Several recent Blog entries described ways to keep FreeBSD applications up-to-date. Based on my use of these tools, this is how I chose to update one of my servers this morning. First I updated the ports tree, INDEX-5, and INDEX.db:

cd /usr/ports
portsnap fetch
portsnap update
make fetchindex
portsdb -u

Next I checked to see which applications needed to be updated:

janney:/usr/ports# portversion -v -l "<"
bash-3.0.15 < needs updating (port has 3.0.16_1)
freebsd-update-1.6 < needs updating (port has 1.6_1)
sudo-1.6.8.1 < needs updating (port has 1.6.8.4)

I prefer to update applications by using precompiled packages provided by the FreeBSD team. Unfortunately, the packages-5-stable FTP site hasn't been updated since 15 Nov. I decided to press ahead and update these three packages on my own by building the upgrades from source.

I used portupgrade to (in the order of the switches shown), be verbose, update all packages whose versions are outdated, update packages that depend on the package being updated, update packages that the package being update considers dependencies, and create packages in /usr/ports/packages/All during the process:

janney:/usr/ports# portupgrade -varRp

We'll use the packages built during this process on server janney to update some of the packages on laptop orr.

When done I had three new packages in /usr/ports/packages/All:

janney:/usr/ports/packages/All# ls -alt
total 135276
drwxr-xr-x 21 root wheel 512 Nov 25 11:03 ..
-rw-r--r-- 1 root wheel 545101 Nov 25 11:03 bash-3.0.16_1.tbz
drwxr-xr-x 2 root wheel 1536 Nov 25 11:03 .
-rw-r--r-- 1 root wheel 10097 Nov 25 10:59 portsnap-0.2_1.tbz
-rw-r--r-- 1 root wheel 29219 Nov 25 10:58 freebsd-update-1.6_1.tbz
-rw-r--r-- 1 root wheel 99157 Nov 25 10:58 sudo-1.6.8.4.tbz

I expected bash, freebsd-update, and sudo to be there. These three were the packages identified by portversion as being out-of-date. A new portsnap package was created as part of the upgrade process for freebsd-update, since portsnap depends upon freebsd-update to function.

Now that I had these new packages, I turned to updating laptop orr. I followed the five steps I first did for janney, and a 'portversion -v -l "<"' to see what needed updating. Laptop orr has a lot more packages installed compared to janney. If I want to avoid updating packages on orr via building from source through the ports tree, I need to obtain updated packages either from the FreeBSD project or from a system that's built the same packages.

Standard FreeBSD systems do not seem to have a means to build packages without installing them. I believe OpenBSD has this capabilitity. Since I prefer to not maintain a "package builder" with ever application I need, I take a dual-pronged approach. First, I wait until the FreeBSD project provides updated packages. Second, for critical applications that tend to be installed on many systems, I create my own packages. This second approach is what this Blog entry is about.

Based on my update on server janney, I know I can provide updated bash, sudo, and freebsd-update packages for laptop orr. To do that I NFS mount /usr/ports/packages/All on janney to orr, then run portupgrade:

orr:/usr/ports# mount -t nfs janney:/usr/ports/packages/All /usr/ports/packages/All
orr:/usr/ports# portupgrade -varRPP
---> Session started at: Thu, 25 Nov 2004 11:26:02 -0500
** No need to upgrade 'tcpflow-0.21' (>= tcpflow-0.21). (specify -f to force)
---> Checking for the latest package of 'security/sudo'
---> Found a package of 'security/sudo': sudo-1.6.8.4.tbz (sudo-1.6.8.4)
---> Upgrade of security/sudo started at: Thu, 25 Nov 2004 11:26:09 -0500
---> Upgrading 'sudo-1.6.8.1' to 'sudo-1.6.8.4' (security/sudo) using a package
---> Updating dependency info
---> Uninstallation of sudo-1.6.8.1 started at: Thu, 25 Nov 2004 11:26:11 -0500
---> Fixing up dependencies before creating a package
---> Backing up the old version
---> Uninstalling the old version
---> Deinstalling 'sudo-1.6.8.1'
[Updating the pkgdb in /var/db/pkg ... - 167 packages found (-1 +0) (...) done]
---> Uninstallation of sudo-1.6.8.1 ended at: Thu, 25 Nov 2004 11:26:15 -0500 (consumed 00:00:03)
pkg_info: can't find package 'sudo-1.6.8.4.tbz' installed or in a file!
---> Installation of sudo-1.6.8.4 started at: Thu, 25 Nov 2004 11:26:15 -0500
---> Installing the new version via the package
Will not overwrite existing /usr/local/etc/sudoers file.
---> Removing temporary backup files
---> Installation of sudo-1.6.8.4 ended at: Thu, 25 Nov 2004 11:26:18 -0500 (consumed 00:00:03)
---> Cleaning out obsolete shared libraries
[Updating the pkgdb in /var/db/pkg ... - 168 packages found (-0 +1) . done]
---> Upgrade of security/sudo ended at: Thu, 25 Nov 2004 11:26:20 -0500 (consumed 00:00:10)
...truncated...
orr:/usr/ports# umount /usr/ports/packages/All

When done, bash, freebsd-update, and sudo were updated.

Comments

Anonymous said…
yep, OpenBSD has "make package". I have one system that creates packages which I use as a local package repository for packages that I create with "FLAVOR" combinations.
Anonymous said…
I've tried this twice. Took almost 16 hours and does nothing. A portversion -v -l "<" still shows the same versions and says that all have tobe updated to version x.x.x (which supposedly it did during the 16 hors!). Either you missed a step or failed to explain something in your blog. Big waste of time.
Second Anonymous,

I wrote a thorough article called Keeping FreeBSD Applications Up-To-Date. Give that a try. You're probably encountering an error in a package required by others.

In the future, post some error messages or something more constructive than a simple complaint.
Anonymous said…
Great article, it's still in the process of updating my system but everything is working as planned. I had only run into one little problem at the beginning but it was an easy fix.

Popular posts from this blog

Zeek in Action Videos

New Book! The Best of TaoSecurity Blog, Volume 4

MITRE ATT&CK Tactics Are Not Tactics