February 03, 2003
Staying up to date [ Software ]
Anyone who administers a *nix box has done this task, but it can be hard to remember what particular steps you need to take on a given system to download & install patches, synch up the source code and rebuild the kernel + userland, or grab updated binary packages. So I'll try to compile a list of basic outlines for updating different Unix-ish operating systems.
Textual conventions - I'm used to Bourne shell programming, so I use a ${variable} format to represent the actual value of a given variable.
${X_Y} represents the operating system revision, i.e., if you're using OpenBSD 2.9 and see OPENBSD_${X_Y}, you would type OPENBSD_2_9.
${arch} represents the operating system architecture, i.e., i386 or sparc or ppc or whatever type of actual hardware you're running on/compiling for.
${dir} represents the particular directory where a port or relevant piece of code resides.
Debian Linux
Update packages
See http://www.debian.org/doc/manuals/debian-faq/ch-uptodate.en.html for details.
# apt-get update && apt-get dist-upgrade
Recompile the kernel
See http://www.debian.org/doc/manuals/debian-faq/ch-kernel.en.html for details.
# apt-get install kernel-source-${X.Y.Z} # cd /usr/src/linux # make menuconfig [ edit kernel options, save configs as ../${hostname.version} ] # make-kpkg -rev ${hostname.version} kernel_image # cd .. # dpkg --install kernel-image-${XYZ}_${hostname.version}_${arch}.deb [ may have to do a 'mv /lib/modules/X.Y.Z /lib/modules/X.Y.Z-old' first ]
RedHat Linux
Need to register systems for support at https://rhn.redhat.com/ before they can be updated.
Upgrade installed RPMs
# up2date
OpenBSD
Initial setup
See http://www.openbsd.org/anoncvs.html for details.
Set up your CVS preferences:
# export CVS_RSH=/usr/bin/ssh
# export CVSROOT=anoncvs@anoncvs6.usa.openbsd.org:/cvs
Get and update the -CURRENT branch
See http://www.openbsd.org/faq/upgrade-minifaq.html for details.
Initial 'get' for ports collection within the development or CURRENT branch:
# cd /usr
# cvs -q get -P ports
Initial 'get' for source collection within the development or CURRENT branch:
# cd /usr
# cvs -q get -P src
Updating the ports collection within the development or CURRENT branch:
# cd /usr/ports
# cvs -q up -PAd
Updating the source collection within the development or CURRENT branch:
# cd /usr/src
# cvs -q up -PAd
Get and update the -STABLE branch
See http://www.openbsd.org/faq/upgrade-minifaq.html for details.
Initial 'get' for ports collection within the patch or STABLE branch:
# cd /usr
# cvs -q get -rOPENBSD_${X_Y} -P ports
Initial 'get' for source collection within the patch or STABLE branch:
# cd /usr
# cvs -q get -rOPENBSD_${X_Y} -P src
Updating the ports collection within the patch or STABLE branch:
# cd /usr/ports
# cvs -q up -rOPENBSD_${X_Y} -PAd
Updating the source collection within the patch or STABLE branch:
# cd /usr/src
# cvs -q up -rOPENBSD_${X_Y} -PAd
Rebuild a single binary
# cd /usr/src/${dir} # make obj && make depend && make && make install
Make the world
See http://www.openbsd.org/faq/faq5.html and http://www.openbsd.org/faq/upgrade-minifaq.html for details.
Rebuild the kernel:
# cd /usr/src/sys/arch/${arch}/conf
# /usr/sbin/config GENERIC
# cd ../compile/GENERIC
# make clean && make depend && make
Reboot with the new kernel:
# cp -p /bsd /bsd.old
# cp bsd /bsd
# reboot
Rebuild all binaries:
# rm -r /usr/obj/*
# cd /usr/src
# make obj && make build
FreeBSD
Initial setup
See http://www.freebsd.org/doc/en_US.ISO8859-1/books/handbook/current-stable.html for details.
If you have XFree86 installed:
# cd /usr/ports/net/cvsup
# make && make install
If you don't have XFree86 installed:
# cd /usr/ports/net/cvsup-without-gui
# make && make install
If you want the easy point-n-click GUI:
# cd /usr/ports/net/cvsupit
# make && make install
Get a supfile:
-STABLE supfile from ftp://ftp.freebsd.org/pub/FreeBSD/FreeBSD-current/src/share/examples/cvsup/stable-supfile
-CURRENT supfile from ftp://ftp.freebsd.org/pub/FreeBSD/FreeBSD-current/src/share/examples/cvsup/standard-supfile
Or build your own from the examples provided in /usr/share/examples/cvsup.
# mkdir -p /usr/local/etc/cvsup # cp /usr/share/examples/cvsup/stable-supfile /usr/local/etc/cvsup/
Customize the supfile:
*default host=cvsup2.FreeBSD.org
ports-all tag=.
Customize /etc/make.conf as necessary:
CPUTYPE= ${whatever_your_cpu_type_is}
CFLAGS= -O -pipe
NOPROFILE= true
Update sources
See http://www.freebsd.org/doc/en_US.ISO8859-1/books/handbook/cvsup.html for details.
To update the sources within X11:
# cvsup ${supfile} &
To update the sources from the command line:
# cvsup -g -L 2 ${supfile}
If you're behind a firewalled connection that doesn't allow outbound 5999/tcp traffic, but you have SSH access to a remote host that allows arbitrary connection forwarding via SSH, then you can do the following:
# ssh -f -x -L 5999:cvsup2.freebsd.org:5999 user@remote.host.name sleep 60
# cvsup -g -L 2 -h localhost stable-supfile
And the connection will be tunnelled over SSH from localhost:5999 to remote.host.name, and then forwarded in the clear to cvsup2.freebsd.org:5999 (or whatever CVSup server you specify).
Rebuild the world
See http://www.freebsd.org/doc/en_US.ISO8859-1/books/handbook/makeworld.html for details.
Read UPDATING:
# more /usr/src/UPDATING
Do a pre-install update of files in /etc:
# /usr/sbin/mergemaster -p
Clean out /usr/obj:
# cd /usr/obj
# chflags -R noschg *
# rm -rf *
Rebuild the world:
# script /var/tmp/makeworld-`date +%Y%m%d`
# cd /usr/src
# make clean
# make -j4 buildworld
Rebuild the kernel and reboot:
# make buildkernel KERNCONF=${MYKERNEL}
# make installkernel KERNCONF=${MYKERNEL}
# reboot
Install the rebuilt userland and do a post-install update of files in /etc:
# cd /usr/src
# make installworld
# /usr/sbin/mergemaster
Update the contents of /stand and do a final reboot:
# cd /usr/src/release/sysinstall
# make all install
# reboot
Solaris
Download, extract and install latest recommended patchcluster
See http://sunsolve.sun.com/pub-cgi/show.pl?target=patchpage for details. The example below references the patch cluster zipfile for Solaris 9. Solaris 7 and above use '${X}_Recommended.zip' for their patchcluster file names where X is the operating system release number, while Solaris 2.6 and earlier use '${X.Y}_Recommended.tar.Z' for their patchcluster file names where X.Y are the operating system major and minor release numbers. For Solaris 2.6 and earlier, do a 'uncompress -cd ${X.Y}_Recommended.tar.Z | tar xf -' instead of the 'unzip' line below.
# mkdir -p /export/patches/`date +%Y%m%d` # cd /export/patches/`date +%Y%M%d` # wget ftp://sunsolve.sun.com/pub/patches/9_Recommended.zip # unzip -q 9_Recommended.zip # cd 9_Recommended # ./install_cluster | tee install-log # reboot
And that's the end for now. If I can track down my notes for patching HP-UX, I'll put those up as well.
Posted by edobbs at February 3, 2003 01:37 PM
Original content copyright ©1995-2006 Eric Dobbs, except where otherwise noted.
