In this post I'll describe how I migrated a test install of FreeBSD 7.0-RELEASE #0 to FreeBSD 7.0-RELEASE-p7 #0, and then from there to FreeBSD 7.1-RELEASE #0.
Here's what I started with.
neely# uname -a
FreeBSD neely.taosecurity.com 7.0-RELEASE FreeBSD 7.0-RELEASE #0: Sun Feb 24
19:59:52 UTC 2008 root@logan.cse.buffalo.edu:/usr/obj/usr/src/sys/GENERIC i386
To update to the latest version of 7.0, I ran freebsd-update. First I run without switches to show available options.
neely# freebsd-update
usage: freebsd-update [options] command ... [path]
Options:
-b basedir -- Operate on a system mounted at basedir
(default: /)
-d workdir -- Store working files in workdir
(default: /var/db/freebsd-update/)
-f conffile -- Read configuration options from conffile
(default: /etc/freebsd-update.conf)
-k KEY -- Trust an RSA key with SHA256 hash of KEY
-r release -- Target for upgrade (e.g., 6.2-RELEASE)
-s server -- Server from which to fetch updates
(default: update.FreeBSD.org)
-t address -- Mail output of cron command, if any, to address
(default: root)
Commands:
fetch -- Fetch updates from server
cron -- Sleep rand(3600) seconds, fetch updates, and send an
email if updates were found
upgrade -- Fetch upgrades to FreeBSD version specified via -r option
install -- Install downloaded updates or upgrades
rollback -- Uninstall most recently installed updates
Notice the -s switch. If you decide to pick a specific server, how do you choose? This neat trick gives you options:
$ host -t srv _http._tcp.update.freebsd.org
_http._tcp.update.freebsd.org has SRV record 1 25 80 update2.FreeBSD.org.
_http._tcp.update.freebsd.org has SRV record 1 10 80 update1.FreeBSD.org.
Note results vary depending on what servers are available at any point in time.
Now I start the update process.
neely# freebsd-update fetch
Looking up update.FreeBSD.org mirrors... 2 mirrors found.
Fetching metadata signature for 7.0-RELEASE from update2.FreeBSD.org... done.
Fetching metadata index... done.
Fetching 2 metadata patches.. done.
Applying metadata patches... done.
Fetching 2 metadata files... done.
Inspecting system... done.
Preparing to download files... done.
Fetching 27 patches.....10....20... done.
Applying patches... done.
The following files will be updated as part of updating to 7.0-RELEASE-p9:
/boot/kernel/if_faith.ko
/boot/kernel/if_fwip.ko
/boot/kernel/if_stf.ko
/boot/kernel/ip_mroute.ko
/boot/kernel/ipfw.ko
/boot/kernel/kernel
/boot/kernel/pf.ko
/boot/kernel/random.ko
/usr/bin/dig
/usr/bin/host
/usr/bin/nslookup
/usr/bin/nsupdate
/usr/bin/openssl
/usr/include/netinet/tcp.h
/usr/include/netinet6/in6.h
/usr/include/netinet6/nd6.h
/usr/lib/libssl.a
/usr/lib/libssl.so.5
/usr/libexec/ftpd
/usr/libexec/lukemftpd
/usr/sbin/dnssec-keygen
/usr/sbin/dnssec-signzone
/usr/sbin/lwresd
/usr/sbin/named
/usr/sbin/named-checkconf
/usr/sbin/named-checkzone
/usr/sbin/named-compilezone
/usr/sbin/ntpd
/usr/sbin/rndc-confgen
WARNING: FreeBSD 7.0-RELEASE is approaching its End-of-Life date.
It is strongly recommended that you upgrade to a newer
release within the next 2 months.
neely# freebsd-update install
Installing updates... done.
neely# reboot
After I reboot I am running FreeBSD 7.0-RELEASE-p7 #0.
neely# uname -a
FreeBSD neely.taosecurity.com 7.0-RELEASE-p7 FreeBSD 7.0-RELEASE-p7 #0: Sun Dec 21
12:33:45 UTC 2008 root@i386-builder.daemonology.net:/usr/obj/usr/src/sys/GENERIC i386
For my own reference I see what packages are installed.
neely# pkg_info
cdrtools-2.01_6 CD/CD-R[W] and ISO-9660 image creation and extraction tools
dvd+rw-tools-7.0 DVD burning software
Now I will upgrade to 7.1.
neely# freebsd-update upgrade -r 7.1-RELEASE
Looking up update.FreeBSD.org mirrors... 2 mirrors found.
Fetching metadata signature for 7.0-RELEASE from update2.FreeBSD.org... done.
Fetching metadata index... done.
Fetching 1 metadata patches. done.
Applying metadata patches... done.
Inspecting system... done.
The following components of FreeBSD seem to be installed:
kernel/generic world/base world/dict world/doc world/games world/info
world/manpages
The following components of FreeBSD do not seem to be installed:
src/base src/bin src/cddl src/compat src/contrib src/crypto src/etc
src/games src/gnu src/include src/krb5 src/lib src/libexec src/release
src/rescue src/sbin src/secure src/share src/sys src/tools src/ubin
src/usbin world/catpages world/proflibs
Does this look reasonable (y/n)? y
Fetching metadata signature for 7.1-RELEASE from update2.FreeBSD.org... done.
Fetching metadata index... done.
Fetching 1 metadata patches. done.
Applying metadata patches... done.
Fetching 1 metadata files... done.
Inspecting system...done.
Fetching files from 7.0-RELEASE for merging... done.
Preparing to download files...done.
Fetching 10989 patches.....10....20....30....40....50....60....70....80....90....100....110
...edited...
810....6820....6830....6840....6850....6860.. done.
Applying patches... done.
Fetching 4516 files... failed.
That doesn't look good. Maybe the server was loaded? Based on a few searches I decide to start the process again.
neely# freebsd-update upgrade -r 7.1-RELEASE
Looking up update.FreeBSD.org mirrors... 2 mirrors found.
Fetching metadata signature for 7.0-RELEASE from update2.FreeBSD.org... done.
Fetching metadata index... done.
Fetching 1 metadata patches. done.
Applying metadata patches... done.
Fetching 1 metadata files... done.
Inspecting system... done.
The following components of FreeBSD seem to be installed:
kernel/generic world/base world/dict world/doc world/games world/info
world/manpages
The following components of FreeBSD do not seem to be installed:
src/base src/bin src/cddl src/compat src/contrib src/crypto src/etc
src/games src/gnu src/include src/krb5 src/lib src/libexec src/release
src/rescue src/sbin src/secure src/share src/sys src/tools src/ubin
src/usbin world/catpages world/proflibs
Does this look reasonable (y/n)? y
Fetching metadata signature for 7.1-RELEASE from update2.FreeBSD.org... done.
Fetching metadata index... done.
Fetching 1 metadata patches. done.
Applying metadata patches... done.
Fetching 1 metadata files... done.
Inspecting system... done.
Fetching files from 7.0-RELEASE for merging... done.
Preparing to download files... done.
Fetching 3312 patches.....10....20....30....40....50....60....70....80....90....
...edited...
2620....2630....2640....2650....2660....2670....2680....2690... done.
Applying patches... done.
Fetching 1433 files...done.
Attempting to automatically merge changes in files... done.
The following changes, which occurred between FreeBSD 7.0-RELEASE and
FreeBSD 7.1-RELEASE have been merged into /etc/group:
--- current version
+++ new version
@@ -1,6 +1,6 @@
-# $FreeBSD: src/etc/group,v 1.35 2007/06/11 18:36:39 ceri Exp $
+# $FreeBSD: src/etc/group,v 1.35.6.1 2008/11/25 02:59:29 kensmith Exp $
#
wheel:*:0:root,richard
daemon:*:1:
kmem:*:2:
sys:*:3:
Does this look reasonable (y/n)? y
The following changes, which occurred between FreeBSD 7.0-RELEASE and
FreeBSD 7.1-RELEASE have been merged into /etc/master.passwd:
--- current version
+++ new version
@@ -1,6 +1,6 @@
-# $FreeBSD: src/etc/master.passwd,v 1.40 2005/06/06 20:19:56 brooks Exp $
+# $FreeBSD: src/etc/master.passwd,v 1.40.18.1 2008/11/25 02:59:29 kensmith Exp $
#
root:$1$qmgoobYq$tNDy/Y2N8QDJVjFk5E.NB.:0:0::0:0:Charlie &:/root:/bin/csh
toor:*:0:0::0:0:Bourne-again Superuser:/root:
daemon:*:1:1::0:0:Owner of many system processes:/root:/usr/sbin/nologin
operator:*:2:5::0:0:System &:/:/usr/sbin/nologin
Does this look reasonable (y/n)? y
The following changes, which occurred between FreeBSD 7.0-RELEASE and
FreeBSD 7.1-RELEASE have been merged into /etc/passwd:
--- current version
+++ new version
@@ -1,6 +1,6 @@
-# $FreeBSD: src/etc/master.passwd,v 1.40 2005/06/06 20:19:56 brooks Exp $
+# $FreeBSD: src/etc/master.passwd,v 1.40.18.1 2008/11/25 02:59:29 kensmith Exp $
#
root:*:0:0:Charlie &:/root:/bin/csh
toor:*:0:0:Bourne-again Superuser:/root:
daemon:*:1:1:Owner of many system processes:/root:/usr/sbin/nologin
operator:*:2:5:System &:/:/usr/sbin/nologin
Does this look reasonable (y/n)? y
The following files will be removed as part of updating to 7.1-RELEASE-p2:
/etc/rc.d/kernel
/usr/include/netgraph/atm/ng_atmpif.h
/usr/sbin/pkg_check
/usr/sbin/pkg_sign
/usr/share/doc/de_DE.ISO8859-1/books/handbook/portsnap.html
...edited...
The following files will be added as part of updating to 7.1-RELEASE-p2:
/boot/gptboot
/boot/kernel/cmx.ko
/boot/kernel/cmx.ko.symbols
...edited...
The following files will be updated as part of updating to 7.1-RELEASE-p2:
/.cshrc
/.profile
/COPYRIGHT
/bin/[
/bin/cat
...edited...
/var/named/etc/namedb/named.root
/var/yp/Makefile.dist
neely# freebsd-update install -r 7.1-RELEASE
Installing updates...
Kernel updates have been installed. Please reboot and run
"/usr/sbin/freebsd-update install" again to finish installing updates.
neely# reboot
After rebooting I run install again.
$ su -
Password:
neely# freebsd-update install
Installing updates...... done.
neely# reboot
$ uname -a
FreeBSD neely.taosecurity.com 7.1-RELEASE FreeBSD 7.1-RELEASE #0: Thu Jan 1
14:37:25 UTC 2009 root@logan.cse.buffalo.edu:/usr/obj/usr/src/sys/GENERIC i386
All done! If I want to see if any other patches are available I can run fetch again.
$ su -
Password:
neely# freebsd-update fetch
Looking up update.FreeBSD.org mirrors... 2 mirrors found.
Fetching metadata signature for 7.1-RELEASE from update2.FreeBSD.org... done.
Fetching metadata index... done.
Fetching 2 metadata patches.. done.
Applying metadata patches... done.
Fetching 2 metadata files... done.
Inspecting system... done.
Preparing to download files... done.
No updates needed to update system to 7.1-RELEASE-p2.
Looks like that's it.
Richard Bejtlich is teaching new classes in DC and Europe in 2009. Register by 1 Jan and 1 Feb, respectively, for the best rates.
0 komentar:
Posting Komentar