Prevent FreeBSD-Update On Cloud Instance Creation

dave

Well-Known Member

Reaction score: 25
Messages: 439

Starting cloud instances and waiting for freebsd-update to complete is really tedious. And it gets worse with each patch level for a release. I understand that keeping FreeBSD up to date is important, but I dare say this is draconian. Is there a way to prevent the freebsd-update process on instance creation?
 

astralblue

New Member

Reaction score: 1
Messages: 1

Most cloud providers support injecting instance configuration data (for example, Amazon EC2 calls it "user data"; look in the Advanced Details section at the bottom of the Configure Instance Details step when you launch an instance). You can pass a script snippet there to disable both freebsd-update(8) and initial package installation (do not forget the first #!/bin/sh line, as it makes the cloud integration recognize the snippet as a script to run):

Bash:
#!/bin/sh
sysrc firstboot_freebsd_update_enable="NO"
sysrc firstboot_pkgs_enable="NO"
 
OP
dave

dave

Well-Known Member

Reaction score: 25
Messages: 439

I finally got around to testing this out on Google Compute Engine. This does not work on that platform. I tested FreeBSD 12 and 13.

Here's an example of setting the script in the instance creation:

Screen Shot 2021-09-03 at 4.28.03 PM.png


Here are the results...

FreeBSD 13
Code:
▶ gc instances tail-serial-port-output freebsd-13-1 --zone us-central1-a                                                        ◀ 16:19:13
SeaBIOS (version 1.8.2-google)
Total RAM Size = 0x0000000080000000 = 2048 MiB
CPUs found: 2     Max CPUs supported: 2
found virtio-scsi at 0:3
virtio-scsi vendor='Google' product='PersistentDisk' rev='1' type=0 removable=0
virtio-scsi blksize=512 sectors=46137344 = 22528 MiB
drive 0x000f2490: PCHS=0/0/0 translation=lba LCHS=1024/255/63 s=46137344
Sending Seabios boot VM event.
Booting from Hard Disk 0...
Loading /boot/loader.conf.local
-
Loading kernel...
/boot/kernel/kernel text=0x17b9e0 text=0xdd6d30 text=0x65b9ac data=0x140 data=0x1b9348+0x445cb8 syms=[0x8+0x178e90+0x8+0x199058]
Loading configured modules...
can't find '/etc/hostid'
can't find '/boot/entropy'

Booting [/boot/kernel/kernel]...
---<<BOOT>>---
Copyright (c) 1992-2021 The FreeBSD Project.
Copyright (c) 1979, 1980, 1983, 1986, 1988, 1989, 1991, 1992, 1993, 1994
	The Regents of the University of California. All rights reserved.

[SNIP]

Sep  3 23:18:55 freebsd-13-1 kernel: vtnet0: link state changed to UP
No core dumps found.
freebsd-update 755 - - Looking up update.FreeBSD.org mirrors... 2 mirrors found.

[SNIP]

freebsd-update 755 - -  done.
freebsd-update 755 - - Requesting reboot after installing updates.
Starting google_instance_setup.
Sep  3 23:20:40 freebsd-13-1 instance-setup: INFO Generating SSH host keys for instance 143483740903904197.
Sep  3 23:20:40 freebsd-13-1 instance-setup: INFO Generating SSH key /etc/ssh/ssh_host_ed25519_key.
Sep  3 23:20:40 freebsd-13-1 instance-setup: INFO Unable to write ssh-ed25519 host key to guest attributes.
Sep  3 23:20:40 freebsd-13-1 instance-setup: INFO Generating SSH key /etc/ssh/ssh_host_rsa_key.
Sep  3 23:20:40 freebsd-13-1 instance-setup: INFO Unable to write ssh-rsa host key to guest attributes.
Sep  3 23:20:40 freebsd-13-1 instance-setup: INFO Generating SSH key /etc/ssh/ssh_host_ecdsa_key.
Sep  3 23:20:40 freebsd-13-1 instance-setup: INFO Unable to write ecdsa-sha2-nistp256 host key to guest attributes.
Starting google_network_daemon.
Sep  3 23:20:41 freebsd-13-1 startup-script: INFO Starting startup scripts.
Sep  3 23:20:41 freebsd-13-1 startup-script: INFO Found startup-script in metadata.
Sep  3 23:20:41 freebsd-13-1 google-networking: WARNING Unable to determine MAC address for lo0.
Sep  3 23:20:41 freebsd-13-1 google-networking: INFO Starting Google Networking daemon.
Sep  3 23:20:41 freebsd-13-1 startup-script: INFO startup-script: firstboot_freebsd_update_enable: YES -> NO
Sep  3 23:20:41 freebsd-13-1 startup-script: INFO startup-script: firstboot_pkgs_enable: YES -> NO
Sep  3 23:20:41 freebsd-13-1 startup-script: INFO startup-script: Return code 0.
Sep  3 23:20:41 freebsd-13-1 startup-script: INFO Finished running startup scripts.
Starting google_accounts_daemon.

[SNIP]

Booting [/boot/kernel/kernel]...
---<<BOOT>>---
Copyright (c) 1992-2021 The FreeBSD Project.
Copyright (c) 1979, 1980, 1983, 1986, 1988, 1989, 1991, 1992, 1993, 1994
	The Regents of the University of California. All rights reserved.

[SNIP]

No core dumps found.
Starting google_network_daemon.
Starting google_accounts_daemon.
Sep  3 23:20:56 freebsd-13-1 startup-script: INFO Starting startup scripts.
Sep  3 23:20:56 freebsd-13-1 startup-script: INFO Found startup-script in metadata.
Sep  3 23:20:56 freebsd-13-1 google-networking: WARNING Unable to determine MAC address for lo0.
Sep  3 23:20:56 freebsd-13-1 google-networking: INFO Starting Google Networking daemon.
Sep  3 23:20:56 freebsd-13-1 google-accounts: INFO Starting Google Accounts daemon.
Sep  3 23:20:56 freebsd-13-1 google-accounts: INFO Adding user freebsd to the Google sudoers group.
Sep  3 23:20:56 freebsd-13-1 startup-script: INFO startup-script: firstboot_freebsd_update_enable: NO -> NO
Sep  3 23:20:56 freebsd-13-1 google-accounts: INFO Adding user root to the Google sudoers group.
Sep  3 23:20:57 freebsd-13-1 google-accounts: INFO Adding user dave to the Google sudoers group.
Sep  3 23:20:57 freebsd-13-1 google-accounts: INFO Adding user dturner to the Google sudoers group.
Sep  3 23:20:57 freebsd-13-1 startup-script: INFO startup-script: firstboot_pkgs_enable: NO -> NO
Sep  3 23:20:57 freebsd-13-1 startup-script: INFO startup-script: Return code 0.
Sep  3 23:20:57 freebsd-13-1 startup-script: INFO Finished running startup scripts.
Security policy loaded: MAC/ntpd (mac_ntpd)
Starting ntpd.
Mounting late filesystems:.
Starting google_clock_skew_daemon.
Starting cron.
Performing sanity check on sshd configuration.
Starting sshd.
Starting sendmail_submit.
Sep  3 23:20:57 freebsd-13-1 google-clock-skew: INFO Starting Google Clock Skew daemon.
Sep  3 23:20:57 freebsd-13-1 google-clock-skew: INFO Clock drift token has changed: 0.
Starting sendmail_msp_queue.
ntpd is running as pid 839.
Configuring vt: blanktime.
Stopping ntpd.
Starting background file system checks in 60 seconds.

Fri Sep  3 23:20
FreeBSD/amd64 (freebsd-13-1) (ttyu0)

login: Sep  3 23:21:05 freebsd-13-1 google-clock-skew: INFO Synced system time with ntp server.

FreeBSD 12
Code:
▶ gc instances tail-serial-port-output freebsd-12-1 --zone us-central1-a                                                        ◀ 16:29:31
SeaBIOS (version 1.8.2-google)
Total RAM Size = 0x0000000080000000 = 2048 MiB
CPUs found: 2     Max CPUs supported: 2
found virtio-scsi at 0:3
virtio-scsi vendor='Google' product='PersistentDisk' rev='1' type=0 removable=0
virtio-scsi blksize=512 sectors=46137344 = 22528 MiB
drive 0x000f2490: PCHS=0/0/0 translation=lba LCHS=1024/255/63 s=46137344
Sending Seabios boot VM event.
Booting from Hard Disk 0...
Malformed line (7):
	'kern.timecounter.hardware=ACPI-safe'
Failed to parse config: '/boot/loader.conf'
Loading /boot/loader.conf.local
|
Loading kernel...
/boot/kernel/kernel text=0x16bdcc4 data=0x140 data=0x75fe80 syms=[0x8+0x17e098+0x8+0x19bdd3]
Loading configured modules...
can't find '/boot/entropy'
/boot/kernel/aesni.ko size 0xeed8 at 0x247b000
can't find '/etc/hostid'

Booting [/boot/kernel/kernel]...
---<<BOOT>>---
Copyright (c) 1992-2020 The FreeBSD Project.
Copyright (c) 1979, 1980, 1983, 1986, 1988, 1989, 1991, 1992, 1993, 1994
	The Regents of the University of California. All rights reserved.

[SNIP]

Updating /var/run/os-release done.
freebsd-update 737 - - Looking up update.FreeBSD.org mirrors... 2 mirrors found.
freebsd-update 737 - - Fetching public key from update1.freebsd.org... done.

[SNIP]

freebsd-update 737 - -  done.
freebsd-update 737 - - Requesting reboot after installing updates.
Installing pkg-1.16.3...
package pkg is already installed, forced install
Extracting pkg-1.16.3: .......... done
Bootstrapping pkg from pkg+http://pkg.FreeBSD.org/FreeBSD:12:amd64/quarterly, please wait...
Verifying signature with trusted certificate pkg.freebsd.org.2013102301... done
Updating FreeBSD repository catalogue...
Fetching meta.conf: . done
Fetching packagesite.txz: .......... done
Processing entries: .......... done
FreeBSD repository update completed. 30848 packages processed.
All repositories are up to date.
Starting google_instance_setup.
Sep  3 23:35:50 freebsd-12-1 instance-setup: INFO Generating SSH host keys for instance 283574780846608682.
Sep  3 23:35:50 freebsd-12-1 instance-setup: INFO Generating SSH key /etc/ssh/ssh_host_ed25519_key.
Sep  3 23:35:50 freebsd-12-1 instance-setup: INFO Unable to write ssh-ed25519 host key to guest attributes.
Sep  3 23:35:50 freebsd-12-1 instance-setup: INFO Generating SSH key /etc/ssh/ssh_host_rsa_key.
Sep  3 23:35:51 freebsd-12-1 instance-setup: INFO Unable to write ssh-rsa host key to guest attributes.
Sep  3 23:35:51 freebsd-12-1 instance-setup: INFO Generating SSH key /etc/ssh/ssh_host_ecdsa_key.
Sep  3 23:35:51 freebsd-12-1 instance-setup: INFO Unable to write ecdsa-sha2-nistp256 host key to guest attributes.
Starting google_network_daemon.
Starting google_accounts_daemon.
Starting google_clock_skew_daemon.
Sep  3 23:35:51 freebsd-12-1 google-clock-skew: INFO Starting Google Clock Skew daemon.
Sep  3 23:35:51 freebsd-12-1 google-clock-skew: INFO Clock drift token has changed: 0.
Sep  3 23:35:51 freebsd-12-1 google-networking: WARNING Unable to determine MAC address for lo0.
Sep  3 23:35:51 freebsd-12-1 google-networking: INFO Starting Google Networking daemon.
Sep  3 23:35:51 freebsd-12-1 google-accounts: INFO Starting Google Accounts daemon.
ntpd is running as pid 716.
Sep  3 23:35:51 freebsd-12-1 startup-script: INFO Starting startup scripts.
Sep  3 23:35:51 freebsd-12-1 startup-script: INFO Found startup-script in metadata.
Stopping ntpd.
Waiting for PIDS: 716.
Sep  3 23:35:51 freebsd-12-1 google-accounts: INFO Creating a new user account for dave.
Sep  3 23:35:51 freebsd-12-1 startup-script: INFO startup-script: firstboot_freebsd_update_enable: YES -> NO
Sep  3 23:35:51 freebsd-12-1 google-accounts: INFO Created user account dave.
Sep  3 23:35:51 freebsd-12-1 google-accounts: INFO Adding user dave to the Google sudoers group.
Sep  3 23:35:51 freebsd-12-1 google-accounts: INFO Adding user root to the Google sudoers group.
Sep  3 23:35:51 freebsd-12-1 google-accounts: INFO Creating a new user account for freebsd.
Sep  3 23:35:51 freebsd-12-1 startup-script: INFO startup-script: firstboot_pkgs_enable: YES -> NO
Sep  3 23:35:51 freebsd-12-1 startup-script: INFO startup-script: Return code 0.
Sep  3 23:35:51 freebsd-12-1 startup-script: INFO Finished running startup scripts.
Sep  3 23:35:51 freebsd-12-1 google-accounts: INFO Created user account freebsd.
Sep  3 23:35:51 freebsd-12-1 google-accounts: INFO Adding user freebsd to the Google sudoers group.
Sep  3 23:35:51 freebsd-12-1 google-accounts: INFO Creating a new user account for dturner.
Sep  3 23:35:51 freebsd-12-1 google-accounts: INFO Created user account dturner.
Sep  3 23:35:51 freebsd-12-1 google-accounts: INFO Adding user dturner to the Google sudoers group.
Starting sendmail_submit.

[SNIP]

Booting [/boot/kernel/kernel]...
---<<BOOT>>---
Copyright (c) 1992-2020 The FreeBSD Project.
Copyright (c) 1979, 1980, 1983, 1986, 1988, 1989, 1991, 1992, 1993, 1994
	The Regents of the University of California. All rights reserved.

[SNIP]

Sep  3 23:36:20 freebsd-12-1 google-accounts: INFO Starting Google Accounts daemon.
Sep  3 23:36:20 freebsd-12-1 google-networking: WARNING Unable to determine MAC address for lo0.
Sep  3 23:36:20 freebsd-12-1 google-networking: INFO Starting Google Networking daemon.
Sep  3 23:36:20 freebsd-12-1 startup-script: INFO Starting startup scripts.
Sep  3 23:36:20 freebsd-12-1 startup-script: INFO Found startup-script in metadata.
Sep  3 23:36:20 freebsd-12-1 google-accounts: INFO Adding user dave to the Google sudoers group.
Sep  3 23:36:20 freebsd-12-1 google-accounts: INFO Adding user root to the Google sudoers group.
Sep  3 23:36:20 freebsd-12-1 google-accounts: INFO Adding user freebsd to the Google sudoers group.
Sep  3 23:36:20 freebsd-12-1 startup-script: INFO startup-script: firstboot_freebsd_update_enable: NO -> NO
Sep  3 23:36:20 freebsd-12-1 google-accounts: INFO Adding user dturner to the Google sudoers group.
Sep  3 23:36:20 freebsd-12-1 startup-script: INFO startup-script: firstboot_pkgs_enable: NO -> NO
Sep  3 23:36:20 freebsd-12-1 startup-script: INFO startup-script: Return code 0.
Sep  3 23:36:20 freebsd-12-1 startup-script: INFO Finished running startup scripts.
Starting sendmail_submit.
Starting sendmail_msp_queue.
Configuring vt: blanktime.
Performing sanity check on sshd configuration.
Starting sshd.
Starting cron.
Starting background file system
FreeBSD/amd64 (freebsd-12-1) (ttyu0)

login: Sep  3 23:36:29 freebsd-12-1 google-clock-skew: INFO Synced system time with ntp server.

So it would appear that those startup script directives are only implemented after freebsd-update. In the case of FreeBSD 12, this took about 8 minutes.
 
Top