[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

ezjail-admin update -u broken due to shared state directory with host OS


I was attempting to upgrade the OS for my ezjail installation using
binary updates (ezjail-admin update -u).

Here's what I got:

| % sudo ezjail-admin update -u
| Looking up update.FreeBSD.org mirrors... 5 mirrors found.
| Fetching metadata signature for 10.1-RELEASE from update4.freebsd.org... done.
| Fetching metadata index... done.
| Inspecting system... done.
| Preparing to download files... done.
| No updates needed to update system to 10.1-RELEASE-p15.
| No updates are available to install.
| Run '/usr/sbin/freebsd-update fetch' first.
| You have a partially completed upgrade pending
| Run '/usr/sbin/freebsd-update install' first.
| Run '/usr/sbin/freebsd-update fetch -F' to proceed anyway.

The jail had never applied recent updates. I poked around and found the
call to freebsd-update:

| % grep freebsd-update /usr/local/bin/ezjail-admin
| [...]
|     env PAGER=/bin/cat freebsd-update -b ${ezjail_jailbase} ${ezjail_urgency} install
| [...]

freebsd-update is being called without a -d argument, so it's defaulting
to the same state directory that is being used for the host freebsd

When I ran the following command manually, my updates were applied to
the basejail:

| % sudo freebsd-update -b . -d /var/db/freebsd-update-ezjail fetch \
| > install

This command found quite a bit of work to do to get the system up to p15
-- even though the ezjail-admin command reported there were no updates

I think this is a pretty bad bug, especially because the command output
implies to the user that they have applied their patches when in fact
they haven't. I'd supply a patch, but since it's a minimal change and I don't
know where the "right" place to keep that state directory would be, I
figured I'd defer to the maintainers.


Chris Cowart

Attachment: pgpEqBu4vN_NY.pgp
Description: PGP signature