# ezjail-admin update -u



## nforced (Sep 9, 2014)

Hi all, today I updated my system to 10.0-RELEASE-p8 as part of that I run

```
ezjail-admin update -u
Looking up update.FreeBSD.org mirrors... 5 mirrors found.
Fetching metadata signature for 10.0-RELEASE from update5.freebsd.org... done.
Fetching metadata index... done.
Inspecting system... done.
Preparing to download files... done.

No updates needed to update system to 10.0-RELEASE-p8.
No updates are available to install.
Run '/usr/sbin/freebsd-update fetch' first.
Looking up update.FreeBSD.org mirrors... 5 mirrors found.
Fetching metadata signature for 10.0-RELEASE from update4.freebsd.org... done.
Fetching metadata index... done.
Inspecting system... done.
Preparing to download files... done.

No updates needed to update system to 10.0-RELEASE-p8.
No updates are available to install.
```

Then I tried out of curiosity:

```
ezjail-admin console www
uname -a
FreeBSD www 10.0-RELEASE-p7 FreeBSD 10.0-RELEASE-p7 #0: Tue Jul  8 06:37:44 UTC 2014     root@amd64-builder.daemonology.net:/usr/obj/usr/src/sys/GENERIC  amd64

freebsd-update fetch
Looking up update.FreeBSD.org mirrors... 5 mirrors found.
Fetching metadata signature for 10.0-RELEASE from update6.freebsd.org... done.
Fetching metadata index... done.
Inspecting system... done.
Preparing to download files... done.

The following files will be updated as part of updating to 10.0-RELEASE-p8:
/etc/defaults/rc.conf
/var/db/mergemaster.mtree

freebsd-update install
Installing updates...mkdir: /boot/kernel.old: Read-only file system
mtree: /boot/kernel.old: No such file or directory
touch: /boot/kernel.old/.freebsd-update: No such file or directory
Could not create kernel backup directory
```

My question is why my jail is not updated to p8 (I even allowed myself to reboot just to be sure I am not missing something) after `ezjail-admin update -u` as described at http://erdgeist.org/arts/software/ezjail/?
Am I missing something or it's elsewhere to look at?


----------



## SirDice (Sep 9, 2014)

Jails run on the same kernel as the host. A `uname -a` inside a jail actually shows the host's information.

As for the p7 instead of p8, the last security patch didn't update the kernel. So the version the kernel reports doesn't change. There should now be a -U and -K option to uname(1) to query specifically the version of the Userland and Kernel.


----------



## nforced (Sep 10, 2014)

I thought  every system update made via freebsd-update increments the RELEASE-p number. I got confused because of this:


```
freebsd-update fetch
No updates needed to update system to 10.0-RELEASE-p8

uname -a
FreeBSD 10.0-RELEASE-p7 FreeBSD 10.0-RELEASE-p7
```

Thanks a lot!


----------



## SirDice (Sep 10, 2014)

nforced said:
			
		

> I thought  every system update made via freebsd-update increments the RELEASE-p number.


It does but the version is reported by a hardcoded value inside the kernel. And because the kernel wasn't replaced (the bug wasn't in the kernel), the version would stay the same. You will get it to show p8 if you rebuild the kernel from source.


----------



## kpa (Sep 10, 2014)

Starting with FreeBSD 10 there's a new command freebsd-version(1) that by default reports the installed userland version and would in this case report the correct -p8 patchlevel if the system was up to date. If used with the -k flag it reports the kernel version from `uname -a`.


----------



## SirDice (Sep 10, 2014)

I also noticed additional switches for uname(1). It now has a -K for kernel and -U for the userland version.


----------



## nforced (Sep 10, 2014)

Regarding to that, in my case I see this:

```
uname -K
1000510

uname -U
1000510

freebsd-version
10.0-RELEASE-p8
```

it looks to me that they are both the same version but is this right since the kernel itself is not actually updated? Shouldn't they show different numbers in this case?
I am just wondering what is the usage of those two switches in such cases.


----------



## kpa (Sep 10, 2014)

The version 1000510 is the so called internal FreeBSD version, it's not directly tied to the patchlevel. It is increased only when there are significant changes in the OS that must be detected at compile time of userland (including third party software) software. For the kernel it comes from the kern.osreldate sysctl(8) (this is from 10.0-RELEASE-p7):


```
firewall ~ % sysctl kern.osreldate 
kern.osreldate: 1000510
```

For the userland it can be read from /usr/include/sys/param.h:

```
firewall ~ % awk '/\#define __FreeBSD_version/ { print $3 }' /usr/include/sys/param.h
1000510
```


----------



## kpa (Sep 10, 2014)

There's a nice reference for the kern.osreldate values:

https://www.freebsd.org/doc/en/books/porters-handbook/book.html#freebsd-versions-table


----------

