# Support for your FreeBSD version has ended



## FBSD (Dec 27, 2017)

Good day - I've come across a weird problem with installing ports in a new jail. Using FreeBSD 11.1 with ezjail, updated with the latest patches.
You may suggest to install the package, but I want to change something in the defaults (MySQL support).

Host System
`# uname -a`

```
FreeBSD  11.1-RELEASE-p4 FreeBSD 11.1-RELEASE-p4
```

Jail
`root@fileserver:~ # uname -a`

```
FreeBSD fileserver 11.1-RELEASE-p4 FreeBSD 11.1-RELEASE-p4
```

Ports Tree updated in the basejail:
`ezjail-admin update -P`


```
# ezjail-admin update -P
```


```
Looking up portsnap.FreeBSD.org mirrors... 6 mirrors found.
Fetching snapshot tag from your-org.portsnap.freebsd.org... done.
Fetching snapshot metadata... done.
Updating from Tue Dec 26 21:39:02 UTC 2017 to Wed Dec 27 13:28:37 UTC 2017.
Fetching 5 metadata patches... done.
Applying metadata patches... done.
Fetching 0 metadata files... done.
Fetching 97 patches. 
(97/97) 100.00%  done.                                     
done.
Applying patches... 
done.
Fetching 3 new ports or files... done.
Removing old files and directories... done.
Extracting new files:
```


When I try to install a port (for example wget), I get the following error message:


```
Ports Collection support for your FreeBSD version has ended, and no ports are
guaranteed to build on this system. Please upgrade to a supported release.

No support will be provided if you silence this message by defining
ALLOW_UNSUPPORTED_SYSTEM.

*** Error code 1

Stop.
make[1]: stopped in /basejail/usr/ports/ftp/wget
*** Error code 1

Stop.
make: stopped in /basejail/usr/ports/ftp/wget
```


Does the system think it's still on FreeBSD 11.0 for which support stopped on 30 Nov 2017? (https://www.freebsd.org/security/unsupported.html). Note, update the system from 11.0 to 11.1 a few months back.

Any ideas to get past this problem?


----------



## SirDice (Dec 27, 2017)

FBSD said:


> Jail
> `root@fileserver:~ # uname -a`


Use freebsd-version(1), uname(1) shows the kernel version of the host, not the jail (the jail doesn't have a kernel).


----------



## jef (Dec 27, 2017)

I'm seeing very similar and very puzzling behavior where a relatively "clean" jail has been upgraded to
11.1-RELEASE-p6 using freebsd-update(8), `freebsd-version -u` confirms that version, the host is running
11.1-RELEASE-p6, and ports fail to build with a fresh install from portsnap(8).


```
root@test:/usr/ports/net/mosquitto # make
===> Building/installing dialog4ports as it is required for the config dialog
===>  Cleaning for dialog4ports-0.1.6
/!\ ERROR: /!\

Ports Collection support for your FreeBSD version has ended, and no ports are
guaranteed to build on this system. Please upgrade to a supported release.

No support will be provided if you silence this message by defining
ALLOW_UNSUPPORTED_SYSTEM.
```

While I can create a new jail, it seems as though there is something wrong here, and I'll likely need to resolve it for non-trivial jails as well.

This was also the case when the jail was on 11.1-RELEASE-p4. Upgrading the host and jail to 11.1-RELEASE-p6 did not solve the issue. The jail was likely originally created as 11.0-RELEASE and has been upgraded with freebsd-update(8) over time from the host system using the -b option.

Similar problems have been reported at https://forums.freebsd.org/threads/63794/


----------



## FBSD (Dec 27, 2017)

Sure. Yes should've mentioned that. freebsd-version shows -p6 (host and jail).


----------



## FBSD (Dec 28, 2017)

Any ideas? Or should we wait for -p7 to fix this?


----------



## SirDice (Dec 28, 2017)

To be honest I have no idea why your jail thinks it's running an older version. Is the ports tree inside the jail up to date? 

I'm going to try and dig through the Mk scripts to see where and how it detects the version, that might provide some clues where to look in the jail.


----------



## SirDice (Dec 28, 2017)

That was easier than I anticipated, usually those Mk files are horrible to debug. 

This appears to be the important part:

```
# Get __FreeBSD_version
.if !defined(OSVERSION)
.if exists(/usr/include/sys/param.h)
OSVERSION!=     ${AWK} '/^\#define[[:blank:]]__FreeBSD_version/ {print $$3}' < /usr/include/sys/param.h
.elif exists(${SRC_BASE}/sys/sys/param.h)
OSVERSION!=     ${AWK} '/^\#define[[:blank:]]__FreeBSD_version/ {print $$3}' < ${SRC_BASE}/sys/sys/param.h
.else
.error Unable to determine OS version.  Either define OSVERSION, install /usr/include/sys/param.h or define SRC_BASE.
.endif
.endif
_EXPORTED_VARS+=        OSVERSION
```

So, there are two files you need to check _inside_ the jail, /usr/include/sys/param.h and /usr/src/sys/sys/param.h. The first is the most important, it should exist. Look for a line like this:

```
#define __FreeBSD_version 1101506       /* Master, propagated to newvers */
```

Which version does yours show?


----------



## jef (Dec 28, 2017)

Looks like it wasn't updated by freebsd-update(8)
In the jail's filesystem:

```
jeff@js:/var/jail/test$ fgrep __FreeBSD_version usr/include/sys/param.h
 * __FreeBSD_version numbers are documented in the Porter's Handbook.
#undef __FreeBSD_version
#define __FreeBSD_version 1100122 /* Master, propagated to newvers */
```
(src is not installed in the jail's filesystem)
In the host's filesystem:

```
jeff@js:/var/jail/test$ fgrep __FreeBSD_version /usr/include/sys/param.h
 * __FreeBSD_version numbers are documented in the Porter's Handbook.
#undef __FreeBSD_version
#define __FreeBSD_version 1101001 /* Master, propagated to newvers */
```

I can confirm that copying the host's /usr/include/sys/param.h to the jail allowed the ports to be built.

Thanks for finding a reasonable resolution, and one that I can apply to my other jails' filesystems as well.

_Edit: For clarity, my jails' filesystems are "manually" created and managed with ZFS and freebsd-update(8). A master was created from base.txz which is then cloned for each new jail. The master image and existing jails have been periodically updated using  freebsd-update -b path/to/jail/root fetch and  freebsd-update -b path/to/jail/root install from the host (some of the jails have no Internet connectivity; this provides consistency in process)._


----------



## SirDice (Dec 29, 2017)

I'm wondering why your jail still has the old version though. It should be part of the basejail of EZjail, so if you updated that correctly it should have renewed this file and all your jails would have the 'new' version.


----------



## PacketMan (Dec 29, 2017)

SirDice said:


> ....it should have renewed this file and all your jails would have the 'new' version.



So you can't update jails on a per-jail basis? Its all or nothing?  I haven't done any yet, but suspect I will in 2018.


----------



## SirDice (Dec 29, 2017)

EZjail uses a "base" jail, this base jail is linked to all active jails. It's this base jail that gets updated, not individual jails. So yes, it's "all or nothing".


----------



## jef (Dec 30, 2017)

Trying to replicate this, using a host that is already on 11.1-RELEASE and a filesystem that contains base.txz from 11.0-RELEASE obtained today (amd64). I first upgraded "properly" to 11.0-RELEASE-p16 using `sudo freebsd-update --currently-running 11.0-RELEASE -b /var/jail/try-11.0-11.1/ fetch` and `sudo freebsd-update --currently-running 11.0-RELEASE -b /var/jail/try-11.0-11.1/ install` getting me to 11.0-RELEASE-p16

If I then "properly" upgrade to 11.1-RELEASE

`sudo freebsd-update --currently-running 11.0-RELEASE -b /var/jail/try-11.0-11.1/ fetch`

Identifies that /usr/include/sys/param.h will be updated and, after the three-pass install process shows __FreeBSD_version 1101001


However, if I don't indicate that the target filesystem is _not _the same version as the host and simply execute
`sudo freebsd-update -b /var/jail/try-11.0-11.1-no-cr/ fetch` followed by the corresponding install, freebsd-update(8) happily thinks that updating a handful of files successfully updated the filesystem to 11.1-RELEASE.

However, `sudo freebsd-update -b /var/jail/try-11.0-11.1-no-cr/ IDS | wc -l` returns 12,459 -- suggesting that it is nowhere close to the 11.1 files expected. Comparing to the filesystem upgraded using --currently-running as well as the host (which dates back to early 11.0-RELEASE):

"wrong" update -- 12,459 IDS lines
"right" update -- 4 IDS lines _(Edit: these 4 lines are the "normal" output, not "problems")_
host system -- 52 IDS lines​
While I can only blame myself if I or one of my scripts failed to use --currently-running when the host was already on 11.1-RELEASE but the target filesystem was still on 11.0-RELEASE, it may be the case that users of jail-management ports have been bitten by the same problem.

I still haven't figured out how to reliably recover from this where each of my jails has jail-specific information. Simply extracting base.txz would overwrite files in /etc. Trying to build and install from /usr/src seems as though it would put me back in the unwanted situation where freebsd-update(8) won't work for me as I'm not on RELEASE anymore.

For users of jail-management packages that have a single "basejail" and then overlay jail-specific information on that in one way or another, it may be as simple as recreating a "clean" basejail.


----------



## Snurg (Dec 30, 2017)

jef said:


> If I then "properly" upgrade to 11.1-RELEASE
> 
> `sudo freebsd-update --currently-running 11.0-RELEASE -b /var/jail/try-11.0-11.1/ fetch`
> 
> ...



Thank you for the effort to find out what (probably/possibly) happened.
This saved me from making the same mistake in my script.


----------

