EZJAIL Update

[z662]

I have a few outdated jails on my system that I would like to update. I wanted to know a couple of things, as it has been some time since I have updated these jails.

I have have updated my source tree on the host system via cvsup and by following this tutorial: http://www.cyberciti.biz/faq/freebsd-cvsup-update-system-applications/ but did not do a [cmd=]make buildworld[/cmd] I did not do this because I use freebsd-update to patch my system, and I did not want to have to go through the painful and lengthy process of doing an entire build from world. That being said, is simply updating the source in /usr/src enough to then do a [cmd=]make buildworld[/cmd] and point it to the jails as a destination directory? I thought this was possible, but when I tried that via this tutorial: http://www.cyberciti.biz/faq/how-to-upgrade-freebsd-jail-vps/ I got some compilation errors, some of which involving the failure to find certain files it needed.

I will be happy to provide additional output, but wanted to post that initial question and see where the conversation takes us since it will dictate my next steps.

Thanks in advance.

 

[fbsd1]

Yep, that rule that the host and jail have to be at same base release level is a real pain for jails. I use qjail because you can run the update -b option to clone the basejail with the hosts running system files or install the qjail environment creating the basejail from the host's running system files. The package system is out of date, install the port version.

 

[Beeblebrox]

In ezjail(7)() find the section titled "From Source Installation and Update" to view a complete set of update options. Some examples from the section:

ezjail-admin update -u
Update the base jail to the next release using freebsd-update(8) (i.e. using binary packages). This may be used only to update an existing installation.

If you want to use pre-compiled binaries, the above command should

fetch the binaries from FreeBSD FTP server. If the host is not running a -RELEASE version, you will be asked for the release to install. Neither the man pages nor the source nor the ports tree are installed. Note that the FreeBSD FTP server is sometimes so busy the download times out. Use the -h host option to specify a less loaded server, or the ``$ezjail_ftphost'' option in ezjail.conf(8)

If you want to use buildworld, read about the necessary settings in the handbook section as there are a significant number of options to configure.

 

[z662]

Beeblebrox, I have run that command after ensuring the host system is fully up to date, and it appeared to work initially. Showed the long list of files that were going to be updated etc, I hit enter, it said "Installing Updates" and then came back with this:

install: /usr/jails/basejail//usr/src/lib/libc/gen/libc_dlopen.c: No such file or directory
 done.

Not sure where to go from here... It appears that there are no files in the base jails 'usr/src'. I just copied the host system files into there would that fix it? Or did I still need to do a buildworld?


@FBSD1 I will do that as a last resort, I would prefer to keep my ezjail implementation if possible.

 

[z662]

I think I got it working.

I copied all sources from the host system into the basejail src location, ran the update command above, and it completed without error. So just to confirm, did that actually update ALL my jails automatically, or just the basejail and now I need to apply those changes to each jail? It appears that it carried over to the other jails based on the results of uname -a but I would just like to confirm that. Similarly I ran the above command ezjail-admin update -u but specified '-P' for ports and it looks like it did the same with the ports. Please let me know if that's all I needed to do and now my jails are good to go or if that is just the basejail that is fully patched now.

Thanks!

 

[dvl@]

My guess: it updated ONLY the basejail, however, this will affect all the jails.

 

[mlager]

I think one common thing people forget about with jail is updating /etc using mergemaster. If all you do is install your host's source into the jail, your config files can get out of sync. I mount /usr/src on the host as a read-only mountpoint in the jail and then run a mergemaster -iFU in each jail.