Dear FreeBSD colleagues
please could you help how to solve the following issue with bastille update. I run FreeBSD jails on several servers, which I manage using the bastille tool. Unfortunately, I am unable to update these running jails to a higher version. I always use thick jails. When I follow the documentation https://bastille.readthedocs.io/en/latest/chapters/upgrading.html#thick-jails , the update is performed, but the jail remains at the original version.
Documentation procedure
Result - the update did not work - the jail remains on the original version 14.2-RELEASE-p1 instead of 14.3-RELEASE.
please could you help how to solve the following issue with bastille update. I run FreeBSD jails on several servers, which I manage using the bastille tool. Unfortunately, I am unable to update these running jails to a higher version. I always use thick jails. When I follow the documentation https://bastille.readthedocs.io/en/latest/chapters/upgrading.html#thick-jails , the update is performed, but the jail remains at the original version.
Documentation procedure
- Use bastille upgrade TARGET 13.2-RELEASE to upgrade the jail to 13.2-RELEASE
- Use bastille upgrade TARGET 13.2-RELEASE update to apply the updates
- Reboot the jail bastille restart TARGET
- Use bastille upgrade TARGET 13.2-RELEASE update to finish applying the upgrade
- Upgrade complete!
Bash:
### Host version - where all jails are running
# freebsd-version
14.3-RELEASE-p2
### Check version
# pkg info | grep bastille
bastille-0.14.20250420 Jail automation framework
### Update bootstrap
# bastille bootstrap 14.3-RELEASE update
Bootstrapping FreeBSD distfiles...
Bootstrap appears complete.
Bootstrap successful.
See 'bastille --help' for available commands.
src component not installed, skipped
Looking up update.FreeBSD.org mirrors... 3 mirrors found.
Fetching metadata signature for 14.3-RELEASE from update1.freebsd.org... done.
Fetching metadata index... done.
Inspecting system...
### List jails
# bastille list -a
JID Boot Prio State IP Address Published Ports Hostname Release Path
2 on 99 Up 10.0.0.2/24- server01 14.2-RELEASE-p1 /usr/local/bastille/jails/server01/root
Bash:
### STEP 1
# bastille upgrade server01 14.3-RELEASE
src component not installed, skipped
Looking up update.FreeBSD.org mirrors... 3 mirrors found.
Fetching metadata signature for 14.2-RELEASE from update2.freebsd.org... done.
Fetching metadata index... done.
Fetching 1 metadata patches. done.
Applying metadata patches... done.
Fetching 1 metadata files... done.
Inspecting system... done.
The following components of FreeBSD seem to be installed:
kernel/generic world/base
The following components of FreeBSD do not seem to be installed:
kernel/generic-dbg world/base-dbg world/lib32 world/lib32-dbg
Does this look reasonable (y/n)? y
Fetching metadata signature for 14.3-RELEASE from update2.freebsd.org... done.
Fetching metadata index... done.
Fetching 1 metadata patches. done.
Applying metadata patches... done.
Fetching 1 metadata files... done.
Inspecting system... done.
Fetching files from 14.2-RELEASE for merging... done.
Preparing to download files... done.
Fetching 2379 patches.....10....20....30....40....50....60....70....80....90....100....110....120....130....140....150....160....170....180....190....200....210....220....230....240....250....260....270....280.
...290....300....310....320....330....340....350....360....370....380....390....400....410....420....430....440....450....460....470....480....490....500....510....520....530....540....550....560....570....580....590....600....610....620....630....640....650....660....670....680....690....700....710....720....730....740....750....760....770....780....790....800....810....820....830....840....850....860....870....880....890....900....910....920....930....940....950....960....970....980....990....1000....1010....1020....1030....1040....1050....1060....1070....1080....1090....1100....1110....1120....1130....1140....1150....1160....1170....1180....1190....1200....1210....1220....1230....1240....1250....1260....1270....1280....1290....1300....1310....1320....1330....1340....1350....1360....1370....1380....1390....1400....1410....1420
....1430....1440....1450....1460....1470....1480....1490....1500....1510....1520....1530....1540....1550....1560....1570....1580....1590....1600....1610....1620....1630....1640....1650....1660....1670....1680....1690....1700....1710....1720....1730....1740....1750....1760....1770....1780....1790....1800....1810....1820....1830....1840....1850....1860....1870....1880....1890....1900....1910....1920....1930....1940....1950....1960....1970....1980....1990....2000....2010....2020....2030....2040....2050....2060....2070....2080....2090....2100....2110....2120....2130....2140....2150....2160....2170....2180....2190....2200....2210....2220....2230....2240....2250....2260....2270....2280....2290....2300....2310....2320....2330....2340....2350....2360....2370.... done.
Applying patches... done.
Fetching 190 files... ....10....20....30....40....50....60....70....80....90....100....110....120....130....140....150....160....170....180....190 done.
Attempting to automatically merge changes in files... done.
The following changes, which occurred between FreeBSD 14.2-RELEASE and
FreeBSD 14.3-RELEASE have been merged into /etc/ssh/sshd_config:
--- current version
+++ new version
@@ -103,11 +103,11 @@
#PidFile /var/run/sshd.pid
#MaxStartups 10:30:100
#PermitTunnel no
#ChrootDirectory none
#UseBlacklist no
-#VersionAddendum FreeBSD-20240806
+#VersionAddendum FreeBSD-20250219
# no default banner path
#Banner none
# override default of no subsystems
Does this look reasonable (y/n)?
--- ommit ---
/var/db/etcupdate/current/etc/rc.d/iovctl
/var/db/etcupdate/current/etc/rc.d/ipfilter
/var/db/etcupdate/current/etc/rc.d/kld
/var/db/etcupdate/current/etc/rc.d/sendmail
/var/db/etcupdate/current/etc/rc.d/var_run
/var/db/etcupdate/current/etc/regdomain.xml
/var/db/etcupdate/current/etc/services
/var/db/etcupdate/current/etc/ssh/moduli
/var/db/etcupdate/current/etc/ssh/sshd_config
/var/db/mergemaster.mtree
/var/db/services.db
To install the downloaded upgrades, run 'freebsd-update [options] install'.
Please run 'bastille upgrade server01 install', restart the jail, then run 'bastille upgrade server01 install' again to finish installing updates.
Bash:
### STEP 2
# bastille upgrade server01 14.3-RELEASE update
src component not installed, skipped
Looking up update.FreeBSD.org mirrors... 3 mirrors found.
Fetching metadata signature for 14.2-RELEASE from update1.freebsd.org... done.
Fetching metadata index... done.
Fetching 1 metadata patches. done.
Applying metadata patches... done.
Fetching 1 metadata files... done.
Inspecting system... done.
The following components of FreeBSD seem to be installed:
kernel/generic world/base
The following components of FreeBSD do not seem to be installed:
kernel/generic-dbg world/base-dbg world/lib32 world/lib32-dbg
Does this look reasonable (y/n)? y
Fetching metadata signature for 14.3-RELEASE from update1.freebsd.org... done.
Fetching metadata index... done.
Fetching 1 metadata patches. done.
Applying metadata patches... done.
Fetching 1 metadata files... done.
Inspecting system... done.
Fetching files from 14.2-RELEASE for merging... done.
Preparing to download files... done.
Attempting to automatically merge changes in files... done.
The following changes, which occurred between FreeBSD 14.2-RELEASE and
FreeBSD 14.3-RELEASE have been merged into /etc/ssh/sshd_config:
--- current version
+++ new version
@@ -103,11 +103,11 @@
#PidFile /var/run/sshd.pid
#MaxStartups 10:30:100
#PermitTunnel no
#ChrootDirectory none
#UseBlacklist no
-#VersionAddendum FreeBSD-20240806
+#VersionAddendum FreeBSD-20250219
# no default banner path
#Banner none
# override default of no subsystems
Does this look reasonable (y/n)?
y
--- ommit ---
/var/db/etcupdate/current/etc/rc.d/kld
/var/db/etcupdate/current/etc/rc.d/sendmail
/var/db/etcupdate/current/etc/rc.d/var_run
/var/db/etcupdate/current/etc/regdomain.xml
/var/db/etcupdate/current/etc/services
/var/db/etcupdate/current/etc/ssh/moduli
/var/db/etcupdate/current/etc/ssh/sshd_config
/var/db/mergemaster.mtree
/var/db/services.db
To install the downloaded upgrades, run 'freebsd-update [options] install'.
Please run 'bastille upgrade server01 install', restart the jail, then run 'bastille upgrade server01 install' again to finish installing updates.
Bash:
### STEP 3
# bastille restart server01
[server01]:
pfctl: /dev/pf: No such file or directory
rdr-anchor not found in pf.conf
server01: removed
pfctl: /dev/pf: No such file or directory
[server01]:
server01: created
Bash:
### STEP 4
# bastille upgrade server01 14.3-RELEASE update
--- ommit ---
/var/db/etcupdate/current/etc/rc.d/sendmail
/var/db/etcupdate/current/etc/rc.d/var_run
/var/db/etcupdate/current/etc/regdomain.xml
/var/db/etcupdate/current/etc/services
/var/db/etcupdate/current/etc/ssh/moduli
/var/db/etcupdate/current/etc/ssh/sshd_config
/var/db/mergemaster.mtree
/var/db/services.db
To install the downloaded upgrades, run 'freebsd-update [options] install'.
Please run 'bastille upgrade server01 install', restart the jail, then run 'bastille upgrade server01 install' again to finish installing updates.
Bash:
### Result - the update did not work - the jail remains on the original version 14.2-RELEASE-p1 instead of 14.3-RELEASE.
# bastille list -a
JID Boot Prio State IP Address Published Ports Hostname Release Path
2 on 99 Up 10.0.0.2/24 - server01 14.2-RELEASE-p1 /usr/local/bastille/jails/server01/root
# bastille console server01
[server01]:
root@server01:~ # freebsd-version
14.2-RELEASE-p1Result - the update did not work - the jail remains on the original version 14.2-RELEASE-p1 instead of 14.3-RELEASE.
