Skip site navigation (1)Skip section navigation (2)

FreeBSD Manual Pages


home | help
FREEBSD-UPDATE(8)	  BSD System Manager's Manual	     FREEBSD-UPDATE(8)

     freebsd-update -- fetch and install binary	updates	to FreeBSD

     freebsd-update [-b	basedir] [-d workdir] [-f conffile] [-k	KEY]
		    [-r	newrelease] [-s	server]	[-t address] command ...

     The freebsd-update	tool is	used to	fetch, install,	and rollback binary
     updates to	the FreeBSD base system.  Note that updates are	only available
     if	they are being built for the FreeBSD release and architecture being
     used; in particular, the FreeBSD Security Team only builds	updates	for
     releases shipped in binary	form by	the FreeBSD Release Engineering	Team,
     e.g., FreeBSD 7.3-RELEASE and FreeBSD 8.0,	but not	FreeBSD	6.3-STABLE or
     FreeBSD 9.0-CURRENT.

     The following options are supported:

     -b	basedir	  Operate on a system mounted at basedir.  (default: /,	or as
		  given	in the configuration file.)

     -d	workdir	  Store	working	files in workdir.  (default:
		  /var/db/freebsd-update/, or as given in the configuration

     -f	conffile  Read configuration options from conffile.  (default:

     -k	KEY	  Trust	an RSA key with	SHA256 of KEY.	(default: read value
		  from configuration file.)

     -r	newrelease
		  Specify the new release to which freebsd-update should up-
		  grade	(upgrade command only).

     -s	server	  Fetch	files from the specified server	or server pool.	 (de-
		  fault: read value from configuration file.)

     -t	address	  Mail output of cron command, if any, to address.  (default:
		  root,	or as given in the configuration file.)

     The command can be	any one	of the following:

     fetch	  Based	on the currently installed world and the configuration
		  options set, fetch all available binary updates.

     cron	  Sleep	a random amount	of time	between	1 and 3600 seconds,
		  then download	updates	as if the fetch	command	was used.  If
		  updates are downloaded, an email will	be sent	(to root or a
		  different address if specified via the -t option or in the
		  configuration	file).	As the name suggests, this command is
		  designed for running from cron(8); the random	delay serves
		  to minimize the probability that a large number of machines
		  will simultaneously attempt to fetch updates.

     upgrade	  Fetch	files necessary	for upgrading to a new release.	 Be-
		  fore using this command, make	sure that you read the an-
		  nouncement and release notes for the new release in case
		  there	are any	special	steps needed for upgrading.

     install	  Install the most recently fetched updates or upgrade.

     rollback	  Uninstall the	most recently installed	updates.

     IDS	  Compare the system against a "known good" index of the in-
		  stalled release.

     o	 If your clock is set to local time, adding the	line

	       0 3 * * * root /usr/sbin/freebsd-update cron

	 to /etc/crontab will check for	updates	every night.  If your clock is
	 set to	UTC, please pick a random time other than 3AM, to avoid	overly
	 imposing an uneven load on the	server(s) hosting the updates.

     o	 In spite of its name, IDS should not be relied	upon as	an "Intrusion
	 Detection System", since if the system	has been tampered with it can-
	 not be	trusted	to operate correctly.  If you intend to	use this com-
	 mand for intrusion-detection purposes,	make sure you boot from	a se-
	 cure disk (e.g., a CD).

     /etc/freebsd-update.conf  Default location	of the freebsd-update configu-
			       ration file.

     /var/db/freebsd-update/   Default location	where freebsd-update stores
			       temporary files and downloaded updates.


     Colin Percival <>

FreeBSD				 July 14, 2010			       FreeBSD


Want to link to this manual page? Use this URL:

home | help