Port, Packages, and Patching, Upgrading

Polytropon freebsd at edvax.de
Tue Dec 20 17:20:39 UTC 2011

On Tue, 20 Dec 2011 01:19:04 -0500, Allen wrote:
> Hi,
> I've been trying to find info about this, so I'm Hoping someone here
> will know about this; I use FreeBSD 8.2-RELEASE, and basically, the
> normal way I do things, is like this:
> I grab the CD, boot, and install the Base System. Once I've booted, I'll
> then use one of the two:
> pkg_add -r bunch of packages
> or
> sysinstall > Configure > Packages
> Then I go through the menus, and select what software I want, and,
> eventually, I'll tell it to start installing.

This at first sounds as the "install once, then use"

> Now, I've been reading about Ports more and more, and thought about
> maybe just using those instead, but even with upgrade_pkg from
> bsdaminscripts, I just can NOT seem to upgrade anything.

Updating the ports traditionally depends on an updated
ports tree. The tool portsnap does this for you, but you
can also follow the CVS approach illustrated below. Once
you have updated your ports tree, port management scripts
can determine updated ports and therefore initiate the
building from the respective sources.

> I'd like to have my system fully patched, but most of the data I find,
> is about how to keep ports up to date, and has very little on Packages /
> Binaries.

See bottom the message - maybe freebsd-update and the
package use options (-P and -PP) are for you.

But continue reading anyway. :-)

> I don't think it matters much why I choose Binary Packages over Ports,
> I'm just looking to make sure the emails I get every once in a while on
> the root account will FINALLY not have a huge list of stuff that I need
> to either "delete / uninstall, or upgrade" and have no idea how.

Compiling vs. using binary packages is a decision
mostly driven by technical questions, such as:

- Do I have sufficient resources for compiling?

- Do I have sufficient space for distfiles and
  what happens during compiling?

- Do I have the time to deal with finding out the
  correct configuration ("make config-recursive")?

- Do I need CPU-specific optimization (e. g. on
  older systems where you benefit from higher

- Do I need building options different from those
  default options that turn a port into the package
  that I would have used (e. g. media players with
  codecs, language setttings for office suites)?

- Do I need software more current than what the
  binary package will install?

If "yes" is your answer, ports are the way to go,
because packages simply don't provide that kind of

> I mainly used Linux, so I AM a little more used to everything being
> patched at once, like Slackware, where you can type one command and
> install patches and stuff to everything you have installed, be it the
> Kernel, or an Xterm, or X itself, or Pidgin.

Unlike Linux, FreeBSD has a concept of "the operating
system" and "3rd party applications". This difference
is mainly provided by the FreeBSD team that keeps the
OS working which would work even without any of the
stuff in ports, and the port maintainers who keep the
ports current.

This means you have _two_ separated things that "have
nothing to do with each other", so the updating methods
are different, but can be easily combined.

In Linux, where even the kernel can be seen as a package,
all parts can be updated by one facility. In worst case,
a defective update renders the whole system unusable.

If you rely on sources, you can easily use csup to update
both the OS source tree and the ports tree by running
one "make update" command.

Create /etc/sup directory, and those files:

	# /etc/sup/stable.sup
	*default host=cvsup.freebsd.org
	*default base=/var/db
	*default prefix=/usr
	*default release=cvs tag= 
	*default delete use-rel-suffix
	*default compress

(In case you want to follow RELEASE plus security patches,
change "RELENG_8" to "RELENG_8.2", and maybe call the file
release.sup then, to avoid confusion.)

	# /etc/sup/ports.sup
	*default host=cvsup.freebsd.org
	*default base=/var/db
	*default prefix=/usr
	*default release=cvs tag=.
	*default delete use-rel-suffix
	*default compress

(Maybe you want to be more selective here and use ports-<category>
instead; examples are found at /usr/src/share/examples/cvsup/.)

	# /etc/sup/doc.sup
	*default host=cvsup.free.org
	*default base=/var/db
	*default prefix=/usr
	*default release=cvs tag=.
	*default delete use-rel-suffix
	*default compress

(Here also selectivity can be applied!)

And finally, to /etc/make.conf, add:

	SUP=            /usr/bin/csup
	SUP_UPDATE=     /usr/bin/csup
	SUPFLAGS=       -L 2
	SUPHOST=        cvsup.freebsd.org
	SUPFILE=        /etc/sup/stable.sup
	PORTSSUPFILE=   /etc/sup/ports.sup
	DOCSUPFILE=     /etc/sup/doc.sup
	DOC_LANG=       en_US.ISO8859-1 de_DE.ISO8859-1

(Typically alter DOC_LANG to fit your needs.)

Also check what you can enable or _disable_ in /etc/make.conf
and /etc/src.conf (see /usrsrc/share/examples/etc/make.conf
and "man src.conf" for details), especially for systems low
on resources where you intendedly want to _not_ build and
install certain parts of the world, the kernel and the
kernel modules.

When you now do the following:

	# cd /usr/src
	# make update

both source and ports will be updated.

BUT: This method is more complex than using portsnap!
Especially for "bigger differences" between update
sessions it typically needs more time.

>From this point, it's easy to recompile world and kernel,
and then update ports selectively or "all in one run".
Tools like portmaster, portupgrade or portmanager are
a big help here.

For updating the system, follow the instructions in the
comment header of /usr/src/Makefile. For the ports, use
your favourite tool,

> Any of you that use pkg_add and Sysinstall to install packages, can you
> maybe describe what you do to install updates, Patches, or just in
> general, keep your system patched?

If you intendedly (nothing bad here!) want to use binary
packages, you can use the -P and -PP option of portupgrade
and portmaster. The EXAMPLES section of the manpages have
some ideas on how to do "full updates".

Unless you're using a custom kernel and want to follow
the RELEASE branch, including the security patches, also
consider using freebsd-update. This tool updates the OS
(the base system) in a binary way, also very comfortable.

The combination of both ways is a usable difference to
using ports and building everything from source.

FreeBSD puts you in choice here, and I'm glad it does,
because I prefer _this_ or _that_ method depending on
the use of different systems. :-)

Magdeburg, Germany
Happy FreeBSD user since 4.0
Andra moi ennepe, Mousa, ...

More information about the freebsd-questions mailing list