FreeBSD-Update and PKG GuidePublished on: 19.01.2021 18:00
In this tutorial I explain to you how we update our FreeBSD to a new version and how we can use the package manager pkg.
The timely installation of security updates and the updating of the operating system are important aspects of system administration. FreeBSD includes the freebsd-update tool which we can use to accomplish both of these tasks.
Apply security fixes
We can download and install security fixes for FreeBSD as follows. The first command checks if there are any outstanding fixes available. The second command will install the fixes.
root#: freebsd-update fetch root#: freebsd-update install
We should restart the system if the kernel or a kernel module has been changed. We should restart the affected applications if binary files have been changed.
If we make the following entry under /etc/crontab, the system will check for updates once a day:
@daily root freebsd-update cron
If there are new corrections, they are automatically downloaded but not imported. Our root user receives a message so that the corrections can be checked and installed manually with freebsd-update install.
If something went wrong during the update, we can undo it with the following command:
root#: freebsd-update rollback
Updates to a new major or minor version
If we run the following command on a system running FreeBSD 12.1, the system will be upgraded to FreeBSD 12.2:
root#: freebsd-update -r 12.2-RELEASE upgrade
After entering the command, freebsd-update checks the configuration file and the current system in order to collect the necessary information for the system update.
Then these are installed with the following command:
root#: freebsd-update install
We restart the system with the updated kernel:
root#: shutdown -r now
After the restart we run the following command one last time to complete the update:
root#: freebsd-update install
pkg is the next generation successor to the traditional FreeBSD package management tools and offers many features that make dealing with binary packages faster and easier.
Get information about installed packages
So that we can display information about the installed packages, the following command is used:
root#: pkg info
So that we want to display information about a package, we simply include the package name.
root#: pkg info nano
Install and remove packages
We use the following command to install a binary package, where package-name is the name of the package to be installed:
root#: pkg install package name
And to remove a package we use:
root#: pkg remove package name
Update installed packages
To update all installed packages, we use this command:
root#: pkg upgrade
Monitor installed packages
Software vulnerabilities are regularly discovered in third-party applications. To remedy this, pkg contains a built-in checking mechanism. We do the following to determine if there are any known security vulnerabilities in the software installed on the system:
root#: pkg audit -F
Automatically remove unused packages
root#: pkg autoremove
Remove obsolete packages
By default, pkg saves binary packages in a cache directory defined by PKG_CACHEDIR in pkg.conf. Only copies of the most recently installed packages are kept. Older versions of pkg kept all previous packages. We do the following to remove these outdated binary packages:
root#: pkg clean
The entire cache can be cleared by doing the following:
root#: pkg clean -a
After a system upgrade
root#: pkg-static upgrade -f