Re: Non-interactive run of `freebsd-update upgrade` possible?
Date: Thu, 31 Jul 2025 18:49:52 UTC
On 7/31/25 04:09, Patrick M. Hausen wrote:
> Hi all,
>
> It's time to upgrade our ~100 hosts - again - and I would really
> like to at least partly automate the procedure.
>
> Current issue is that this sequence:
>
> freebsd-update upgrade -r 14.3 -b /tmp/be_mount.EkJx
> freebsd-update install -b /tmp/be_mount.EkJx
> freebsd-update install -b /tmp/be_mount.EkJx
>
> in my experience insists on asking "Does this look reasonable? (y/n)"
> interactively.
>
> And no version of
>
> export ASSUME_ALWAYS_YES=yes
>
> or
>
> --not-running-from-cron
>
> seems to change that.
>
> Am I missing anything? I mean, after updating a handful of test
> systems - and especially when upgrading into a new BE -
> it should be possible to just rollout the new release via Ansible.
>
i usually handle updating our fleet by just rebuilding the systems since
i am on AWS and that's a more natural design pattern for them. there is
this rc script included in the FreeBSD AMI's on AWS that automates
applying patches via freebsd-update:
firstboot_freebsd_update_run()
{
if ! checkyesno firstboot_freebsd_update_nonstandard; then
case "`uname -r`" in
*-BETA* | *-RC* | *-RELEASE*)
;;
*)
echo "Firstboot freebsd-update disabled on
`uname -r`"
return 0
;;
esac
fi
env HTTP_TIMEOUT=5 freebsd-update --not-running-from-cron fetch
if [ -e /var/db/freebsd-update/`echo / | sha256`-install ]; then
freebsd-update install
echo "Requesting reboot after installing updates."
touch ${firstboot_sentinel}-reboot
fi
}
this tends to work pretty well in an automated fashion. but to be
honest i'm looking forward to pkgbase as it will make automation and
auditing *much* easier in cloud environments.
-pete
> Thanks and kind regards,
> Patrick
--
Pete Wright
pete@nomadlogic.org