Index of /tms/unofficial/freebsd_aarch64/
This is a build of TMS 8.2.2 for FreeBSD 13 aarch64. It was built for use on
OPNsense running on a Rock Pi E, and requires various FreeBSD packages (see
procedure below).
You will have to create /usr/local/share/tms yourself (should be world
writeable, i.e. 0777). There doesn't seem to be any generic way to start a
terminal emulator in FreeBSD, so you'll have to create an x-terminal-emulator
symlink to get the SSH feature to work.
Because the Rock Pi E has no graphics capability, we devised the following
procedure for setting up a VNC service that runs TMS.
Note that the account that you create *must* be a member of the "wheel" group,
because otherwise Xvnc won't start for complicated reasons to do with the
security.bsd.hardlink_check_gid sysctl (a security feature that prevents
unprivileged users from creating hard links under certain circumstances), which
took me ages to figure out.
OPNsense web scripting pwns /etc/passwd and will clobber attempts to create a
user using adduser, so you have to add a user via the web UI
(System->Access->Users) instead.
I chose to use Xvnc, blackbox and rxvt because they had the simplest
dependencies. You could theoretically install nicer things such as xrdp and
xf4wm, but that would be nightmarishly complicated. Note that xterm won't work
because there is no libncurses.so.8 library or any way to get one (that mistake
has nothing to do with me!), but rxvt (second option in blackbox's right-click
context menu) will work, which is why my procedure has you install that instead.
---
After the first run wizard, set these options via the web UI
(System->Settings->Administration):
Enable Secure Shell
Permit root user login
Permit password login
Then add a user via System->Access->Users and add it to the admin group (as
this was a retroactive fix to this procedure, I don't have detailed
information, sorry). Steps below assume that the account is named "john".
Reboot the appliance (for some reason the network is semi-broken until after
the first reboot). Scp TMServer.gz, vncserver.gz, graphite2-1.3.14.txz,
harfbuzz-2.6.8.txz, libffi321-3.2.1.txz and tigervnc_bits.tar.gz to
root@192.168.1.1: (or whatever). Then ssh to root@192.168.1.1 (or whatever)
and do the following:
pkg update
pkg install -y freetype2
pkg add graphite2-1.3.14.txz harfbuzz-2.6.8.txz libffi321-3.2.1.txz
pkg install -y qt5-widgets unzip blackbox rxvt xauth xkbcomp gnutls pixman \
libXfont
gunzip TMServer.gz vncserver.gz
mv TMServer /usr/local/bin
mv vncserver /usr/local/etc/rc.d/vncserver
chmod 755 /usr/local/bin/TMServer /usr/local/etc/rc.d/vncserver
tar -C /usr/local/bin -xzf tigervnc_bits.tar.gz
mkdir -m 777 /usr/local/share/tms
su - john
vncpasswd
Password:
Verify:
Would you like to enter a view-only password (y/n)? n
cat >> ~/.vnc/xstartup << EOF
/usr/local/bin/TMServer &
/usr/local/bin/blackbox
EOF
chmod 755 ~/.vnc/xstartup
exit
service vncserver enable
service vncserver start
You should then be able to connect to the OPNsense server using a VNC client
(uses the standard port, 5900, so you can omit the port/display number). Out
of the box there is no firewall on the LAN interface(!), so no firewall
alterations are needed.