Re: what am I missing RE: freebsd-update?

From: Ian Smith <smithi_at_nimnet.asn.au>
Date: Sat, 03 Dec 2022 14:09:35 UTC
On 2 December 2022 5:20:52 pm AEDT, Steve O'Hara-Smith <steve@sohara.org> wrote:

 > On Thu, 1 Dec 2022 16:44:37 -0800
 > paul beard <paulbeard@gmail.com> wrote:
 > 
 > > Thank you for all the info…it seems nothing is wrong, but what
 > prompted
 > > this was a message about this release nearing EOL or end of
 > support.  Not
 > > sure where I saw it now, perhaps at login but I don't see it now.

It was the firsf message on screen in the freebsd-update process, and yes it's rather trigger-happy.

 > 	The file with the EOL dates in got updated as part of the update.
 > The dates are a guess that gets refined as the release process of the
 > next
 > release progresses. It doesn't work too well it always alarms people
 > early.

More definitive is  https://www.freebsd.org/security/#sup
showing 12.3 EoL as 3 months after 12.4-RELEASE (which is immanent, likely this week), and that 12-STABLE will be EoL on 31st December 2023.

 > > So freebsd-version -kru
 > > 12.3-RELEASE-p6
 > > 12.3-RELEASE-p6
 > > 12.3-RELEASE-p10
 > > 
 > > means that my installed and running kernel are the same and my
 > userland is
 > > a few patches ahead but they should sync up at some point?
 > 
 > 	Not quite - what it really means is that p7, p8, p9 and p10 did not
 > contain any kernel updates and so the kernel version didn't get
 > bumped in
 > them. So if there are no more kernel updates before EOL they'll never
 > "sync up".

Without a major security incident, p6 should be it for 12.3 kernel.  Maybe a few userland patches if needed ...

 > 	This has historical reasons - once upon a time the kernel version
 > was the version and all updates were source builds but with binary
 > patch
 > updates it seems crazy to update the kernel just to change a number
 > so we
 > get the concept of userland version and the original version becomes
 > the kernel version.
 > 
 > 	There's a practical advantage to it, scripted updates can check for
 > a changed kernel version and decide whether to reboot or just restart services.

Yes, though you (or scripts) need to know which services need restarting; rebooting is always safer.

cheers, Ian