Check out my first novel, midnight's simulacra!

Updating FreeBSD

From dankwiki
Revision as of 22:29, 17 January 2021 by Dank (talk | contribs) (→‎Base system sources)
(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)

There's four parts of a FreeBSD machine which must be individually maintained: base system sources (/usr/src), the ports collection (/usr/ports), the installed system (/), and the installed ports (/usr/local).

Tools referenced, and where to get them

  • cvs: base system
  • cvsup: net/cvsup or net/cvsup-without-gui
  • portsnap: ports-mgmt/portsnap (base system in 5-RELENG+)
  • portupgrade: ports-mgmt/portupgrade
  • portsclean: base system

Base system sources

Use freebsd-update, which comes as part of the Base System.

  • freebsd-update fetch
  • freebsd-update -r NEWVERSION upgrade

The installer (/stand/sysinstall) can unpack the src distribution wholesale or piecemeal (see "source collections" below) into your /usr/src. cvsup(1) or cvs(1) can be used to both check out base system sources and keep them up-to-date. CVS is part of the base FreeBSD system, whereas CVSup is a port. Otherwise, however, CVSup is generally superior; it is faster, generates less network load and disk I/O, and understands source collections.

The base system sources are broken up into source collections:

  • src-all: The master source collection, it includes all sources for the base system.

Ports collection

The installer (/stand/sysinstall) can unpack the ports distribution into /usr/ports. portsnap(8), cvsup(1) and cvs(1) can all be used to both check out the ports collection and keep it up-to-date. CVS is part of the base FreeBSD system, whereas CVSup and portsnap are ports. Of these, portsnap is preferred, due to its superior security.

UPDATE: as of at least FreeBSD 9.0, portsnap is part of the base system, and needn't be installed from ports itself. Furthermore, it comes with a sensible default configuration file. Thus, portsnap fetch extract is sufficient to update the ports tree on a fresh install.


The first time portsnap(8) is run, use the following method: portsnap fetch extract (on older versions of portsnap, you'll also need append a configuration file argument via -f; the default works just fine for most cases, ie portsnap fetch extract -f /usr/local/etc/portsnap.conf.sample). Following this (time-consuming) run, portsnap fetch upgrade is sufficient to pull in package updates (the same rule about -f applies).

This can be followed with portupgrade -ai to actually rebuild ports.


To use the less preferred cvsup method (madness, because it is less secure and uses 10 times the bandwidth of portsnap) create a file /usr/local/etc/ports-supfile with the following contents (based off /usr/share/examples/cvsup/ports-supfile):

* default base=/var/db
* default prefix=/usr
* default release=cvs tag=.
* default delete use-rel-suffix
* default compress

and then run cvsup -g -L 2 /usr/local/etc/ports-supfile to update the Ports Collection.

FreeBSD-4.x gotcha

The most recent FreeBSD ports collections will not work on FreeBSD 4.x. You will need to check out something older than 2007. No method is known to specify this for portsnap(8), but a working methodology for cvsup under 4.10 is to add *default date=2006. to your ports-supfile.

Installed system

Configure /etc/make.conf, based off /etc/defaults/make.conf and the make.conf(5) man page.

  • make buildworld
  • make buildkernel
  • make installkernel
  • reboot
  • mergemaster -p
  • make installworld
  • make delete-old
  • mergemaster
  • reboot
  • make delete-old-libs

Consult the toplevel Makefile and the FreeBSD Handbook for more information.

Adding 32-bit libs to an amd64 system

  • ensure EMUL_32BIT is defined in make.conf
  • make build32
  • make install32
  • ldconfig -32 /usr/lib32

Binary updates

  • freebsd-update fetch
  • freebsd-update install

Installed ports

The list of ports installed on the machine can be displayed with pkg_info. Ports generally confine themselves to /usr/local. After syncing the ports collection, installed ports can be rebuilt and upgraded automatically using portupgrade(1) or the make(1) mechanism of the ports collection. Use portsclean -L to clean old, duplicate and/or orphaned shared libraries. I typically use portupgrade -uap to rebuild all ports, and make new packages as well.