freebsd-updateを使ってFreeBSD 9.2-RELEASEからFreeBSD 10.0-RELEASEに。どうしてなかなか、一筋縄では行きませんでした。
10.0-RELEASEのインストール
OSのインストール
現状のツリーを最新にしてからアップグレード。
# freebsd-update fetch # freebsd-update install # freebsd-update upgrade -r 10.0-RELEASE # freebsd-update install # shutdown -r now
インストールする。
Looking up update.FreeBSD.org mirrors... 5 mirrors found. Fetching metadata signature for 9.2-RELEASE from update4.freebsd.org... done. Fetching metadata index... done. Fetching 1 metadata patches. done. Applying metadata patches... done. Inspecting system... done. The following components of FreeBSD seem to be installed: kernel/generic world/base The following components of FreeBSD do not seem to be installed: world/doc world/games Does this look reasonable (y/n)?
途中で自動変更しきれなかった分の手動変更のためのプロンプトが出るので、その都度Enterを押してエディタを起動してから、内容を確認した上で編集する。
Fetching metadata signature for 10.0-RELEASE from update4.freebsd.org... done.
Fetching metadata index... done.
Fetching 1 metadata patches. done.
Applying metadata patches... done.
Fetching 1 metadata files... done.
Inspecting system... done.
Fetching files from 9.2-RELEASE for merging... done.
Preparing to download files... done.
Fetching 9910 patches.....10....20....(中略)....9900....9910 done.
Applying patches... done.
Fetching 9269 files... done.
Attempting to automatically merge changes in files... done.
The following file could not be merged automatically: /etc/mail/mailer.conf
Press Enter to edit this file in /usr/bin/vi and resolve the conflicts
manually...
The following file could not be merged automatically: /etc/motd
Press Enter to edit this file in /usr/bin/vi and resolve the conflicts
manually...
The following file could not be merged automatically: /etc/ssh/ssh_config
Press Enter to edit this file in /usr/bin/vi and resolve the conflicts
manually...
The following changes, which occurred between FreeBSD 9.2-RELEASE and
FreeBSD 10.0-RELEASE have been merged into /etc/freebsd-update.conf:
--- current version
+++ new version
@@ -1,6 +1,6 @@
-# $FreeBSD: release/9.2.0/etc/freebsd-update.conf 196392 2009-08-19 20:47:31Z simon $
+# $FreeBSD: release/10.0.0/etc/freebsd-update.conf 258121 2013-11-14 09:14:33Z glebius $
# Trusted keyprint. Changing this is a Bad Idea unless you've received
# a PGP-signed email from <security-officer@FreeBSD.org> telling you to
# change it and explaining why.
KeyPrint 800651ef4b4c71c27e60786d7b487188970f4b4169cc055784e21eb71d410cc5
@@ -33,11 +33,11 @@
# modified by the user (unless changes are merged; see below).
UpdateIfUnmodified /etc/ /var/ /root/ /.cshrc /.profile
# When upgrading to a new FreeBSD release, files which match MergeChanges
# will have any local changes merged into the version from the new release.
-MergeChanges /etc/ /var/named/etc/ /boot/device.hints
+MergeChanges /etc/ /boot/device.hints
### Default configuration options:
# Directory in which to store downloaded updates and temporary
# files used by FreeBSD Update.
Does this look reasonable (y/n)?
The following changes, which occurred between FreeBSD 9.2-RELEASE and
FreeBSD 10.0-RELEASE have been merged into /etc/group:
--- current version
+++ new version
@@ -1,6 +1,6 @@
-# $FreeBSD: release/9.2.0/etc/group 218046 2011-01-28 22:28:12Z pjd $
+# $FreeBSD: release/10.0.0/etc/group 256366 2013-10-12 06:08:18Z rpaulo $
#
wheel:*:0:root,yuka
daemon:*:1:
kmem:*:2:
sys:*:3:
@@ -16,10 +16,11 @@
sshd:*:22:
smmsp:*:25:
mailnull:*:26:
guest:*:31:
bind:*:53:
+unbound:*:59:
proxy:*:62:
authpf:*:63:
_pflogd:*:64:
_dhcp:*:65:
uucp:*:66:
Does this look reasonable (y/n)?
The following changes, which occurred between FreeBSD 9.2-RELEASE and
FreeBSD 10.0-RELEASE have been merged into /etc/inetd.conf:
--- current version
+++ new version
@@ -1,6 +1,6 @@
-# $FreeBSD: release/9.2.0/etc/inetd.conf 206039 2010-04-01 13:13:09Z des $
+# $FreeBSD: release/10.0.0/etc/inetd.conf 251794 2013-06-15 20:29:07Z eadler $
#
# Internet server configuration database
#
# Define *both* IPv4 and IPv6 entries for dual-stack support.
# To disable a service, comment it out by prefixing the line with '#'.
@@ -56,12 +56,12 @@
#
# CVS servers - for master CVS repositories only! You must set the
# --allow-root path correctly or you open a trivial to exploit but
# deadly security hole.
#
-#cvspserver stream tcp nowait root /usr/bin/cvs cvs --allow-root=/your/cvsroot/here pserver
-#cvspserver stream tcp nowait root /usr/bin/cvs cvs --allow-root=/your/cvsroot/here kserver
+#cvspserver stream tcp nowait root /usr/local/bin/cvs cvs --allow-root=/your/cvsroot/here pserver
+#cvspserver stream tcp nowait root /usr/local/bin/cvs cvs --allow-root=/your/cvsroot/here kserver
#
# RPC based services (you MUST have rpcbind running to use these)
#
#rstatd/1-3 dgram rpc/udp wait root /usr/libexec/rpc.rstatd rpc.rstatd
#rusersd/1-2 dgram rpc/udp wait root /usr/libexec/rpc.rusersd rpc.rusersd
Does this look reasonable (y/n)?
The following changes, which occurred between FreeBSD 9.2-RELEASE and
FreeBSD 10.0-RELEASE have been merged into /etc/master.passwd:
--- current version
+++ new version
@@ -1,6 +1,6 @@
-# $FreeBSD: release/9.2.0/etc/master.passwd 243947 2012-12-06 11:52:31Z rwatson $
+# $FreeBSD: release/10.0.0/etc/master.passwd 256366 2013-10-12 06:08:18Z rpaulo $
#
root:$1$/1P5I.gH$gLDAOi:0:0::0:0:Charlie &:/root:/bin/csh
toor:*:0:0::0:0:Bourne-again Superuser:/root:
daemon:*:1:1::0:0:Owner of many system processes:/root:/usr/sbin/nologin
operator:*:2:5::0:0:System &:/:/usr/sbin/nologin
@@ -12,10 +12,11 @@
man:*:9:9::0:0:Mister Man Pages:/usr/share/man:/usr/sbin/nologin
sshd:*:22:22::0:0:Secure Shell Daemon:/var/empty:/usr/sbin/nologin
smmsp:*:25:25::0:0:Sendmail Submission User:/var/spool/clientmqueue:/usr/sbin/nologin
mailnull:*:26:26::0:0:Sendmail Default User:/var/spool/mqueue:/usr/sbin/nologin
bind:*:53:53::0:0:Bind Sandbox:/:/usr/sbin/nologin
+unbound:*:59:59::0:0:Unbound DNS Resolver:/var/unbound:/usr/sbin/nologin
proxy:*:62:62::0:0:Packet Filter pseudo-user:/nonexistent:/usr/sbin/nologin
_pflogd:*:64:64::0:0:pflogd privsep user:/var/empty:/usr/sbin/nologin
_dhcp:*:65:65::0:0:dhcp programs:/var/empty:/usr/sbin/nologin
uucp:*:66:66::0:0:UUCP pseudo-user:/var/spool/uucppublic:/usr/local/libexec/uucp/uucico
pop:*:68:6::0:0:Post Office Owner:/nonexistent:/usr/sbin/nologin
Does this look reasonable (y/n)?
The following changes, which occurred between FreeBSD 9.2-RELEASE and
FreeBSD 10.0-RELEASE have been merged into /etc/master.passwd:
--- current version
+++ new version
@@ -1,6 +1,6 @@
-# $FreeBSD: release/9.2.0/etc/master.passwd 243947 2012-12-06 11:52:31Z rwatson $
+# $FreeBSD: release/10.0.0/etc/master.passwd 256366 2013-10-12 06:08:18Z rpaulo $
#
root:$1$/1P6I.rH$tLXAOiJ3uJFnmHVSG4BlN1:0:0::0:0:Charlie &:/root:/bin/csh
toor:*:0:0::0:0:Bourne-again Superuser:/root:
daemon:*:1:1::0:0:Owner of many system processes:/root:/usr/sbin/nologin
operator:*:2:5::0:0:System &:/:/usr/sbin/nologin
@@ -12,10 +12,11 @@
man:*:9:9::0:0:Mister Man Pages:/usr/share/man:/usr/sbin/nologin
sshd:*:22:22::0:0:Secure Shell Daemon:/var/empty:/usr/sbin/nologin
smmsp:*:25:25::0:0:Sendmail Submission User:/var/spool/clientmqueue:/usr/sbin/nologin
mailnull:*:26:26::0:0:Sendmail Default User:/var/spool/mqueue:/usr/sbin/nologin
bind:*:53:53::0:0:Bind Sandbox:/:/usr/sbin/nologin
+unbound:*:59:59::0:0:Unbound DNS Resolver:/var/unbound:/usr/sbin/nologin
proxy:*:62:62::0:0:Packet Filter pseudo-user:/nonexistent:/usr/sbin/nologin
_pflogd:*:64:64::0:0:pflogd privsep user:/var/empty:/usr/sbin/nologin
_dhcp:*:65:65::0:0:dhcp programs:/var/empty:/usr/sbin/nologin
uucp:*:66:66::0:0:UUCP pseudo-user:/var/spool/uucppublic:/usr/local/libexec/uucp/uucico
pop:*:68:6::0:0:Post Office Owner:/nonexistent:/usr/sbin/nologin
Does this look reasonable (y/n)? y
The following changes, which occurred between FreeBSD 9.2-RELEASE and
FreeBSD 10.0-RELEASE have been merged into /etc/motd:
--- current version
+++ new version
@@ -1 +0,0 @@
-FreeBSD 9.2-RELEASE-p5 (GENERIC) #0: Tue Apr 29 18:53:19 UTC 2014
Does this look reasonable (y/n)?
The following changes, which occurred between FreeBSD 9.2-RELEASE and
FreeBSD 10.0-RELEASE have been merged into /etc/motd:
--- current version
+++ new version
@@ -1 +0,0 @@
-FreeBSD 9.2-RELEASE-p5 (GENERIC) #0: Tue Apr 29 18:53:19 UTC 2014
Does this look reasonable (y/n)? y
The following changes, which occurred between FreeBSD 9.2-RELEASE and
FreeBSD 10.0-RELEASE have been merged into /etc/passwd:
--- current version
+++ new version
@@ -1,6 +1,6 @@
-# $FreeBSD: release/9.2.0/etc/master.passwd 243947 2012-12-06 11:52:31Z rwatson $
+# $FreeBSD: release/10.0.0/etc/master.passwd 256366 2013-10-12 06:08:18Z rpaulo $
#
root:*:0:0:Charlie &:/root:/bin/csh
toor:*:0:0:Bourne-again Superuser:/root:
daemon:*:1:1:Owner of many system processes:/root:/usr/sbin/nologin
operator:*:2:5:System &:/:/usr/sbin/nologin
@@ -12,10 +12,11 @@
man:*:9:9:Mister Man Pages:/usr/share/man:/usr/sbin/nologin
sshd:*:22:22:Secure Shell Daemon:/var/empty:/usr/sbin/nologin
smmsp:*:25:25:Sendmail Submission User:/var/spool/clientmqueue:/usr/sbin/nologin
mailnull:*:26:26:Sendmail Default User:/var/spool/mqueue:/usr/sbin/nologin
bind:*:53:53:Bind Sandbox:/:/usr/sbin/nologin
+unbound:*:59:59:Unbound DNS Resolver:/var/unbound:/usr/sbin/nologin
proxy:*:62:62:Packet Filter pseudo-user:/nonexistent:/usr/sbin/nologin
_pflogd:*:64:64:pflogd privsep user:/var/empty:/usr/sbin/nologin
_dhcp:*:65:65:dhcp programs:/var/empty:/usr/sbin/nologin
uucp:*:66:66:UUCP pseudo-user:/var/spool/uucppublic:/usr/local/libexec/uucp/uucico
pop:*:68:6:Post Office Owner:/nonexistent:/usr/sbin/nologin
Does this look reasonable (y/n)?
The following changes, which occurred between FreeBSD 9.2-RELEASE and
FreeBSD 10.0-RELEASE have been merged into /etc/rc.firewall:
--- current version
+++ new version
@@ -21,11 +21,11 @@
# HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
# LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
# OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
# SUCH DAMAGE.
#
-# $FreeBSD: release/9.2.0/etc/rc.firewall 208060 2010-05-14 04:53:57Z dougb $
+# $FreeBSD: release/10.0.0/etc/rc.firewall 238416 2012-07-13 06:46:09Z kevlo $
#
#
# Setup system for ipfw(4) firewall service.
#
@@ -44,11 +44,11 @@
# Define the firewall type in /etc/rc.conf. Valid values are:
# open - will allow anyone in
# client - will try to protect just this machine
# simple - will try to protect a whole network
# closed - totally disables IP services except via lo0 interface
-# workstation - will try to protect just this machine using statefull
+# workstation - will try to protect just this machine using stateful
# firewalling. See below for rc.conf variables used
# UNKNOWN - disables the loading of firewall rules.
# filename - will load the rules in the given filename (full path required)
#
# For ``client'' and ``simple'' the entries below should be customized
@@ -76,11 +76,11 @@
# ISBN 0-201-63466-X
# http://www.pearsonhighered.com/
# http://www.pearsonhighered.com/educator/academic/product/0,3110,020163466X,00.html
#
-setup_loopback () {
+setup_loopback() {
############
# Only in rare cases do you want to change these rules
#
${fwcmd} add 100 pass all from any to any via lo0
${fwcmd} add 200 deny all from any to 127.0.0.0/8
@@ -157,11 +157,11 @@
# DENY
${fwcmd} add 999 deny ip from any to any
}
-setup_ipv6_mandatory () {
+setup_ipv6_mandatory() {
[ $ipv6_available -eq 0 ] || return 0
############
# Only in rare cases do you want to change these rules
#
@@ -171,11 +171,11 @@
${fwcmd} add pass ipv6-icmp from :: to ff02::/16
# RS, RA, NS, NA, redirect...
${fwcmd} add pass ipv6-icmp from fe80::/10 to fe80::/10
${fwcmd} add pass ipv6-icmp from fe80::/10 to ff02::/16
- # Allow ICMPv6 destination unreach
+ # Allow ICMPv6 destination unreachable
${fwcmd} add pass ipv6-icmp from any to any icmp6types 1
# Allow NS/NA/toobig (don't filter it out)
${fwcmd} add pass ipv6-icmp from any to any icmp6types 2,135,136
}
@@ -503,11 +503,11 @@
# the firewall.
# firewall_logdeny: Boolean (YES/NO) specifying if the
# default denied packets should be
# logged (in /var/log/security).
# firewall_nologports: List of TCP/UDP ports for which
- # denied incomming packets are not
+ # denied incoming packets are not
# logged.
# Allow packets for which a state has been built.
${fwcmd} add check-state
@@ -571,19 +571,19 @@
# Drop packets to ports where we don't want logging
for i in ${firewall_nologports} ; do
${fwcmd} add deny { tcp or udp } from any to any $i in
done
- # Broadcasts and muticasts
+ # Broadcasts and multicasts
${fwcmd} add deny ip from any to 255.255.255.255
${fwcmd} add deny ip from any to 224.0.0.0/24 in # XXX
# Noise from routers
${fwcmd} add deny udp from any to any 520 in
# Noise from webbrowsing.
- # The statefull filter is a bit agressive, and will cause some
+ # The stateful filter is a bit aggressive, and will cause some
# connection teardowns to be logged.
${fwcmd} add deny tcp from any 80,443 to any 1024-65535 in
# Deny and (if wanted) log the rest unconditionally.
log=""
Does this look reasonable (y/n)?
The following changes, which occurred between FreeBSD 9.2-RELEASE and
FreeBSD 10.0-RELEASE have been merged into /etc/services:
--- current version
+++ new version
@@ -14,11 +14,11 @@
# The Dynamic and/or Private Ports are those from 49152 through 65535
#
# Kerberos services are for Kerberos v4, and are unofficial. Sites running
# v5 should uncomment v5 entries and comment v4 entries.
#
-# $FreeBSD: release/9.2.0/etc/services 233772 2012-04-02 10:24:50Z ivoras $
+# $FreeBSD: release/10.0.0/etc/services 233506 2012-03-26 11:48:47Z ivoras $
# From: @(#)services 5.8 (Berkeley) 5/9/91
#
# WELL KNOWN PORT NUMBERS
#
rtmp 1/ddp #Routing Table Maintenance Protocol
@@ -794,11 +794,11 @@
alpes 463/udp
#
kpasswd5 464/tcp # Kerberos (v5)
kpasswd5 464/udp # Kerberos (v5)
#PROBLEMS!==============================================================
-# IANA has offically assigned these two ports as ``kpasswd''
+# IANA has officially assigned these two ports as ``kpasswd''
#kpasswd 464/tcp # Kerberos (v5)
#kpasswd 464/udp # Kerberos (v5)
#PROBLEMS!==============================================================
smtps 465/tcp #smtp protocol over TLS/SSL (was ssmtp)
smtps 465/udp #smtp protocol over TLS/SSL (was ssmtp)
@@ -1274,12 +1274,12 @@
mdc-portmapper 685/udp #MDC Port Mapper
hcp-wismar 686/tcp #Hardware Control Protocol Wismar
hcp-wismar 686/udp #Hardware Control Protocol Wismar
asipregistry 687/tcp
asipregistry 687/udp
-realm-rusd 688/tcp #ApplianceWare managment protocol
-realm-rusd 688/udp #ApplianceWare managment protocol
+realm-rusd 688/tcp #ApplianceWare management protocol
+realm-rusd 688/udp #ApplianceWare management protocol
nmap 689/tcp
nmap 689/udp
vatp 690/tcp #Velazquez Application Transfer Protocol
vatp 690/udp #Velazquez Application Transfer Protocol
msexch-routing 691/tcp #MS Exchange Routing
@@ -2393,11 +2393,11 @@
sge_execd 6445/udp #Grid Engine Execution Service
xdsxdm 6558/tcp
xdsxdm 6558/udp
sane-port 6566/tcp #Scanner Access Now Easy (SANE) Control Port
sane-port 6566/udp #Scanner Access Now Easy (SANE) Control Port
-ircd 6667/tcp #Internet Relay Chat (unoffical)
+ircd 6667/tcp #Internet Relay Chat (unofficial)
frc-hp 6704/sctp #ForCES HP (High Priority) channel
frc-mp 6705/sctp #ForCES MP (Medium Priority) channel
frc-lp 6706/sctp #ForCES LP (Low priority) channel
acmsoda 6969/tcp
acmsoda 6969/udp
Does this look reasonable (y/n)?
The following changes, which occurred between FreeBSD 9.2-RELEASE and
FreeBSD 10.0-RELEASE have been merged into /etc/ssh/ssh_config:
--- current version
+++ new version
@@ -1,5 +1,7 @@
+# $OpenBSD: ssh_config,v 1.27 2013/05/16 02:00:34 dtucker Exp $
+# $FreeBSD: release/10.0.0/crypto/openssh/ssh_config 258343 2013-11-19 11:47:30Z des $
# This is the ssh client system-wide configuration file. See
# ssh_config(5) for more information. This file provides defaults for
# users, and the values can be changed in per-user configuration files
# or on the command line.
@@ -41,8 +43,11 @@
# Tunnel no
# TunnelDevice any:any
# PermitLocalCommand no
# VisualHostKey no
# ProxyCommand ssh -q -W %h:%p gateway.example.com
+# RekeyLimit 1G 1h
+# VerifyHostKeyDNS yes
+# VersionAddendum FreeBSD-20131111
Host one.domain.jp two.domain.jp
Port 10248
Does this look reasonable (y/n)?
The following changes, which occurred between FreeBSD 9.2-RELEASE and
FreeBSD 10.0-RELEASE have been merged into /etc/ssh/sshd_config:
--- current version
+++ new version
@@ -1,7 +1,7 @@
-# $OpenBSD: sshd_config,v 1.89 2013/02/06 00:20:42 dtucker Exp $
-# $FreeBSD: release/9.2.0/crypto/openssh/sshd_config 252339 2013-06-28 09:55:00Z des $
+# $OpenBSD: sshd_config,v 1.90 2013/05/16 04:09:14 dtucker Exp $
+# $FreeBSD: release/10.0.0/crypto/openssh/sshd_config 258343 2013-11-19 11:47:30Z des $
# This is the sshd server system-wide configuration file. See
# sshd_config(5) for more information.
# This sshd was compiled with PATH=/usr/bin:/bin:/usr/sbin:/sbin
@@ -32,10 +32,13 @@
# Lifetime and size of ephemeral version 1 server key
#KeyRegenerationInterval 1h
#ServerKeyBits 1024
+# Ciphers and keying
+#RekeyLimit default none
+
# Logging
# obsoletes QuietMode and FascistLogging
#SyslogFacility AUTH
#LogLevel INFO
@@ -114,11 +117,11 @@
#UseDNS yes
#PidFile /var/run/sshd.pid
#MaxStartups 10:30:100
#PermitTunnel no
#ChrootDirectory none
-#VersionAddendum FreeBSD-20130515
+#VersionAddendum FreeBSD-20131111
# no default banner path
#Banner none
# override default of no subsystems
Does this look reasonable (y/n)?
The following changes, which occurred between FreeBSD 9.2-RELEASE and
FreeBSD 10.0-RELEASE have been merged into /etc/syslog.conf:
--- current version
+++ new version
@@ -1,6 +1,6 @@
-# $FreeBSD: release/9.2.0/etc/syslog.conf 238473 2012-07-15 10:55:43Z brueffer $
+# $FreeBSD: release/10.0.0/etc/syslog.conf 252481 2013-07-01 21:20:17Z asomers $
#
# Spaces ARE valid field separators in this file. However,
# other *nix-like systems still insist on using tabs as field
# separators. If you are sharing this file between systems, you
# may want to use only tabs as field separators here.
@@ -11,10 +11,11 @@
auth.info;authpriv.info /var/log/auth.log
mail.info /var/log/maillog
lpr.info /var/log/lpd-errs
ftp.info /var/log/xferlog
cron.* /var/log/cron
+!-devd
*.=debug /var/log/debug.log
*.emerg *
local6.* /var/log/imapd.log
# uncomment this to log all writes to /dev/console to /var/log/console.log
# touch /var/log/console.log and chmod it to mode 600 before it will work
@@ -26,8 +27,11 @@
#*.* @loghost
# uncomment these if you're running inn
# news.crit /var/log/news/news.crit
# news.err /var/log/news/news.err
# news.notice /var/log/news/news.notice
+# Uncomment this if you wish to see messages produced by devd
+# !devd
+# *.>=info /var/log/devd.log
!ppp
*.* /var/log/ppp.log
!*
Does this look reasonable (y/n)?
The following files will be removed as part of updating to 10.0-RELEASE-p2:
/boot/kernel/amd.ko
/boot/kernel/amd.ko.symbols
/boot/kernel/atadisk.ko
/boot/kernel/atadisk.ko.symbols
/boot/kernel/atapicam.ko
/boot/kernel/atapicam.ko.symbols
/boot/kernel/atapicd.ko
/boot/kernel/atapicd.ko.symbols
/boot/kernel/atapifd.ko
/boot/kernel/atapifd.ko.symbols
/boot/kernel/atapist.ko
/boot/kernel/atapist.ko.symbols
/boot/kernel/ataraid.ko
/boot/kernel/ataraid.ko.symbols
/boot/kernel/coda.ko
/boot/kernel/coda.ko.symbols
/boot/kernel/coda5.ko
/boot/kernel/coda5.ko.symbols
/boot/kernel/if_carp.ko
/boot/kernel/if_carp.ko.symbols
/boot/kernel/musb.ko
...(略)...
The following files will be updated as part of updating to 10.0-RELEASE-p2:
/.cshrc
/.profile
/COPYRIGHT
/bin/[
/bin/cat
/bin/chflags
/bin/chio
/bin/chmod
/bin/cp
/bin/csh
/bin/date
/bin/dd
/bin/df
/bin/domainname
/bin/echo
/bin/ed
/bin/expr
/bin/getfacl
/bin/hostname
/bin/kenv
/bin/kill
...(略)...
To install the downloaded upgrades, run "/usr/sbin/freebsd-update install".
新OSをインストール。
# freebsd-update install Installing updates... Kernel updates have been installed. Please reboot and run "/usr/sbin/freebsd-update install" again to finish installing updates # shutdown -r now
/etc/fstabの編集
ここで問題発生。再起動されない。SakuraのVNCコンソールから起動画面を見てみると、次のようにエラーが出てブート途中で止まっていた。ただし、2台目ではこのような問題は出なかったので、こうなる原因は不明。
Root mount waiting for: usbus0 ugen0.2: <QEMU 0.12.1> at usbus0 Trying to mount root from ufs:/dev/ad0s1a [rw]... mountroot: waiting for device /dev/ad0s1a ... Mounting from ufs:/dev/ad0s1a failed with error 19. Loader variables: vfs.root.mountfrom=ufs:/dev/ad0s1a vfs.root.mountfrom.options=rw Manual root filesystem specification: <fstype>:<device> [options] Mount <device> using fylesystem <fstype> and with the specified (optional) option list. eg. ufs:/dev/da0s1a zfs:tank cd9660:/dev/acd0 ro (wichi is equivalent to: mount -t cd9660 -o ro /dev/acd0 /) ? List valid disk boot devices . Yild 1 second (for background tasks) <empty line> Abort manual input mountroot>
SakuraがVPSのラインナップを変更した際、デバイス名が変更になったためらしい。まずデバイス名を確認。
mountroot> ? ufsid/4fa2723dbdde40e4 ..(略).. vtbd0s1f vtbd0s1e vtbd0s1d vtbd0s1b vtbd0s1a cd0 vtbd0s1 vtbd0
ドライブ名の先頭の数文字が変更されたことがわかる。ブートディスク(vtbd0s1a)を指定してマウント。シェル指定をするようプロンプトが出たら、リターンキーを押す。(好みがあれば指定してもいいけど、大した作業をするわけでもないので、shで困らない。)
mountroot> ufs:/dev/vtbd0s1a rw Trying to mount root from ufs:/dev/vtbd0s1a []... ..(略).. Enter full pathname of shell or RETURN for /bin/sh:
/usr もマウント。
# mount -u -o rw / # mount -t ufs -o rw /dev/vtbd0s1f /usr
viで/etc/fstabを編集。
# /usr/bin/vi /etc/fstab
次のように/etc/fstabを書き換える。
# Device Mountpoint FStype Options Dump Pass# /dev/vtbd0s1b none swap sw 0 0 /dev/vtbd0s1a / ufs rw 1 1 /dev/vtbd0s1e /tmp ufs rw 2 2 /dev/vtbd0s1f /usr ufs rw 2 2 /dev/vtbd0s1d /var ufs rw 2 2 /dev/vtbdd0 /cdrom cd9660 ro,noauto 0 0
1フィールド目にあるデバイス名の先頭文字を「a」→「vtb」に変更するだけ。
/etc/defaults/rc.confの編集
これも2台目では不要だった。viでrc.confを開く。
# /usr/bin/vi /etc/defaults/rc.conf
次の行を編集、または追加し、Sakuraから指定されたホスト名、IPアドレス、ゲートウェイIPアドレスを設定。
hostname="xxx.xxx.jp" ifconfig_vtnet0="inet xxx.xxx.xxx.xxx netmask 255.255.254.0" defaultrouter="xxx.xxx.xxx.xxx"
設定完了したら、OSを再起動。
# shutdown -r now
再起動したら残りをインストールして、また再起動
# freebsd-update install # shutdown -r now
残りのインストール
2台目では/etc/fstabや/etc/defaults/rc.confの編集が不要だったので、素直に残りをインストールしてから再起動。
# freebsd-update install Installing updates... Completing this upgrade requires removing old shared object files. Please rebuild all installed 3rd party software (e.g., programs installed from the ports tree) and then run "/usr/sbin/freebsd-update install" again to finish installing updates. # shutdown -r now
pkgのインストールとports再ビルド
portsの管理方式が変更されているため、pkgをインストール。コマンド起動すれば、自動的にインストールされる。
# pkg The package management tool is not yet installed on your system. Do you want to fetch and install it now? [y/N]: y Bootstrapping pkg from ..(略)..
管理データベースを旧形式から変換し、再作成。
# pkg2ng Converting packages from /var/db/pkg ...(略)... Analysing shared libraries, this will take a while... done # pkg upgrade -f Updating repository catalogue ...(略)... The upgrade will free 141 MB 92 MB to be downloaded Proceed with upgrading packages [y/N]: y ..(略)... # portmaster -af
個別に依存関係などの問題を解決する必要があったと思うけれども、メモしきれていないので割愛。
PHPのインストール
portsを使わず自分でコンパイルしているPHPを個別にビルドし直してインストール。
# cd /usr/src/php-5.5.11 # make clean distclean; ./configure; make # cp /usr/local/bin/libtool . # make clean install
途中でlibtoolをコピーしているのは、何もせず普通にmakeするとlibphp5.soが作成されなかったため。環境によりlibphp5.soが作成されない場合があるバグがあるらしい。不具合が発生する条件は不明。libphp5.soが作成されなかった場合には、portsからインストールされているlibtoolをPHPのソースディレクトリにコピーして再ビルドすれば良いとのこと。
この先PHPをアップグレードするたびにlibtoolをローカルにコピーする必要があるのか、今回限りなのかはまだ不明。
OSアップグレードの残りのインストール
サードパーティのパッケージ再構築まで完了したら、再度OSアップグレードの残りをインストールし、システム再起動。
# freebsd-update install # shutdown -r now
BINDからUnbound/LDNSへ移行
具体的な影響としては、BIND由来のツールである「nslookup」や「dig」が使えなくなる。
FreeBSD 10.0以降では、次のようにすれば良い。
- nslookupの代わりに「host」コマンドを使用
- digの代わりに「drill」コマンドを使用
- どうしてもnslookupやdigを使いたければ、bind-tools(dns/bind-tools)をインストール
特にコマンドにこだわりがあるわけでもないので、hostとdrillを使っていこうと思う。
