阿里云的freebsd官方镜像版本为11.1,但很遗憾,该版本官方已经停止了支持。所以在进行ports
安装软件时,会遇到版本过期的问题。
支持的日期到:2017年7月。
背景
既然11.1不被支持,那我们将其升级到被支持的版本就好了。当前官方最新的release版本为11.2以及12.0,发布时间均为2018年,且在新的版本未发布前,会一直得到官方的支持。
12.0过期日期:12.1-release发布日期 + 3个月。
11.2过期日期:11.3-release发布日期 + 3个月。
目标
本文的目的,即是将操作系统由11.1升级到12.0。解决问题的整个方法,仍然是以官方文档为主。在进行服务器升级时,需要逐步升级:
我们当前想由11.1升级,那么要先看11.2的文档,升级完成后,再看12.0的文档。
注意:我们不能由11.1直接升级到12.0,这点在官方文档的升级手册上也写明了。在升级12.0时,要求当前系统为11.2-release.
如果你的系统当前是10.0,则需要依次看下面的文档:
即升级过程为:10.1 -> 10.2 -> 10.3 -> ... -> 11.1 -> 11.2
点击各个版本的Installation Instructions
并找到:
操作步骤
升级当前版本
先fetch到最新版本,再安装
# freebsd-update fetch
此过程会有些长,最后显示的信息过多,会提示以下信息:
Applying patches... done.
--More--(END)
此时,按q
退出日志显示,回到终端。得到以下信息,它告诉我们说11.1-release已过期了。
WARNING: FreeBSD 11.1-RELEASE HAS PASSED ITS END-OF-LIFE DATE.
Any security issues discovered after Mon Oct 1 08:00:00 CST 2018
will not have been corrected.
下一步:执行官方文档中的freebsd-update install
# freebsd-update install
src component not installed, skipped
No updates are available to install.
Run '/usr/sbin/freebsd-update fetch' first.
上述操作保证了,我们在11.1版本下是最新的。
11.1 -> 11.2
参考官方文档: https://www.freebsd.org/releases/11.2R/installation.html#upgrade-binary
先获取11.2-release的安装包,再升级。
# freebsd-update upgrade -r 11.2-RELEASE
期间会有个提示:
The following components of FreeBSD do not seem to be installed:
kernel/generic-dbg world/base-dbg world/doc world/lib32 world/lib32-dbg
Does this look reasonable (y/n)?
按y
继续。下面的过程有些缓慢,主要是由于要下载的包太多了,有10000多个,需要耐心等待。升级过程中,有个冲突的提示:
The following file could not be merged automatically: /etc/ntp.conf
Press Enter to edit this file in vi and resolve the conflicts
此时,按回车
编辑文件/etc/ntp.conf
,解决冲突 。我的做法是:删除current version
中的所有数据,保留11.2-release
的。编辑以后,回到shell
按两次y
确认自己的更改,然后按q
完成安装过程。
安装升级包
# freebsd-update install
src component not installed, skipped
Installing updates...
Kernel updates have been installed. Please reboot and run
"/usr/sbin/freebsd-update install" again to finish installing updates.
重启
# shutdown -r now
待系统重启后继续安装
# freebsd-update install
如果我们是一个纯净的系统,由于未使用ports
安装软件,所以此过程会简单很多。【猜想】如果我们不是纯净的系统,那么此时以前使用port
安装的软件应该会随之升级,并可能需要一些人工干预(更新ports -> 进行ports -> 重新安装),干预完毕后,最后再执行一次安装升级包,随后重新启动。
# freebsd-update install
src component not installed, skipped
No updates are available to install.
Run '/usr/sbin/freebsd-update fetch' first.
# shutdown -r now
查看freebsd
版本以确定升级是否成功
# freebsd-version
11.2-RELEASE-p9
11.2 -> 12.0
官方文档: https://www.freebsd.org/releases/12.0R/installation.html#upgrade
以下的步骤,基本和11.1 -> 11.2
相同
# freebsd-update fetch
# freebsd-update install
# freebsd-update upgrade -r 12.0-RELEASE
出现提示后按y
# freebsd-update install
# shutdown -r now
# freebsd-update install
# freebsd-update install
# shutdown -r now
注意:在修改/etc/ntp
时,我保留了阿里云的ntp
设置,即保留了这段:
# local clock
server 127.127.1.0
fudge 127.127.1.0 stratum 10
restrict ntp1.aliyun.com nomodify notrap nopeer noquery
restrict ntp1.cloud.aliyuncs.com nomodify notrap nopeer noquery
restrict ntp10.cloud.aliyuncs.com nomodify notrap nopeer noquery
restrict ntp11.cloud.aliyuncs.com nomodify notrap nopeer noquery
restrict ntp12.cloud.aliyuncs.com nomodify notrap nopeer noquery
restrict ntp2.aliyun.com nomodify notrap nopeer noquery
restrict ntp2.cloud.aliyuncs.com nomodify notrap nopeer noquery
restrict ntp3.aliyun.com nomodify notrap nopeer noquery
restrict ntp3.cloud.aliyuncs.com nomodify notrap nopeer noquery
restrict ntp4.aliyun.com nomodify notrap nopeer noquery
restrict ntp4.cloud.aliyuncs.com nomodify notrap nopeer noquery
restrict ntp5.aliyun.com nomodify notrap nopeer noquery
restrict ntp5.cloud.aliyuncs.com nomodify notrap nopeer noquery
restrict ntp6.aliyun.com nomodify notrap nopeer noquery
restrict ntp6.cloud.aliyuncs.com nomodify notrap nopeer noquery
restrict ntp7.cloud.aliyuncs.com nomodify notrap nopeer noquery
restrict ntp8.cloud.aliyuncs.com nomodify notrap nopeer noquery
restrict ntp9.cloud.aliyuncs.com nomodify notrap nopeer noquery
server ntp1.aliyun.com iburst minpoll 4 maxpoll 10
server ntp1.cloud.aliyuncs.com iburst minpoll 4 maxpoll 10
server ntp10.cloud.aliyuncs.com iburst minpoll 4 maxpoll 10
server ntp11.cloud.aliyuncs.com iburst minpoll 4 maxpoll 10
server ntp12.cloud.aliyuncs.com iburst minpoll 4 maxpoll 10
server ntp2.aliyun.com iburst minpoll 4 maxpoll 10
server ntp2.cloud.aliyuncs.com iburst minpoll 4 maxpoll 10
server ntp3.aliyun.com iburst minpoll 4 maxpoll 10
server ntp3.cloud.aliyuncs.com iburst minpoll 4 maxpoll 10
server ntp4.aliyun.com iburst minpoll 4 maxpoll 10
server ntp4.cloud.aliyuncs.com iburst minpoll 4 maxpoll 10
server ntp5.aliyun.com iburst minpoll 4 maxpoll 10
server ntp5.cloud.aliyuncs.com iburst minpoll 4 maxpoll 10
server ntp6.aliyun.com iburst minpoll 4 maxpoll 10
server ntp6.cloud.aliyuncs.com iburst minpoll 4 maxpoll 10
server ntp7.cloud.aliyuncs.com iburst minpoll 4 maxpoll 10
server ntp8.cloud.aliyuncs.com iburst minpoll 4 maxpoll 10
server ntp9.cloud.aliyuncs.com iburst minpoll 4 maxpoll 10
NTP: 网络时间协议(Network Time Protocol),它是用来同步网络中各个计算机的时间的协议。
最后,重启系统后,查看日志信息。看是否有错误日志。笔者得到了两个错误,分别是nfpd
与sshd
启动失败.
sshd 启动错误
由日志信息,得知是由于/etc/ssh/sshd_config
导致的sshd
未成功启动,这也直接导致了ssh
远程登录不上了。此时,我们由阿里云控制台登录。并修改/etc/ssh/sshd_config
.
该配置文件说明,请参见: https://www.freebsd.org/cgi/man.cgi?sshd_config(5))
按官方文档,将Ciphers修改为官方默认列表值:
Ciphers [email protected],aes128-ctr,aes192-ctr,aes256-ctr,[email protected],[email protected],aes128-cbc,aes192-cbc,aes256-cbc
sshd -t
service sshd start
修改完ssh的配置文件后,需要先执行sshd -t
进行验证。否则一旦配置有错,当我们使用ssh
连接时,就会失去当前连接。
ntpd错误
第二个错误参考论坛https://forums.freebsd.org/threads/ntpd-not-starting-after-upgrade-to-12-0-release.68758/执行/usr/sbin/pwd_mkdb -p /etc/master.passwd
后解决。
# /usr/sbin/pwd_mkdb -p /etc/master.passwd
# /etc/rc.d/ntpd start
pkg错误
升级后pkg提示少libssl.so.8
-> ld-elf.so.1: Shared object "libssl.so.8" not found,
# pkg-static del -f pkg
# pkg upgrade
===> NOTICE:
This port is deprecated; you may wish to reconsider installing it:
Unsupported by upstream. Use GCC 7 or newer instead..
Message from dejavu-2.37:
Make sure that the freetype module is loaded. If it is not, add the following
line to the "Modules" section of your X Windows configuration file:
Load "freetype"
Add the following line to the "Files" section of X Windows configuration file:
FontPath "/usr/local/share/fonts/dejavu/"
Note: your X Windows configuration file is typically /etc/X11/XF86Config
if you are using XFree86, and /etc/X11/xorg.conf if you are using X.Org.
Message from gcc8-8.2.0_4:
To ensure binaries built with this toolchain find appropriate versions
of the necessary run-time libraries, you may want to link using
-Wl,-rpath=/usr/local/lib/gcc8
For ports leveraging USE_GCC, USES=compiler, or USES=fortran this happens
transparently.
Message from ntp-4.2.8p12_3:
Please add
ntpd_program="/usr/local/sbin/ntpd"
ntpdate_program="/usr/local/sbin/ntpdate"
to your /etc/rc.conf or run
sysrc ntpd_program="/usr/local/sbin/ntpd"
sysrc ntpdate_program="/usr/local/sbin/ntpdate"
to enable ntp from ports/packages instead of base ntp.
Message from busybox-1.26.2:
===> NOTICE:
The busybox port currently does not have a maintainer. As a result, it is
more likely to have unresolved issues, not be up-to-date, or even be removed in
the future. To volunteer to maintain this port, please create an issue at:
https://bugs.freebsd.org/bugzilla
More information about port maintainership is available at:
https://www.freebsd.org/doc/en/articles/contributing/ports-contributing.html#maintain-port
# sysrc ntpd_program="/usr/local/sbin/ntpd"
ntpd_program: /usr/sbin/ntpd -> /usr/local/sbin/ntpd
# sysrc ntpdate_program="/usr/local/sbin/ntpdate"
ntpdate_program: /usr/sbin/ntpdate -> /usr/local/sbin/ntpdate
备份
最后,将系统盘做个镜像,以后再安装的时候,直接使用此空白镜像即可。
总结
1.官方文档很重要。 2.看提示很重要。3.积累很重要。
任何的努力,都将在特定的时间点上闪光。