Open michael-o opened 9 months ago
These worked for me instead:
freebsd-update -j deblndw013x4v1j -d $(jls -j deblndw013x4v1j -h path | tail -1)/var/db/freebsd-update -f $(jls -j deblndw013x4v1j -h path | tail -1)/etc/freebsd-update.conf -r 13.2-RELEASE upgrade
freebsd-update -j deblndw013x4v1j -d $(jls -j deblndw013x4v1j -h path | tail -1)/var/db/freebsd-update -f $(jls -j deblndw013x4v1j -h path | tail -1)/etc/freebsd-update.conf install
mkdir -p /var/db/bastille/releases/13.2-RELEASE/freebsd-update
freebsd-update -d /var/db/bastille/releases/13.2-RELEASE/freebsd-update -f /usr/local/bastille/releases/13.2-RELEASE/etc/freebsd-update.conf -b /usr/local/bastille/releases/13.2-RELEASE --currently-running 13.2-RELEASE fetch install
freebsd-update -j deblndw013x1j -d $(jls -j deblndw013x1j -h path | tail -1)/var/db/freebsd-update -f $(jls -j deblndw013x1j -h path | tail -1)/etc/freebsd-update.conf fetch install
FTR: Poudriere properly isolates jail updates: https://github.com/freebsd/poudriere/blob/f2d23984f54b56cb8377302e2deb6ee357d725a2/src/share/poudriere/jail.sh#L293-L303
Improvement upstream: https://reviews.freebsd.org/D43700
Improvement upstream: https://reviews.freebsd.org/D43700
This has been merged upstream.
Describe the bug Both commands
ugprade
andupdate
usefreebsd-update(8)
to update releases and thick jails. Unfortunately, they assume thatfreebsd-update
will rebase all commands on top of the basedir passed, thus fully isolate all operations. It does not. The command is broken in this regard.See:
It pollutes the jailhost and uses potentially wrong config.
Sources:
Bastille and FreeBSD version (paste
bastille -v && freebsd-version -kru
output) 0.10.20231013 13.2-STABLE 13.2-STABLE 13.2-STABLEHow did you install bastille? (port/pkg/git) port
Expected behavior For release updates/upgrades:
-f
from the release root-d
outside of release root, but independent of the jailhost, e.g.,/var/db/bastille/releases/{release}/freebsd-update/
For thick jail updates/upgrades:
-j
to reduce params-f
from the jail root-d
from the jail root (thus the update dir will remain completely inside the jail)Additional context Gladly, I have tested the upgrade in a separate host where the jails were shredded. I will refrain from using
bastille update/upgrade
for now. If desired, I can provide a PR for this.