Binary Update of Jails

by J. Edward Durrett

FreeBSD Jail Administration


The freebsd-update utility provides a means for quickly applying
security updates to jailed systems. To set this up, first make a copy
of /etc/freebsd-update.conf to
/usr/local/etc/freebsd-update-jail.conf. Modify
freebsd-update-jail.conf to suit the needs of the jailed environment
most likely setting it to update world and not kernel or source. Then
run freebsd-update:


freebsd-update -f /usr/local/etc/freebsd-update-jail.conf -b
/path/to/jail fetch

freebsd-update -f /usr/local/etc/freebsd-update-jail.conf -b
/path/to/jail install


This is considerably faster than updating a jail from source, as
just make buildworld can take over an hour on even fast modern
machines. In addition, freebsd-update can be called from cron making the update
process automatic.

Here is how to update a jail from source (assuming /usr/src is up to
date):


cd /usr/src
make buidlworld
make installworld DESTDIR=/path/to/jail
mergemaster -i -C -D /path/to/jail







Copyright (c) 2019, Jason Edward Durrett - All content on this site, unless otherwise noted, is subject to this license.

Please contact me if any errors, such as erroneous / misleading content or missing / incomplete attribution, are found.