After setting up a minimal FreeBSD install, I want to update the ports tree to the latest available.
FreeBSD provides a program to do this. It’s called cvsup (cvs update). To find the program, I search the ports tree.
freebsd# cd /usr/ports
freebsd# make search key=cvsup | grep Path:
I want the cvsup without the gui, so I change into that directory and install it.
freebsd# cd net/cvsup-without-gui/
freebsd# sudo make install
===> Extracting for cvsup-without-gui-16.1h_4
=> MD5 Checksum OK for cvsup-snap-16.1h.tar.gz.
=> SHA256 Checksum OK for cvsup-snap-16.1h.tar.gz.
===> Patching for cvsup-without-gui-16.1h_4
===> Applying FreeBSD patches for cvsup-without-gui-16.1h_4
===> Registering installation for cvsup-without-gui-16.1h_4
===> SECURITY REPORT:
This port has installed the following files which may act as network
servers and may therefore pose a remote security risk to the system.
If there are vulnerabilities in these programs there may be a security
risk to the system. FreeBSD makes no guarantee about the security of
ports included in the Ports Collection. Please type ‘make deinstall’
to deinstall the port if this is a concern.
For more information, and contact details about the security
status of this software, see the following webpage:
I next need a config file to make cvsup update the ports tree.
# IMPORTANT: Change the next line to use one of the CVSup mirror sites
# listed at http://www.freebsd.org/doc/handbook/mirrors.html.
*default release=cvs tag=.
*default delete use-rel-suffix
# If you seem to be limited by CPU rather than network or disk bandwidth, try
# commenting out the following line. (Normally, today’s CPUs are fast enough
# that you want to run compression.)
## Ports Collection.
# The easiest way to get the ports tree is to use the "ports-all"
# mega-collection. It includes all of the individual "ports-*"
Now we run rehash to rescan our PATH variable for new commands, then run cvsup to update our ports tree.
freebsd# cvsup /root/ports-supfile
Connected to cvsup5.us.FreeBSD.org
Updating collection ports-all/cvs
Now our ports tree is up to date. If you want to see what ports you’ve installed that have security updates available, run “/usr/local/sbin/portaudit”. It will list any ports that need updating. If you get command not found, cd to /usr/ports/ports-mgmt/portaudit and do a “sudo make install”.