Category: System Administration

These are my notes, tips and howtos about system administration of information technology. If you have any feedback, feel free to contact me.

FreeBSD, System Administration

Tracker3 Core Dumps on FreeBSD with GNOME

Tracker3 core dumps on FreeBSD with GNOME.

If you have a FreeBSD desktop computer with the GNOME desktop environment, or similar open source desktop computer, you might have noticed random Tracker3 core dumps on the file system.

$ find . -name '*.core'
./bin/tracker3.core
./projects/tracker3.core

You might also have noticed messages about Tracker3 error, exit and core dumps in system logs.

$ dmesg
pid 2416 (tracker3), jid 0, uid 1001: exited on signal 10 (no core dump - other error)
pid 2451 (tracker3), jid 0, uid 1001: exited on signal 10 (no core dump - other error)
pid 2848 (tracker3), jid 0, uid 1001: exited on signal 10 (core dumped)

What is Tracker3?

A first approach to learning, what Tracker3 is, would be to open its manual page. Unfortunately, as often seen with utilities like this, they do not include a manual by default.

$ man tracker3
No manual entry for "tracker3"

A search for “tracker3 official website” on search engines does not give a clean answer. The utility seems to not have a website nor a coding home listed on search engines. Again, a sign of poor coding and project management skills.

Thanks to Freshports, more about the utility can be learned. Here, it is described as a system utility, that index and harvest meta data for GNOME utilities, such as the file management utility Nautilus. A rather useless feature, in my oppinion. Its undocumented operation is a privacy concern. It might even scan files across datasets and partitions, which could be privacy concern.

Tracker is a powerful desktop-neutral first class object database, tag/metadata
database, search tool and indexer.

Tracker is also extremely fast and super efficient with your systems memory when
compared with some other competing frameworks and is by far the fastest and most
memory efficient Nautilus search and Deskbar backends currently availble.

It consists of a common object database that allows entities to have an almost
infinte number of properties, metadata (both embedded/harvested as well as user
definable), a comprehensive database of keywords/tags and links to other
entities.

Freshports does have a reference to a page, which seems to be about Tracker3 by GNOME, but aligned with their poor views on privacy and security, the site either does not work or blocks privacy VPNs.

<Code>AccessDenied</Code>

It does not come with a manual by default. However, according to FreeBSD Manual Pages, there are no known manual for it. I even tried compiling it with option for installing its manual pages. It was not installed.

===> The following configuration options are available for tracker3-3.5.3_3:
DOCS=on: Build and/or install documentation
MAN=off: Install manual pages

It is a dependency of Nautilus, which does not have an option for disabling this.

Removing Tracker3 from GNOME and FreeBSD.

If a system utility, that index and harvest the file system for filenames and metadata in the background, is not needed or unwanted, it might be a logic approach, that Tracker3 is removed with the package manager. However, as seen in the output, it does not seem, that GNOME wanted that to be an option.

# pkg remove tracker3
Checking integrity... done (0 conflicting)
Deinstallation has been requested for the following 7 packages (of 0 packages in the universe):
Installed packages to be REMOVED:
evince: 43.1_11
gnome-lite: 42_5
gnome-terminal: 3.44.2_3
gnome-tweaks: 40.10_4
nautilus: 42.2_3
sushi: 42.0_5
tracker3: 3.5.3_3
Number of packages to be removed: 7
The operation will free 38 MiB.
Proceed with deinstalling packages? [y/N]:

Tracker3 in GNOME is a privacy concern.

Tracker3 is deeply embedded in GNOME. Tracker3 comes enabled without consent from the user. It is a forced installation, that comes with no clear information, warning nor documentation. It is difficult or impossible to disable or deinstall. It scans file systems, datasets and partitions. It stores metadata from files, that has been downloaded temporary. It stores metadata for files, that has been deleted. It stores metadata in internal database and hidden files. It does not have an interface to manage data. This is not a utility, that fits well with the UNIX philosophy. Tracker3 is a privacy concern.

Disabling Search and Tracker3 in GNOME.

Tracker3 can to some degree be disabled from within GNOME by going to the Settings menu and Search and then disabling Application Search. This also seems to reduce the amount of core dumps. However, I have been able to find any documentation about this.

Switching from GNOME to XFCE.

Switching desktop environment from GNOME to XFCE, or similar more simple, resource friendly and privacy focused desktop environment, could be a better over-all solution. The switch to XFCE should be fairly straight forward, because it is also based on X. Unfortunately, there is no guarantee, that XFCE will not implement the same or similar kind of file system metadata scanner at some point. A reason is, that some users and project contributors believe, that a desktop search feature is more important than privacy and security.

References.

FreeBSD, System Administration

Converting Line Breaks To Paragraph

Some text files has line breaks, that might look good on fixed width screens, but can not be used as paragraph in other editing software. The is cause by line breaks.

$ cat input.txt 
The computer was a powerful WOPR machine for game simulation.
You can play a nice game of chess or an exciting war game.

This one-liner will replace line breaks with space and then remove any double spaces. It will also make sure, that the file ends with a new line, so it meets the POSIX standard definition of a text file.

$ (tr '\n' ' ' < input.txt | sed 's/  */ /g'; echo) > output.txt

The result is one clean paragraph, that will scale to any screen width or be used in other editing software.

$ cat output.txt 
The computer was a powerful WOPR machine for game simulation. You can play a nice game of chess or an exciting war game.
FreeBSD, System Administration

Reducing or disabling swap on FreeBSD

Is it possible to reduce or disable swap memory on FreeBSD? In this example, 32 GB swap is enabled by using 16 GB on each of 2 SSDs. I would prefer this to be closer to 8 GB by using 4 GB on each of 2 SSDs.

Information about current swap devices.

Get information about currently active swap devices and sizes.

# swapinfo -h
Device              Size     Used    Avail Capacity
/dev/nda0p3          16G       0B      16G     0%
/dev/nda1p3          16G       0B      16G     0%
Total                32G       0B      32G     0%

Get information about partitions on disks and GEOM providers. Each device and partition has a unique identifier, that can be used to make changes.

# gpart show
=>        40  4000797280  nda0  GPT  (1.9T)
          40      532480     1  efi  (260M)
      532520        1024     2  freebsd-boot  (512K)
      533544         984        - free -  (492K)
      534528    33554432     3  freebsd-swap  (16G)
    34088960  3966707712     4  freebsd-zfs  (1.8T)
  4000796672         648        - free -  (324K)
=>        40  3907029088  nda1  GPT  (1.8T)
          40      532480     1  efi  (260M)
      532520        1024     2  freebsd-boot  (512K)
      533544         984        - free -  (492K)
      534528    33554432     3  freebsd-swap  (16G)
    34088960  3872940032     4  freebsd-zfs  (1.8T)
  3907028992         136        - free -  (68K)

The devices can be listed. This also shows the naming convention for the partitions.

# gpart status
nda0p1      OK  nda0
nda0p2      OK  nda0
nda0p3      OK  nda0
nda0p4      OK  nda0
nda1p1      OK  nda1
nda1p2      OK  nda1
nda1p3      OK  nda1
nda1p4      OK  nda1

Disabling swap on FreeBSD.

Move swapped pages out from swap devices and disable them.

# swapoff -a
swapoff: removing /dev/nda0p3 as swap device
swapoff: removing /dev/nda1p3 as swap device

If you want to re-enable swap, it is as easy as reverting that.

# swapon -a
swapon: adding /dev/nda0p3 as swap device
swapon: adding /dev/nda1p3 as swap device

Reducing swap partitions?

Is it possible to reduce the swap partition on each SSD and then have ZFS use the free space? Is it possible to split the partitions?

Deleting swap partitions?

Delete or comment out the swap partitions from the static information about file systems. This ensures, that they do not get re-mounted during boot.

# nano /etc/fstab
# Device                Mountpoint      FStype  Options         Dump    Pass#
/dev/gpt/efiboot0       /boot/efi       msdosfs rw              2       2
#/dev/nda0p3            none            swap    sw              0       0
#/dev/nda1p3            none            swap    sw              0       0
proc                    /proc           procfs  rw              0       0

Is it possible to delete the swap partition on each SSD and then have ZFS use the free space? The handbook does mention growing partitions, but it is not clear, if ZFS can in fact grow directly or it will be necessary to re-create partitions, format, import and encrypt.

Links

FreeBSD, System Administration

Configuring Bourne shell on FreeBSD

What is a Bourne shell?

The Bourne shell, also often referred to as /bin/sh or just sh, has been a default shell for users on FreeBSD for many major versions, while C shell was the default shell for root. From FreeBSD 14, the default shell for root is the Bourne shell.

Changing to Bourne shell on FreeBSD.

The shell for a user in FreeBSD can be changed with the chsh utility.

Configuring the Bourne shell in FreeBSD.

The Bourne shell in FreeBSD is configured by editing the global configuration file /etc/profile and/or the local user configuration file .shrc. These files contains commands, that will be executed, when the shell is started, such as when the user logs into the system.

In this example, the global configuration sets the blocksize for default file operations, ccache settings, the default editor, he default pager and a prompt. The prompt shows a “$” for a normal user and a “#” for root.

# nano /etc/profile
BLOCKSIZE=K
CCACHE=1
CCACHE_DIR=/var/cache/ccache
EDITOR=/usr/local/bin/nano
PAGER=less
VISUAL=$EDITOR
if [ "$(id -u)" -eq 0 ]; then
  PS1='# '
else
  PS1='$ '
fi
export BLOCKSIZE CCACHE CCACHE_DIR EDITOR PAGER PS1 VISUAL

If the user would like to add or change custom settings, then this can be set in the local user configuration file. If this is not relavant, the file should be deleted, because it does contain settings, that could interfere with the global settings.

$ rm .shrc
# rm .shrc

Testing.

The Bourne shell can now be tested. In this example, a user log in and switch to root.

$ whoami
jennifer
$ su -
Password: Pencil
# whoami
root
# echo $EDITOR
/usr/local/bin/nano

The different kinds of shells.

There are different kinds of shells, such as login shells and sub-shells. The sub-shells are also known as non-login shells. The difference is, that a login shell reads global configuration files, while sub-shells just inherits the settings from the original shell. In this example, the first shell will be a login-shell, while the second will be a sub-shell.

FreeBSD/amd64 (wopr) (ttyv0)

Login: stephen
Password: Pencil
 __      __________ ____________________ 
/  \    /  \_____  \\______   \______   \
\   \/\/   //   |   \|     ___/|       _/
 \        //    |    \    |    |    |   \
  \__/\  / \_______  /____|    |____|_  /
       \/          \/                 \/ 
Greetings, professor Falken. How about a nice game of chess?
$ sh
$ su stephen
$ logout
$ logout

More about shells.

FreeBSD, System Administration

DOAS for FreeBSD

What is DOAS?

doas is a utility, that can permit users to execute commands as root or as another user. Groups as well as users can be permitted to do.

Installing DOAS on FreeBSD.

# pkg install doas

The manual for doas is nice and simple.

# man doas.conf

Configuring DOAS.

In this example, I will configure doas to permit members of the wheel group to use the FreeBSD service command script, that can start and stop services, such as an nginx web server, without a password. This is a safe and trivial command to disable password requirement for.

# nano /usr/local/etc/doas.conf
permit nopass :wheel as root cmd service

If I wanted to limit, which arguments, that can be passed to the command, I could specifiy this with the args feature.

# nano /usr/local/etc/doas.conf
permit nopass :wheel as root cmd service args nginx onestart

Testing.

$ doas service nginx onestart
nginx: the configuration file /usr/local/etc/nginx/nginx.conf syntax is ok
nginx: configuration file /usr/local/etc/nginx/nginx.conf test is successful
Starting nginx

Be aware, that doas requires, that the command is matched exactly. The following definition will not work.

# nano /usr/local/etc/doas.conf
permit nopass :wheel as root cmd /usr/sbin/service args nginx onestart
$ doas service nginx onestart
doas: Operation not permitted
FreeBSD, System Administration

SUDO for FreeBSD

Do not use sudo for FreeBSD. I tested sudo for FreeBSD and despite, that it is widely used in online procedures and documentation, I had to conclude, that it is somewhat poorly documented and simply does not work properly for FreeBSD.

# visudo
david ALL=(ALL) NOPASSWD: /usr/sbin/service nginx onestart

One thing, in particular, that did not work, was the ability for a member of the wheel group to execute a trivial safe command as root without the requirement for a password. sudo kept asking for password.

$ id
$ sudo service nginx onestart
Password:
sudo: a password is required

I recommend deinstalling sudo and instead using security/doas. This is also recommended on the FreeBSD Forums.

# rm /usr/local/etc/sudo.conf
# rm /usr/local/etc/sudoers
# pkg remove sudo

References

System Administration

Renaming, resizing and reducing screenshots from Android

The raw screenshot images from an Android phone usually come in with a filename in the following naming format, is fairly compressed and contain metadata about the phone itself.

$ du -sh -- *
309K	Screenshot_20250108_144158_Thunderbird.jpg
373K	Screenshot_20250108_144212_Thunderbird.jpg
185K	Screenshot_20250108_144506_Thunderbird.jpg

Renaming screenshots from Android.

I prefer to rename them, so they begin with ISO date and time and use system friendly characters.

$ for file in Screenshot_*; do mv "$file" "$(echo "$file" | sed -E 's/Screenshot_([0-9]{4})([0-9]{2})([0-9]{2})_([0-9]{2})([0-9]{2})([0-9]{2}).*/\1-\2-\3-\4-\5-\6-screenshot.jpg/')"; done
$ du -sh -- *
309K	2025-01-08-14-41-58-screenshot.jpg
373K	2025-01-08-14-42-12-screenshot.jpg
185K	2025-01-08-14-45-06-screenshot.jpg

Resizing screenshots from Android with ImageMagick.

The default size is the size of the display, which is usually fine, but they can be optionally resized with ImageMagick to save space. The change in size and quality has no significant impact on the screenshot image quality, while the reduction in file size is huge as it schrinks to about 15% of the original size.

$ magick mogrify -resize 900x900 -quality 75 *-screenshot.jpg
$ du -sh -- *
 33K	2025-01-08-14-41-58-screenshot.jpg
 45K	2025-01-08-14-42-12-screenshot.jpg
 25K	2025-01-08-14-45-06-screenshot.jpg

Reducing screenshots from Android with JPEGOPTIM.

The filesize can be lossless optimized even further, and metadata removed for added privacy, with JPEGOPTIM. 

$ jpegoptim --strip-all --all-progressive *-screenshot.jpg
$ du -sh -- *
 33K	2025-01-08-14-41-58-screenshot.jpg
 41K	2025-01-08-14-42-12-screenshot.jpg
 25K	2025-01-08-14-45-06-screenshot.jpg

Final screenshot images.

The original screenshots have now been renamed, resized and reduced, so they use a minimum of storage space and no longer contains metadata for added privacy. The proces has overwritten the original ones, so the storage space has been freed. The screenshots are ready for archiving and publishing on Internet.

System Administration

Thunderbird for Android

I wanted to test a privacy aware IMAP mail client for Android and a bit of research lead to Thunderbird for Android.

Requirements for a mobile mail client.

An IMAP mail client for Android and mobile phone users must be simple to configure and use.

  1. It should be written by a trusted developer.
  2. It should have a simple configuration in which you can enter the name of the incoming mail server, outgoing mail server, your user name and your password.
  3. It must support a simple way to use SSL/TLS and STARTTLS.
  4. It should have support for installing the mail server encryption certificate.
  5. It should have a simple display of the account and its mail folders, such as the inbox and other folders, you might have. It should not use virtual folders nor re-arrange things away from how they really are stored on the mail server.
  6. It should support correct use of special folders, such as draft, archive and trash.
  7. It should support a preference for dark theme.

Installing Thunderbird for Android.

The download was only 7 MB. The intro stated, that I could import settings from the desktop computer client, but the instructions was incorrect. There are no export to mobile feature nor any QR code. I configured an account manually.

  1. Release by Mozilla Foundation. Highly trusted for open source and privacy.
  2. The entering of account information was straight forward correct and worked in first attempt.
  3. SSL and STARTTLS was supported.
  4. The install of encryption certificate was not an option, but I could “accept the risc” and it accepted the server certificate. This happens, when mail servers has an encryption certificate, that is signed by a certificate authority, that is not known by the Android phone.
  5. The display of email was correct and directly as they are stored in the server mail folders.
  6. The special folders was correctly supported and setup in first run.
  7. The dark theme was on by default, which should be following the system preference.

Using Thunderbird for Android.

Reading email was as simple as opening Thunderbird for Android and tapping the email from the inbox folder. The content was quickly displayed in a simple and readable format.

Sending email worked in first attempt. The sender name, email address and content format was perfect.

Conclusion.

Thunderbird for Android proved to be far beyond my expectations. It fully meet my requirements.

FreeBSD, System Administration

Setting Default Audio Output on FreeBSD

% cat /dev/sndstat
Installed devices:
pcm0: <Realtek ALC897 (Rear Analog)> (play/rec) default
pcm1: <Realtek ALC897 (Front Analog)> (play/rec)
pcm2: <Realtek ALC897 (Internal Digital)> (play)
pcm3: <Intel (0x2818) (HDMI/DP 8ch)> (play)
No devices installed from userspace.

Set the preferred default audio output.

% sysctl hw.snd.default_unit=1
hw.snd.default_unit: 0 -> 1

It can be made persistant across reboots.

# echo "hw.snd.default_unit=1" >> /etc/sysctl.conf
FreeBSD, System Administration

Direct Rendering Manager (DRM) kernel module for Intel and AMD chips on FreeBSD.

The Direct Rendering Manager (DRM) kernel module for Intel or AMD chips for FreeBSD is a subsystem of the Linux kernel. DRM is responsible for interfacing with GPUs on modern video cards. It is graphics drivers for Intel and AMD video cards and are used for console and graphics.

Install the DRM metaport. This will automatically detect the correct version of the DRM kernel module and install the GPU firmware.

# pkg install drm-kmod

The kernel module should be loaded at boot time.

# sysrc kld_list="i915kms"

The user must be a member of the video group.

# pw groupmod video -m foo

Issue: Blank screen after boot with DRM 6.1 for Intel on FreeBSD 14.2.

When FreeBSD boots and kernel modules are loaded, the HDMI screen goes blank, when DRM is loaded. There is no longer an active console. The system does accept SSH and does provide a virtual shell.

I installed the DRM kernel module from the latest binary repository branch on FreeBSD 14.2 on a computer with Intel Raptor Lake UHD Graphics 770.

# pciconf -lv | grep -B3 display
vgapci0@pci0:0:2:0:	class=0x030000 rev=0x04 hdr=0x00 vendor=0x8086 device=0xa780 subvendor=0x1043 subdevice=0x8882
    vendor     = 'Intel Corporation'
    device     = 'Raptor Lake-S GT1 [UHD Graphics 770]'
    class      = display
# pkg install drm-kmod
Updating FreeBSD repository catalogue...
FreeBSD repository is up to date.
All repositories are up to date.
The following 130 package(s) will be affected (of 0 checked):
New packages to be INSTALLED:
	drm-61-kmod: 6.1.92.1401000_3
	drm-kmod: 20220907_3
	gpu-firmware-amd-kmod-aldebaran: 20230625.1401000_2
	gpu-firmware-amd-kmod-arcturus: 20230625.1401000_2
	gpu-firmware-amd-kmod-banks: 20230625.1401000_2
	gpu-firmware-amd-kmod-beige-goby: 20230625.1401000_2
	gpu-firmware-amd-kmod-bonaire: 20230625.1401000_2
	gpu-firmware-amd-kmod-carrizo: 20230625.1401000_2
	gpu-firmware-amd-kmod-cyan-skillfish2: 20230625.1401000_2
	gpu-firmware-amd-kmod-dcn-3-1-4: 20230625.1401000_2
	gpu-firmware-amd-kmod-dcn-3-1-5: 20230625.1401000_2
	gpu-firmware-amd-kmod-dcn-3-1-6: 20230625.1401000_2
	gpu-firmware-amd-kmod-dcn-3-2-0: 20230625.1401000_2
	gpu-firmware-amd-kmod-dcn-3-2-1: 20230625.1401000_2
	gpu-firmware-amd-kmod-dimgrey-cavefish: 20230625.1401000_2
	gpu-firmware-amd-kmod-fiji: 20230625.1401000_2
	gpu-firmware-amd-kmod-gc-10-3-6: 20230625.1401000_2
	gpu-firmware-amd-kmod-gc-10-3-7: 20230625.1401000_2
	gpu-firmware-amd-kmod-gc-11-0-0: 20230625.1401000_2
	gpu-firmware-amd-kmod-gc-11-0-1: 20230625.1401000_2
	gpu-firmware-amd-kmod-gc-11-0-2: 20230625.1401000_2
	gpu-firmware-amd-kmod-gc-11-0-3: 20230625.1401000_2
	gpu-firmware-amd-kmod-gc-11-0-4: 20230625.1401000_2
	gpu-firmware-amd-kmod-green-sardine: 20230625.1401000_2
	gpu-firmware-amd-kmod-hainan: 20230625.1401000_2
	gpu-firmware-amd-kmod-hawaii: 20230625.1401000_2
	gpu-firmware-amd-kmod-kabini: 20230625.1401000_2
	gpu-firmware-amd-kmod-kaveri: 20230625.1401000_2
	gpu-firmware-amd-kmod-mullins: 20230625.1401000_2
	gpu-firmware-amd-kmod-navi10: 20230625.1401000_2
	gpu-firmware-amd-kmod-navi12: 20230625.1401000_2
	gpu-firmware-amd-kmod-navi14: 20230625.1401000_2
	gpu-firmware-amd-kmod-navy-flounder: 20230625.1401000_2
	gpu-firmware-amd-kmod-oland: 20230625.1401000_2
	gpu-firmware-amd-kmod-picasso: 20230625.1401000_2
	gpu-firmware-amd-kmod-pitcairn: 20230625.1401000_2
	gpu-firmware-amd-kmod-polaris10: 20230625.1401000_2
	gpu-firmware-amd-kmod-polaris11: 20230625.1401000_2
	gpu-firmware-amd-kmod-polaris12: 20230625.1401000_2
	gpu-firmware-amd-kmod-psp-13-0-0: 20230625.1401000_2
	gpu-firmware-amd-kmod-psp-13-0-10: 20230625.1401000_2
	gpu-firmware-amd-kmod-psp-13-0-11: 20230625.1401000_2
	gpu-firmware-amd-kmod-psp-13-0-4: 20230625.1401000_2
	gpu-firmware-amd-kmod-psp-13-0-5: 20230625.1401000_2
	gpu-firmware-amd-kmod-psp-13-0-7: 20230625.1401000_2
	gpu-firmware-amd-kmod-psp-13-0-8: 20230625.1401000_2
	gpu-firmware-amd-kmod-raven: 20230625.1401000_2
	gpu-firmware-amd-kmod-raven2: 20230625.1401000_2
	gpu-firmware-amd-kmod-renoir: 20230625.1401000_2
	gpu-firmware-amd-kmod-sdma-5-2-6: 20230625.1401000_2
	gpu-firmware-amd-kmod-sdma-5-2-7: 20230625.1401000_2
	gpu-firmware-amd-kmod-sdma-6-0-0: 20230625.1401000_2
	gpu-firmware-amd-kmod-sdma-6-0-1: 20230625.1401000_2
	gpu-firmware-amd-kmod-sdma-6-0-2: 20230625.1401000_2
	gpu-firmware-amd-kmod-sdma-6-0-3: 20230625.1401000_2
	gpu-firmware-amd-kmod-si58: 20230625.1401000_2
	gpu-firmware-amd-kmod-sienna-cichlid: 20230625.1401000_2
	gpu-firmware-amd-kmod-smu-13-0-0: 20230625.1401000_2
	gpu-firmware-amd-kmod-smu-13-0-10: 20230625.1401000_2
	gpu-firmware-amd-kmod-smu-13-0-7: 20230625.1401000_2
	gpu-firmware-amd-kmod-stoney: 20230625.1401000_2
	gpu-firmware-amd-kmod-tahiti: 20230625.1401000_2
	gpu-firmware-amd-kmod-tonga: 20230625.1401000_2
	gpu-firmware-amd-kmod-topaz: 20230625.1401000_2
	gpu-firmware-amd-kmod-vangogh: 20230625.1401000_2
	gpu-firmware-amd-kmod-vcn-3-1-2: 20230625.1401000_2
	gpu-firmware-amd-kmod-vcn-4-0-0: 20230625.1401000_2
	gpu-firmware-amd-kmod-vcn-4-0-2: 20230625.1401000_2
	gpu-firmware-amd-kmod-vcn-4-0-4: 20230625.1401000_2
	gpu-firmware-amd-kmod-vega10: 20230625.1401000_2
	gpu-firmware-amd-kmod-vega12: 20230625.1401000_2
	gpu-firmware-amd-kmod-vega20: 20230625.1401000_2
	gpu-firmware-amd-kmod-vegam: 20230625.1401000_2
	gpu-firmware-amd-kmod-verde: 20230625.1401000_2
	gpu-firmware-amd-kmod-yellow-carp: 20230625.1401000_2
	gpu-firmware-intel-kmod-alderlake: 20230625.1401000
	gpu-firmware-intel-kmod-broxton: 20230625.1401000
	gpu-firmware-intel-kmod-cannonlake: 20230625.1401000
	gpu-firmware-intel-kmod-dg1: 20230625.1401000
	gpu-firmware-intel-kmod-dg2: 20230625.1401000
	gpu-firmware-intel-kmod-elkhartlake: 20230625.1401000
	gpu-firmware-intel-kmod-geminilake: 20230625.1401000
	gpu-firmware-intel-kmod-icelake: 20230625.1401000
	gpu-firmware-intel-kmod-kabylake: 20230625.1401000
	gpu-firmware-intel-kmod-rocketlake: 20230625.1401000
	gpu-firmware-intel-kmod-skylake: 20230625.1401000
	gpu-firmware-intel-kmod-tigerlake: 20230625.1401000
	gpu-firmware-kmod: 20241114,1
	gpu-firmware-radeon-kmod-aruba: 20220511.1401000
	gpu-firmware-radeon-kmod-barts: 20220511.1401000
	gpu-firmware-radeon-kmod-bonaire: 20220511.1401000
	gpu-firmware-radeon-kmod-btc: 20220511.1401000
	gpu-firmware-radeon-kmod-caicos: 20220511.1401000
	gpu-firmware-radeon-kmod-cayman: 20220511.1401000
	gpu-firmware-radeon-kmod-cedar: 20220511.1401000
	gpu-firmware-radeon-kmod-cypress: 20220511.1401000
	gpu-firmware-radeon-kmod-hainan: 20220511.1401000
	gpu-firmware-radeon-kmod-hawaii: 20220511.1401000
	gpu-firmware-radeon-kmod-juniper: 20220511.1401000
	gpu-firmware-radeon-kmod-kabini: 20220511.1401000
	gpu-firmware-radeon-kmod-kaveri: 20220511.1401000
	gpu-firmware-radeon-kmod-mullins: 20220511.1401000
	gpu-firmware-radeon-kmod-oland: 20220511.1401000
	gpu-firmware-radeon-kmod-palm: 20220511.1401000
	gpu-firmware-radeon-kmod-pitcairn: 20220511.1401000
	gpu-firmware-radeon-kmod-r100: 20220511.1401000
	gpu-firmware-radeon-kmod-r200: 20220511.1401000
	gpu-firmware-radeon-kmod-r300: 20220511.1401000
	gpu-firmware-radeon-kmod-r420: 20220511.1401000
	gpu-firmware-radeon-kmod-r520: 20220511.1401000
	gpu-firmware-radeon-kmod-r600: 20220511.1401000
	gpu-firmware-radeon-kmod-r700: 20220511.1401000
	gpu-firmware-radeon-kmod-redwood: 20220511.1401000
	gpu-firmware-radeon-kmod-rs600: 20220511.1401000
	gpu-firmware-radeon-kmod-rs690: 20220511.1401000
	gpu-firmware-radeon-kmod-rs780: 20220511.1401000
	gpu-firmware-radeon-kmod-rv610: 20220511.1401000
	gpu-firmware-radeon-kmod-rv620: 20220511.1401000
	gpu-firmware-radeon-kmod-rv630: 20220511.1401000
	gpu-firmware-radeon-kmod-rv635: 20220511.1401000
	gpu-firmware-radeon-kmod-rv670: 20220511.1401000
	gpu-firmware-radeon-kmod-rv710: 20220511.1401000
	gpu-firmware-radeon-kmod-rv730: 20220511.1401000
	gpu-firmware-radeon-kmod-rv740: 20220511.1401000
	gpu-firmware-radeon-kmod-rv770: 20220511.1401000
	gpu-firmware-radeon-kmod-sumo: 20220511.1401000
	gpu-firmware-radeon-kmod-sumo2: 20220511.1401000
	gpu-firmware-radeon-kmod-tahiti: 20220511.1401000
	gpu-firmware-radeon-kmod-turks: 20220511.1401000
	gpu-firmware-radeon-kmod-verde: 20220511.1401000
Number of packages to be installed: 130
The process will require 123 MiB more space.
31 MiB to be downloaded.
Proceed with this action? [y/N]: y
Message from drm-61-kmod-6.1.92.1401000_3:
The drm-61-kmod port can be enabled for amdgpu (for AMD
GPUs starting with the HD7000 series / Tahiti) or i915kms (for Intel
APUs starting with HD3000 / Sandy Bridge) through kld_list in
/etc/rc.conf. radeonkms for older AMD GPUs can be loaded and there are
some positive reports if EFI boot is NOT enabled.
For amdgpu: kld_list="amdgpu"
For Intel: kld_list="i915kms"
For radeonkms: kld_list="radeonkms"
Please ensure that all users requiring graphics are members of the
"video" group.
Please note that this package was built for FreeBSD 14.1.
If this is not your current running version, please rebuild
it from ports to prevent panics when loading the module.
# pkg version | grep kmod
drm-61-kmod-6.1.92.1401000_3       =
drm-kmod-20220907_3                =
gpu-firmware-amd-kmod-aldebaran-20230625.1401000_2 =
gpu-firmware-amd-kmod-arcturus-20230625.1401000_2 =
gpu-firmware-amd-kmod-banks-20230625.1401000_2 =
gpu-firmware-amd-kmod-beige-goby-20230625.1401000_2 =
gpu-firmware-amd-kmod-bonaire-20230625.1401000_2 =
gpu-firmware-amd-kmod-carrizo-20230625.1401000_2 =
gpu-firmware-amd-kmod-cyan-skillfish2-20230625.1401000_2 =
gpu-firmware-amd-kmod-dcn-3-1-4-20230625.1401000_2 =
gpu-firmware-amd-kmod-dcn-3-1-5-20230625.1401000_2 =
gpu-firmware-amd-kmod-dcn-3-1-6-20230625.1401000_2 =
gpu-firmware-amd-kmod-dcn-3-2-0-20230625.1401000_2 =
gpu-firmware-amd-kmod-dcn-3-2-1-20230625.1401000_2 =
gpu-firmware-amd-kmod-dimgrey-cavefish-20230625.1401000_2 =
gpu-firmware-amd-kmod-fiji-20230625.1401000_2 =
gpu-firmware-amd-kmod-gc-10-3-6-20230625.1401000_2 =
gpu-firmware-amd-kmod-gc-10-3-7-20230625.1401000_2 =
gpu-firmware-amd-kmod-gc-11-0-0-20230625.1401000_2 =
gpu-firmware-amd-kmod-gc-11-0-1-20230625.1401000_2 =
gpu-firmware-amd-kmod-gc-11-0-2-20230625.1401000_2 =
gpu-firmware-amd-kmod-gc-11-0-3-20230625.1401000_2 =
gpu-firmware-amd-kmod-gc-11-0-4-20230625.1401000_2 =
gpu-firmware-amd-kmod-green-sardine-20230625.1401000_2 =
gpu-firmware-amd-kmod-hainan-20230625.1401000_2 =
gpu-firmware-amd-kmod-hawaii-20230625.1401000_2 =
gpu-firmware-amd-kmod-kabini-20230625.1401000_2 =
gpu-firmware-amd-kmod-kaveri-20230625.1401000_2 =
gpu-firmware-amd-kmod-mullins-20230625.1401000_2 =
gpu-firmware-amd-kmod-navi10-20230625.1401000_2 =
gpu-firmware-amd-kmod-navi12-20230625.1401000_2 =
gpu-firmware-amd-kmod-navi14-20230625.1401000_2 =
gpu-firmware-amd-kmod-navy-flounder-20230625.1401000_2 =
gpu-firmware-amd-kmod-oland-20230625.1401000_2 =
gpu-firmware-amd-kmod-picasso-20230625.1401000_2 =
gpu-firmware-amd-kmod-pitcairn-20230625.1401000_2 =
gpu-firmware-amd-kmod-polaris10-20230625.1401000_2 =
gpu-firmware-amd-kmod-polaris11-20230625.1401000_2 =
gpu-firmware-amd-kmod-polaris12-20230625.1401000_2 =
gpu-firmware-amd-kmod-psp-13-0-0-20230625.1401000_2 =
gpu-firmware-amd-kmod-psp-13-0-10-20230625.1401000_2 =
gpu-firmware-amd-kmod-psp-13-0-11-20230625.1401000_2 =
gpu-firmware-amd-kmod-psp-13-0-4-20230625.1401000_2 =
gpu-firmware-amd-kmod-psp-13-0-5-20230625.1401000_2 =
gpu-firmware-amd-kmod-psp-13-0-7-20230625.1401000_2 =
gpu-firmware-amd-kmod-psp-13-0-8-20230625.1401000_2 =
gpu-firmware-amd-kmod-raven-20230625.1401000_2 =
gpu-firmware-amd-kmod-raven2-20230625.1401000_2 =
gpu-firmware-amd-kmod-renoir-20230625.1401000_2 =
gpu-firmware-amd-kmod-sdma-5-2-6-20230625.1401000_2 =
gpu-firmware-amd-kmod-sdma-5-2-7-20230625.1401000_2 =
gpu-firmware-amd-kmod-sdma-6-0-0-20230625.1401000_2 =
gpu-firmware-amd-kmod-sdma-6-0-1-20230625.1401000_2 =
gpu-firmware-amd-kmod-sdma-6-0-2-20230625.1401000_2 =
gpu-firmware-amd-kmod-sdma-6-0-3-20230625.1401000_2 =
gpu-firmware-amd-kmod-si58-20230625.1401000_2 =
gpu-firmware-amd-kmod-sienna-cichlid-20230625.1401000_2 =
gpu-firmware-amd-kmod-smu-13-0-0-20230625.1401000_2 =
gpu-firmware-amd-kmod-smu-13-0-10-20230625.1401000_2 =
gpu-firmware-amd-kmod-smu-13-0-7-20230625.1401000_2 =
gpu-firmware-amd-kmod-stoney-20230625.1401000_2 =
gpu-firmware-amd-kmod-tahiti-20230625.1401000_2 =
gpu-firmware-amd-kmod-tonga-20230625.1401000_2 =
gpu-firmware-amd-kmod-topaz-20230625.1401000_2 =
gpu-firmware-amd-kmod-vangogh-20230625.1401000_2 =
gpu-firmware-amd-kmod-vcn-3-1-2-20230625.1401000_2 =
gpu-firmware-amd-kmod-vcn-4-0-0-20230625.1401000_2 =
gpu-firmware-amd-kmod-vcn-4-0-2-20230625.1401000_2 =
gpu-firmware-amd-kmod-vcn-4-0-4-20230625.1401000_2 =
gpu-firmware-amd-kmod-vega10-20230625.1401000_2 =
gpu-firmware-amd-kmod-vega12-20230625.1401000_2 =
gpu-firmware-amd-kmod-vega20-20230625.1401000_2 =
gpu-firmware-amd-kmod-vegam-20230625.1401000_2 =
gpu-firmware-amd-kmod-verde-20230625.1401000_2 =
gpu-firmware-amd-kmod-yellow-carp-20230625.1401000_2 =
gpu-firmware-intel-kmod-alderlake-20230625.1401000 =
gpu-firmware-intel-kmod-broxton-20230625.1401000 =
gpu-firmware-intel-kmod-cannonlake-20230625.1401000 =
gpu-firmware-intel-kmod-dg1-20230625.1401000 =
gpu-firmware-intel-kmod-dg2-20230625.1401000 =
gpu-firmware-intel-kmod-elkhartlake-20230625.1401000 =
gpu-firmware-intel-kmod-geminilake-20230625.1401000 =
gpu-firmware-intel-kmod-icelake-20230625.1401000 =
gpu-firmware-intel-kmod-kabylake-20230625.1401000 =
gpu-firmware-intel-kmod-rocketlake-20230625.1401000 =
gpu-firmware-intel-kmod-skylake-20230625.1401000 =
gpu-firmware-intel-kmod-tigerlake-20230625.1401000 =
gpu-firmware-kmod-20241114,1       =
gpu-firmware-radeon-kmod-aruba-20220511.1401000 =
gpu-firmware-radeon-kmod-barts-20220511.1401000 =
gpu-firmware-radeon-kmod-bonaire-20220511.1401000 =
gpu-firmware-radeon-kmod-btc-20220511.1401000 =
gpu-firmware-radeon-kmod-caicos-20220511.1401000 =
gpu-firmware-radeon-kmod-cayman-20220511.1401000 =
gpu-firmware-radeon-kmod-cedar-20220511.1401000 =
gpu-firmware-radeon-kmod-cypress-20220511.1401000 =
gpu-firmware-radeon-kmod-hainan-20220511.1401000 =
gpu-firmware-radeon-kmod-hawaii-20220511.1401000 =
gpu-firmware-radeon-kmod-juniper-20220511.1401000 =
gpu-firmware-radeon-kmod-kabini-20220511.1401000 =
gpu-firmware-radeon-kmod-kaveri-20220511.1401000 =
gpu-firmware-radeon-kmod-mullins-20220511.1401000 =
gpu-firmware-radeon-kmod-oland-20220511.1401000 =
gpu-firmware-radeon-kmod-palm-20220511.1401000 =
gpu-firmware-radeon-kmod-pitcairn-20220511.1401000 =
gpu-firmware-radeon-kmod-r100-20220511.1401000 =
gpu-firmware-radeon-kmod-r200-20220511.1401000 =
gpu-firmware-radeon-kmod-r300-20220511.1401000 =
gpu-firmware-radeon-kmod-r420-20220511.1401000 =
gpu-firmware-radeon-kmod-r520-20220511.1401000 =
gpu-firmware-radeon-kmod-r600-20220511.1401000 =
gpu-firmware-radeon-kmod-r700-20220511.1401000 =
gpu-firmware-radeon-kmod-redwood-20220511.1401000 =
gpu-firmware-radeon-kmod-rs600-20220511.1401000 =
gpu-firmware-radeon-kmod-rs690-20220511.1401000 =
gpu-firmware-radeon-kmod-rs780-20220511.1401000 =
gpu-firmware-radeon-kmod-rv610-20220511.1401000 =
gpu-firmware-radeon-kmod-rv620-20220511.1401000 =
gpu-firmware-radeon-kmod-rv630-20220511.1401000 =
gpu-firmware-radeon-kmod-rv635-20220511.1401000 =
gpu-firmware-radeon-kmod-rv670-20220511.1401000 =
gpu-firmware-radeon-kmod-rv710-20220511.1401000 =
gpu-firmware-radeon-kmod-rv730-20220511.1401000 =
gpu-firmware-radeon-kmod-rv740-20220511.1401000 =
gpu-firmware-radeon-kmod-rv770-20220511.1401000 =
gpu-firmware-radeon-kmod-sumo-20220511.1401000 =
gpu-firmware-radeon-kmod-sumo2-20220511.1401000 =
gpu-firmware-radeon-kmod-tahiti-20220511.1401000 =
gpu-firmware-radeon-kmod-turks-20220511.1401000 =
gpu-firmware-radeon-kmod-verde-20220511.1401000 =
# sysrc kld_list="i915kms"
# pw groupmod video -m root
# pw groupmod video -m foo

The system message buffer does mention a problem with binary firmware, that could not be loaded.

# dmesg
[drm] Got Intel graphics stolen memory base 0x7c800000, size 0x4000000
drmn0: <drmn> on vgapci0
vgapci0: child drmn0 requested pci_enable_io
vgapci0: child drmn0 requested pci_enable_io
adls_dmc_ver2_01.bin: could not load binary firmware /boot/firmware/adls_dmc_ver2_01.bin either
i915/adls_dmc_ver2_01.bin: could not load binary firmware /boot/firmware/i915/adls_dmc_ver2_01.bin either
i915_adls_dmc_ver2_01.bin: could not load binary firmware /boot/firmware/i915_adls_dmc_ver2_01.bin either
lkpi_iic0: <LinuxKPI I2C> on drmn0
iicbus0: <Philips I2C bus> on lkpi_iic0
iic0: <I2C generic I/O> on iicbus0
lkpi_iic1: <LinuxKPI I2C> on drmn0
iicbus1: <Philips I2C bus> on lkpi_iic1
iic1: <I2C generic I/O> on iicbus1
lkpi_iic2: <LinuxKPI I2C> on drmn0
iicbus2: <Philips I2C bus> on lkpi_iic2
iic2: <I2C generic I/O> on iicbus2
lkpi_iic3: <LinuxKPI I2C> on drmn0
iicbus3: <Philips I2C bus> on lkpi_iic3
iic3: <I2C generic I/O> on iicbus3
lkpi_iic4: <LinuxKPI I2C> on drmn0
iicbus4: <Philips I2C bus> on lkpi_iic4
iic4: <I2C generic I/O> on iicbus4
lkpi_iic5: <LinuxKPI I2C> on drmn0
iicbus5: <Philips I2C bus> on lkpi_iic5
iic5: <I2C generic I/O> on iicbus5
lkpi_iic6: <LinuxKPI I2C> on drmn0
iicbus6: <Philips I2C bus> on lkpi_iic6
iic6: <I2C generic I/O> on iicbus6
lkpi_iic7: <LinuxKPI I2C> on drmn0
iicbus7: <Philips I2C bus> on lkpi_iic7
iic7: <I2C generic I/O> on iicbus7
lkpi_iic8: <LinuxKPI I2C> on drmn0
iicbus8: <Philips I2C bus> on lkpi_iic8
iic8: <I2C generic I/O> on iicbus8
drmn0: successfully loaded firmware image 'i915/adls_dmc_ver2_01.bin'
drmn0: [drm] Finished loading DMC firmware i915/adls_dmc_ver2_01.bin (v2.1)
sysctl_warn_reuse: can't re-use a leaf (hw.dri.debug)!
lkpi_iic9: <LinuxKPI I2C> on drm1
iicbus9: <Philips I2C bus> on lkpi_iic9
iic9: <I2C generic I/O> on iicbus9
[drm] Initialized i915 1.6.0 20201103 for drmn0 on minor 0
VT: Driver priority 0 too low. Current 101
 fbd0: not attached to vt(4) console; another device has precedence (err=17)
# find / -type f -name '*adls*'
/boot/modules/i915_adls_dmc_ver2_01_bin.ko
# kldstat | grep adls
# kldload i915_adls_dmc_ver2_01_bin.ko
# kldstat | grep adls
17    1 0xffffffff835aa000     69f0 i915_adls_dmc_ver2_01_bin.ko

The system messages log confirms, that the firmware drivers were loaded.

# cat /var/log/messages | grep drm
Dec 25 23:08:54 wopr pkg[1974]: drm-61-kmod-6.1.92.1401000_3 installed
Dec 25 23:08:54 wopr pkg[1974]: drm-kmod-20220907_3 installed
Dec 25 23:12:11 wopr pkg[2119]: libdrm-2.4.123,1 installed
Dec 26 00:37:18 wopr kernel: [drm] Got Intel graphics stolen memory base 0x7c800000, size 0x4000000
Dec 26 00:37:18 wopr kernel: drmn0: <drmn> on vgapci0
Dec 26 00:37:18 wopr kernel: vgapci0: child drmn0 requested pci_enable_io
Dec 26 00:37:18 wopr kernel: lkpi_iic0: <LinuxKPI I2C> on drmn0
Dec 26 00:37:18 wopr kernel: lkpi_iic1: <LinuxKPI I2C> on drmn0
Dec 26 00:37:18 wopr kernel: lkpi_iic2: <LinuxKPI I2C> on drmn0
Dec 26 00:37:18 wopr kernel: lkpi_iic3: <LinuxKPI I2C> on drmn0
Dec 26 00:37:18 wopr kernel: lkpi_iic4: <LinuxKPI I2C> on drmn0
Dec 26 00:37:18 wopr kernel: lkpi_iic5: <LinuxKPI I2C> on drmn0
Dec 26 00:37:18 wopr kernel: lkpi_iic6: <LinuxKPI I2C> on drmn0
Dec 26 00:37:18 wopr kernel: lkpi_iic7: <LinuxKPI I2C> on drmn0
Dec 26 00:37:18 wopr kernel: lkpi_iic8: <LinuxKPI I2C> on drmn0
Dec 26 00:37:18 wopr kernel: drmn0: successfully loaded firmware image 'i915/adls_dmc_ver2_01.bin'
Dec 26 00:37:18 wopr kernel: drmn0: [drm] Finished loading DMC firmware i915/adls_dmc_ver2_01.bin (v2.1)
Dec 26 00:37:18 wopr kernel: lkpi_iic9: <LinuxKPI I2C> on drm1
Dec 26 00:37:18 wopr kernel: [drm] Initialized i915 1.6.0 20201103 for drmn0 on minor 0

I tested loading DMC driver manually.

# sysrc kld_list+="i915_adls_dmc_ver2_01_bin"
kld_list: i915kms -> i915kms i915_adls_dmc_ver2_01_bin
# echo 'drm_load="YES"' >> /boot/loader.conf
# echo 'i915kms_load="YES"' >> /boot/loader.conf
# cat /boot/loader.conf | sort
aesni_load="YES"
cryptodev_load="YES"
drm_load="YES"
geom_eli_load="YES"
i915kms_load="YES"
if_re_load="YES"
if_re_name="/boot/modules/if_re.ko"
kern.geom.label.disk_ident.enable="0"
kern.geom.label.gptid.enable="0"
vboxdrv_load="YES"
zfs_load="YES"

Any tips?