Solved How to update a jail /etc with etcupdate?

HL1234

HL1234

How do I update configuration files in a jail ../etc with etcupdate ?
I have nothing found in the handbook, either in the Updating nor in the Jails chapter.

The jail has no /usr/src/..., so I think I should do it on the host.
But what happens with the ../current and the /old folder from /var/db/etcupdate ? Will they get overwrite?

Could this working?
etcupdate -B -D /usr/local/jails/jail1/etc -d /var/db/etcupdate-jail1

This is my first upgrade for the jails. Should I do first a etcupdate bootstrap for the jails?
Must I create /var/db/etcupdate-jail1/current/...old files from jail1... ?
 
You must provide the path of the sources with the -s option (in your case the default is ok if jails have the same FreeBSD version than the host). You do not need to create any dir, I think.

Why don't you use each jail for the working dir? I mean -d /usr/local/jails/jail1/var/db/etcupdate

For my jails, I use jexec but they have access to their sources on /usr/src (a nullfs mount, in fact).

On each jail, I run:
Code: 
etcupdate diff
etcupdate
etcupdate resolve
 
Emrion said:
Why don't you use each jail for the working dir? I mean -d /usr/local/jails/jail1/var/db/etcupdate
Click to expand...
In the jails there is no var/db/etcupdate.
My jails have no access to the sources on /usr/src

So my question keeps unanswered.
 
HL1234 said:
So my question keeps unanswered.
Click to expand...
Hem...

Well, if you have /var/db in your jails, etcupdate will create /var/db/etcupdate. But, you need first to run an etcupdate extract for each jail before to proceed. This creates the current tree it needs.

Edit: I don't know if it will work because the config files of your jails come from a precedent version. Here you create the tree for the host version... Maybe a better procedure is to download the sources of this precedent version somewhere and etcupdate extract your jails with that thanks to the -s option, then etcupdate your jails with the sources of your host.
 
HL1234 said:
In the jails there is no var/db/etcupdate.
My jails have no access to the sources on /usr/src

So my question keeps unanswered.
Click to expand...
You should create tarball by
Code: 
etcupdate build files.tar.bz2
on host machine. And then copy files.tar.bz2 into the jail and
Code: 
etcupdate -t /path/files.tar.bz2
on the jail.
 
What have I done until now:

% cd /var/db
% cpdup -d -I etcupdate etcupdate-jail1 ............. #cpdup is from ports - mirror filesystems
# I delete all files and subdirectory content in current and old, etc... in /var/db/etcupdate-jail1

# Fetching the FreeBSD 13.1 - my last before 14.0
% cd /usr
% mkdir src-13_1
% cd src-13_1
% git clone --branch releng/13.1 --depth 1 https://git.FreeBSD.org/src.git /usr/src-13_1

# Then I do Bootstrapping with this command
% etcupdate extract -d /var/db/etcupdate-jail1 -s /usr/src-13_1

# that has worked
# save it
% cpdup -d -I etcupdate-jail1 etcupdate-jail1-240229

Explantation:
I have a Thin Jail construction, i.e
/usr/local/jails/jail-server/ # with the FreeBSD OS but without "etc root tmp usr/local var"
/usr/local/jails/jail-skelection/ # with etc root tmp usr/local var
/usr/local/jails/jail1/ # empty

jail-server and jail-skelection will mounted nullfs in jail1 when the jail starts. For Updates all mounted "rw"
That is configuriged in /etc/jail.conf and /etc/fstab.jail1

I started the jail1.
/usr/local/jails/jail1/ has now all the files.

And then I do:
% etcupdate -B -D /usr/local/jails/jail1/etc -d /var/db/etcupdate-jail1
............ -B ............... - Do not build generated files in a private object tree.
............ -D -destdir - Specify an alternate destination directory
.................................... The default destination directory is an empty string which results
.................................... in merges updating /etc on the local machine.
............ -d -workdir - Specify an alternate directory... then "<destdir>/var/db/etcupdate"

# it does something...
# now in ../etcupdate-jail1/old are the files from ../etcupdate-jail1/current
# in /etcupdate-jail1/current are the new tree build from /usr/src (the default source)

But catastrophe!
After stoping the jail. In /usr/local/jails/jail-skelection/etc are mostly not new files, especially I can see this in
/usr/local/jails/jail-skelection/etc/rc.d - nothing changed here ???
And there are /jail-skelection/etc/etc with a rc.d directory and 6 new files, and so on...

Conclusion: etcupdate can not work with that jail construct - or what have I done wrong?
 
Well... It's deeply inspired by the handbook, isn't it? As I already said to some people, it's complex and I don't see how this can work, especially for upgrade. Each jail should have its own /etc and such. Among other things, they must also have their own etcupdate tree.

I used ezjail for long but major upgrades wasn't designed and minor ones were a pain. So, I wrote my own framework with these ideas: thin jail and updates / upgrades must be flawless.

In conclusion, I can't help you more on this jail construct.
 
HL1234 said:
... see above

I started the jail1.
/usr/local/jails/jail1/ has now all the files.

And then I do:
% etcupdate -B -D /usr/local/jails/jail1/etc -d /var/db/etcupdate-jail1
............ -B ............... - Do not build generated files in a private object tree.
............ -D -destdir - Specify an alternate destination directory
.................................... The default destination directory is an empty string which results
.................................... in merges updating /etc on the local machine.
............ -d -workdir - Specify an alternate directory... then "<destdir>/var/db/etcupdate"
..
Conclusion: etcupdate can not work with that jail construct - or what have I done wrong?
Click to expand...
I found what has going wrong. It depend with the man description from etcupdate(). The description is misleading.
-D -destdir - The default destination directory is an empty string which results in merges updating /etc on the local machine.
Click to expand...
The default destination directory is not /etc but only / .


I started the jail1.
/usr/local/jails/jail1/ has now all the files.
% etcupdate -B -D /usr/local/jails/jail1/ -d /var/db/etcupdate-jail1
Click to expand...
worked.
I found this via google in https://man.netbsd.org/NetBSD-9.3/etcupdate.8
 
I see... Glad you solved this problem, but... Warnings: the page you pointed out is a NetBSD page, not a FreeBSD one. You have the same here: etcupdate(8). And also, I won't keep the jail system you have.

Having the ectupdate tree at a non-standard place isn't a good idea. It's something that may bite you later.
 
You must log in or register to reply here.
Back
Top