The BSD project was founded in 1976 by Bill Joy. But since BSD contained code from AT&T Unix, all recipients had to first get a license from AT&T in order to use BSD.

In June 1989, "Networking Release 1" or simply Net-1 – the first public version of BSD – was released. After releasing Net-1, Keith Bostic, a developer of BSD, suggested replacing all AT&T code with freely-redistributable code under the original BSD license. Work on replacing AT&T code began and, after 18 months, much of the AT&T code was replaced. However, six files containing AT&T code remained in the kernel. The BSD developers decided to release the "Networking Release 2" (Net-2) without those six files. Net-2 was released in 1991.

Birth of FreeBSD

In 1992, several months after the release of Net-2, William and Lynne Jolitz wrote replacements for the six AT&T files, ported BSD to Intel 80386-based microprocessors, and called their new operating system 386BSD. They released 386BSD via an anonymous FTP server. The development flow of 386BSD was slow, and after a period of neglect, a group of 386BSD users decided to branch out on their own so that they could keep the operating system up to date. On 19 June 1993, the name FreeBSD was chosen for the project. The first version of FreeBSD was released in November 1993.

In the early days of the project's inception, a company named Walnut Creek CDROM, upon the suggestion of the two FreeBSD developers, agreed to release the operating system on CD-ROM. In addition to that, the company employed Jordan Hubbard and David Greenman, ran FreeBSD on its servers, sponsored FreeBSD conferences and published FreeBSD-related books, including ''The Complete FreeBSD'' by Greg Lehey. By 1997, FreeBSD was Walnut Creek's "most successful product". The company later renamed itself to ''The FreeBSD Mall'' and later iXsystems.

Today, FreeBSD is used by many IT companies such as IBM, Nokia, Juniper Networks, and NetApp to build their products. Certain parts of Apple's Mac OS X operating system are based on FreeBSD. Both the PlayStation 3 and Nintendo Switch operating system also borrow certain components from FreeBSD, while the PlayStation 4 operating system is derived from FreeBSD 9. Netflix, WhatsApp, and FlightAware are also examples of large, successful and heavily network-oriented companies which are running FreeBSD.

Lawsuit

386BSD and FreeBSD were both derived from BSD releases. In January 1992, Berkeley Software Design Inc. (BSDi) started to release BSD/386, later called BSD/OS, an operating system similar to FreeBSD and based on 4.3BSD Net/2. AT&T filed a lawsuit against BSDi and alleged distribution of AT&T source code in violation of license agreements. The lawsuit was settled out of court and the exact terms were not all disclosed. The only one that became public was that BSDi would migrate their source base to the newer 4.4BSD-Lite2 sources. Although not involved in the litigation, it was suggested to FreeBSD that they should also move to 4.4BSD-Lite2. FreeBSD 2.0, which was released in November 1994, was the first version of FreeBSD without any code from AT&T.

Features

Use cases

FreeBSD contains a significant collection of server-related software in the base system and the ports collection, allowing FreeBSD to be configured and used as a mail server, web server, firewall, FTP server, DNS server and a router, among other applications.

FreeBSD can be installed on a regular desktop or a laptop. The X Window System is not installed by default, but is available in the FreeBSD ports collection. Wayland (display server protocol) is also available for FreeBSD (unofficially supported). A number of desktop environments such as GNOME, KDE, and Xfce, as well as lightweight window managers such as Openbox, Fluxbox, dwm, an
bspwm
are also available for FreeBSD. As of FreeBSD 12, support for a modern graphics stack is available via drm-kmod. A large number of wireless adapters are supported.

FreeBSD releases installation images for supported platforms. Since FreeBSD 13 the focus has been on x86-64 and aarch64 platforms which have Tier 1 support. x86-32 is a Tier 1 platform in FreeBSD 12 but is a Tier 2 platform in FreeBSD 13. 32 bit ARM processors using armv6 or armv7 also have Tier 2 support. 64 bit versions of PowerPC and RISC-V are also supported. Interest in the RISC-V architecture has been growing. The MIPS architecture port has been marked for deprecation and there is no image for any currently supported version. FreeBSD 12 supports SPARC but there is no image for FreeBSD 13.

Networking

FreeBSD's TCP/IP stack is based on the 4.2BSD implementation of TCP/IP which greatly contributed to the widespread adoption of these protocols. FreeBSD also supports IPv6, SCTP, IPSec, and wireless networking (Wi-Fi). The IPv6 and IPSec stacks were taken from the KAME project. Prior to version 11.0, FreeBSD supported IPX and AppleTalk protocols, but they are considered old and have now been dropped.

As of FreeBSD 5.4, support for the Common Address Redundancy Protocol (CARP) was imported from the OpenBSD project. CARP allows multiple nodes to share a set of IP addresses, so if one of the nodes goes down, other nodes still can serve the requests.

Storage

FreeBSD has several unique features related to storage. Soft updates can protect the consistency of the UFS filesystem (widely used on the BSDs) in the event of a system crash. Filesystem snapshots allow an image of a UFS filesystem at an instant in time to be efficiently created. Snapshots allow reliable backup of a live filesystem. GEOM is a modular framework that provides RAID (levels 0, 1, 3 currently), full disk encryption, journaling, concatenation, caching, and access to network-backed storage. GEOM allows building of complex storage solutions combining ("chaining") these mechanisms.
FreeBSD provides two frameworks for data encryption: GBDE and Geli. Both GBDE and Geli operate at the disk level. GBDE was written by Poul-Henning Kamp and is distributed under the two-clause BSD license. Geli is an alternative to GBDE that was written by Pawel Jakub Dawidek and first appeared in FreeBSD 6.0.

From 7.0 onward, FreeBSD supports the ZFS filesystem. ZFS was previously an open-source filesystem that was first developed by Sun Microsystems, but when Oracle acquired Sun, ZFS became a proprietary product. However, the FreeBSD project is still developing and improving its ZFS implementation via the OpenZFS project.

Security

FreeBSD provides several security-related features including access-control lists (ACLs), security event auditing, extended file system attributes, mandatory access controls (MAC) and fine-grained capabilities. These security enhancements were developed by the TrustedBSD project. The project was founded by Robert Watson with the goal of implementing concepts from the Common Criteria for Information Technology Security Evaluation and the Orange Book. This project is ongoing and many of its extensions have been integrated into FreeBSD. The project is supported by a variety of organizations, including the DARPA, NSA, Network Associates Laboratories, Safeport Network Services, the University of Pennsylvania, Yahoo!, McAfee Research, SPARTA, Apple Computer, nCircle Network Security, Google, the University of Cambridge Computer Laboratory, and others.

The project has also ported the NSA's FLASK/TE implementation from SELinux to FreeBSD. Other work includes the development of OpenBSM, an open-source implementation of Sun's Basic Security Module (BSM) API and audit log file format, which supports an extensive security audit system. This was shipped as part of FreeBSD 6.2. Other infrastructure work in FreeBSD performed as part of the TrustedBSD Project has included GEOM and OpenPAM.

Most components of the TrustedBSD project are eventually folded into the main sources for FreeBSD. In addition, many features, once fully matured, find their way into other operating systems. For example, OpenPAM has been adopted by NetBSD. Moreover, the TrustedBSD MAC Framework has been adopted by Apple for macOS.

FreeBSD ships with three different firewall packages: IPFW, pf and IPFilter. IPFW is FreeBSD's native firewall. pf was taken from OpenBSD and IPFilter was ported to FreeBSD by Darren Reed.

Taken from OpenBSD, the OpenSSH program was included in the default install. OpenSSH is a free implementation of the SSH protocol and is a replacement for telnet. Unlike telnet, OpenSSH encrypts all information (including usernames and passwords).

In November 2012, The FreeBSD Security Team announced that hackers gained unauthorized access on two of the project's servers. These servers were turned off immediately. More research demonstrated that the first unauthorized access by hackers occurred on 19 September. Apparently hackers gained access to these servers by stealing SSH keys from one of the developers, not by exploiting a bug in the operating system itself. These two hacked servers were part of the infrastructure used to build third-party software packages. The FreeBSD Security Team checked the integrity of the binary packages and announced that no unauthorized changes were made to the binary packages, but stated that they could not guarantee the integrity of packages that were downloaded between 19 September and 11 November.

Portability

FreeBSD has been ported to a variety of instruction set architectures. The FreeBSD project organizes architectures into tiers that characterize the level of support provided. Tier 1 architectures are mature and fully supported, e.g. it is the only tier "supported by the security officer". Tier 3 architectures are experimental or are no longer under active development and Tier 4 architectures have no support at all.

, FreeBSD has been ported to the following architectures:

The 32-bit ARM (including OTG) and MIPS support is mostly aimed at embedded systems ( ARM64 is also aimed at servers), however FreeBSD/ARM runs on a number of single-board computers, including the BeagleBone Black, Raspberry Pi and Wandboard.

Hardware compatibility

Supported devices are listed in the FreeBSD 12.1-RELEASE Hardware Notes. The document describes the devices currently known to be supported by FreeBSD. Other configurations may also work, but simply have not been tested yet. Rough automatically extracted lists of supported device ids are available in a third party repository.

In 2020, a new project was introduced to automatically collect information about tested hardware configurations.

Third-party software

FreeBSD has a software repository of over 30,000 applications that are developed by third parties. Examples include: windowing systems, web browsers, email clients, office suites and so forth. In general, the project itself does not develop this software, only the framework to allow these programs to be installed, which is known as the Ports collection. Applications may either be compiled from source ("ports"), provided their licensing terms allow this, or downloaded as precompiled binaries ("packages"). The Ports collection supports the current and stable branches of FreeBSD. Older releases are not supported and may or may not work correctly with an up-to-date Ports collection.

Ports use Makefiles to automatically fetch the desired application's source code, either from a local or remote repository, unpack it on the system, apply patches to it and compile it. Depending on the size of the source code, compiling can take a long time, but it gives the user more control over the process and its result. Most ports also have package counterparts (i.e. precompiled binaries), giving the user a choice. Although this method is faster, the user has fewer customization options.

FreeBSD version 10.0 introduced the package manager pkg as a replacement for the previously used package tools. It is functionally similar to apt and yum in Linux distributions. It allows for installation, upgrading and removal of both ports and packages. In addition to pkg, PackageKit can also be used to access the Ports collection.

Jails

First introduced in FreeBSD version 4, jails are a security mechanism and an implementation of operating-system-level virtualization that enables the user to run multiple instances of a guest operating system on top of a FreeBSD host. It is an enhanced version of the traditional chroot mechanism. A process that runs within such a jail is unable to access the resources outside of it. Every jail has its own hostname and IP address. It is possible to run multiple jails at the same time, but the kernel is shared among all of them. Hence only software supported by the FreeBSD kernel can be run within a jail.

Virtualization

bhyve, a new virtualization solution, was introduced in FreeBSD 10.0. bhyve allows a user to run a number of guest operating systems (FreeBSD, OpenBSD, Linux, and Microsoft Windows) simultaneously. Other operating systems such as Illumos are planned. bhyve was written by Neel Natu and Peter Grehan and was announced in the 2011 BSDCan conference for the first time. The main difference between bhyve and FreeBSD jails is that jails are an operating system-level virtualization and therefore limited to only FreeBSD guests; but bhyve is a type 2 hypervisor and is not limited to only FreeBSD guests. For comparison, bhyve is a similar technology to KVM whereas jails are closer to LXC containers or Solaris Zones. Amazon EC2 AMI instances are also supported via amazon-ssm-agent

Since FreeBSD 11.0, there has been support for running as the Dom0 privileged domain for the Xen type 1 hypervisor. Support for running as DomU (guest) has been available since FreeBSD 8.0.

VirtualBox (without the closed-source Extension Pack) and QEMU are available on FreeBSD.

OS compatibility layers

Most software that runs on Linux can run on FreeBSD using an optional built-in compatibility layer. Hence, most Linux binaries can be run on FreeBSD, including some proprietary applications distributed only in binary form. This compatibility layer is not an emulation; Linux's system call interface is implemented in the FreeBSD's kernel and hence, Linux executable images and shared libraries are treated the same as FreeBSD's native executable images and shared libraries. Additionally, FreeBSD provides compatibility layers for several other Unix-like operating systems, in addition to Linux, such as BSD/OS and SVR4, however, it is more common for users to compile those programs directly on FreeBSD.

No noticeable performance penalty over native FreeBSD programs has been noted when running Linux binaries, and, in some cases, these may even perform more smoothly than on Linux. However, the layer is not altogether seamless, and some Linux binaries are unusable or only partially usable on FreeBSD. There is support for system calls up to version 2.6.18, available since . As of release 10.3, FreeBSD can run 64-bit Linux binaries.

FreeBSD has implemented a number of Microsoft Windows native NDIS kernel interfaces to allow FreeBSD to run (otherwise) Windows-only network drivers.

The Wine compatibility layer, which allows the running of many Windows applications, especially games, without a (licensed) copy of Microsoft Windows, is available for FreeBSD.

Kernel

FreeBSD's kernel provides support for some essential tasks such as managing processes, communication, booting and filesystems. FreeBSD has a monolithic kernel, with a modular design. Different parts of the kernel, such as drivers, are designed as modules. The user can load and unload these modules at any time. ULE is the default scheduler in FreeBSD since version 7.1, it supports SMP and SMT. The FreeBSD kernel has also a scalable event notification interface, named kqueue. It has been ported to other BSD-derivatives such as OpenBSD and NetBSD. Kernel threading was introduced in FreeBSD 5.0, using an M:N threading model. This model works well in theory, but it is hard to implement and few operating systems support it. Although FreeBSD's implementation of this model worked, it did not perform well, so from version 7.0 onward, FreeBSD started using a 1:1 threading model, called libthr.

Documentation and support

FreeBSD's documentation consists of its handbooks, manual pages, mailing list archives, FAQs and a variety of articles, mainly maintained by The FreeBSD Documentation Project. FreeBSD's documentation is translated into several languages. All official documentation is released under the FreeBSD Documentation License, "a permissive non-copyleft free documentation license that is compatible with the GNU FDL". FreeBSD's documentation is described as "high-quality".

The FreeBSD project maintains a variety of mailing lists. Among the most popular mailing lists are FreeBSD-questions (general questions) and FreeBSD-hackers (a place for asking more technical questions).

Since 2004, the New York City BSD Users Group database provides dmesg information from a collection of computers ( laptops, workstations, single-board computers, embedded systems, virtual machines, etc.) running FreeBSD.

Installers

From version 2.0 to 8.4, FreeBSD used the sysinstall program as its main installer. It was written in C by Jordan Hubbard. It uses a text user interface, and is divided into a number of menus and screens that can be used to configure and control the installation process. It can also be used to install Ports and Packages as an alternative to the command-line interface.

The sysinstall utility is now considered deprecated in favor of bsdinstall, a new installer which was introduced in FreeBSD 9.0. bsdinstall is "a lightweight replacement for sysinstall" that was written in sh. According to OSNews, "It has lost some features while gaining others, but it is a much more flexible design, and will ultimately be significant improvement".

Shell

The default FreeBSD shell is the tcsh shell for root, and the Almquist shell (sh) for regular users. The default scripting shell is the Almquist shell.

Development

FreeBSD is developed by a volunteer team located around the world. The developers use the Internet for all communication and many have not met each other in person. In addition to local user groups sponsored and attended by users, an annual conference, called BSDcon, is held by USENIX. BSDcon is not FreeBSD-specific so it deals with the technical aspects of all BSD-derived operating systems, including OpenBSD and NetBSD. In addition to BSDcon, three other annual conferences, EuroBSDCon, AsiaBSDCon and BSDCan take place in Europe, Japan and Canada respectively.

Governance structure

The FreeBSD Project is run by around 500 committers or developers who have commit access to the master source code repositories and can develop, debug or enhance any part of the system. Most of the developers are volunteers and few developers are paid by some companies. There are several kinds of committers, including source committers (base operating system), doc committers (documentation and website authors) and ports (third-party application porting and infrastructure). Every two years the FreeBSD committers select a 9-member FreeBSD Core Team, which is responsible for overall project direction, setting and enforcing project rules and approving new committers, or the granting of commit access to the source code repositories. A number of responsibilities are officially assigned to other development teams by the FreeBSD Core Team, for example, responsibility for managing the ports collection is delegated to the Ports Management Team.

In addition to developers, FreeBSD has thousands of "contributors". Contributors are also volunteers outside of the FreeBSD project who submit patches for consideration by committers, as they don't have direct access to FreeBSD's source code repository. Committers then evaluate contributors' submissions and decide what to accept and what to reject. A contributor who submits high-quality patches is often asked to become a committer.

Branches

FreeBSD developers maintain at least two branches of simultaneous development. The ''-CURRENT'' branch always represents the " bleeding edge" of FreeBSD development. A ''-STABLE'' branch of FreeBSD is created for each major version number, from which -RELEASE is cut about once every 4–6 months. If a feature is sufficiently stable and mature it will likely be backpor