# the correct way to upgrade a package



## kusanagiyang (Oct 13, 2016)

I 'accidentally' upgraded my firefox by 'pkg install forefox' earlier today .... and now when I tried to launch firefox, it said 

```
XPCOMGlueLoad error for file /usr/local/lib/firefox/libxul.so:
/usr/local/lib/nss/libssl3.so.1: version NSS_3.23 required by /usr/local/lib/firefox/libxul.so not found
Couldn't load XPCOM.
```
I tried `pkg remove firefox`, `pkg clean`, and `pkg install firefox`.  No use.
I tried to find out how to use pkg to install NSS version 3.23 forcefully, but it seemed not possible.  

My question is that shouldn't pkg check the dependency of an upgrade?  I noticed dozens of packages were upgraded together in the process earlier.  pkg would also check if these upgrades would break any existing installed package....  right?
I thought this is how pkg works?  please let me know if it is not the case...
besides restoring from my backup images, how would a more experienced user fix this problem?  thanks


----------



## Remington (Oct 13, 2016)

Did you try to build firefox from ports using latest updates?  Packages are not always up-to-date and sometimes can cause problems with builds from ports due to different dependencies.

Try removing all firefox dependencies as well by listing all the dependencies using `make build-depends-list` in /usr/ports/www/firefox.

Also, can try `pkg info -d firefox` to list all dependencies.


----------



## SirDice (Oct 13, 2016)

kusanagiyang said:


> how would a more experienced user fix this problem


We read /usr/ports/UPDATING and run `pkg upgrade` on a regular basis.


----------



## Remington (Oct 13, 2016)

Probably better to build your own packages using ports-mgmt/synth or ports-mgmt/poudriere.  I usually have less problems this way since I know what's being build with custom options.  Synth is easier to use for a single computer.  Poudriere is better with several computers or servers.  One thing I noticed is that some ports depends on libressl or openssl and some ports depends on python27 or python34. Both cannot co-exist and can break things so I build my own packages using libressl and python34 as default and I remove other options such as CUPS, DOCS, EXAMPLES so I don't have extra libraries or dependencies to deal with.  If you have experiences building ports then this shouldn't be problem for you.


----------



## SirDice (Oct 13, 2016)

+1 for setting up your own repository. I rarely have issues with updates and when I do I can catch them long before I touch any of my running systems.


----------



## Remington (Oct 13, 2016)

One nice thing about synth or poudriere is that you build your own packages with custom options.  So if something breaks which cannot be fixed or many orphaned dependencies.  I simply just delete all packages and reinstall everything.  It's very quick, clean and can get everything up running again quickly.  The config files will still remain on the computer after you delete all packages. That's one advantage of knowing my packages are custom-tailored and ready to install on a quick notice.  I usually do this once or twice a year to clean things up to get rid of orphaned dependencies.  pkg autoremove doesn't always work and sometimes it can break something like missing dependencies so its better to delete everything and reinstall.


----------



## ANOKNUSA (Oct 13, 2016)

kusanagiyang said:


> My question is that shouldn't pkg check the dependency of an upgrade?





SirDice said:


> We read /usr/ports/UPDATING and run `pkg upgrade` on a regular basis.



Just to clarify this a bit: *do not upgrade individual packages*. Upgrade every package at once, or nothing at all. You've run into the problem inherent in upgrading one package: the versions of dependencies you have installed for that package are out-of-date. You could of course upgrade those dependencies individually, until you get Firefox working. But then every package you have installed that depends on the older versions of those dependencies will be broken. As a side note, and for the same reason, *if you are following the "latest" repository, run  pkg update && pkg upgrade before installing new packages.*


----------



## Remington (Oct 13, 2016)

`pkg update` is not needed since `pkg upgrade` does the update before upgrading.


----------



## kpa (Oct 13, 2016)

Remington said:


> `pkg update` is not needed since `pkg upgrade` does the update before upgrading.



There are some rare cases when you must run `# pkg update -f` to get the repository metadata properly in sync with what's on the repository server.pkg(8) is a bit fussy about this sometimes and produces some weird dependencies that make no sense, running `# pkg update -f` fixes this.


----------

