Easy Upgrading from 12.2-REL in 2024?

[WiiGame]

It seems I have waited too long to upgrade my OS.

The quick question is: Are there pre-written instructions somewhere that address the land between:
A) semi-automated upgrading (per Handbook Ch 26, freebsd-update, etc.)
... and ...
B) those who build kernels (per Handbook Ch 26.6, which is not where I really want to go, if I can avoid it)?
If so, I haven't been able to find it.

My thinking is, "if I could install FreeBSD the first time by downloading files to a stick and installing (without overtly building a kernel), then 'I would have thought' there is something similar for upgrades where I can download and not build a kernel" (perhaps also from a stick, if necessary).

REWIND...

FreeBSD is a file server that "just works," so it doesn't demand my attention for upgrading the way my kids' Windows PCs do when they're interactive daily or a new game doesn't work, etc. I have plenty to do IRL anyway. So, in the year it took me to prep & sell a house, search & buy a house, move & settle in, my FreeBSD server chugged along without much attention paid to it.

uname -a FreeBSD xxxx.home 12.2-RELEASE FreeBSD 12.2-RELEASE r366954 GENERIC amd64

Now I find myself in a place where v12 is in the rear view mirror and 13.2, 13.3 (very recent), and 14.0 are what's available.
And freebsd-update -r 13.3-RELEASE upgrade gives me:

src component not installed, skipped
Looking up update.FreeBSD.org mirrors... 3 mirrors found.
Fetching metadata signature for 12.2-RELEASE from update1.freebsd.org... failed.
Fetching metadata signature for 12.2-RELEASE from update2.freebsd.org... failed.
Fetching metadata signature for 12.2-RELEASE from dualstack.aws.update.freebsd.org... failed.
No mirrors remaining, giving up.

This may be because upgrading from this platform (amd64)
or release (12.2-RELEASE) is unsupported by freebsd-update. Only
platforms with Tier 1 support can be upgraded by freebsd-update.
See https://www.freebsd.org/platforms/index.html for more info.

If unsupported, FreeBSD must be upgraded by source.

'I would have thought' (love that thread) since 13.2 is currently a supported release, then freebsd-upgrade from all 12.x releases would still be supported until one-major-release-up-13 is completely retired. That's what WiiGame-before thought until failing and researching this. WiiGame-after is now thinking that is not the case, for whatever reason.

So is "by source" the only real upgrading option here? (besides a complete reinstall, of course)

In any case, while I am technical, I also don't want this task to become anymore more time-consuming than it has to be. I'm perfectly happy with the vanilla kernel. After skimming ch26.6, I'm just afraid all the necessary reading/research and potential pitfalls involved in building a kernel for the first time are going to be time-eaters ... thus, my avoidance. So if I did indeed miss my window for "easy," what's the next easiest path? Or is ch26.6 the only real choice?

Thanks all!
WG

 

[SirDice]

FreeBSD xxxx.home 12.2-RELEASE FreeBSD 12.2-RELEASE r366954 GENERIC amd64

Looks like you never installed patches either. I would suggest doing freebsd-update fetch install first, to get it to the latest patch release.

Looking up update.FreeBSD.org mirrors... 
3 mirrors found. 
Fetching metadata signature for 12.2-RELEASE from update1.freebsd.org... failed. 
Fetching metadata signature for 12.2-RELEASE from update2.freebsd.org... failed. 
Fetching metadata signature for 12.2-RELEASE from dualstack.aws.update.freebsd.org... failed. 
No mirrors remaining, giving up.

You seem to have other issues, not related to the version of FreeBSD.

then freebsd-upgrade from all 12.x releases would still be supported until one-major-release-up-13 is completely retired.

Upgrading should be possible from 9.x to 14.0 in one go. Don't recommend such a big step but it is technically possible.

 

[grahamperrin]

freebsd-update fetch install

Better run the commands separately, not combined, especially in end of life warning situations.

 

[WiiGame]

First, it is quite heartening to find out that this is not all due to the age/version of my OS, so I'm not just "stuck". Thank you!

Honestly, until recently, I didn't know FreeBSD had patches ... I'd only thought there were major and minor upgrades. Had I known to visit freebsd-update for patches, I probably would have been at least somewhat more on top of the upgrades, too.

Q: Do my freebsd-update -r 13.3-RELEASE upgrade results reveal anything about the nature of my "other issues"? (which I'm very thankful they are "other" than what I originally thought)
Here are my results from a drill update.freebsd.org...

Spoiler: # drill update.freebsd.org

# drill update.freebsd.org
;; ->>HEADER<<- opcode: QUERY, rcode: NOERROR, id: 54315
;; flags: qr rd ra ; QUERY: 1, ANSWER: 2, AUTHORITY: 0, ADDITIONAL: 0
;; QUESTION SECTION:
;; update.freebsd.org.  IN      A

;; ANSWER SECTION:
update.freebsd.org.     16      IN      A       163.237.247.16
update.freebsd.org.     16      IN      A       204.15.11.69

;; AUTHORITY SECTION:

;; ADDITIONAL SECTION:

;; Query time: 32 msec
;; SERVER: 192.168.1.1
;; WHEN: Wed Mar 13 15:52:38 2024
;; MSG SIZE  rcvd: 68

About patching: I actually started this upgrading odyssey over a week ago, and I'd found advice to run freebsd-update fetch and freebsd-update install (separately), which I did. I preserved my results from those runs from March 5th, offered below).
What I'm now wondering is what makes it look like I didn't run them?

Spoiler: # freebsd-update fetch <SNIPPED> in repetative places b/c it was soooo long it blew the posting limit

# freebsd-update fetch
src component not installed, skipped
Looking up update.FreeBSD.org mirrors... 3 mirrors found.
Fetching public key from update1.freebsd.org... done.
Fetching metadata signature for 12.2-RELEASE from update1.freebsd.org... done.
Fetching metadata index... done.
Fetching 2 metadata files... done.
Inspecting system... done.
Preparing to download files... done.
Fetching 289 patches.....10....20....30....40....50....60....70....80....90....100....110....120....130....140....150....160....170....180....190....200....210....220....230....240....250....260....270....280.... done.
Applying patches... done.
Fetching 27 files... ....10....20... done.
The following files will be removed as part of updating to
12.2-RELEASE-p15:
/etc/ssl/certs/080911ac.0
<SNIP>
/etc/ssl/certs/a8dee976.0
:...skipping...
The following files will be removed as part of updating to
12.2-RELEASE-p15:
/etc/ssl/certs/080911ac.0
<SNIP>
/etc/ssl/certs/cb59f961.0
:...skipping...
The following files will be removed as part of updating to
12.2-RELEASE-p15:
/etc/ssl/certs/080911ac.0
<SNIP>
/etc/ssl/certs/f90208f7.0
/usr/share/certs/trusted/Camerfirma_Chambers_of_Commerce_Root.pem
/usr/share/certs/trusted/Camerfirma_Global_Chambersign_Root.pem
/usr/share/certs/trusted/Certum_Root_CA.pem
/usr/share/certs/trusted/Chambers_of_Commerce_Root_-_2008.pem
/usr/share/certs/trusted/D-TRUST_Root_CA_3_2013.pem
/usr/share/certs/trusted/EC-ACC.pem
/usr/share/certs/trusted/GeoTrust_Global_CA.pem
/usr/share/certs/trusted/GeoTrust_Primary_Certification_Authority.pem
/usr/share/certs/trusted/GeoTrust_Primary_Certification_Authority_-_G2.pem
:...skipping...
The following files will be removed as part of updating to
12.2-RELEASE-p15:
/etc/ssl/certs/080911ac.0
<SNIP>
/etc/ssl/certs/f90208f7.0
/usr/share/certs/trusted/Camerfirma_Chambers_of_Commerce_Root.pem
/usr/share/certs/trusted/Camerfirma_Global_Chambersign_Root.pem
/usr/share/certs/trusted/Certum_Root_CA.pem
/usr/share/certs/trusted/Chambers_of_Commerce_Root_-_2008.pem
/usr/share/certs/trusted/D-TRUST_Root_CA_3_2013.pem
/usr/share/certs/trusted/EC-ACC.pem
/usr/share/certs/trusted/GeoTrust_Global_CA.pem
/usr/share/certs/trusted/GeoTrust_Primary_Certification_Authority.pem
/usr/share/certs/trusted/GeoTrust_Primary_Certification_Authority_-_G2.pem
/usr/share/certs/trusted/GeoTrust_Primary_Certification_Authority_-_G3.pem
/usr/share/certs/trusted/GeoTrust_Universal_CA.pem
/usr/share/certs/trusted/GeoTrust_Universal_CA_2.pem
/usr/share/certs/trusted/Global_Chambersign_Root_-_2008.pem
/usr/share/certs/trusted/OISTE_WISeKey_Global_Root_GA_CA.pem
/usr/share/certs/trusted/QuoVadis_Root_CA.pem
:
The following files will be removed as part of updating to
12.2-RELEASE-p15:
/etc/ssl/certs/080911ac.0
<SNIP>
/etc/ssl/certs/f90208f7.0
/usr/share/certs/trusted/Camerfirma_Chambers_of_Commerce_Root.pem
/usr/share/certs/trusted/Camerfirma_Global_Chambersign_Root.pem
/usr/share/certs/trusted/Certum_Root_CA.pem
/usr/share/certs/trusted/Chambers_of_Commerce_Root_-_2008.pem
/usr/share/certs/trusted/D-TRUST_Root_CA_3_2013.pem
/usr/share/certs/trusted/EC-ACC.pem
/usr/share/certs/trusted/GeoTrust_Global_CA.pem
/usr/share/certs/trusted/GeoTrust_Primary_Certification_Authority.pem
/usr/share/certs/trusted/GeoTrust_Primary_Certification_Authority_-_G2.pem
/usr/share/certs/trusted/GeoTrust_Primary_Certification_Authority_-_G3.pem
/usr/share/certs/trusted/GeoTrust_Universal_CA.pem
/usr/share/certs/trusted/GeoTrust_Universal_CA_2.pem
/usr/share/certs/trusted/Global_Chambersign_Root_-_2008.pem
/usr/share/certs/trusted/OISTE_WISeKey_Global_Root_GA_CA.pem
/usr/share/certs/trusted/QuoVadis_Root_CA.pem
/usr/share/certs/trusted/Sonera_Class_2_Root_CA.pem
/usr/share/certs/trusted/Staat_der_Nederlanden_Root_CA_-_G3.pem
/usr/share/certs/trusted/SwissSign_Platinum_CA_-_G2.pem
/usr/share/certs/trusted/Symantec_Class_1_Public_Primary_Certification_Authority_-_G6.pem
/usr/share/certs/trusted/Symantec_Class_2_Public_Primary_Certification_Authority_-_G6.pem
/usr/share/certs/trusted/Trustis_FPS_Root_CA.pem
/usr/share/certs/trusted/VeriSign_Class_3_Public_Primary_Certification_Authority_-_G4.pem
/usr/share/certs/trusted/VeriSign_Class_3_Public_Primary_Certification_Authority_-_G5.pem
/usr/share/certs/trusted/VeriSign_Universal_Root_Certification_Authority.pem
/usr/share/certs/trusted/Verisign_Class_1_Public_Primary_Certification_Authority_-_G3.pem
/usr/share/certs/trusted/Verisign_Class_2_Public_Primary_Certification_Authority_-_G3.pem
/usr/share/certs/trusted/thawte_Primary_Root_CA.pem
/usr/share/certs/trusted/thawte_Primary_Root_CA_-_G2.pem
/usr/share/certs/trusted/thawte_Primary_Root_CA_-_G3.pem
The following files will be added as part of updating to
12.2-RELEASE-p15:
/etc/ssl/blacklisted/080911ac.0
<SNIP>
/etc/ssl/blacklisted/f90208f7.0
/etc/ssl/certs/002c0b4f.0
<SNIP>
/etc/ssl/certs/feffd413.0
/usr/share/certs/blacklisted/Camerfirma_Chambers_of_Commerce_Root.pem
<SNIP>
/usr/share/certs/blacklisted/thawte_Primary_Root_CA_-_G3.pem
/usr/share/certs/trusted/AC_RAIZ_FNMT-RCM_SERVIDORES_SEGUROS.pem
/usr/share/certs/trusted/ANF_Secure_Server_Root_CA.pem
/usr/share/certs/trusted/Certum_EC-384_CA.pem
/usr/share/certs/trusted/Certum_Trusted_Root_CA.pem
/usr/share/certs/trusted/GLOBALTRUST_2020.pem
/usr/share/certs/trusted/GlobalSign_Root_E46.pem
/usr/share/certs/trusted/GlobalSign_Root_R46.pem
/usr/share/certs/trusted/NAVER_Global_Root_Certification_Authority.pem
/usr/share/zoneinfo/Pacific/Kanton
The following files will be updated as part of updating to
12.2-RELEASE-p15:
/bin/freebsd-version
/boot/kernel/aesni.ko
/boot/kernel/autofs.ko
/boot/kernel/kernel
/boot/kernel/linux.ko
/boot/kernel/linux64.ko
/boot/kernel/mqueuefs.ko
/boot/kernel/msdosfs.ko
/boot/kernel/pf.ko
/boot/kernel/pmspcv.ko
/boot/kernel/smbfs.ko
/boot/kernel/sysvmsg.ko
/boot/kernel/sysvsem.ko
/boot/kernel/sysvshm.ko
/boot/kernel/tmpfs.ko
/boot/kernel/vmci.ko
/boot/kernel/wlan.ko
/boot/kernel/zfs.ko
/lib/libcasper.so.1
/lib/libcrypto.so.111
/lib/libzfs.so.3
/lib/libzfs_core.so.2
/lib/libzpool.so.2
/rescue/[
/rescue/bectl
/rescue/bsdlabel
/rescue/bunzip2
/rescue/bzcat
/rescue/bzip2
/rescue/camcontrol
/rescue/cat
/rescue/ccdconfig
/rescue/chflags
/rescue/chgrp
/rescue/chio
/rescue/chmod
/rescue/chown
/rescue/chroot
/rescue/clri
/rescue/cp
/rescue/csh
/rescue/date
/rescue/dd
/rescue/devfs
/rescue/df
/rescue/dhclient
/rescue/disklabel
/rescue/dmesg
/rescue/dump
/rescue/dumpfs
/rescue/dumpon
/rescue/echo
/rescue/ed
/rescue/ex
/rescue/expr
/rescue/fastboot
/rescue/fasthalt
/rescue/fdisk
/rescue/fsck
/rescue/fsck_4.2bsd
/rescue/fsck_ffs
/rescue/fsck_msdosfs
/rescue/fsck_ufs
/rescue/fsdb
/rescue/fsirand
/rescue/gbde
/rescue/geom
/rescue/getfacl
/rescue/glabel
/rescue/gpart
/rescue/groups
/rescue/gunzip
/rescue/gzcat
/rescue/gzip
/rescue/halt
/rescue/head
/rescue/hostname
/rescue/id
/rescue/ifconfig
/rescue/init
/rescue/ipf
/rescue/iscsictl
/rescue/iscsid
/rescue/kenv
/rescue/kill
/rescue/kldconfig
/rescue/kldload
/rescue/kldstat
/rescue/kldunload
/rescue/ldconfig
/rescue/less
/rescue/link
/rescue/ln
/rescue/ls
/rescue/lzcat
/rescue/lzma
/rescue/md5
/rescue/mdconfig
/rescue/mdmfs
/rescue/mkdir
/rescue/mknod
/rescue/more
/rescue/mount
/rescue/mount_cd9660
/rescue/mount_msdosfs
/rescue/mount_nfs
/rescue/mount_nullfs
/rescue/mount_udf
/rescue/mount_unionfs
/rescue/mt
/rescue/mv
/rescue/nc
/rescue/newfs
/rescue/newfs_msdos
/rescue/nos-tun
/rescue/pgrep
/rescue/ping
/rescue/ping6
/rescue/pkill
/rescue/poweroff
/rescue/ps
/rescue/pwd
/rescue/rcorder
/rescue/rdump
/rescue/realpath
/rescue/reboot
/rescue/red
/rescue/rescue
/rescue/restore
/rescue/rm
/rescue/rmdir
/rescue/route
/rescue/routed
/rescue/rrestore
/rescue/rtquery
/rescue/rtsol
/rescue/savecore
/rescue/sed
/rescue/setfacl
/rescue/sh
/rescue/shutdown
/rescue/sleep
/rescue/spppcontrol
/rescue/stty
/rescue/swapon
/rescue/sync
/rescue/sysctl
/rescue/tail
/rescue/tar
/rescue/tcsh
/rescue/tee
/rescue/test
/rescue/tunefs
/rescue/umount
/rescue/unlink
/rescue/unlzma
/rescue/unxz
/rescue/unzstd
/rescue/vi
/rescue/whoami
/rescue/xz
/rescue/xzcat
/rescue/zcat
/rescue/zdb
/rescue/zfs
/rescue/zpool
/rescue/zstd
/rescue/zstdcat
/rescue/zstdmt
/sbin/ggatec
/sbin/ipfw
/sbin/rtsol
/sbin/zpool
/usr/bin/lldb
/usr/bin/openssl
/usr/bin/zinject
/usr/bin/ztest
/usr/include/net/if_var.h
/usr/include/net80211/ieee80211_input.h
/usr/include/openssl/asn1err.h
/usr/include/openssl/evperr.h
/usr/include/openssl/opensslv.h
/usr/include/sys/filedesc.h
/usr/include/sys/jail.h
/usr/lib/debug/boot/kernel/aesni.ko.debug
/usr/lib/debug/boot/kernel/autofs.ko.debug
/usr/lib/debug/boot/kernel/kernel.debug
/usr/lib/debug/boot/kernel/linux.ko.debug
/usr/lib/debug/boot/kernel/linux64.ko.debug
/usr/lib/debug/boot/kernel/mqueuefs.ko.debug
/usr/lib/debug/boot/kernel/msdosfs.ko.debug
/usr/lib/debug/boot/kernel/pf.ko.debug
/usr/lib/debug/boot/kernel/pmspcv.ko.debug
/usr/lib/debug/boot/kernel/smbfs.ko.debug
/usr/lib/debug/boot/kernel/sysvmsg.ko.debug
/usr/lib/debug/boot/kernel/sysvsem.ko.debug
/usr/lib/debug/boot/kernel/sysvshm.ko.debug
/usr/lib/debug/boot/kernel/tmpfs.ko.debug
/usr/lib/debug/boot/kernel/vmci.ko.debug
/usr/lib/debug/boot/kernel/wlan.ko.debug
/usr/lib/debug/boot/kernel/zfs.ko.debug
/usr/lib/libcrypto.a
/usr/lib/libcrypto_p.a
/usr/lib/libfetch.a
/usr/lib/libfetch.so.6
/usr/lib/libfetch_p.a
/usr/lib/libpam.a
/usr/lib/libradius.a
/usr/lib/libradius.so.4
/usr/lib/libradius_p.a
/usr/lib/libssl.a
/usr/lib/libssl.so.111
/usr/lib/libssl_p.a
/usr/lib/libzfs.a
/usr/lib/libzfs_core.a
/usr/lib/libzfs_core_p.a
/usr/lib/libzfs_p.a
/usr/lib/libzpool.a
/usr/lib/pam_login_access.so.6
/usr/lib32/libcasper.so.1
/usr/lib32/libcrypto.a
/usr/lib32/libcrypto.so.111
/usr/lib32/libcrypto_p.a
/usr/lib32/libfetch.a
/usr/lib32/libfetch.so.6
/usr/lib32/libfetch_p.a
/usr/lib32/libpam.a
/usr/lib32/libradius.a
/usr/lib32/libradius.so.4
/usr/lib32/libradius_p.a
/usr/lib32/libssl.a
/usr/lib32/libssl.so.111
/usr/lib32/libssl_p.a
/usr/lib32/libzfs.a
/usr/lib32/libzfs.so.3
/usr/lib32/libzfs_core.a
/usr/lib32/libzfs_core.so.2
/usr/lib32/libzfs_core_p.a
/usr/lib32/libzfs_p.a
/usr/lib32/libzpool.a
/usr/lib32/libzpool.so.2
/usr/lib32/pam_login_access.so.6
/usr/sbin/bhyve
/usr/sbin/freebsd-update
/usr/sbin/hostapd
/usr/sbin/ntp-keygen
/usr/sbin/rtsold
/usr/sbin/wpa_cli
/usr/sbin/wpa_supplicant
/usr/sbin/zdb
/usr/sbin/zfsd
/usr/sbin/zhack
/usr/share/certs/trusted/ACCVRAIZ1.pem
/usr/share/certs/trusted/AC_RAIZ_FNMT-RCM.pem
/usr/share/certs/trusted/Actalis_Authentication_Root_CA.pem
/usr/share/certs/trusted/AffirmTrust_Commercial.pem
/usr/share/certs/trusted/AffirmTrust_Networking.pem
/usr/share/certs/trusted/AffirmTrust_Premium.pem
/usr/share/certs/trusted/AffirmTrust_Premium_ECC.pem
/usr/share/certs/trusted/Amazon_Root_CA_1.pem
/usr/share/certs/trusted/Amazon_Root_CA_2.pem
/usr/share/certs/trusted/Amazon_Root_CA_3.pem
/usr/share/certs/trusted/Amazon_Root_CA_4.pem
/usr/share/certs/trusted/Atos_TrustedRoot_2011.pem
/usr/share/certs/trusted/Autoridad_de_Certificacion_Firmaprofesional_CIF_A62634068.pem
/usr/share/certs/trusted/Baltimore_CyberTrust_Root.pem
/usr/share/certs/trusted/Buypass_Class_2_Root_CA.pem
/usr/share/certs/trusted/Buypass_Class_3_Root_CA.pem
/usr/share/certs/trusted/CA_Disig_Root_R2.pem
/usr/share/certs/trusted/CFCA_EV_ROOT.pem
/usr/share/certs/trusted/COMODO_Certification_Authority.pem
/usr/share/certs/trusted/COMODO_ECC_Certification_Authority.pem
/usr/share/certs/trusted/COMODO_RSA_Certification_Authority.pem
/usr/share/certs/trusted/Certigna.pem
/usr/share/certs/trusted/Certigna_Root_CA.pem
/usr/share/certs/trusted/Certum_Trusted_Network_CA.pem
/usr/share/certs/trusted/Certum_Trusted_Network_CA_2.pem
/usr/share/certs/trusted/Comodo_AAA_Services_root.pem
/usr/share/certs/trusted/Cybertrust_Global_Root.pem
/usr/share/certs/trusted/D-TRUST_Root_Class_3_CA_2_2009.pem
/usr/share/certs/trusted/D-TRUST_Root_Class_3_CA_2_EV_2009.pem
/usr/share/certs/trusted/DST_Root_CA_X3.pem
/usr/share/certs/trusted/DigiCert_Assured_ID_Root_CA.pem
/usr/share/certs/trusted/DigiCert_Assured_ID_Root_G2.pem
/usr/share/certs/trusted/DigiCert_Assured_ID_Root_G3.pem
/usr/share/certs/trusted/DigiCert_Global_Root_CA.pem
/usr/share/certs/trusted/DigiCert_Global_Root_G2.pem
/usr/share/certs/trusted/DigiCert_Global_Root_G3.pem
/usr/share/certs/trusted/DigiCert_High_Assurance_EV_Root_CA.pem
/usr/share/certs/trusted/DigiCert_Trusted_Root_G4.pem
/usr/share/certs/trusted/E-Tugra_Certification_Authority.pem
/usr/share/certs/trusted/Entrust_Root_Certification_Authority.pem
/usr/share/certs/trusted/Entrust_Root_Certification_Authority_-_EC1.pem
/usr/share/certs/trusted/Entrust_Root_Certification_Authority_-_G2.pem
/usr/share/certs/trusted/Entrust_Root_Certification_Authority_-_G4.pem
/usr/share/certs/trusted/Entrust_net_Premium_2048_Secure_Server_CA.pem
/usr/share/certs/trusted/GDCA_TrustAUTH_R5_ROOT.pem
/usr/share/certs/trusted/GTS_Root_R1.pem
/usr/share/certs/trusted/GTS_Root_R2.pem
/usr/share/certs/trusted/GTS_Root_R3.pem
/usr/share/certs/trusted/GTS_Root_R4.pem
/usr/share/certs/trusted/GlobalSign_ECC_Root_CA_-_R4.pem
/usr/share/certs/trusted/GlobalSign_ECC_Root_CA_-_R5.pem
/usr/share/certs/trusted/GlobalSign_Root_CA.pem
/usr/share/certs/trusted/GlobalSign_Root_CA_-_R2.pem
/usr/share/certs/trusted/GlobalSign_Root_CA_-_R3.pem
/usr/share/certs/trusted/GlobalSign_Root_CA_-_R6.pem
/usr/share/certs/trusted/Go_Daddy_Class_2_CA.pem
/usr/share/certs/trusted/Go_Daddy_Root_Certificate_Authority_-_G2.pem
/usr/share/certs/trusted/Hellenic_Academic_and_Research_Institutions_ECC_RootCA_2015.pem
/usr/share/certs/trusted/Hellenic_Academic_and_Research_Institutions_RootCA_2011.pem
/usr/share/certs/trusted/Hellenic_Academic_and_Research_Institutions_RootCA_2015.pem
/usr/share/certs/trusted/Hongkong_Post_Root_CA_1.pem
/usr/share/certs/trusted/Hongkong_Post_Root_CA_3.pem
/usr/share/certs/trusted/ISRG_Root_X1.pem
/usr/share/certs/trusted/IdenTrust_Commercial_Root_CA_1.pem
/usr/share/certs/trusted/IdenTrust_Public_Sector_Root_CA_1.pem
/usr/share/certs/trusted/Izenpe_com.pem
/usr/share/certs/trusted/Microsec_e-Szigno_Root_CA_2009.pem
/usr/share/certs/trusted/Microsoft_ECC_Root_Certificate_Authority_2017.pem
/usr/share/certs/trusted/Microsoft_RSA_Root_Certificate_Authority_2017.pem
/usr/share/certs/trusted/NetLock_Arany__Class_Gold__F__tan__s__tv__ny.pem
/usr/share/certs/trusted/Network_Solutions_Certificate_Authority.pem
/usr/share/certs/trusted/OISTE_WISeKey_Global_Root_GB_CA.pem
/usr/share/certs/trusted/OISTE_WISeKey_Global_Root_GC_CA.pem
/usr/share/certs/trusted/QuoVadis_Root_CA_1_G3.pem
/usr/share/certs/trusted/QuoVadis_Root_CA_2.pem
/usr/share/certs/trusted/QuoVadis_Root_CA_2_G3.pem
/usr/share/certs/trusted/QuoVadis_Root_CA_3.pem
/usr/share/certs/trusted/QuoVadis_Root_CA_3_G3.pem
/usr/share/certs/trusted/SSL_com_EV_Root_Certification_Authority_ECC.pem
/usr/share/certs/trusted/SSL_com_EV_Root_Certification_Authority_RSA_R2.pem
/usr/share/certs/trusted/SSL_com_Root_Certification_Authority_ECC.pem
/usr/share/certs/trusted/SSL_com_Root_Certification_Authority_RSA.pem
/usr/share/certs/trusted/SZAFIR_ROOT_CA2.pem
/usr/share/certs/trusted/SecureSign_RootCA11.pem
/usr/share/certs/trusted/SecureTrust_CA.pem
/usr/share/certs/trusted/Secure_Global_CA.pem
/usr/share/certs/trusted/Security_Communication_RootCA2.pem
/usr/share/certs/trusted/Security_Communication_Root_CA.pem
/usr/share/certs/trusted/Staat_der_Nederlanden_EV_Root_CA.pem
/usr/share/certs/trusted/Starfield_Class_2_CA.pem
/usr/share/certs/trusted/Starfield_Root_Certificate_Authority_-_G2.pem
/usr/share/certs/trusted/Starfield_Services_Root_Certificate_Authority_-_G2.pem
/usr/share/certs/trusted/SwissSign_Gold_CA_-_G2.pem
/usr/share/certs/trusted/SwissSign_Silver_CA_-_G2.pem
/usr/share/certs/trusted/T-TeleSec_GlobalRoot_Class_2.pem
/usr/share/certs/trusted/T-TeleSec_GlobalRoot_Class_3.pem
/usr/share/certs/trusted/TUBITAK_Kamu_SM_SSL_Kok_Sertifikasi_-_Surum_1.pem
/usr/share/certs/trusted/TWCA_Global_Root_CA.pem
/usr/share/certs/trusted/TWCA_Root_Certification_Authority.pem
/usr/share/certs/trusted/TeliaSonera_Root_CA_v1.pem
/usr/share/certs/trusted/TrustCor_ECA-1.pem
/usr/share/certs/trusted/TrustCor_RootCert_CA-1.pem
/usr/share/certs/trusted/TrustCor_RootCert_CA-2.pem
/usr/share/certs/trusted/Trustwave_Global_Certification_Authority.pem
/usr/share/certs/trusted/Trustwave_Global_ECC_P256_Certification_Authority.pem
/usr/share/certs/trusted/Trustwave_Global_ECC_P384_Certification_Authority.pem
/usr/share/certs/trusted/UCA_Extended_Validation_Root.pem
/usr/share/certs/trusted/UCA_Global_G2_Root.pem
/usr/share/certs/trusted/USERTrust_ECC_Certification_Authority.pem
/usr/share/certs/trusted/USERTrust_RSA_Certification_Authority.pem
/usr/share/certs/trusted/XRamp_Global_CA_Root.pem
/usr/share/certs/trusted/certSIGN_ROOT_CA.pem
/usr/share/certs/trusted/certSIGN_Root_CA_G2.pem
/usr/share/certs/trusted/e-Szigno_Root_CA_2017.pem
/usr/share/certs/trusted/ePKI_Root_Certification_Authority.pem
/usr/share/certs/trusted/emSign_ECC_Root_CA_-_C3.pem
/usr/share/certs/trusted/emSign_ECC_Root_CA_-_G3.pem
/usr/share/certs/trusted/emSign_Root_CA_-_C1.pem
/usr/share/certs/trusted/emSign_Root_CA_-_G1.pem
/usr/share/man/man2/jail.2.gz
/usr/share/man/man2/jail_attach.2.gz
/usr/share/man/man2/jail_get.2.gz
/usr/share/man/man2/jail_remove.2.gz
/usr/share/man/man2/jail_set.2.gz
/usr/share/zoneinfo/Africa/Accra
<SNIP>
/usr/share/zoneinfo/Portugal
/usr/share/zoneinfo/zone.tab
/usr/share/zoneinfo/zone1970.tab

WARNING: FreeBSD 12.2-RELEASE HAS PASSED ITS END-OF-LIFE DATE.
Any security issues discovered after Wed Mar 30 20:00:00 EDT 2022
will not have been corrected.

Then I did a quick check before the patch install. But note the uname I posted in the OP was from that time of posting, after these patches were installed.

# uname -a
FreeBSD raid.home 12.2-RELEASE FreeBSD 12.2-RELEASE r366954 GENERIC  amd64

# freebsd-update install
src component not installed, skipped
Installing updates...Scanning //usr/share/certs/blacklisted for certificates...
Scanning //usr/share/certs/trusted for certificates...
Scanning //usr/local/share/certs for certificates...
 done.

 

[WiiGame]

ALSO, I had some time try and work through some of this last night (things like: I don't have git or svn, I can't install anything new from pkg, so I downloaded a .IMG put it on a stick, mounted, and extracted /usr/src into my empty, existing /usr/src, etc.).

Anyway, I read through the intervening release notes and found that crossing into v13 changes the underlying ZFS.
I run this server pretty much 100% because of ZFS (but not booting from ZFS).

I was just going to offline (export) my ZFS volumes, upgrade, and bring them back, but this detail made me want to make double-sure I had the most recent backups I could get (one of them is still running now from last night).

However, I have never upgraded ZFS (zpool upgrade) since I initially built the volumes years ago. So I always see "Enable all features using 'zpool upgrade' " but never did it. I'm usually a "ain't broke: don't fix it" kind of guy.

My concern is whether the existing ZFS version matters when crossing the v13 barrier. I don't want to get myself into a similar "old version" situation where "no one thought someone would still have such an old ZFS version so we didn't know THAT would happen." At least not if upgrading the ZFS version now on a pre-13 OS would help before I upgrade anything else.

 

[WiiGame]

Now I have to correct something. Writing all this up, and the "other issues," and reading as not patched, etc., made me suspicious. Then tonight I found that the system had mysteriously lost its default gateway (again ... when I know it still had it somewhat recently)..

I needed to reboot. (ok, duh) I hadn't done so for a while. And often whenever I'm available, it's needed to be up by others, blah-blah-blah. Nor did I reboot after the last fetch/install above.

A reboot gave me...

uname -a
FreeBSD xxxx.xxx 12.2-RELEASE-p14 FreeBSD 12.2-RELEASE-p14 GENERIC  amd64

But the previous fetch referred to p15, so I repeated that patch process. And rebooted.
But the uname info didn't change (no p15).

So, through all this, now I'm hopeful that freebsd-update will work this time.

But I would like some opinion(s) on the ZFS version thing in my previous comment before I decide how to proceed (ZFS updates first? maybe I'll just stop at 13.2 for now, esp. knowing that 13.3 contains a recent ZFS upgrade).

 

[SirDice]

But the uname info didn't change (no p15).

Use freebsd-version(1) instead, look at freebsd-version -urk for example. If I recall correctly p15 was a userland patch only, so the kernel wasn't updated, hence it still shows p14.

 

[vermaden]

@WiiGame

I would install new ZFS BE alongside instead and copy the configs over:

Other FreeBSD Version in ZFS Boot Environment

The first FreeBSD 12.3-PRERELEASE snapshots are finally available. This means we can try them in a new ZFS Boot Environment without touching out currently running 13.0-RELEASE system. We can not ta…

vermaden.wordpress.com

 

[SirDice]

But I would like some opinion(s) on the ZFS version thing in my previous comment before I decide how to proceed (ZFS updates first? maybe I'll just stop at 13.2 for now, esp. knowing that 13.3 contains a recent ZFS upgrade).

There is no immediate need or requirement to upgrade your pools. We'll get to that once you've upgraded the system successfully.

 

[Crivens]

BEFORE you upgrade the zpool, update the boot loaders.
Don't ask me why I say this, it just crossed my mind for no reason AT ALL...

 

[T-Aoki]

BEFORE you upgrade the zpool, update the boot loaders.
Don't ask me why I say this, it just crossed my mind for no reason AT ALL...

Bootcodes SHALL BE AT WORST THE SAME VERSION AS UPFRADED POOL.
Newer bootcodes are always OK for ZFS. For example, if you upgrade base from 12.4 to 13.3 and upgrade ZFS pool, too, bootcodes of latest main (aka -current), 14.0 and 13.3 can boot from the pool but bootcode of 12.4 is no longer assured to boot. So as (even) 13.2, usually OK, though.

A bit of details:
Upgrading ZFS pool causes new features enabled.
If all of the newly-enabled features are read-compatible (ZFS codes, including boot codes, can be read all datasets sanely regardless the feature is used or not), old boot codes can sanely boot from the upgraded pool. But this situation is quite rare, almost never.

Usually, newly-enabled features include read-incompatible ones.
This means once any write access are done after upgrading the pool, old ZFS codes no longer possible to even read from the pool saney.
If you are miraclly lucky, newly written data cannot be read, but not yet modified data can be read. But if the written data is ones mandatory for boot, you cannot boot anymore by old bootcodes.

 

[WiiGame]

I see lots of recent mentions of boot codes, loaders, and environments. I understand only the 100km view of that.

I'm not booting from ZFS (I guess I buried that in my initial ZFS post above).
I designed this server to explicitly avoid ZFS booting ("K.I.S.S." design).

With that said, if those boot-related comments are still relevant to my case because I'm completely missing something, please reply to point out that I'm not understanding. I do appreciate the offerings, in any case.

In all honesty, I'm booting from a UFS install on a 16GB Sandisk stick that hangs out the back.

Right now, I'm just trying to find some dedicated time to be able to do a proper major upgrade (relatively) uninterrupted.

 

[SirDice]

With that said, if those boot-related comments are still relevant to my case because I'm completely missing something,

Updating the bootcode is pretty much mandatory if you upgrade the pool you are booting from. The system would fail to boot if the boot code doesn't understand the newer ZFS versions. But you're not booting from ZFS so this isn't an issue. Still a good idea to update the bootcode every once in a while, it does get bug fixes and other improvements over time.

For now I would just focus on upgrading the system itself, you can deal with the bootcode once everything is working with the new version.

 

[T-Aoki]

Even if you are NOT booting from ZFS pool, you should required to have zfs.ko in /boot/loader.conf[.local] if you want the pool auto-imported stably on boot (via rc.d scripts). So assuming you have zfs_load="YES" in your /boot/loader.conf[.local].

The kernel and in-tree modules are becoming larger and larger on each upgrade.
And the staging area of loader for pre-loading kernel and modules is limited.
So even if you can boot currently with most of modules you need at runtime in your /boot/loader.conf[.local] , it is NOT promissing to boot after upgrade.
Keep in mind modules to be loaded in /boot/loader.conf[.local] being bare minimum, fundamental to boot base system ones only. All others should be moved into kld_list variable in /etc/rc.conf[.local].
Some users who were loading GPU drivers in /boot/loader.conf[.local] seem to be bitten by it (depends on which GPU you are using, though). So you should better doing it BEFORE UPGRADING.

And one more.
If you are not familiar with vi(1) and you haven't set EDITOR environment variable for root, set it to ee(1), or learn minimum usage of vi(1) before upgrading. If you are setting editors from ports to EDITOR environmen variable for root, you should temporarily change it to ee(1) or vi(1).
This is because there can be conflicts on auto-merging /etc and program specified in EDITOR environ variable for root would be invoked (default is vi(1)) to fix conflicts.
On upgrading, there are risks that editors from ports doesn't work, and worse, if GUI editors are set, it wouldn't work when invoked outside GUI enviroments.
You should learn about 3-way-diffs before upgrading not to panic on conflicts. See, for example, this thread. There are more threads.

 

[vermaden]

I see lots of recent mentions of boot codes, loaders, and environments. I understand only the 100km view of that.

I'm not booting from ZFS (I guess I buried that in my initial ZFS post above).
I designed this server to explicitly avoid ZFS booting ("K.I.S.S." design).

With that said, if those boot-related comments are still relevant to my case because I'm completely missing something, please reply to point out that I'm not understanding. I do appreciate the offerings, in any case.

In all honesty, I'm booting from a UFS install on a 16GB Sandisk stick that hangs out the back.

Right now, I'm just trying to find some dedicated time to be able to do a proper major upgrade (relatively) uninterrupted.

Trying to 'force KISS' you just made it a lot harder

You would have TONS of options with ZFS but You have very limited options with UFS only.

 

[grahamperrin]

… maybe I'll just stop at 13.2 for now, esp. knowing that 13.3 contains a recent ZFS upgrade).

Go for 13.2, or 14.0.

Read each set of release notes (don't skip notes for 13.0, 13.1 and so on).

FreeBSD bug 277717 – kernel using 100% CPU in arc_prune in 13.3 (discussion).

I suspect that too few people tested stable/13 and prerelease versions of 13.3.

Postscript​

14.0 struck through, considering 275594 – High CPU usage by arc_prune; analysis and fix.

(Did too few people test 14.0 before release? I don't know, I paid relatively little attention, I'm on 15.0.)

 

[grahamperrin]

Upgrading should be possible from 9.x to 14.0 in one go. Don't recommend such a big step but it is technically possible.

to not recommending oversteps that I would never expect re@ to test

12.3-RELEASE-p12 to 14.0-RELEASE-p6 presents a problem, as expected.

IIRC there's not an easy way out of what's pictured, but I'll proceed, for giggles. Expect rollback failure, at least.

---

Complainers, please, before you start: no complaints about posting a screenshot. I'll not waste my time interrupting what's pictured to use termbin.com etc.

Peace

 

[WiiGame]

FYI: I successfully upgraded to 13.2-REL
and everything seems to be working well.

Any other follow-on advice for this one?

Otherwise, I'll just work with what's already in this thread.

And a big THANK YOU to everyone who helped me through this.

The final, summarized story appears to be:

• man moves and is neglectful of his software (naughty man!)
• man has unnoticed networking/DNS/domain issues befall him due to move
• man finally attempts to upgrade software (only when backed into a corner)
• software upgrade fails and tells man the reason is: it's unsupported; also, alternatives aren't working ("it's too late!" drama!)
• man seeks assistance from community
• community tells man this actually is supported
• man has hope again (inspiring!)
• community guides man (heartwarming, teachable moments montage)
  • meanwhile, man separately works out his domain issues (off-screen)
• man successfully performs completed upgrade (climax)
• man and software live happily ever after (denouement)
• ...
• ... until ... the next time naughty man who "never learns" neglects his software (post-credits teaser for potential 2nd episode)

 

[SirDice]

Any other follow-on advice for this one?

Yes, 'man' is going to need to upgrade to 13.3 some time soon

FreeBSD 13.2 will be end-of-life at the end of June 2024. But you seem to have managed the previous upgrades successfully, so this next one shouldn't be a problem for you.