Hack 80 Automate Updates


figs/moderate.gif figs/hack80.gif

FreeBSD provides many tools to make software upgrades as painless as possible. In fact, the entire process is fully scriptable. Simply choose the pieces you want and how up-to-date you want to be.

End users and administrators alike share a desire to keep their operating systems and applications as up-to-date as possible. However, if you're an operating systems veteran, you're well aware that this desire doesn't always translate into foolproof, easy execution. For example, do you have to scour the far corners of the Internet to find the latest updates? Once you find them, is it possible to upgrade safely without overwriting the dependencies required by other applications?

8.5.1 Assembling the Pieces

The cvsup process provides the latest updates to the FreeBSD operating system, ports collection, and documents collection. You no longer have to scour the Internet looking for the latest sources. Simply run cvsup!

Since our intention is to script the whole process, install the cvsup-without-gui port:

# cd /usr/ports/net/cvsup-without-gui # make install clean

If you've never used cvsup before, take the time to read its section in the FreeBSD Handbook so you have an overview of how the process works.

When the install finishes, copy /usr/share/examples/cvsup/cvs-supfile to a location that makes sense to you (e.g., /root or /usr/local/etc). Use the comments in that file and the instructions in the handbook to customize the file so it reflects your closest mirror, operating system (tag), and what you would like to update.

Here's my cvs-supfile. It uses a Canadian mirror and updates all sources, ports, and documents on a FreeBSD 5.1-RELEASE system:

# more /root/cvs-supfile #use the Canadian mirror *default host=cvsup.ca.freebsd.org #keep these lines as-is! *default base=/usr/local/etc/cvsup *default prefix=/usr #this is a 5.1-RELEASE system *default tag=RELENG_5_1_0_RELEASE #keep this line as-is! *default release=cvs delete use-rel-suffix compress #update all src, ports, and docs src-all ports-all tag=. doc-all tag=.

If you want to specify which source, ports, and docs to install, see the handbook for directions on creating a refuse file.


If your cvs-supfile includes the ports-all tag=. line, install portupgrade. This port will not only keep track of which ports need upgrading, it will also track dependencies and automate the entire application upgrade process:

# cd /usr/ports/sysutils/portupgrade # make install clean

We can also take advantage of the fastest-cvsup port. As the name implies, it looks for the fastest cvsup mirror:

# cd /usr/ports/sysutils/fastest-cvsup # make install clean

8.5.2 An Example Dry Run

With the necessary pieces in place, let's run them from the command line to see how they work. First, use cvsup to download any changes to the operating system, software, or documents tree:

# cvsup -L2 /root/cvs-supfile Parsing supfile "/root/cvs-supfile" Connecting to cvsup.ca.freebsd.org Connected to cvsup.ca.freebsd.org Server software version: SNAP_16_1f Negotiating file attribute support Establishing collection information Establishing multiplexed-mode data connection Running Updating collection src-all/cvs Updating collection ports-all/cvs <snip downloaded sources> Updating collection doc-all/cvs <snip downloaded sources> Shutting down connection to server Finished successfully

The -L2 switch turns on verbosity. Substitute /root/cvs-supfile with the location of your customized cvs-supfile.

It's rare for src to change. When it does, it is usually due to a security patch. If you notice changes to src, go to http://www.freebsd.org/security/#adv to see if the security incident affects you and how to apply the patch if it does.


Once cvsup is complete, integrate the changes to the ports and the documents trees. This will take care of the document changes:

# cd /usr/doc # make install

You need the docproj-nojadetex port [Hack #89] for this command to succeed.


For the ports, first update your ports index:

# cd /usr/ports # make index Generating INDEX-5 - please wait.. Done.

An alternative is to instead run portsdb -Uu. Note that if you've created a refuse file, either command will produce a screen or two of error messages. You can safely ignore these.

Once your ports tree is up-to-date, see if any of your installed applications need upgrading:

# portversion -l "<" [Updating the pkgdb <format:bdb1_btree> in /var/db/pkg ... 256 packages found (-0 +1) . done] ghostscript-gnu             < gimp-print                  < linux-sun-jdk               < p5-MIME-Base64              < subversion                  < xmlcatmgr                   <

The -l "<" flag tells portversion to list only the ports matching that pattern (which represents ports that need upgrading). This particular system has 256 installed ports. I've added one (+1) new port since my last cvsup, and six packages need upgrading.

To perform the actual upgrade:

# portupgrade -arR

-a means to upgrade all ports requiring an upgrade. -rR is very important it will ensure that the upgrade takes care of all dependencies properly.

I've only scratched the surface of all of these utilities. Spend some time reviewing the resources at the end of this hack to ensure you're getting the most out of your upgrade process.

8.5.3 Automating the Process

Once you have a few dry runs under your belt and are happy with your results, create a shell script to automate the process. You can start out with something as simple as a Bourne script that strings together the desired commands and switches. Here, the only new command I've introduced is fastest-cvsup. I've also added an else statement to terminate the script if there is a problem with cvsup for example, if the network connection fails.

# more /root/bin/mycustomupgrade.sh #!/bin/sh # script to automate cvsup of latest src, ports, and doc # then rebuilds doc and ports trees # then checks for and upgrades out-of-date software # when finished, prints date and time # use fastest_cvsup to find fastest Canadian or US mirror # store the results in $SERVER to be passed to cvsup command # substitute /root/cvs-supfile with path to custom cvs-supfile # terminate the script if a connection is not available to  # the cvsup server if SERVER=`fastest_cvsup -q -c ca,us` then   echo "Running cvsup"   cvsup -L2 -h $SERVER /root/cvs-supfile else   echo "There's a problem!" 1>&2   exit 1 fi echo "Updating docs" cd /usr/ports make install   echo "Updating ports index" cd /usr/ports make index echo "The following ports need upgrading" portversion -l "<" echo "Upgrading ports" portupgrade -arR echo "Finished at `/bin/date`." exit

Don't forget to make your script executable with chmod +x and to test it to ensure all of the steps execute as desired. On some of my systems, I'm really picky about which software updates to apply, so I don't include the portupgrade -arR command in my script. This allows me to review which ports need upgrading so I can manually upgrade the ones I deem necessary.

8.5.4 See Also

  • man portversion

  • man portupgrade

  • man fastest-cvsup

  • The cvsup section of the FreeBSD Handbook (http://www.freebsd.org/doc/en_US.ISO8859-1/books/handbook/cvsup.html)

  • The CVS tags section of the FreeBSD Handbook (http://www.freebsd.org/doc/en_US.ISO8859-1/books/handbook/cvs-tags.html)

  • "portupgrade," from the FreeBSD Basics column (http://www.onlamp.com/pub/a/bsd/2003/08/28/FreeBSD_Basics.html)



BSD Hacks
BSD Hacks
ISBN: 0596006799
EAN: 2147483647
Year: 2006
Pages: 160
Authors: Lavigne

flylib.com © 2008-2017.
If you may any questions please contact us: flylib@qtcs.net