Slashdot Mirror
Painlessly Update FreeBSD
boarder8925 writes "Over at BSDnews, Steve Wingate has written an article on how to easily update FreeBSD. Wingate begins his article by saying, "One of the greatest advantages that *BSD has over other Unix variants is the cvsup/make world process. Unlike most Linux distributions it isn't necessary to wait months for a new version to be released for you to upgrade your system. The cvsup/make world process allows you to update your system at any time. I'm going to show you how to make the process as painless as possible." The article discusses the following: installing CVSup, choosing a cvsup server, configuring make.conf, and, finally, performing the upgrade. The piece is also available as a .pdf file."
in the handbook how?
Gentoo has this aswell. There are no distribution versions, a simple 'emerge -uDav world' will update the system.
In case the site's Slashdotted ...
.pdf file
Google cache of article
Google cache of
Keep your eyes to the sky.
# apt-get update; apt-get dist-upgrade
Wasn't that hard?
Anybody know if cvsup will ever be rewritten in C instead of Modula-2 or whatever the heck that is?
I'm hoping someday Gentoo will use cvsup because it's a bit more efficient (it doesn't have to re-compute all deltas every time like rsync).
I use both FreeBSD and gentoo heavily but portage generally feels a lot slower than BSD ports, syncing as well as the various cache or dependency operations or whatever it does when it sits there spinning at me.
I have never used a linux distribution which lacks a tool for updating software without upgrading to the next official release. Redhat had one, mandrake had one, suse had one..and most importantly, debian has one.
:)
okay, minor lie; linux from scratch had no such tool. on the other hand, linux from scratch had no installer and consisted entirely of a manual explaining how to compile the software.
If cvsup && buildworld && installworld is the easy solution, I wonder what he considers this to be:
freebsd-update fetch
freebsd-update install
Yeah, ok, FreeBSD Update is only about tracking the release branch. But really, this story just covers the standard technique which people have been using for... well, longer than I've been using FreeBSD.
Tarsnap: Online backups for the truly paranoid
Given the amount of software I have on my Linux box, I think a BSD/Gentoo-like build process just wouldn't be practical for me.
The underlying problem is really that C/C++ code has so much information compiled into each object file: even common, minor changes may require huge amounts of recompilation. While we practice abstraction and encapsulation at the source level, at the binary level, it is still mostly lacking.
The choice shouldn't been between huge amounts of recompilation from source (Gentoo, BSD) or laborious hand-packging and version tracking (Debian, RedHat, etc.), this needs to be addressed by changing the underlying software infrastructure. Let's hope we'll move more towards JITs, dynamic binding, dynamic typing, and component-based software. Then we can finally get away from these massive recompilations and version hell.
Wow, BSD is dead?
I just migrated all my Linux server over to FreeBSD because FreeBSD is so much easier to maintain. It seems faster also.
The above is not worth reading.
Yeah. And I'm using it right now.
I see dead OSes, see?
FreeBSD: Because Computers Can Be Fun... Again.
This is particularly annoying because this is one of the main reasons I switched to BSD from Debian-- with Debian, unless you're running stable, the dependencies for any new binary package you install can cascade up the dependency graph and then back down, so that you need to download and install 150MB worth of upgrades just for one little program. Building ports from source is much better this way-- the port normally will just compile against whatever is in your system. Except when it doesn't, like in this case.
Are you adequate?
The article is nice and well written. I would however change one step. /usr/src && make update && make world && make kernel && mergemaster' /usr/src && mergemaster -p && make update && make world && make kernel && mergemaster'
alias rebuild 'cd
to
alias rebuild 'cd
The prebuildworld mode for mergemaster is a life saver. Read man mergemaster.
I was scanning this... Got 1/2 way through and was wondering if he stole it, cause I swore i read it somewhere.
Then I realized: Issue #3?November 9, 2003
How the hell is this news? I love FreeBSD, its all I use. the only thing dead about it is bsd.slashdot.org
Of course not. But it's my first bad joke about a BSD is dying post.
FreeBSD: Because Computers Can Be Fun... Again.
One thing this paper leaves out is reading UPDATING. You really really should check out the file /usr/src/UPDATING after you sync your tree but before you start building. Of course, the handbook will tell you that you should also be subscribed to the proper mailing list (freebsd-current or freebsd-stable) but at the very least, reading UPDATING is a Good Thing.
Have you ever deployed a component solution? I'm all for language agnostic component solutions, but there is tons of version hell in both the .NET and JAVA worlds.
.NET and Java don't solve this problem. That's both because they have many other dependencies between modules and because their byte code format unnecessarily encodes too many dependencies.
Yes, indeed there is.
Nevertheless, JITs are an important part of the solution because they allow you to remove almost all compiled-in dependencies between object files without sacrificing efficiency.
That is, all object file A has to know about structure X in object file B is that structure X contains a field called Q; where that field is located inside the structure doesn't matter, or whether there are other fields. It doesn't even necessarily need to know the exact type of Q. Yet, a JIT can make access to Q as fast as if the structure definition for X had been included in file A as a header file and had been hard-compiled in. That means that with a JIT and good language semantics, the definition and implementation of Q can change in almost arbitrary ways without ever requiring recompilation of A.
So, again, JITs aren't the solution by themselves, but they are an important part of the solution, because, when implemented right, they remove the need to compile in knowledge about data structures and codes in different modules.
When I first saw the headline about "painlessly updating", I thought this might be a great article about some new innovative way to update. Its not really anything new or interesting though, the whole article is basically saying: "cd /usr/src && make world && make kernel && mergemaster will update you system"
Not wanting to sound rude, but no shit sherlock! Yes, this is a painless way to update your system. It is also the way to update your system, as is very well spelled out in the excellent FreeBSD Handbook so I'm not sure why it warrants an article....
Maybe its just me but I think an article about portupgrade or something would have been more useful.
The article is actually riskier IMO.
/etc/defaults/make.conf /etc/make.conf /etc/make.conf accordingly (compile options, whether ports openssl/openssh overwrites the base openssl/openssh etc)
/etc and stuff to what your local custom config is like)
/usr/src /usr/
/usr
/etc/make.conf was correct etc.
/usr/ports/blahblah/softwarename
Firstly: he doesn't track the RELENG_4_9 branch, he tracks the STABLE branch (RELENG_4 - e.g. the latest of whatever is considered stable for Release 4) - which is more likely to break working stuff than the RELENG_4_9 branch which is FreeBSD 4.9 that has just the updates for security problems. Yes many ppl don't have problems with RELENG_4, but if your job and reputation is on the line - only use it if RELENG_4_9 doesn't work (hardware, required features etc).
Secondly: He skips the mergemaster -p step.
The way I recommend is what's been in the FreeBSD handbook for years:
Step 1: Synchronize your source Use cvsup. It's better. And track the RELENG branch.
e.g. cvsup mycustomcvsupfile
Where mycustomcvsup is like the stable-supfile but with the following tag instead of RELENG_4:
*default release=cvs tag=RELENG_4_9
Step 2: Building and Installing world
optional step before:
cp
edit
Then
make buildworld
make buildkernel KERNCONF=YOURKERNELNAME
make installkernel KERNCONF=YOURKERNELNAME
reboot and go to single user mode
mergemaster -p
(preliminary mergemaster stuff if things are too different between your config and what the new FreeBSD stuff is)
make installworld
mergemaster
(to merge what's new in
reboot
***multiple machines.
Here's where you might do things differently.
Read this for some background: tracking for multiple machines
Now once you built everything, you don't have to rebuild it on a different machine if you are using a compatible architecture. For example you specify a 686 CPU in your make.conf and kernel config, you can only reuse it on stuff which supports 686 class CPUs.
I didn't bother with the NFS part (not applicable for some situations) - I just did the synchronize of src and ports and did the build on a fast machine with a fast connection.
The default was 4-stable which tracks the current stable source of Release 4. For production machines I recommend tracking RELENG releases and not STABLE.
Then build the kernel and sources.
cd
make buildkernel KERNCONF=kernelformachineA
make buildkernel KERNCONF=kernelformachineB
make buildkernel KERNCONF=kernelformachineC
make buildworld
cd
Then tarball the results: tar -zcvf src.tar.gz src && tar -zcvf obj.tar.gz obj && tar -zcvf ports.tar.gz ports
Then I copied the tarballs (via CDR) to the slow machine which did not have a cvsup connection (not allowed by firewall policy etc)
Then installed the results on the machine.
cd
rm -rf src obj ports
tar -zxvf src.tar.gz && tar -zxvf ports.tar.gz && tar -zxvf obj.tar.gz
Then I ensured that the
Then: make installkernel KERNCONF=therelevantkernel && make installworld.
Note: to save the trouble of building desired ports software on the slow machine you have to make packages on the fast machine.
e.g.
cd
make package
---
You should also check out freebsd-update.
freebsd-update is more like binary updating of stuff affected by security issues.
Redhat is simpler on one hand and more complex on the other- sure you can ftp all the rpms and run a freshen. But it's harder to be sure everything is really consistent
You can say a lot of good stuff about *BSD, but it currently does not match the quality and quantity of great minds work that is being put into the linux kernel.
If at first you don't succeed, skydiving is not for you
Err. Read your own link? His conclusion frome those benchmarks were that OpenBSD is slow. He says specifically:
Linux 2.6 scales O(1) in all benchmarks. Words fail me on how impressive this is. If you are using Linux 2.4 right now, switch to Linux 2.6 now!
FreeBSD 5.1 has very impressive performance and scalability. I foolishly assumed all BSDs to play in the same league performance-wise, because they all share a lot of code and can incorporate each other's code freely. I was wrong. FreeBSD has by far the best performance of the BSDs and it comes close to Linux 2.6. If you run another BSD on x86, you should switch to FreeBSD!
His only major complaint about FreeBSD was its mmap performance: the system seems to do more work ahead of time than is actually necessary. It's not clear to me that his benchmark is actually relevant, since he measured the cost of mmapping 10000 pages, but only reading one (in which FreeBSD thrashed all the other systems), whereas one generally reads most of the pages mmapped anyway.
In many of the benchmarks, FreeBSD beat Linux 2.6 by a sizeable margin, in particular the "many files" and connections benchmarks.
I hereby place the above post in the public domain.
An update system that offers to overwrite /etc/passwd (and presumably every other security file) hardly seems like a safe or easy upgrade process.
:-( & :-)
I can't say my DoC (SuSE) has it better -- they don't ever seem able to upgrade my system in a sane or coherent manner. Last time around, it upgraded my squid 3.0 to squid2, tried, unsuccessfully to put my named in a basement mail (when it hadn't even been bad), but it was thrown in the basement w/o the root servers file and when the root servers all expired some large amount of time (~3-4 months) later, various TLD's started disappearing. It was bizzare watching large sections of internet just "go away" a few days before it completely consumed itself. Then I found the problem -- it hadn't copied in the root servers file from the previous upgrade (and/or didn't install a new copy). I tried grabbing some updates with their Yast Online solution, but it kept downloading copies of 8.2 binaries when I have 9.0 loaded. I never had 8.2 loaded -- I went straight from 8.1 to 9.0. Later, I found, buried in some paragraph of fine print somewhere that their updates only support updating from the immediately preceding version -- this was after it had removed all unknown packages fro the package database. At this point I had all the 8.1 packages installed, but no longer noted as "installed" in the database over which it automatically upgraded and installed about 10-15 packages out of the 100-150 it should have installed (I guess ~10-15 packages kept some same valid name). I'm always rather afraid to do an upgrade under SuSE as I know it will usually involve lots of pain.
On the flip side -- a fresh install of 9.0 for a never-used-linux user went real smooth -- they were able to navigate their way around after only one or two hiccups -- like buttons weren't where they used to be under Win, but I just told them they'd have to experiment a bit and find out how things were arranged differently. Once they experiemented some, they started finding what they needed surprisingly well.
-l
Quick summary:
From that, I read a tiny FreeBSD advantage in the socket call (in terms of absolute execution time) and two FreeBSD scalability issues: one rather serious, and one O(n) versus O(1).
Again, one can't be less than astonished by the Linux kernel development over the last two years. Not that one would notice the difference between Linux and FreeBSD on everyday use, or less than stressfull server deployments. They're both in the same league but, as of now, Linux is more polished. Scaling O(1) for almost every algorithm in there is amazing.
If at first you don't succeed, skydiving is not for you
"Unlike most Linux distributions it isn't necessary to wait months for a new version to be released for you to upgrade your system."
Either this is a joke, or this guy never installed a Linux distro. Or maybe it was Debian Stable and he didn't realize what "stable" means.
Sure, the BSD ports system is nice. But there's no need to make a blind comparative with "most Linux distributions" to justify it. It just feed trolls without actually helping anyone.
{{.sig}}
Those numbers are microbenchmarks. They may show something but do not relate to real life performance.
You can say a lot of good stuff about *BSD, but it currently does not match the quality and quantity of great minds work that is being put into the linux kernel.
You may say whatever you want, but it just sounds as zealotry.
They upgraded libraries in a *prerelease* version? Why, was there a major showstopping bug found in the old version? I hope so, because that's a pretty poor development methodology otherwise.
I'm sorry, I've spent 15 years developing commercial software, and the first rule you learn (okay, the first rule you learn is 'Always make backups of everything') is not to upgrade any of the libraries, tools, or whatever in the middle of a project unless there's a really compelling reason. That doesn't even take into accout the effects of forcing all of your installed base to upgrade a major part of their system.
I've used gimp and it's a great app. I'm sure it's even better now, but I wish the developers would be more careful. If you want to develop professional software, you have to take a relatively professionial attitude towards the process.
Java: the bastard demon spawn of C++ and Ada
I don't know what version he is using but I'm running 5.2.1 and there is no /etc/defaults/make.conf, only an /etc/make.conf and that doesn't contain all the tags. and in /usr/src there is no Makefile. Am I doing something wrong here?
Upgrading the base system is great and it works most of the time. I'd only wish cvsup/cvs were able to fetch a consistant source tree, but as long as CVS doesn't provide some kind of ACID semantics, it would be very hard to do so. There's always the risk of updating /usr/src in the midst of a commit.
The ports are actually more painful to upgrade than FreeBSD proper. portupgrade does a great job at this, but it's not a panacea. First of all, portsdb -uU takes a hell of a time to generate a new INDEX.db, then you still have to fix some stale dependencies etc... This is the same problem as with Linux distros, and there is no easy solution to this.
cpghost at Cordula's Web.
There's more to quality than kernel performance. I've had the 2 popular Linux filesystems (reiserFS and ext3) puke on me at various times because the disk isn't always in a consistent state as it is with FFS (which also raises issues with complex SAN operations). Until Linux gets a decent mature nonproprietary filesystem my servers will run BSD.
Funny that my 1TB mail servers at Portugalmail run on ReiserFS and have been quite stable for the last three years, while serving 30k users a day. Go guess...
If at first you don't succeed, skydiving is not for you
the problems I had was when power interrupted, 90% of the time Reiser is ok but about one time out of ten the filesystem gets hosed beyond repair. SGI's XFS filesystem is journalling but always in consistent state (great for SAN breakaway mirror too); I'll be testing that soon
Your post is disturbing on so many levels man. What ever happened with "best solution for the problem". Do you think your attitude of forcing people to write stuff for a certain system is gonna attract more people to linux? That's just insane. People use BSD because they like it and think it's good. People use linux because the like it and think it's good. I can't understand people who say that a certain system is better. If you think linux is better, use it!! But don't force your opinions on other people. It's one thing to argue that something is good but assuming your point of view is the right and the only way is just arrogant.
Is there a way to upgrade your FreeBSD install using PACKAGES (bins) rather than CVS or ports (src)??
Prevent linux based DDOS's!
http://linux.denialofservice.org/
I have done four out of seven server's so far. I've only had one problem. My main router has a LMC PCI T1/CSU/DSU card. I could not get FreeBSD to work in Frame Relay mode with that card. The drivers come up and it goes into T1 mode just fine. But I can't figure out how to get Frame Relay to work with it. But in a month or so, I won't have to worry about that. I'm going to a dual T1 router to increase bandwidth.
I am having problems getting Radius to work with my email and VPN servers. But that's a side project that I started after the migration. I should have that done this weekend.
The Web servers were very easy. I installed FreeBSD minimum, then used portinstall to load Apache+PHP onto them. My next conversion is my Postgres Database server.
Oh, another problem. Be sure to cvsup ALL the ports when doing upgrades. I was only getting the ports that I thought I wanted, but there are dependancies that are in the strangest places.
The above is not worth reading.
I can do this with windows. windowsupdate.com
(this is the exact same format as a gentoo, debian, slackware, mandrake, suse, fedora, osx user would do so I'm only a troll if you're biased)