Inconsistent version after upgrade ?

A

aji_pineapple

I'm a new FreeBSD user and just used freebsd-update fetch and freebsd-update install for the second time. I see inconsistent version numbers and am confused. Everything seems to be working. Is this normal ?

Also the handbook calls for upgrading packages after a major release via
pkg upgrade but is there any harm in doing this even otherwise ?

Lastly I'm using this on my personal laptop. What would be a reasonable/recommended cadence for doing both ?

Code: 
vikram@inspiron-2in-1 ~> freebsd-version  
14.1-RELEASE-p6

vikram@inspiron-2in-1 ~> freebsd-version -r
14.1-RELEASE-p5

vikram@inspiron-2in-1 ~> uname -r
14.1-RELEASE-p5

vikram@inspiron-2in-1 ~> cat /etc/os-release
NAME=FreeBSD
VERSION="14.1-RELEASE-p6"
VERSION_ID="14.1"
ID=freebsd
ANSI_COLOR="0;31"
PRETTY_NAME="FreeBSD 14.1-RELEASE-p6"
CPE_NAME="cpe:/o:freebsd:freebsd:14.1"
HOME_URL="https://FreeBSD.org/"
BUG_REPORT_URL="https://bugs.FreeBSD.org/"

vikram@inspiron-2in-1 ~> cat /var/run/os-release
NAME=FreeBSD
VERSION="14.1-RELEASE-p6"
VERSION_ID="14.1"
ID=freebsd
ANSI_COLOR="0;31"
PRETTY_NAME="FreeBSD 14.1-RELEASE-p6"
CPE_NAME="cpe:/o:freebsd:freebsd:14.1"
HOME_URL="https://FreeBSD.org/"
BUG_REPORT_URL="https://bugs.FreeBSD.org/"
 
freebsd-version -kru "kernel installed" "running kernel" "userland"
Depending on what is in a specific update (p-level) they may show differently.
Say an update is only userland components like sshd or ntpd. That version may likely be bumped.
A kernel only update will at first show a bump in the "k" version because that is what was installed.
Reboot will bring "k" and "r" versions into line.

uname only looks at the running kernel, should match freebsd-version -r.

man freebsd-version is pretty clear on this. The bolded paragraph explains the order the values are printed out; it is confusing when you specify -ruk but it actually print out in -kru order.
Code: 
NAME
     freebsd-version – print the version and patch level of the installed
     system

SYNOPSIS
     freebsd-version [-kru] [-j jail]

DESCRIPTION
     The freebsd-version utility makes a best effort to determine the version
     and patch level of the installed kernel and / or userland.

     The following options are available:

     -k          Print the version and patch level of the installed kernel.
                 Unlike uname(1), if a new kernel has been installed but the
                 system has not yet rebooted, freebsd-version will print the
                 version and patch level of the new kernel.

     -r          Print the version and patch level of the running kernel.
                 Unlike uname(1), this is unaffected by environment variables.

     -u          Print the version and patch level of the installed userland.
                 These are hardcoded into freebsd-version during the build.

     -j jail     Print the version and patch level of the installed userland
                 in the given jail specified by jid or name.  This option can
                 be specified multiple times.

     If several of the above options are specified, freebsd-version will print
     the installed kernel version first, then the running kernel version, next
     the userland version, and finally the userland version of the specified
     jails, on separate lines.  If neither is specified, it will print the
     userland version only.
 
aji_pineapple said:
I see inconsistent version numbers and am confused.
Click to expand...
fmc000 said:
it looks like the kernel is at patchlevel 5 whilst the userland is at 6.
Click to expand...

P6 fixed a couple of userland issues. The version of the kernel is baked in at compile time and because it hasn't been updated it should still show the 'old' version. If you (re)build the kernel it will show the 'new' version, but there will be no functional changes, it's merely cosmetic.
 
aji_pineapple said:
Thanks for the responses.

Also can or should I do pkg upgrades on a regular basis ?
Click to expand...
Opinions will vary, but if you are following quarterly (the default when you install a release), about every 3 months the package repos are rebuilt and update just about everything. Some packages will get security updates in between. I tend to run "pkg upgrade -n" every 2-3 weeks to see what has an update. Then I decide "should I?".

If one waits for quarterly, and you are using ZFS, I would make a new BE before actually doing the pkg upgrade command. Quick and easy rollback if there is a problem.
 
chrbr said:
Dear aji_pineapple,
I think it is a good practice to run pkg audit -F.That checks the packages against a database which lists vulnerable packages. With the option -F the database is fetched before the check. Please see pkg-audit(8) for dteails. I run the command after reboot using crontab(1). In case vulnerabilities are listed one should run pkg upgrade.
Click to expand...
That's exactly what I do. I make a custom XFCE genmon script for this:

Code: 
[18:46][fmc000@tu45b-freebsd][~/.local/bin]
 ╰─$ cat pkgaud.sh
#!/usr/local/bin/bash
PKGAUD=$(doas pkg audit -F|tail -1|awk '{print $1}')
OUTPUT=$(doas pkg audit -F|grep -v vulnxml)
ICO_OK=emblem-synchronized
ICO_AUD=emblem-important
if [ $PKGAUD -eq 0 ]; then
     ICO=$ICO_OK
else ICO=$ICO_AUD
     echo "<txt> ($PKGAUD)</txt>"
fi
echo "<icon>$ICO</icon>"
echo "<tool>$OUTPUT</tool>"
[18:46][fmc000@tu45b-freebsd][~/.local/bin]
 ╰─$

BTW, just a few minutes ago this script informed me about two vulnerabilities that were solved by the last updates batch.
 
mer said:
Opinions will vary, but if you are following quarterly (the default when you install a release), about every 3 months the package repos are rebuilt and update just about everything. Some packages will get security updates in between. I tend to run "pkg upgrade -n" every 2-3 weeks to see what has an update. Then I decide "should I?".

If one waits for quarterly, and you are using ZFS, I would make a new BE before actually doing the pkg upgrade command. Quick and easy rollback if there is a problem.
Click to expand...
Is BE the same as a snapshot ?

I like the idea of a regular quarterly cadence. guess i'll do the occasional pkg upgrade -n and if there is a huge list then do the upgrade.
 
You must log in or register to reply here.
Back
Top