Staying current with FreeBSD – using CVSup to upgrade FreeBSD
FreeBSD is not a static operating system. It is changing all the time.
Changes eventually make their way from one -current to -stable to -release. For
more detail, please see The
Cutting Edge: FreeBSD-current and FreeBSD-stable of the FreeBSD Handbook.
I have decided to follow
the -stable branch. And as the -stable instructions say, the
first thing I did was subscribe to the freebsd-stable and
cvs-all mailing lists. Then I followed the instructions for Synchronizing Your Source.
Disk space
I think you need about 180M free if you haven’t already installed the sources. I
came to this figure by issuing the following command after I had completed the make
world process.
[root@ns:/usr/src] # du -s
175236 .
Installing CVSup
There are three options for CVSup. I chose the statically linked executables.
This avoids the need for the Modula-3 libraries, which are rather large and
compiling them is a lengthy process.
As I already had all the
ports installed, here’s what I did to install CVSup. But if you don’t, see getting cvsup installed.
[root@ns:/usr/ports/net/cvsup-bin] # cd /usr/ports/net/cvsup-bin/
[root@ns:/usr/ports/net/cvsup-bin] # make
>> cvsup-bin-15.4.2.tar.gz doesn't seem to exist on this system.
>> Attempting to fetch from ftp://ftp.freebsd.org/pub/FreeBSD
/CVSup/.
fetch: ftp.freebsd.org: Not logged in
>> Attempting to fetch from ftp://ftp.cs.tu-berlin.de/pub/FreeBSD/
CVSup/.
Receiving cvsup-bin-15.4.2.tar.gz (1099198 bytes): 100%
1099198 bytes transfered in 28.0 seconds (38.40 Kbytes/s)
===> Extracting for cvsup-bin-15.4.2
>> Checksum OK for cvsup-bin-15.4.2.tar.gz.
===> Patching for cvsup-bin-15.4.2
===> Configuring for cvsup-bin-15.4.2
cd /usr/ports/net/cvsup-bin/work/cvsup-bin-15.4.2; gunzip
cvsup.1.gz
[root@ns:/usr/ports/net/cvsup-bin] # make install
===> Installing for cvsup-bin-15.4.2
cd /usr/ports/net/cvsup-bin/work/cvsup-bin-15.4.2;
install -c -o bin -g bin -m 555 cvsup /usr/local/bin
install -c -o bin -g bin -m 444 cvsup.1 /usr/local/man/man1
===> Generating temporary packing list
===> Compressing manual pages for cvsup-bin-15.4.2
===> Registering installation for cvsup-bin-15.4.2
Configuring CVSUP
I urge you to read the FreeBSD Handbook
instructions at Synchronizing Your
Source before following what I’ve done below. On that page you’ll find a link to
the stable sup file which they recommend. I copied the this file to /usr/home/stable-supfile
from:
ftp://ftp.freebsd.org/pub/FreeBSD/FreeBSD-current/src/share/
examples/cvsup/stable-supfile
You can also get this file from:
/usr/share/examples/cvsup/cvs-supfile
Then I modified the stable sup file to suit my preferences. First, I changed my
cvsup host.
*default host=cvsup.au.FreeBSD.ORG
I changed the base directory where the status files will be maintained. Don’t
forget to create this directory.
*default base=/usr/local/etc/cvsup
The source tree is divided up into collections. Some collections are not for
direct export beyond USA and Canada. However, these collections are available from
international servers. See the bottom of your configuration file for details.
Running CVSup
I’m behind a firewall, so I used the following command to start my update (you need to
do this as root).
cvsup -P - stable-supfile
Then I waited for a few hours for the source code to download.
If you want to know how to run a test of the above, without changing any files, you can
do this instead:
mkdir /var/tmp/dest cvsup supfile /var/tmp/dest
For this, you don’t have to be root. You just need read access to /usr/src.
The files will be placed in /var/tmp/dest.
Using the sources
Always be prepared for disaster. This is especially true before you rebuild your
system. Please see Before the disaster and use that a
guide. Only then should you attempt the remainder of this diary note.
Once the
above steps have been completed, you will have a local copy of the source tree. The
next step is to rebuild the system using those sources. According to the Using make world to rebuild your
system of the FreeBSD Handbook, the
best resource for this process is found at:
http://www.nothing-going-on.demon.co.uk/FreeBSD/make-world/make-world.html
I suggest you read that guide before doing anything I did.
Changes made to system
I uncommented the CFLAGS and NOPROFILE definitions in /etc/make.conf.
Making it
Section 5.4 of the above URL refers to versions 2.2.5 and above. In these
versions, the "world" has been split into two: buildworld and installworld.
Here’s what I did:
script /var/tmp/mw.out cd /usr/src make buildworld exit
The script command puts a copy saves all output to the specified file.
If anything goes wrong, you will have a copy of all the error messages and what led up to
the problem. This will be useful in diagnosing the problem. You might want to
save it for others to review. See section 5.2 of Using make world to rebuild your
system for more information.
After starting the above, I waited.
And waited.
Well, it’s been over 24 hours now. I’ll publish this and come back to it later.
It finally finished. I’m not sure, but I estimate that this process took about 56
hours. The output file was about 5.5 Megabytes. I did a grep to find
any errors, but I didn’t find any. So on to the next step.
After the compile
I recommend you follow section 6 of Using make world to rebuild your
system in order to update your /etc directory. For my own
documentation, I will list the commands I used, but please don’t blindly follow these
instructions.
# cp -Rp /etc /etc.old
# mkdir /var/tmp/root
# cd /usr/src/etc
# make DESTDIR=/var/tmp/root distrib-dirs distribution
# cd /var/tmp/root
# find -d . -type d | /usr/bin/perl -lne \
'opendir(D,$_);@f=readdir(D);rmdir if $#f == 1;closedir(D);'
Merging the differences
After the above is run, you must compare the old and the new files to see what changes
have occurred. This will allow you to retain your original settings. To do
this, I created dircomp.pl from the script provided in the above URL.
Then I ran it from /var/tmp/root.
Then I carefully checked the results and
decided which files to retain, and which ones to throw away.
The following is a list of files which I decided required action. I either
modified the incoming file or deleted it, depending on the differences found.
/var/tmp/root/etc/gettytab
/var/tmp/root/etc/namedb/named.boot
/var/tmp/root/etc/host.conf
/var/tmp/root/etc/rc.conf
/var/tmp/root/etc/rc.firewall
/var/tmp/root/etc/syslog.conf
/var/tmp/root/etc/make.conf
/var/tmp/root/etc/sendmail.cf
/var/tmp/root/etc/spwd.db
/var/tmp/root/etc/passwd
/var/tmp/root/etc/pwd.db
You must decide what action must be taken for your own situation.
After ensuring I had merged the files correctly, I then copied the new stuff over the
old stuff:
cp -Rp /var/tmp/root/etc/ /etc
-R does a recursive copy, -p preserves times, ownerships on files, etc. And that
trailing / is necessary. If you omit it, your changes will wind up in /etc/etc.
Install world
Now that I’ve done I did a make buildworld so now it’s time to do the
install:
cd /usr/src make installworld
New kernel
Now is the time to compile a new kernel. For instructions on how to create a new
kernel, refer to Configuring
the FreeBSD Kernel section in the FreeBSD
handbook. Pay special attention to the section on Building and Installing
a Custom Kernel
The reboot
Now that I’ve rebooted, I get the following on login:
Copyright (c) 1980, 1983, 1986, 1988, 1990, 1991, 1993, 1994
The Regents of the University of California. All rights
reserved.
FreeBSD 2.2.8-STABLE (IPFILTER3) #0: Tue Jan 19 11:18:37 NZDT 1999
Welcome to FreeBSD! You will find security advisories and updated
information on this releases posted at
http://www.FreeBSD.ORG/releases/
What I missed
After the reboot, I had some problems. First of all, I couldn’t ping from my NT
box to the outside world but I could ping everything on my subnet. That means to me
that NAT isn’t working. So I checked the start up
messages on the console. IP Filter failed to load. So I recompiled IP
Filter. I should have known to do that before I rebooted. My
mistake. For a description of the errors I was getting , please see IP Filter won’t load.
I also had problems with sendmail.
Here’s the errors from the log:
NOQUEUE: SYSERR(root): /etc/sendmail.cf: line 138: readcf: map
checkaddress: class regex not available
NOQUEUE: SYSERR(root): /etc/sendmail.cf: line 848: Inappropriate
use of $# on LHS
NOQUEUE: SYSERR(root): /etc/sendmail.cf: line 879: Inappropriate
use of $# on LHS
NOQUEUE: SYSERR(root): /etc/sendmail.cf: line 943: Inappropriate
use of $# on LHS
gethostbyaddr(210.55.210.87) failed: 4
NOQUEUE: SYSERR(root): Warning: .cf version level (8) exceeds
sendmail version 8.8.8 functionality (7)
So I did this to reinstall sendmail
cd /usr/ports/mail/sendmail-8.9.2/ make clean make make install /usr/sbin/sendmail -bd -q15m
Then I found this in the logs:
Jan 19 16:18:31 ns sendmail[3484]: gethostbyaddr(210.55.210.87)
failed: 4
Bah! That’s enough for today. Another time. The above isn’t that
serious. I’ll deal with it another day.
Restarting
If cvsup is interrupted, it will restart where it left off if you run it
again. This is useful to know if your connection is dropped or if you only have a
certain time period to stay connected. I have tried this more than once. It
restarts just fine.
Just a point in the install of the Kernel within the Makeworld process – albeit a small but frustrating point.
I noticed when going from 4.2 to 4.X-STABLE, issues such as DUMMYNET are not included in the generic kernel and when someone tries to reboot with PIPES used in the Firewall then they will not work and will just freeze the traffic unless you create a custom kernel or customize the generic (I guess).
Cheers
Craig