aboutsummaryrefslogtreecommitdiff
path: root/scripts/os/freebsd
diff options
context:
space:
mode:
Diffstat (limited to 'scripts/os/freebsd')
-rw-r--r--scripts/os/freebsd/10-bootloader4
-rw-r--r--scripts/os/freebsd/10-cpu5
-rw-r--r--scripts/os/freebsd/50-idm1
-rw-r--r--scripts/os/freebsd/80-microcode14
4 files changed, 21 insertions, 3 deletions
diff --git a/scripts/os/freebsd/10-bootloader b/scripts/os/freebsd/10-bootloader
index 438acc0..3209927 100644
--- a/scripts/os/freebsd/10-bootloader
+++ b/scripts/os/freebsd/10-bootloader
@@ -24,9 +24,7 @@ set_loader_conf \
pflog_load=YES \
security.bsd.allow_destructive_dtrace=0
-if [ "${serial_console:-}" = true ]; then
- # Don't enable the serial console for all hosts indiscriminately.
- # Somehow, having the serial console enabled breaks ConsoleKit.
+if [ "$BOXCONF_VIRTUALIZATION_TYPE" = none ] && [ "$enable_serial_console" = true ]; then
set_loader_conf \
boot_multicons=YES \
boot_serial=YES \
diff --git a/scripts/os/freebsd/10-cpu b/scripts/os/freebsd/10-cpu
index ea2afcf..67aeb68 100644
--- a/scripts/os/freebsd/10-cpu
+++ b/scripts/os/freebsd/10-cpu
@@ -28,3 +28,8 @@ if sysctl -n dev.hwpstate_intel.0.epp >/dev/null 2>&1; then
set_sysctl "dev.hwpstate_intel.${n}.epp=${intel_epp}"
done
fi
+
+# Enable CPU-related kernel modules.
+set_loader_conf \
+ cpuctl_load=YES \
+ coretemp_load=YES
diff --git a/scripts/os/freebsd/50-idm b/scripts/os/freebsd/50-idm
index 0a9e882..ab7c2fd 100644
--- a/scripts/os/freebsd/50-idm
+++ b/scripts/os/freebsd/50-idm
@@ -20,6 +20,7 @@ pkg install -y \
# Configure PAM/NSS integration.
install_file -m 0644 \
/etc/nsswitch.conf \
+ /etc/pam.d/login \
/etc/pam.d/sshd \
/etc/pam.d/sudo
diff --git a/scripts/os/freebsd/80-microcode b/scripts/os/freebsd/80-microcode
new file mode 100644
index 0000000..f9e213e
--- /dev/null
+++ b/scripts/os/freebsd/80-microcode
@@ -0,0 +1,14 @@
+#!/bin/sh
+
+: ${microcode_name:='intel-ucode.bin'}
+
+# Only run this file on baremetal hosts.
+if [ "$BOXCONF_VIRTUALIZATION_TYPE" != none ]; then
+ return
+fi
+
+pkg install -y cpu-microcode
+
+set_loader_conf \
+ cpu_microcode_load=YES \
+ cpu_microcode_name="/boot/firmware/${microcode_name}"