FreeBSD agent

[Tomatoschewps]

Hi,

I've read the last announce for MeshAgent on MIPS OpenWRT with enthousiast :) Not that we use OpenWRT but with this announce I hope to see an agent for FreeBSD one day ^^

We have a lot of pfSense router (based on FreeBSD) and if we can centralise them in MeshCentral to use at least port forward, it will be a really great update for us (even more than correcting LDAP problem ;) )

If other users is interested, don't hesitate to click on +1 ;)

D.

[krayon007]

We actually have had a freebsd agent for a while.. I even tested it with OpenSnse. You should see FreeBSD as one of the agent types when you download the agent from the server.

[Tomatoschewps]

I'm dumb ... (seen Linux but never remark BSD)

I just give a try with the binary (uploaded with winscp and chmod u+x) but it gives me : CRITICALEXIT, FILE: microscript/ILibDuktape_ScriptContainer.c, LINE: 450

The download popup says that it's for OS with desktop. In my case I have to use the scripted version ?

[Tomatoschewps]

Tried with the install script but pfsense doesn't come with wget installed or availlable in ports. will see tomorrow.

[krayon007]

I'm dumb ... (seen Linux but never remark BSD)

I just give a try with the binary (uploaded with winscp and chmod u+x) but it gives me : CRITICALEXIT, FILE: microscript/ILibDuktape_ScriptContainer.c, LINE: 450

The download popup says that it's for OS with desktop. In my case I have to use the scripted version ?

No, that's because procfs is not mounted by default on FreeBSD... Here are the instructions from the makefile I added for BSD.. (I'll have Ylian include it the documentation)

1. You'll need to mount procfs, which isn't mounted by default on FreeBSD. Add the following line to /etc/fstab
    proc    /proc   procfs  rw  0   0
2. If you don't reboot, then you can manually mount with the command:
    mount -t procfs proc /proc
3. In addition, it is recommended to install bash, which you can do with the following command:
    pkg install bash

[krayon007]

I updated the agent, so in the future, when people run the agent on FreeBSD with procfs not mounted, it will display the above message. This will be included in the next agent update.

[Tomatoschewps]

Amazing ! Good for me, I have some work now to add all our pfsense to meshcentral ^^

Other question about binary installer, we use some Ubiquity EdgeRouter X with MIPS1004Kc I have to assume that mips24kc binary will not work and better prefere script installer ?

[krayon007]

Amazing ! Good for me, I have some work now to add all our pfsense to meshcentral ^^

Other question about binary installer, we use some Ubiquity EdgeRouter X with MIPS1004Kc I have to assume that mips24kc binary will not work and better prefere script installer ?

If you have a link to a toolchain for MIPS1004KC that you can send me, or post a link to here, I'd be happy to integrate it in our build, and build the agent for that. I'm not sure how compatible a MIPS24KC binary would be for that SoC. (Let me know if it works).

Does the Ubiquiti Edge Router run linux, FreeBSD, or something else?

[krayon007]

On a side note, the only MIPS binaries we have currently are the ones built from a DDWRT toolchain, and the one built with the OpenWRT/MIPS24KC toolchain.... That's why I was asking about details about your ubiquiti setup, becuase we'll probably need to build with a different toolchain to support that.

[Tomatoschewps]

I haven't find any link for MIPS1004Kc toolchain ... For what I know and have found :

• EdgeRouter run Debian/linux
• root@ubnt:~# ./meshagent -install bash: ./meshagent: cannot execute binary file: Exec format error
• lscpu Architecture: mips Byte Order: Little Endian CPU(s): 4 On-line CPU(s) list: 0-3 Thread(s) per core: 2 Core(s) per socket: 2 Socket(s): 1 BogoMIPS: 581.63 L1d cache: 32K L1i cache: 32K L2 cache: 256K
• cat /proc/cpuinfo system type : MediaTek MT7621 ver:1 eco:3 machine : Ubiquiti EdgeRouter processor : 0/1/2/3 cpu model : MIPS 1004Kc V2.15 BogoMIPS : 581.63 wait instruction : yes microsecond timers : yes tlb_entries : 32 extra interrupt vector : yes hardware watchpoint : yes, count: 4, address/irw mask: [0x0ffc, 0x0ffc, 0x0ffb, 0x0ffb] isa : mips1 mips2 mips32r1 mips32r2 ASEs implemented : mips16 dsp mt shadow register sets : 1 kscratch registers : 0 package : 0 core : 0 VPE : 0 VCED exceptions : not available VCEI exceptions : not available

I have a test router so if you think of something else useful, tel me. I will continu search for toolchain

D.

[krayon007]

Yeah, I looked into it earlier... The MIPS24KC build we have is Big-Endian, however the MIPS on EdgeRouter is little endian. The DDWRT build we have, is built for MIPS little endian, but it also uses uCLibc, instead of glibc, so it probably won't work for EdgeRouter either.

I had read earlier that EdgeOS uses regular debian toolchain, so I had downloaded the toolchain, I just haven't gotten around to pulling the right one out, becuase not only was it a giant download, but it contained files with the name "con" in it, so it fubarred my windows filesystem. (You cannot have files with that name in windows file system, apparently)

I just cleaned up the mess from that, so I was going to take a look at compiling a little endian MIPS build on a vanilla debian toolchain.. I can post back the binary in this thread later, and you can test it to see if it works?

[Tomatoschewps]

Yeah, I looked into it earlier... The MIPS24KC build we have is Big-Endian, however the MIPS on EdgeRouter is little endian. The DDWRT build we have, is built for MIPS little endian, but it also uses uCLibc, instead of glibc, so it probably won't work for EdgeRouter either.

You're better at this than me ...

I had read earlier that EdgeOS uses regular debian toolchain,

Right

so I had downloaded the toolchain, I just haven't gotten around to pulling the right one out, becuase not only was it a giant download, but it contained files with the name "con" in it, so it fubarred my windows filesystem. (You cannot have files with that name in windows file system, apparently)

Read that once but never experienced it ... (it can become a joke at office :') )

I just cleaned up the mess from that, so I was going to take a look at compiling a little endian MIPS build on a vanilla debian toolchain.. I can post back the binary in this thread later, and you can test it to see if it works?

Nothing urgent for me but yes, if you come to have something to test, i'm here and glad to help !

[Tomatoschewps]

MeshAgent service doesn't start after pfsense reboot.

After reading some documentation on Freebsd and pfsense, i've managed to make it work with : ln -s /usr/local/etc/rc.d/meshagent /usr/local/etc/rc.d/meshagent.sh echo 'meshagent_enable="YES"' >> /etc/rc.conf.local

If it can help someone ...

[krayon007]

MeshAgent service doesn't start after pfsense reboot.

After reading some documentation on Freebsd and pfsense, i've managed to make it work with : ln -s /usr/local/etc/rc.d/meshagent /usr/local/etc/rc.d/meshagent.sh echo 'meshagent_enable="YES"' >> /etc/rc.conf.local

If it can help someone ...

That is strange... You should not have to do that... I just did some testing, and verified that the agent starts correctly on a vanilla FreeBSD, but not on OPNSense... I'll do some investigating to see why the discrepancy...

[krayon007]

Ok, for starters, you don't need to do: ln -s /usr/local/etc/rc.d/meshagent /usr/local/etc/rc.d/meshagent.sh

For OPNSense, all you need to do is: echo 'meshagent_enable="YES"' > /etc/rc.conf.local

What is strange, is that is only supposed to be necessary if you want to override the default, but the default for the meshagent should be to autostart. It looks like the vanilla FreeBSD OS will honor the default, but OPNSense does not. I will modify the installer, so that it will always create the entry in rc.conf.local I just need to do some extra work, so that when you uninstall the service, it removes the entry from rc.conf.local as well...

[Tomatoschewps]

For what i've read, pfsense override the /etc/rc.conf so you can't use it (or you have ro go threw the pfsense xml config file) And i've tried without adding .sh to meshagent startum script but it won't work.

D.

---

De : Bryan Roe notifications@github.com Envoyé : lundi 28 septembre 2020 19:53 À : Ylianst/MeshCentral Cc: Damien Brochard; Author Objet : Re: [Ylianst/MeshCentral] FreeBSD agent (#1827)

Ok, for starters, you don't need to do: ln -s /usr/local/etc/rc.d/meshagent /usr/local/etc/rc.d/meshagent.sh

For OPNSense, all you need to do is: echo 'meshagent_enable="YES"' > /etc/rc.conf.local

What is strange, is that is only supposed to be necessary if you want to override the default, but the default for the meshagent should be to autostart. It looks like the vanilla FreeBSD OS will honor the default, but OPNSense does not. I will modify the installer, so that it will always create the entry in rc.conf.local I just need to do some extra work, so that when you uninstall the service, it removes the entry from rc.conf.local as well...

— You are receiving this because you authored the thread. Reply to this email directly, view it on GitHubhttps://github.com/Ylianst/MeshCentral/issues/1827#issuecomment-700187960, or unsubscribehttps://github.com/notifications/unsubscribe-auth/ACOQQJRW5NF6UAZ55DPGFUDSIDEQ7ANCNFSM4RQISVGQ.

[krayon007]

For what i've read, pfsense override the /etc/rc.conf so you can't use it (or you have ro go threw the pfsense xml config file) And i've tried without adding .sh to meshagent startum script but it won't work. D.

Interesting... I only have OPNSense, not pfSense... If you don't add sh, does the service itself still work? ie:, can you do: service meshagent start

[krayon007]

Ok, I was reading the pfSense forums, and it looks like pfSense has heavily modified how services work, compared to the freeBSD base... I am downloading a pfSense iso, so I can built a pfSense test setup to make sure any changes I make work on pfSense, OPNSense, and FreeBSD. Otherwise, I'll have to detect pfSense, and make pfSense specific tweaks...

[Tomatoschewps]

Interesting... I only have OPNSense, not pfSense... If you don't add sh, does the service itself still work? ie:, can you do: service meshagent start

yes it works. It's just not starting automaticaly.

If I rename with .sh I have to use service meshagent.sh start|stop

Thanks for your time !

[krayon007]

OK, I updated the installer/uninstaller so it detects pfSense and OPNsense, and writes the service files so that they should work on reboots. It will also correctly cleanup the additions when uninstalled. It should be included in the next agent update.

I basically made it so that on pfSense and OPNsense, it will write /etc/rc.conf.local, and remove the entry on uninstalls. Additionally, on pfSense, it will create a /usr/local/etc/rc.d/meshagent.sh in addition to /usr/local/etc/rc.d/meshagent Likewise, it will clean up correctly on uninstall.

[Tomatoschewps]

Hi, Ok, great ! And if you make specials modification for pfsense, can you also add procfs to fstab ? 😅

[krayon007]

Hi, Ok, great ! And if you make specials modification for pfsense, can you also add procfs to fstab ? 😅

I thought about that, but it's not very easy to do because the installer is actually JS running on top of the agent binary, but the binary won't run if procfs isn't mounted. Altho I did modify the binary so that it will display a message showing that procfs is not mounted, and show instructions for mounting it, if it's not mounted.

[Tomatoschewps]

OK, I understand :) We will make our own installation procedure.

Thanks again