Date: Sun, 20 Mar 2016 08:42:39 +0000 (UTC) From: Tim Hogard <thogard@v.abnormal.com> To: freebsd-bugs@freebsd.org Subject: freebsd-update use in jails - doesn't know what to update from Message-ID: <201603200842.u2K8geNi007354@v.abnormal.com>
next in thread | raw e-mail | index | archive | help
I tried to update a jail with: freebsd-update -r 10.2.RELEASE -b /jail/example.com --debug update The base system was running 10.2-RELEASE-p14 but the jail was running some mix of 9.3, 8.4 4.10, 4.9., 4.4 etc. The update would add a few files and not a full update which didn't work so I looked into why. It appears that the script is using "uname -r" which only reflects the host and not the jail so it doesn't collect the proper set of files. It appears this hackery fixed my issue: --- /usr/sbin/freebsd-update 2016-03-19 10:59:51.768771000 +0000 +++ /tmp/freebsd-update 2016-03-20 01:05:38.207896000 +0000 @@ -641,7 +641,7 @@ # to provide an upgrade path for FreeBSD Update 1.x users, since # the kernels provided by FreeBSD Update 1.x are always labelled # as X.Y-SECURITY. - RELNUM=`uname -r | + RELNUM=`echo 9.3-RELEASE | sed -E 's,-p[0-9]+,,' | sed -E 's,-SECURITY,-RELEASE,'` ARCH=`uname -m` Would it make sense to add a -p (for prior version?) freebsd-update -r 10.2.RELEASE -p 9.3-RELEASE -b /jail/example.com --debug update The rest of this is about stuff I found while uncovering the bug above... it may be a bit ranty since I've had to edit several thousand files without any changes.... Other issues I've found in the script are the use of merge(1) seems suboptimal with most changes being simple RCS signatures. The samef() function doesn't work with some files. I'm thinking diff and patch might be a better way to do the 3 way diffs. Copying files out of /etc/ into old/ doesn't preserve datestamps which would be helpful. An answer of "no" to any question forces the process terminate with no way to back up. Since I ran this process on a handful of jails and edited 300+ files per jail and then had to press "y" for each of them. I'm thinking that a check in the script for failed.merges>10 might have a "You need to update `wd -l $failed.merges` files" (y/n/shell)` and the shell should say: Fresh install files are in /var/db/freebsd-update/merge/10.2/ Your system files are in /var/db/freebsd-update/merge/old and the files to be installed are in /var/db/freebsd-update/merge/new I also wonder about the logic of not putting things like passwd, rc.local groups and other files that must have had changes someplace like: /var/db/freebsd-update/merge/precious That would allow a bulk copy of /var/db/freebsd-update/merge/$NEW_VER to /var/db/freebsd-update/merge/old with very little or no adjustments. The jails uname -a doesn't reflect the build. There should be a file with just "10.2-RELEASE-p0" somewhere in /etc or /boot maybe an option for either uname or freebsd-update could be used to hunt down that info. Uname under posix should query the OS for its version (and patch level) but it has grown to reflect more of a system version for the last few decades in most OSs. At last it isn't as useless as the "11.3" thatSolaris returns now. If someone wants to step through the mess... ----------- Tim's dodgy use of freebsd-update in jails (9.3-> 10.2 version) cp /usr/sbin/freebsd-update /tmp/freebsd-update apply patch above or replace RELNUM=... in about line 641 with: RELNUM=`echo 9.3-RELEASE | /tmp/freebsd-update -r 10.2-RELEASE -b /jail/www.example.com update when it asks about merging and using vi, press ctrl-Z cd /var/db/freebsd-update/merge cp -pr RELEASE-10.2/* new/ cp old/etc/*passwd* new/etc/ cp old/etc/*group* new/etc/ fg (resume if your shell doesn't like fg) (hit enter and an editor will show up, search for ==== to make sure there aren't any) use ZZ to exit vi put ZZ^m in the past buffer and press it hundreds of times It will start to ask "does this look right (y/n)" put y^My^My^M in the past buffer and press it hundreds of times More will be listing files to change (you can press q to quit this 3 times). /tmp/freebsd-update -r 10.2-RELEASE -b /jail/www.example.com install it will ask about a reboot after installing kernel /tmp/freebsd-update -r 10.2-RELEASE -b /jail/www.example.com install it will ask about a reboot after installing userspace /tmp/freebsd-update -r 10.2-RELEASE -b /jail/www.example.com install for a final delete stop the jail and restart it. If things don't restart 1) grep for <<<<<, ===== or >>>>> in /etc/* 2) if the jail starts and programs don't jexec /bin/sh and run pkg-static install -f pkg and reinstall package. i.e. "pkg install apache22" will reinstall apache because of core system being upgraded even if its the same. That will bring in libraries that might be missing. ----------- Thanks, -tim http://web.abnormal.com/
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?201603200842.u2K8geNi007354>