• Categories:

• FreeBSD
• - IPv6 on FreeBSD
• - Modify all files in subdirectories
• - Packaging Ports
• - Custom Packages
• - DirectAdmin
• - IMAP
• - Portupgrade
• - Port Updates
• - Source Updates
• Security
• Apache
• Email
• OpenBSD
• PHP
• DNS
• Work




• Home
• login

•  Links:

• Cookbook
• FreeBSD
• OpenBSD
• Property
• French Property
• German Property
• Spanish Property
• Italian Property
• UK Job Search

Source Updates

There are two easy methods for keeping your FreeBSD-RELEASE system up-to-date on patches, patching by hand or using cvsup. Using cvsup, I'll install the command line version:

cd /usr/ports/net/cvsup-without-gui
make install clean

Update the source tree with the RELEASE security branch of FreeBSD.

cp /usr/src/share/examples/cvsup/standard-supfile /usr/local/etc/standard-supfile

edit /usr/local/etc/standard-supfile and change the line reading:

*default host=CHANGE_THIS.FreeBSD.org

to

*default host=cvsup.FreeBSD.org

make sure that the release tag line lists the correct RELEASE version. For instance, for FreeBSD Release 6.1, the line should appear as follows:

*default release=cvs tag=RELENG_6_1

which tells cvsup to only grab the security advisory branch of the RELEASE tree.
You are now ready to run cvsup. Assuming cvsup is installed as /usr/local/bin/cvsup, run the following:

/usr/local/bin/cvsup -g -L 2 /usr/local/etc/standard-supfile

The cvsup command did not make any changes to your currently running system. It only updated the source tree. Depending on the patches applied, you may need to rebuild portions of your source tree. Rather than go into detail on this, we will provide you instructions on how to rebuild your whole source tree (not a bad idea to do anyway at least once).
Now once the cvsup is done you need to 'buildworld'

Change directories to /usr/src and read the UPDATING file and make note of anything special you need to do (most of the time there is nothing). NOTE: the only gotcha I have found is if you have the /tmp directory mounted as:

nosuid, noexec, nodev

One of these options causes either the buildworld or installworld not to work (I can't remember which one) so make sure you remove these options before proceeding (edit /etc/fstab to do this).
Now lets build the source.

cd /usr/src
make -j4 buildworld

Now this step can take anywhere from 20 mins to 2 hours depending on the speed of your server. When you see the buildworld complete without any errors you need to build your kernel.

echo "KERNCONF=GENERIC" >> /etc/make.conf
make buildkernel

This takes about 15 mins or so on a P4 system. This will build the GENERIC kernel.
OK now once your kernel build has completed without errors you need to install the new kernel and world.

make installkernel

The install should only take a few mins if that to copy accross the new kernel and modules.
Now you need to install your new 'world'

make installworld

This will install the rest of the OS that has been updated and all of the binary files. Remaking the world will not update certain directories (in particular, /etc, /var and /usr) with new or changed configuration files. The simplest way to update these files is to use mergemaster(8), though it is possible to do it manually if you would prefer to do that. Regardless of which way you choose, be sure to make a backup of /etc in case anything goes wrong. Once the 'installworld' is done you need to run 'mergemaster' to merge your old /etc config files with the new ones.
The next few steps are fairly straightforward, so I'll summarise everything which needs to be done:

cd /usr/src
make -j4 buildworld
echo "KERNCONF=GENERIC" >> /etc/make.conf
make buildkernel
make installkernel
reboot
cd /usr/src
mergemaster -p
make installworld
mergemaster

edit /etc/fstab to replace any options for the /tmp directory which you may have removed above

reboot

Once the server comes up run

uname -a

to check you're running the updated version.