freebsd-update and bind(9.11.1-p3)

Hello all,

I built a custom kernel with TCP_FASTOPEN for Bind and am wondering why freebsd-update fetch is showing kernel updates for Generic.

Here are my steps for custom kernel:
Code:
cd /usr/src/sys/amd64/conf
cp GENERIC TCPOPEN
mv TCPOPEN /root/kernels/TCPOPEN
ln -s /root/kernels/TCPOPEN
cd /root/kernels/

===================================
vi TCPOPEN

# TFO TCP Fast Open TCP_FASTOPEN
options         TCP_RFC7413
===================================

cd /usr/src
make buildkernel KERNCONF=TCPOPEN
make installkernel KERNCONF=TCPOPEN

FreeBSD Info:
Code:
The following files will be updated as part of updating to 11.1-RELEASE-p1:
/boot/kernel/kernel
/boot/kernel/pf.ko
/usr/lib/debug/boot/kernel/kernel.debug
/usr/lib/debug/boot/kernel/pf.ko.debug


root@vmhost:/usr/src/sys/amd64/conf # uname -a
FreeBSD vmhost 11.1-RELEASE-p1 FreeBSD 11.1-RELEASE-p1 #1: Mon Aug 21 02:31:07 CDT 2017     root@vmhost:/usr/obj/usr/src/sys/TCPOPEN  amd64
 
Probably because you didn't tell it to ignore the kernel through /etc/freebsd-update.conf. See also freebsd-update.conf(5), in specific the Components section.

That seemed to have done the trick.

Code:
# Components of the base system which should be kept updated.
# Components src world kernel
Components src world

Code:
root@vmhost:~ # freebsd-update fetch
Looking up update.FreeBSD.org mirrors... 4 mirrors found.
Fetching metadata signature for 11.1-RELEASE from update3.freebsd.org... done.
Fetching metadata index... done.
Inspecting system... done.
Preparing to download files... done.

No updates needed to update system to 11.1-RELEASE-p1.

Also, I searched the forum for freebsd-udpate.conf and another user already asked my question and my next question was also answered in the thread.
https://forums.freebsd.org/threads/55564/


Thank you!
 
After a bit more reading I think this may be a better approach.

I added kernel back to /etc/freebsd-update.conf
Code:
# Components of the base system which should be kept updated.
Components src world kernel

And in the same file uncommented
Code:
# When installing a new kernel perform a backup of the old one first
# so it is possible to boot the old kernel in case of problems.
BackupKernel yes

# If BackupKernel is enabled, the backup kernel is saved to this
# directory.
BackupKernelDir /boot/kernel.old

Created an /etc/src.conf
Code:
root@vmhost:~ # cat /etc/src.conf
## FreeBSD source build configuration

.if ${KERNCONF} == "TCPOPEN"
INSTKERNNAME = TCPOPEN
.endif

Added to /boot/loader.conf
Code:
root@vmhost:~ # cat /boot/loader.conf
kernels="TCPOPEN kernel TCPOPEN.old kernel.old"
kernel="TCPOPEN"

Ran freebsd-update fetch install, which installed the kernel updates.

Rebuilt my custom TCPOPEN kernel using the notes in the first thread.

Rebooted and the custom kernel is in use and freebsd-update fetch does not report any needed kernel updates, as it did before.

Hopefully I am not forgetting any steps....


Thanks again for the pointers!


-Jeff Carpio
 
I was so annoyed by the 9.11 requirements that I went back to 9.10. I suppose when 9.10 goes EOL, I'll have deja-vu on the fixes required to get 9.11 working all over again!
 
I am not sure of the upgrade requirements from 9.10 -> 9.11, but the funny thing is in a previous life my entire network was FreeBSD based and then I moved over to OpenBSD. I have had no real problems, since the switch, but really missed using jails.

I decided to build a new FreeBSD box and slowly migrate / convert all of the services into jails. All is running well it was just this freebsd-update fetch requesting to install a kernel each time that was nagging at me... hopefully this is now in the past and I can just let the box hum along.

OpenBSD VMMs are really nice but FreeBSD jails 'seem' a bit more resource friendly.
 
Code:
FreeBSD myserver 11.1-RELEASE-p6 FreeBSD 11.1-RELEASE-p6 #3: Wed Feb 14 05:28:12 -05 2018     root@mydomain:/usr/obj/usr/src/sys/TCPOPEN  amd64
bind911-9.11.2P1_3             BIND DNS suite with updated DNSSEC and DNS64

I did:

Code:
# Components src world kernel
Components src world

But negative, I still to rebuild the kernel once when will be update, can anyone explain more about?
 
Back
Top