# freebsd-update IDS flagging everything



## spork (May 1, 2021)

This one is kind of maddening. 4 brand new servers, all installed around the same time, firewalled to only allow ssh from a handful of IPs, and key-based auth only. It's a fair assumption that none of them were broken into, both based on the access restrictions and the fact the the "IDS" option is reporting 16,721 files with the wrong digest.

I also know that on this host there was an interrupted freebsd-update, and I suspect this has something to do with this issue.

What I've done so far: run freebsd-update a number of times to get actual updates (all without error), remove everything in /var/db/freebsd-update/files and re-run the IDS command.

Any ideas how to troubleshoot what's going on here?

Are there any other freebsd-update temporary or transient files/directories that should be nuked to "reset" things?


----------



## spork (May 1, 2021)

This seems to have forced a "reinstall" of sorts and shrank that list from 16,721 files to 17 (all expected):


```
freebsd-update -F --currently-running 12.1-RELEASE upgrade -r 12.2-RELEASE
```

Still would like some feedback on whether this is a valid way to repair and if there's any hints on what the original issue was.


----------

