Solved How to properly update a system

[tOsYZYny]

EDIT:

Since I have a custom kernel, then my /etc/freebsd-update.conf should look like:

Components src world

Then, I should also do a git pull on the kernel source, and if there are any updates, run make buildkernel and installkernel?

 

[tOsYZYny]

I have been using my scripts now for quite a while and they seem to work well for the most part. Essentially, every night, the process is:

1. check for freebsd updates
2. check for userland updates
3. check for kernel updates
4. check jails


If any of those require updating (excluding jails), then a new Boot Environment is created, a record is written to a patch file indicating what needs updated, and a message is sent requesting a reboot. On reboot, my crontab entry is picked up, the patch file is read indicating what needs to be patched, and the system is patched accordingly. Upon successful application of the patch, the current timestamp is written to the patch file, then the system continues checking for subsequent updates and repeats the process.

For updating jails, I merely do snapshots and restart the jail.

I keep 5 boot environments for a maximum time period of 30 days. The 'app' is here:

GitHub - walterjwhite/system-maintenance

Contribute to walterjwhite/system-maintenance development by creating an account on GitHub.

github.com

 

[SirDice]

1. check for freebsd updates
2. check for userland updates
3. check for kernel updates

This is one step. You can't update just the kernel, or just the userland, freebsd-update(8) updates them both (if there are patches available of course). Unless, with 'userland' you actually meant ports/packages.

 

[tOsYZYny]

Correct, those are all separate steps. I run them separately so that I get a separate BE for each. I have a custom kernel, so I handle the kernel separately outside of freebsd-update. Yes, by userland, I mean pkg upgrade and update.

 

[SirDice]

Yes, by userland, I mean pkg upgrade and update.

Right. That was a little confusing, as 'userland' also refers to the rest of 'world' of the base OS. Basically everything except the kernel. Ports and packages are more commonly referred to as 'third party software'.