In this post, I will use boot environments to upgrade an existing FreeBSD 9.3 to FreeBSD 10.1, and I will do this from within a chroot.
Why? Because I can.
In the following commands, I clone the existing running environment to 10.1-RELEASE, then I mount it to /mnt, chroot into it, and then start to upgrade.
I will be upgrading the new and not-yet-running boot environment. The running system is not touched. This is the goal of doing this from a chroot
$ sudo beadm create 10.1-RELEASE Created successfully $ sudo beadm mount 10.1-RELEASE /mnt Mounted successfully on '/mnt' $ sudo mount -t devfs devfs /mnt/dev $ sudo chroot /mnt # bash [root@slocum /]# exit
NOTE: that I tried bash, and it worked, but I didn’t want to confuse the chroot‘d environment with the real host, so I want back to /bin/sh.
# freebsd-update -r 10.1-RELEASE upgrade Looking up update.FreeBSD.org mirrors... none found. Fetching metadata signature for 9.3-RELEASE from update.FreeBSD.org... done. Fetching metadata index... done. Fetching 1 metadata patches. done. Applying metadata patches... done. Inspecting system... done. The following components of FreeBSD seem to be installed: kernel/generic world/base world/doc The following components of FreeBSD do not seem to be installed: world/games world/lib32 Does this look reasonable (y/n)? y Fetching metadata signature for 10.1-RELEASE from update.FreeBSD.org... done. Fetching metadata index... done. Fetching 1 metadata patches. done. Applying metadata patches... done. Fetching 1 metadata files... done. Inspecting system... done. Fetching files from 9.3-RELEASE for merging... done. Preparing to download files... done. Fetching 10282 patches.....10....20....30.. ... ... 10210....10220....10230....10240....10250....10260....10270....10280. done. Applying patches... done. Fetching 1838 files... Attempting to automatically merge changes in files... done. The following file could not be merged automatically: /etc/rc.d/jail Press Enter to edit this file in /usr/bin/vi and resolve the conflicts manually... ...
That repeats for a few more files, then you get stuff like this, which I have abbreviated:
The following file will be removed, as it no longer exists in FreeBSD 10.1-RELEASE: /var/named/etc/namedb/named.conf Does this look reasonable (y/n)? y The following files are affected by updates, but no changes have been downloaded because the files have been modified locally: /etc/namedb /root/.cshrc /root/.k5login /root/.login /root/.profile The following files will be removed as part of updating to 10.1-RELEASE-p6: /boot/kernel/atadisk.ko /boot/kernel/atadisk.ko.symbols /boot/kernel/atapicam.ko ... ... The following files will be added as part of updating to 10.1-RELEASE-p6: /bin/freebsd-version /boot/boot1.efi /boot/boot1.efifat /boot/kernel/acl_nfs4.ko /boot/kernel/acl_nfs4.ko.symbols ... ... The following files will be updated as part of updating to 10.1-RELEASE-p6: /.cshrc /.profile /COPYRIGHT /bin/[ /bin/cat /boot/beastie.4th /boot/boot To install the downloaded upgrades, run "/usr/sbin/freebsd-update install". # /usr/sbin/freebsd-update install Installing updates... Kernel updates have been installed. Please reboot and run "/usr/sbin/freebsd-update install" again to finish installing updates. #
Now, this is the tricky part. First. leave the chroot, then beadm activate the environment you just upgraded, and then reboot. See that ^D below? That’s me leaving the chroot.
# ^D[dan@slocum:~] $ sudo umount /mnt/dev [dan@slocum:~] $ sudo beadm umount 10.1-RELEASE Unmounted successfully
Now we’re back where we were before we started this process. Now let’s tell the system to boot from our 10.1 system.
[dan@slocum:~] $ sudo beadm activate 10.1-RELEASE Activated successfully [dan@slocum:~] $ beadm list BE Active Mountpoint Space Created default N / 18.3M 2013-05-03 02:16 10.1-RELEASE R - 18.6G 2015-03-13 17:37 [dan@slocum:~] $
The N means active now.
The R means active on reboot.
We’re good to go.
# shutdown -r now
And when you’re up, snapshot, and install.
Do not forget to complete your upgrade. If you fail to do so, you’ll find yourself in trouble at later date. Don’t repeat my mistakes.
See the following? This is wrong. I have not yet done the install part of freebsd-update:
$ file /bin/sh /bin/sh: ELF 64-bit LSB executable, x86-64, version 1 (FreeBSD), dynamically linked (uses shared libs), for FreeBSD 9.3, stripped $ uname -a FreeBSD slocum.int.unixathome.org 10.1-RELEASE-p6 FreeBSD 10.1-RELEASE-p6 #0: Tue Feb 24 19:00:21 UTC 2015 firstname.lastname@example.org:/usr/obj/usr/src/sys/GENERIC amd64
The kernel is clearly 10.1 but the userland is definitely 9.3, which is not a good thing to have.
For what it’s worth, my nagios check for this is now alerting me to this very condition:
WARNING: Userland and kernel are NOT in sync: userland = 903000, kernel = 1001000
On with the install
Let’s snapshot the system, just because we can.
zfs snapshot -r system@AfterFreeBSDUpdateTo10AndAfterInstall
Here I run freebsd-update:
[root@slocum:~] # /usr/sbin/freebsd-update install Installing updates... Completing this upgrade requires removing old shared object files. Please rebuild all installed 3rd party software (e.g., programs installed from the ports tree) and then run "/usr/sbin/freebsd-update install" again to finish installing updates. [root@slocum:~] #
NOTE: I believe there is great value in running such things from inside a tmux (or screen) session in case your ssh connection terminates unexpectedly.
Got ezjail? basejails need love too!
If you are not running ezjail, you can skip this section.
That command gets my userland and kernel in sync, but shortly afterwards, another Nagios alert popped up:
WARNING: Host and basejail are NOT in sync: host = ELF 64-bit LSB executable, x86-64, version 1 (FreeBSD), dynamically linked (uses shared libs), for FreeBSD 10.1, stripped, basejail = ELF 64-bit LSB executable, x86-64, version 1 (FreeBSD), dynamically linked (uses shared libs), for FreeBSD 9.3, stripped
Yes, my jails are now behind my host. I can fix that separately, with this command:
# ezjail-admin update -s 9.3-RELEASE -U
NOTE that I am specifying the release which is already in the basejail. You can determine that release with this command:
$ file /usr/jails/basejail/bin/sh /usr/jails/basejail/bin/sh: ELF 64-bit LSB executable, x86-64, version 1 (FreeBSD), dynamically linked (uses shared libs), for FreeBSD 9.3, stripped
NOTE: you can ignore messages such as this when upgrading a basejail because basejails do not contain a boot directory.
Installing updates...install: /usr/jails/newjail//boot/kernel/acl_nfs4.ko: No such file or directory install: /usr/jails/newjail//boot/kernel/acl_nfs4.ko.symbols: No such file or directory install: /usr/jails/newjail//boot/kernel/acl_posix1e.ko: No such file or directory install: /usr/jails/newjail//boot/kernel/acl_posix1e.ko.symbols: No such file or directory
If required, adjust the path to your basejail location.
Replacing the packages
By this time, I started building package via poudriere in another tmux session.
I have custom packages, built by poudriere, and therefore I had to upgrade the URL used by pkg. See your pkg -vv output for more information.
I issued this command and let it run:
$ sudo pkg-static install -f pkg pkg-static: Warning: Major OS version upgrade detected. Running "pkg-static install -f pkg" recommended Updating local repository catalogue... pkg-static: Repository local has a wrong packagesite, need to re-create database Fetching meta.txz: 100% 820 B 0.8kB/s 00:01 Fetching packagesite.txz: 100% 164 KiB 168.7kB/s 00:01 Processing entries: 100% local repository update completed. 655 packages processed New version of pkg detected; it needs to be installed first. The following 1 packages will be affected (of 0 checked): Installed packages to be REINSTALLED: pkg-1.4.12 (ABI changed) The process will require 1 MiB more space. 2 MiB to be downloaded. Proceed with this action? [y/N]: y Fetching pkg-1.4.12.txz: 100% 2 MiB 2.4MB/s 00:01 Checking integrity... done (0 conflicting) [1/1] Reinstalling pkg-1.4.12... [1/1] Extracting pkg-1.4.12: 100% Message for pkg-1.4.12: If you are upgrading from the old package format, first run: # pkg2ng Updating local repository catalogue... local repository is up-to-date. All repositories are up-to-date. Checking integrity... done (0 conflicting) The following 1 packages will be affected (of 0 checked): Installed packages to be REINSTALLED: pkg-1.4.12 Proceed with this action? [y/N]: y [1/1] Reinstalling pkg-1.4.12... [1/1] Extracting pkg-1.4.12: 100% Message for pkg-1.4.12: If you are upgrading from the old package format, first run: # pkg2ng
Then I upgraded all the packages:
pkg upgrade -f
Completing the upgrade
The final step was: