≡ Menu

portsnap command

How To Tail (View) Multiple Files on UNIX / Linux Console

The tail command is one of the best tool to view log files in a real time using tail -f /path/to/log.file syntax on a Unix-like systems. The program MultiTail lets you view one or multiple files like the original tail program. The difference is that it creates multiple windows on your console (with ncurses). This is one of those dream come true program for UNIX sys admin job. You can browse through several log files at once and do various operations like search for errors and more.
[click to continue…]

The portupgrade command is used to upgrade installed packages via ports or packages. This is one of the tool you need to use under FreeBSD. However, recently, it give me out following error on FreeBSD r6.2-p10-amd64 bit:
missing key: categories: Cannot read the portsdb!
/usr/local/lib/ruby/site_ruby/1.8/portsdb.rb:567:in `open_db': database file error

The solution is pretty simple tp fix this error, enter:
# rm -f /usr/ports/INDEX*.db /var/db/pkg/pkgdb.db
# pkgdb -fu
# rm -rf /usr/ports
# portsnap fetch && portsnap extract && portsnap update

Next find out current portupgrade version:
# pkg_info | grep portupgrade
Sample output:

portupgrade-2.4.3_2,2 FreeBSD ports/packages administration and management tool s

# pkg_delete portupgrade-2.4.3_2,2
# cd /usr/ports/ports-mgmt/portupgrade && make clean && make install clean
# portupgrade -a

See /usr/ports/UPDATING file for more information.

FreeBSD Update Software and Apply Security Patches

Updating FreeBSD server system is quite easy. You can apply security patch to keep freebsd system up to date.

Required tools aka software

You need to have following tools on system
(a) portmanager - FreeBSD ultimate ports update utility.

(b) portsnap - It is a system for securely distributing the FreeBSD ports tree. Approximately once an hour, a snapshot of the ports tree is generated, repackaged, and cryptographically signed. The resulting files are then distributed via HTTP.

(c) pkg_version - List the installed version of the package is older than the current version.

All of the above utilities work together to keeping FreeBSD up to date :)

FreeBSD install portsnap (for older system version <6.0)

On FreeBSD 6.0+, portsnap is contained in the FreeBSD base (core) system. You only need to to install portsanp as follows for older FreeBSD system:
# cd /usr/ports/ports-mgmt/portsnap
# make install clean

FreeBSD install portmanager

Simply type the following command:
# cd /usr/ports/ports-mgmt/portmanager
# make install clean

Upgrade FreeBSD ports collection

Run portsnap as follows:
# portsnap fetch extract
# portsnap fetch
# portsnap extract


Looking up portsnap.FreeBSD.org mirrors... 4 mirrors found.
Fetching public key from portsnap3.FreeBSD.org... done.
Fetching snapshot tag from portsnap3.FreeBSD.org... done.
Fetching snapshot metadata... done.
Fetching snapshot generated at Sun Aug  5 19:38:18 CDT 2007:
b73e908500446b6593a4f763b8b2128490e733547cdaa7100% of   49 MB  195 kBps 00m00s
Extracting snapshot... done.
Verifying snapshot integrity... done.
Fetching snapshot tag from portsnap3.FreeBSD.org... done.
Fetching snapshot metadata... done.
Updating from Sun Aug  5 19:38:18 CDT 2007 to Mon Aug  6 05:58:34 CDT 2007.
Fetching 4 metadata patches... done.
Applying metadata patches... done.
Fetching 0 metadata files... done.
Fetching 18 patches.....10.... done.
Applying patches... done.
Fetching 0 new ports or files... done.

Display outdated ports list

You can list outdated ports list with pkg_version command:
# pkg_version -vIL=
# pkg_version -vIL'<'

bash-3.1.17                         <   needs updating (index has 3.2.17_2)
gettext-0.14.5_2                    <   needs updating (index has 0.16.1_3)
libtool-1.5.22_2                    <   needs updating (index has 1.5.22_4)
linux_base-fc-4_9                   <   needs updating (index has 4_10)


  • v : Enable verbose output.
  • I : Use only the index file for determining if a package is out of date (faster result)
  • L= : Limit the output to those packages whose status flag does not match = (the installed version of the package is current.)
  • L'<' : Limit the output to those packages whose status flag does not match < (the installed version of the package is older than the current version.)

Update FreeBSD packages / software

Now run portmanager to upgrade installed ports:
# portmanager -u

It will updates ports in the correct order based on their dependencies. If a port fails to "make" during update it is marked as ignored. Portmanager will continue updating any ports not marked as "ignored" so long as they are not dependent on the ignored port. Also note that it may take some time if you have large number of application installed.

If you need to upgrade all installed ports with logging, enter:
# portmanager -u -l

How do I upgrade a single software only?

portmanager allows you to update a single port and all of its dependencies. For example update port called bash i.e. bash shell (shells/bash), enter:
# portmanager shells/bash -l -u -f

How do I apply update again?

In order to update system again just type the following command:
# portsnap fetch
# portsnap update
# portmanager -u -l

How do I apply binary security updates for FreeBSD?

Latest version includes a tool called freebsd-update (thanks to Bok for pointing out this tool). The freebsd-update tool is used to fetch, install, and rollback binary updates to the FreeBSD base system.

Fetch updates

Use fetch option to get all available binary updates:
# freebsd-update fetch

Looking up update.FreeBSD.org mirrors... 1 mirrors found.
Fetching public key from update1.FreeBSD.org... done.
Fetching metadata signature from update1.FreeBSD.org... done.
Fetching metadata index... done.
Fetching 2 metadata files... done.
Inspecting system... done.
Preparing to download files... done.
Fetching 18 patches.....10.... done.
Applying patches... done.
The following files will be updated as part of updating to 6.2-RELEASE-p7:
WARNING: FreeBSD 6.2-RELEASE is approaching its End-of-Life date.
It is strongly recommended that you upgrade to a newer
release within the next 5 months.

Install updates

Install the most recently fetched updates:
# freebsd-update install

Installing updates... done.

Rollback updates

Optional: You can uninstall most recently installed updates:

# freebsd-update  rollback  

Reboot system

You must reboot FreeBSD to take advntage of newly patched kernel:
$ uname -a

FreeBSD vip-1.freebsd.nixcraft.com 6.2-RELEASE FreeBSD 6.2-RELEASE #0: Fri Jan 12 10:40:27 UTC 2007
root@dessler.cse.buffalo.edu:/usr/obj/usr/src/sys/GENERIC  i386

$ sudo reboot
After reboot verify system:
$ uname -a

FreeBSD vip-1.freebsd.nixcraft.com 6.2-RELEASE-p4 FreeBSD 6.2-RELEASE-p4 #0: Thu Apr 26 17:40:53 UTC 2007     root@i386-builder.daemonology.net:/usr/obj/usr/src/sys/GENERIC  i386

Further readings:

Updated for accuracy.

FreeBSD Apache apr — multiple vulnerabilities

Some vulnerabilities have been reported in APR-util, which can be exploited by malicious users and malicious people to cause a DoS (Denial of Service).
[click to continue…]

FreeBSD keep ports collection up to date in two easy steps

The FreeBSD ports collection offers a simple way for users and administrators to install applications. The ports made FreeBSD quite popular. Keeping ports up to date is an essential task.

FreeBSD Install cvsup

If you never upgraded freebsd ports collection then first step is required; otherwise skip this step and goto step # 2

# pkg_add -r cvsup-without-gui
# mkdir /usr/ports

CVSup is a software package for distributing and updating collections of files (ports) across a network.

Update ports collection/tree

# cvsup -L 2 -h cvsup9.FreeBSD.org

Above step will take some to fetch files and it will update your ports collection.

Note if you got an error as follows:

Rejected by server: Access limit exceeded; try again later
Will retry at 01:36:41

Then replace cvsup9.FreeBSD.org with cvs8.freebsd.org, cvs7.freebsd.org etc. You are done. Install packages from updated tree, before that consider installing security auditing port to avoid vulnerabilities warning. Now you can install application via ports.

Running the cvsup command later agian will download and apply all the recent changes to your Ports Collection, except actually rebuilding the ports for your own system. Next time you will see howto use the portupgrade utility to upgrade installed ports.

portsnap command

You can use portsnap command. It is an alternative system for distributing the Ports Collection. It was first included in FreeBSD 6.0. Install portsnap as follows:

# mkdir /usr/ports
# pkg_add -r portsnap
# portsnap fetch
# portsnap extract
# portsnap update

See FreeBSD handbook topic Using Portsnap more information.