pavement

Updating the system

From FreeBSDwiki
(Difference between revisions)
Jump to: navigation, search
(FreeBSD Binary Upgrade 6.3 to 7.0 Notes)
 
(8 intermediate revisions by 2 users not shown)
Line 4: Line 4:
  
 
== Basic Security updates ==
 
== Basic Security updates ==
From FreeBSD 6.X you can simply keep up to date using freebsd-update
+
From FreeBSD 6.X, only for release versions, you can simply keep up to date using freebsd-update
  
 
First time use:
 
First time use:
Line 13: Line 13:
 
  # freebsd-update rollback
 
  # freebsd-update rollback
  
Use the following line in your /etc/crontab to keep your machine up to date:
+
Use the following line in your {{file|/etc/crontab}} to keep your machine up to date:
 
30  3  *  *  *  root /usr/sbin/freebsd-update cron -t <email address>
 
30  3  *  *  *  root /usr/sbin/freebsd-update cron -t <email address>
  
Line 26: Line 26:
 
#Do a source upgrade as described [[upgrading the base system | here]]
 
#Do a source upgrade as described [[upgrading the base system | here]]
  
A binary upgrade to a release version can be done by running '''sysinstall''' from the installation medium (e.g. CDROM). See the [http://www.freebsd.org/releases/ release notes] of the release for details. Note that this will wipe out a lot of customizations.
+
A binary upgrade to a release version can be done by running {{cmd|sysinstall}} from the installation medium (e.g. CDROM). See the [http://www.freebsd.org/releases/ release notes] of the release for details. Note that this will wipe out a lot of customizations.
  
 
== Updating applications ==
 
== Updating applications ==
Line 32: Line 32:
 
Many open-source apps are under active development, so this is something you'll probably want to do quite regularly to ensure that you have the latest versions of everything.
 
Many open-source apps are under active development, so this is something you'll probably want to do quite regularly to ensure that you have the latest versions of everything.
  
First update the ports tree (/usr/ports/). This can be done via [[cvsup]], [[ctm]] or [[portsnap]]. The ports can then be automatically updated using [[portupgrade]] or [[portmanager]], which are capable of dealing with dependencies.
+
First update the ports tree {{file|/usr/ports/}}. This can be done via [[cvsup]], [[csup]], [[ctm]] or [[portsnap]]. The ports can then be automatically updated using [[portupgrade]] or [[portmaster]], which are capable of dealing with dependencies.
  
 
== How do I download updates? ==
 
== How do I download updates? ==
  
The most common method used is [[cvsup]] (see [[updating the ports tree]]). However, you might not be able to use it if you're behind a restrictive firewall (blocking tcp port 5999) or on a weak connection. In that case you can use [[ctm]] to obtain differential updates by email or ftp.
+
The most common method used was [[cvsup]] (see [[updating the ports tree]]). However, you might not be able to use it if you're behind a restrictive firewall (blocking tcp port 5999) or on a weak connection. In that case you can use [[ctm]] to obtain differential updates by email or ftp.
  
 
For updating the ports tree, a third option is available. [[Portsnap]] is an automated tool which offers many advantages over both the other methods:
 
For updating the ports tree, a third option is available. [[Portsnap]] is an automated tool which offers many advantages over both the other methods:
Line 47: Line 47:
 
== FreeBSD Binary Upgrade 6.3 to 7.0 Notes ==
 
== FreeBSD Binary Upgrade 6.3 to 7.0 Notes ==
 
It's best to upgrade to 6.3 first and this is straight forward, follow: http://www.freebsd.org/releases/6.3R/announce.html
 
It's best to upgrade to 6.3 first and this is straight forward, follow: http://www.freebsd.org/releases/6.3R/announce.html
 +
 +
Note:
 +
  * You might have to install gpg which is in the 'gnupg' port.
 +
  * If you have a problem 'Can't check signature: No public key' # fetch http://www.freebsd.org/doc/pgpkeyring.txt
  
 
Follow the steps on http://www.freebsd.org/releases/7.0R/announce.html until you get to portupgrade -faP.   
 
Follow the steps on http://www.freebsd.org/releases/7.0R/announce.html until you get to portupgrade -faP.   
Line 54: Line 58:
  
 
Here are the commands to fix the ruby problem.
 
Here are the commands to fix the ruby problem.
 +
 +
The first group of commands may or may not do anything (optional)
 
<pre>
 
<pre>
 
/sbin/reboot
 
/sbin/reboot
boot -s
+
boot -s (Boot into single user mode, you can also just select '4' from the menu)
 
/sbin/fsck
 
/sbin/fsck
 
/sbin/mount -u /
 
/sbin/mount -u /
Line 67: Line 73:
 
csup -L 2 /.../ports-supfile
 
csup -L 2 /.../ports-supfile
 
less /usr/ports/UPDATING
 
less /usr/ports/UPDATING
 +
</pre>
 +
 +
These commands are recommended.\\
 +
Upgrade ruby:
 +
<pre>
 
portupgrade -fu ruby
 
portupgrade -fu ruby
 
rm /var/db/pkg/pkgdb.db
 
rm /var/db/pkg/pkgdb.db
 
portupgrade -fu ruby18-bdb
 
portupgrade -fu ruby18-bdb
 +
(Ignore the error at the end of this command)
 +
 
rm /var/db/pkg/pkgdb.db /usr/ports/INDEX-*.db
 
rm /var/db/pkg/pkgdb.db /usr/ports/INDEX-*.db
 
portupgrade -fu portupgrade
 
portupgrade -fu portupgrade
Line 76: Line 89:
 
portinstall misc/compat6x
 
portinstall misc/compat6x
 
portinstall sysutils/bsdadminscripts
 
portinstall sysutils/bsdadminscripts
 +
</pre>
  
 +
(Optional) May not work.
 +
<pre>
 
cd /usr/src
 
cd /usr/src
 
yes | make -B delete-old
 
yes | make -B delete-old
 
yes | make -B delete-old-libs
 
yes | make -B delete-old-libs
 +
</pre>
  
 +
Check, fix, relink, cleanup the ports collection:
 +
<pre>
 
pkg_libchk -qo | grep -vE 'jdk*|openoffice*' | xargs -o portupgrade -fuP
 
pkg_libchk -qo | grep -vE 'jdk*|openoffice*' | xargs -o portupgrade -fuP
  
Line 88: Line 107:
 
portaudit -Fda
 
portaudit -Fda
 
</pre>
 
</pre>
 +
 +
 +
Now you should be able to return to the update command
 +
  # portupgrade -faP
 +
 +
This will take time and you most likely will have to play around with some ports to get them to install properly.
 +
  
 
[[Category:Common Tasks]]
 
[[Category:Common Tasks]]

Latest revision as of 08:24, 30 October 2015

Note: If you only want to install security updates, it's enough to subscribe to FreeBSD security notifications and follow the instructions in each advisory. Otherwise, read on.

In FreeBSD, the base system and ports can be updated independently if desired. Here's how to do it.

Contents

[edit] Basic Security updates

From FreeBSD 6.X, only for release versions, you can simply keep up to date using freebsd-update

First time use:

# freebsd-update fetch
# freebsd-update install

You can rollback in-case of problems

# freebsd-update rollback

Use the following line in your /etc/crontab to keep your machine up to date: 30 3 * * * root /usr/sbin/freebsd-update cron -t <email address>

This will email you when updates are available and to install them type

# freebsd-update install

[edit] Updating the base system

To upgrade to a RELEASE version of FreeBSD, you can do one of three things:

  1. Do a binary Upgrade to a release version
  2. Do a binary Upgrade using the method described (FreeBSD 5.4 to 6.0 here) Refer to the bottom of this page for upgrading 6.3 to 7.0 notes
  3. Do a source upgrade as described here

A binary upgrade to a release version can be done by running sysinstall from the installation medium (e.g. CDROM). See the release notes of the release for details. Note that this will wipe out a lot of customizations.

[edit] Updating applications

Many open-source apps are under active development, so this is something you'll probably want to do quite regularly to ensure that you have the latest versions of everything.

First update the ports tree /usr/ports/. This can be done via cvsup, csup, ctm or portsnap. The ports can then be automatically updated using portupgrade or portmaster, which are capable of dealing with dependencies.

[edit] How do I download updates?

The most common method used was cvsup (see updating the ports tree). However, you might not be able to use it if you're behind a restrictive firewall (blocking tcp port 5999) or on a weak connection. In that case you can use ctm to obtain differential updates by email or ftp.

For updating the ports tree, a third option is available. Portsnap is an automated tool which offers many advantages over both the other methods:

  • secure (uses cryptographic signing)
  • very efficient in terms of bandwidth consumption and server load
  • uses http only
  • easy to use

[edit] FreeBSD Binary Upgrade 6.3 to 7.0 Notes

It's best to upgrade to 6.3 first and this is straight forward, follow: http://www.freebsd.org/releases/6.3R/announce.html

Note:

 * You might have to install gpg which is in the 'gnupg' port.
 * If you have a problem 'Can't check signature: No public key' # fetch http://www.freebsd.org/doc/pgpkeyring.txt

Follow the steps on http://www.freebsd.org/releases/7.0R/announce.html until you get to portupgrade -faP.

I've done the upgrade now on two machines and have come across the same problem when doing the portupgrade -faP command. You get a failure with ruby. Please refer to my post at for the solution:


Here are the commands to fix the ruby problem.

The first group of commands may or may not do anything (optional)

/sbin/reboot
boot -s (Boot into single user mode, you can also just select '4' from the menu)
/sbin/fsck
/sbin/mount -u /
/sbin/mount -a -t ufs
cd /usr/src
make clean
/sbin/reboot

csup -L 2 /.../src-supfile
csup -L 2 /.../ports-supfile
less /usr/ports/UPDATING

These commands are recommended.\\ Upgrade ruby:

portupgrade -fu ruby
rm /var/db/pkg/pkgdb.db
portupgrade -fu ruby18-bdb
(Ignore the error at the end of this command)

rm /var/db/pkg/pkgdb.db /usr/ports/INDEX-*.db
portupgrade -fu portupgrade
portupgrade -fu libtool

portinstall misc/compat6x
portinstall sysutils/bsdadminscripts

(Optional) May not work.

cd /usr/src
yes | make -B delete-old
yes | make -B delete-old-libs

Check, fix, relink, cleanup the ports collection:

pkg_libchk -qo | grep -vE 'jdk*|openoffice*' | xargs -o portupgrade -fuP

pkgdb -F
pkgdb -L
portsclean -CLDP
portaudit -Fda


Now you should be able to return to the update command

 # portupgrade -faP

This will take time and you most likely will have to play around with some ports to get them to install properly.

Personal tools