Skip site navigation (1)Skip section navigation (2)

FreeBSD Manual Pages

  
 
  

home | help
FREEBSD-UPDATE(8)	    System Manager's Manual	     FREEBSD-UPDATE(8)

NAME
       freebsd-update -- fetch and install binary updates to FreeBSD

SYNOPSIS
       freebsd-update  [-b  basedir] [-d workdir] [-f conffile]	[-F] [-j jail]
		      [-k  KEY]	 [-r  newrelease]  [-s	server]	 [-t  address]
		      [--not-running-from-cron]	command	...

DESCRIPTION
       The  freebsd-update tool	is used	to fetch, install, and rollback	binary
       updates to the FreeBSD base system.  Note that updates are only	avail-
       able  if	 they are being	built for the FreeBSD release and architecture
       being used; in particular, the FreeBSD Security Team  only  builds  up-
       dates  for releases shipped in binary form by the FreeBSD Release Engi-
       neering Team, e.g., FreeBSD 11.2-RELEASE	and FreeBSD 12.0-RELEASE,  but
       not FreeBSD 11.2-STABLE or FreeBSD 13.0-CURRENT.

OPTIONS
       The following options are supported:

       -b basedir     Operate on a system mounted at basedir.  (default: /, or
		      as given in the configuration file.)

       -d workdir     Store    working	  files	   in	 workdir.    (default:
		      /var/db/freebsd-update/, or as given in  the  configura-
		      tion file.)

       -f conffile    Read  configuration  options  from  conffile.  (default:
		      /etc/freebsd-update.conf)

       -F	      Force freebsd-update fetch to proceed in the case	of  an
		      unfinished upgrade.

       -j jail	      Operate  on  the	given  jail  specified by jid or name.
		      (The version of the installed userland is	 detected  and
		      the --currently-running option is	no more	required.)

       -k KEY	      Trust  an	 RSA  key  with	SHA256 of KEY.	(default: read
		      value from configuration file.)

       -r newrelease  Specify the new release (e.g.,  11.2-RELEASE)  to	 which
		      freebsd-update should upgrade (upgrade command only).

       -s server      Fetch  files  from  the specified	server or server pool.
		      (default:	read value from	configuration file.)

       -t address     Mail output of cron command, if any, to  address.	  (de-
		      fault: root, or as given in the configuration file.)

       --not-running-from-cron
		      Force  freebsd-update  fetch to proceed when there is no
		      controlling tty.	This is	for use	by  automated  scripts
		      and    orchestration   tools.    Please	do   not   run
		      freebsd-update fetch from	crontab	or similar using  this
		      flag, see: freebsd-update	cron

       --currently-running release
		      Do  not  detect  the currently-running release; instead,
		      assume that the system is	running	the specified release.
		      This is most likely to be	useful when upgrading jails.

COMMANDS
       The command can be any one of the following:

       fetch	 Based on the currently	installed world	and the	 configuration
		 options set, fetch all	available binary updates.

       cron	 Sleep	a  random  amount  of time between 1 and 3600 seconds,
		 then download updates as if the fetch command was  used.   If
		 updates  are  downloaded, an email will be sent (to root or a
		 different address if specified	via the	-t option  or  in  the
		 configuration	file).	 As the	name suggests, this command is
		 designed for running from cron(8); the	random delay serves to
		 minimize the probability that a large number of machines will
		 simultaneously	attempt	to fetch updates.

       upgrade	 Fetch files necessary for upgrading to	a new release.	Before
		 using this command, make sure that you	read the  announcement
		 and  release  notes for the new release in case there are any
		 special steps needed for upgrading.  Note that	 this  command
		 may  require  up  to  500 MB of space in workdir depending on
		 which components of the FreeBSD base system are installed.

       updatesready
		 Check if there	are fetched updates ready to install.  Returns
		 exit code 2 if	there are no updates to	install.

       install	 Install the most recently fetched updates  or	upgrade.   Re-
		 turns	exit code 2 if there are no updates to install and the
		 fetch command wasn't passed as	an  earlier  argument  in  the
		 same invocation.

       rollback	 Uninstall the most recently installed updates.

       IDS	 Compare  the  system  against a "known	good" index of the in-
		 stalled release.

       showconfig
		 Show configuration options after parsing conffile and command
		 line options.

TIPS
          If your clock is set	to local time, adding the line

		 0 3 * * * root	/usr/sbin/freebsd-update cron

	   to /etc/crontab will	check for updates every	night.	If your	 clock
	   is  set  to UTC, please pick	a random time other than 3AM, to avoid
	   overly imposing an uneven load on the  server(s)  hosting  the  up-
	   dates.

          In  spite of	its name, freebsd-update IDS should not	be relied upon
	   as an "Intrusion Detection System", since if	the  system  has  been
	   tampered  with  it  cannot be trusted to operate correctly.	If you
	   intend to use this command for intrusion-detection  purposes,  make
	   sure	you boot from a	secure disk (e.g., a CD).

ENVIRONMENT
       PAGER  The pager	program	used to	present	various	reports	during the ex-
	      ecution.	(Default: "/usr/bin/less".)

	      PAGER  can  be  set to "cat" when	a non-interactive pager	is de-
	      sired.

FILES
       /etc/freebsd-update.conf	 Default location of the  freebsd-update  con-
				 figuration file.

       /var/db/freebsd-update/	 Default  location where freebsd-update	stores
				 temporary files and downloaded	updates.

SEE ALSO
       freebsd-update.conf(5)

AUTHORS
       Colin Percival <cperciva@FreeBSD.org>

FreeBSD	13.2			October	1, 2021		     FREEBSD-UPDATE(8)

NAME | SYNOPSIS | DESCRIPTION | OPTIONS | COMMANDS | TIPS | ENVIRONMENT | FILES | SEE ALSO | AUTHORS

Want to link to this manual page? Use this URL:
<https://man.freebsd.org/cgi/man.cgi?query=freebsd-update&manpath=FreeBSD+13.1-RELEASE+and+Ports>

home | help