Movatterモバイル変換

[0]ホーム
URL:

Chapter 4. Installing Applications: Packages and Ports

Table of Contents

4.1. Synopsis

FreeBSD is bundled with a rich collection of system tools as part of the base system.In addition, FreeBSD provides two complementary technologies for installing third-party software: the FreeBSD Ports Collection,for installing from source, and packages, for installing from pre-built binaries.Either method may be used to install software from local media or from the network.

Read this chapter to learn:

  • The difference between binary packages and ports.

  • How to find third-party software that has been ported to FreeBSD.

  • How to manage binary packages using pkg.

  • How to build third-party software from source using the Ports Collection.

  • How to find the files installed with the application for post-installation configuration.

  • What to do if a software installation fails.

4.2. Overview of Software Installation

A FreeBSDport is a collection of files designed to automate the process of compiling an application from source code.The files that comprise a port contain all the necessary information to automatically download, extract, patch, compile, and install the application.

If the software has not already been adapted and tested on FreeBSD, the source code might need editing in order for it to install and run properly.

However, over36000 third-party applications have already been ported to FreeBSD.When feasible, these applications are made available for download as pre-compiledpackages.

Packages can be manipulated with the FreeBSD package management commands.

Both packages and ports understand dependencies.If a package or port is used to install an application and a dependent library is not already installed, the library will automatically be installed first.

A FreeBSD package contains pre-compiled copies of all the commands for an application, as well as any configuration files and documentation.A package can be manipulated with thepkg(8) commands, such aspkg install.

While the two technologies are similar, packages and ports each have their own strengths.Select the technology that meets the needs for installing a particular application.

Package Benefits

  • A compressed package tarball is typically smaller than the compressed tarball containing the source code for the application.

  • Packages do not require compilation time. For large applications, such as Firefox, KDE Plasma, or GNOME, this can be important on a slow system.

  • Packages do not require any understanding of the process involved in compiling software on FreeBSD.

Port Benefits

  • Packages are normally compiled with conservative options because they have to run on the maximum number of systems. By compiling from the port, one can change the compilation options.

  • Some applications have compile-time options relating to which features are installed. For example, NGINX® can be configured with a wide variety of different built-in options.

    In some cases, multiple packages will exist for the same application with different settings. For example, NGINX® is available as anginx package and anginx-lite package, the former has many more options enabled, but this in turn requires many things to be installed as dependencies for it to work, thus increasing space consumption and attack surface.

    The transitive dependencies can grow quite large, for example the fullnginx package will pull in several X libraries which can be quite surprising, so building from ports allows to choose only the options needed without a "kitchen sink" approach. In some cases, multiple packages will exist for the same application to specify certain settings.

  • The licensing conditions of some software forbid binary distribution. Such software must be distributed as source code which must be compiled by the end-user.

  • Some people do not trust binary distributions or prefer to read through source code in order to look for potential problems.

  • Source code is needed in order to apply custom patches.

To keep track of updated ports, subscribe to theFreeBSD ports mailing list and theFreeBSD ports bugs mailing list.

Before installing an application, checkhttps://vuxml.freebsd.org/ for related security issues.

To audit installed packages against known vulnerabilities, runpkg audit -F.

The remainder of this chapter explains how to use packages and ports to install and manage third-party software on FreeBSD.

4.3. Finding Software

FreeBSD’s list of available applications is growing all the time.There are a number of ways to find software to install:

  • The FreeBSD web site maintains an up-to-date searchable list of all the available applications, atPorts Portal. The ports can be searched by application name or by software category.

  • Dan Langille maintainsFreshPorts which provides a comprehensive search utility and also tracks changes to the applications in the Ports Collection. Registered users can create a customized watch list in order to receive an automated email when their watched ports are updated.

  • If finding a particular application becomes challenging, try searching a site likeSourceForge orGitHub then check back at thePorts Portal to see if the application has been ported.

  • Search the binary package repository for an application using thepkg(8) command

4.4. Using pkg for Binary Package Management

pkg(8) provides an interface for manipulating packages: registering, adding, removing and upgrading packages.

For sites wishing to only use prebuilt binary packages from the FreeBSD mirrors, managing packages withpkg(8) can be sufficient.

However, for those sites building from source a separateport management tool will be needed.

Sincepkg(8) only works with binary packages, it is not a replacement for such tools.Those tools can be used to install software from both binary packages and the Ports Collection, whilepkg(8) installs only binary packages.

4.4.1. Getting Started with pkg

All supported versions of FreeBSD now contain/usr/sbin/pkg a.k.apkg(7).This is a small placeholder that has just the minimum functionality required to install the realpkg(8).

An Internet working connection is required for the bootstrap process to succeed.

Runpkg(8) command line:

# pkg

The output should be similar to the following:

The package management tool is not yet installed on your system.Do you want to fetch and install it now? [y/N]

pkg(7) will intercept the command, and when confirmed, downloads thepkg(8) tarball, installspkg(8) from it, bootstraps the local package database and then proceeds to run the command originally requested.

More recent versions ofpkg(7) understandpkg -N as a test to see ifpkg(8) is installed without triggering the installation, and conversely, pkg bootstrap[-f] to installpkg(8) (or force it to be reinstalled) without performing any other actions.

Usage information for pkg is available in thepkg(8) manual page or by runningpkg without additional arguments.Additional pkg configuration options are described inpkg.conf(5).

Each pkg command argument is documented in a command-specific manual page.

To read the manual page forpkg install, for example, run this command:

# pkg help install

The rest of this section demonstrates common binary package management tasks which can be performed usingpkg(8).Each demonstrated command provides many switches to customize its use.Refer to a command’s help or man page for details and more examples.

4.4.2. Quarterly and Latest Ports Branches

TheQuarterly branch provides users with a more predictable and stable experience for port and package installation and upgrades.This is done essentially by only allowing non-feature updates.Quarterly branches aim to receive security fixes (that may be version updates, or backports of commits), bug fixes and ports compliance or framework changes.The Quarterly branch is cut from HEAD at the beginning of every (yearly) quarter in January, April, July, and October.Branches are named according to the year (YYYY) and quarter (Q1-4) they are created in.For example, the quarterly branch created in January 2023, is named 2023Q1.And theLatest branch provides the latest versions of the packages to the users.

To switchpkg(8) from Quarterly to Latest run the following commands:

# mkdir -p /usr/local/etc/pkg/repos# echo 'FreeBSD: { url: "pkg+https://pkg.FreeBSD.org/${ABI}/latest" }' > /usr/local/etc/pkg/repos/FreeBSD.conf

Then run this command to update the local package repositories catalogues for the Latest branch:

# pkg update -f

4.4.3. Kernel modules repositories

The kernel module repositories allow users to install ready to use kernelmodules like the ones used for graphic drivers and specific hardware.Starting with FreeBSD 14.3, the FreeBSD Project provides kernel modules builtfor every supported version. To create such a repository configuration if itdoes not exist, add the following to/usr/local/etc/pkg/repos/kmods.conf:

FreeBSD-kmods:{        url:"pkg+https://pkg.FreeBSD.org/${ABI}/KMODSFLAVOR",        mirror_type:"srv",        signature_type:"fingerprints",        fingerprints:"/usr/share/keys/pkg",        enabled:yes}

KMODSFLAVOR respects the following pattern:kmods_PORTBRANCH_MINORRELEASE.

For instance:

Table 1. Kmodsflavor
FreeBSD Releaseports mainports quarterly

FreeBSD 14.2-RELEASE

kmods_latest_2

kmods_quarterly_2

FreeBSD 14.3-RELEASE

kmods_latest_3

kmods_quarterly_3

FreeBSD 14.3-STABLE

kmods_latest

kmods_quarterly

FreeBSD 15.0-CURRENT

kmods_latest

4.4.4. Configure pkg

pkg.conf(5) is the system-wide configuration file used by thepkg(8) tools.The default location of this file is/usr/local/etc/pkg.conf.

FreeBSD does not need to have apkg.conf file.Many installations will work well with nopkg.conf at all or with an emptypkg.conf (other than comment lines).

Lines in the file beginning with a "#" are comments and are ignored.

The file is in UCL format.For more information on the syntax oflibucl(3), please visit theofficial UCL website.

The following types of options are recognized - boolean, string and list options.

A boolean option is marked as enabled if one of the following values is specified in the configuration file - YES, TRUE and ON.

To search a packagepkg-search(8) can be used:

# pkg search nginx

The output should be similar to the following:

modsecurity3-nginx-1.0.3       Instruction detection and prevention engine / nginx Wrappernginx-1.22.1_2,3               Robust and small WWW servernginx-devel-1.23.2_4           Robust and small WWW servernginx-full-1.22.1_1,3          Robust and small WWW server (full package)nginx-lite-1.22.1,3            Robust and small WWW server (lite package)nginx-naxsi-1.22.1,3           Robust and small WWW server (plus NAXSI)nginx-prometheus-exporter-0.10.0_7 Prometheus exporter for NGINX and NGINX Plus statsnginx-ultimate-bad-bot-blocker-4.2020.03.2005_1 Nginx bad bot and other things blockernginx-vts-exporter-0.10.7_7    Server that scraps NGINX vts stats and export them via HTTPp5-Nginx-ReadBody-0.07_1       Nginx embeded perl module to read and evaluate a request bodyp5-Nginx-Simple-0.07_1         Perl 5 module for easy to use interface for Nginx Perl Modulep5-Test-Nginx-0.30             Testing modules for Nginx C module developmentpy39-certbot-nginx-2.0.0       NGINX plugin for Certbotrubygem-passenger-nginx-6.0.15 Modules for running Ruby on Rails and Rack applications

4.4.6. Installing and Fetching Packages

To install a binary packagepkg-install(8) can be used.This command uses repository data to determine which version of the software to install and if it has any uninstalled dependencies.For example, to install curl:

# pkg install curl

The output should be similar to the following:

Updating FreeBSD repository catalogue...FreeBSD repository is up to date.All repositories are up to date.The following 9 package(s) will be affected (of 0 checked):New packages to be INSTALLED:        ca_root_nss: 3.83        curl: 7.86.0        gettext-runtime: 0.21        indexinfo: 0.3.1        libidn2: 2.3.3        libnghttp2: 1.48.0        libpsl: 0.21.1_4        libssh2: 1.10.0.3        libunistring: 1.0Number of packages to be installed: 9The process will require 11 MiB more space.3 MiB to be downloadedProceed with this action? [y/N]

The new package and any additional packages that were installed as dependencies can be seen in the installed packages list:

# pkg info

The output should be similar to the following:

ca_root_nss-3.83               Root certificate bundle from the Mozilla Projectcurl-7.86.0                    Command line tool and library for transferring data with URLsgettext-runtime-0.21.1         GNU gettext runtime libraries and programsindexinfo-0.3.1                Utility to regenerate the GNU info page indexlibidn2-2.3.3                  Implementation of IDNA2008 internationalized domain nameslibnghttp2-1.48.0              HTTP/2.0 C Librarylibpsl-0.21.1_6                C library to handle the Public Suffix Listlibssh2-1.10.0.3               Library implementing the SSH2 protocollibunistring-1.0               Unicode string librarypkg-1.18.4                     Package manager

To fetch a package and install it later or in another place usepkg-fetch(8).For example, to downloadnginx-lite:

# pkg fetch -d -o /usr/home/user/packages/ nginx-lite

  • -d: used to fetch all the dependencies

  • -o: used to specify the download directory

The output should be similar to the following:

Updating FreeBSD repository catalogue...FreeBSD repository is up to date.All repositories are up to date.The following packages will be fetched:New packages to be FETCHED:        nginx-lite: 1.22.1,3 (342 KiB: 22.20% of the 2 MiB to download)        pcre: 8.45_3 (1 MiB: 77.80% of the 2 MiB to download)Number of packages to be fetched: 2The process will require 2 MiB more space.2 MiB to be downloaded.Proceed with fetching packages? [y/N]:

To install the downloaded packagespkg-install(8) can be used as follows:

# cd /usr/home/user/packages/
# pkg install nginx-lite-1.22.1,3.pkg

4.4.7. Obtaining Information About Installed Packages

Information about the packages installed on a system can be viewed by runningpkg-info(8) which, when run without any switches, will list the package version for either all installed packages or the specified package.

For example, to see which version of pkg is installed, run:

# pkg info pkg

The output should be similar to the following:

pkg-1.19.0Name           : pkgVersion        : 1.19.0Installed on   : Sat Dec 17 11:05:28 2022 CETOrigin         : ports-mgmt/pkgArchitecture   : FreeBSD:13:amd64Prefix         : /usr/localCategories     : ports-mgmtLicenses       : BSD2CLAUSEMaintainer     : pkg@FreeBSD.orgWWW            : https://github.com/freebsd/pkgComment        : Package managerOptions        :        DOCS           : onShared Libs provided:        libpkg.so.4Annotations    :        FreeBSD_version: 1301000        repo_type      : binary        repository     : FreeBSDFlat size      : 33.2MiBDescription    :Package management toolWWW: https://github.com/freebsd/pkg

4.4.8. Upgrading Installed Packages

Installed packages can be upgraded to their latest versions usingpkg-upgrade(8):

# pkg upgrade

This command will compare the installed versions with those available in the repository catalogue and upgrade them from the repository.

4.4.9. Auditing Installed Packages

Software vulnerabilities are regularly discovered in third-party applications.To address this, pkg includes a built-in auditing mechanism.To determine if there are any known vulnerabilities for the software installed on the system, usepkg-audit(8):

# pkg audit -F

The output should be similar to the following:

Fetching vuln.xml.xz: 100%  976 KiB 499.5kB/s    00:02chromium-108.0.5359.98 is vulnerable:  chromium -- multiple vulnerabilities  CVE: CVE-2022-4440  CVE: CVE-2022-4439  CVE: CVE-2022-4438  CVE: CVE-2022-4437  CVE: CVE-2022-4436  WWW: https://vuxml.FreeBSD.org/freebsd/83eb9374-7b97-11ed-be8f-3065ec8fd3ec.html

4.4.10. Removing Packages

Packages that are no longer needed can be removed withpkg-delete(8).

For example:

# pkg delete curl

The output should be similar to the following:

Checking integrity... done (0 conflicting)Deinstallation has been requested for the following 1 packages (of 0 packages in the universe):Installed packages to be REMOVED:        curl :7.86.0Number of packages to be removed: 1The operation will free 4 MiB.Proceed with deinstallation packages? [y/N]: y[1/1] Deinstalling curl-7.86.0...[1/1] Deleting files for curl-7.86.0: 100%

4.4.11. Automatically Removing Unused Packages

Removing a package may leave behind dependencies which are no longer required.Unneeded packages that were installed as dependencies (leaf packages) can be automatically detected and removed usingpkg-autoremove(8):

# pkg autoremove

The output should be similar to the following:

Checking integrity... done (0 conflicting)Deinstallation has been requested for the following 1 packages:Installed packages to be REMOVED:        ca_root_nss-3.83Number of packages to be removed: 1The operation will free 723 KiB.Proceed with deinstalling packages? [y/N]:

Packages installed as dependencies are calledautomatic packages.Non-automatic packages, i.e the packages that were explicitly installed not as a dependency to another package, can be listed using:

# pkg prime-list

The output should be similar to the following:

nginxopenvpnsudo

pkg prime-list is an alias command declared in/usr/local/etc/pkg.conf.There are many others that can be used to query the package database of the system.For instance, commandpkg prime-origins can be used to get the origin port directory of the list mentioned above:

# pkg prime-origins

The output should be similar to the following:

www/nginxsecurity/openvpnsecurity/sudo

This list can be used to rebuild all packages installed on a system using build tools such asports-mgmt/poudriere orports-mgmt/synth.

Marking an installed package as automatic can be done using:

# pkg set -A 1 devel/cmake

Once a package is a leaf package and is marked as automatic, it gets selected bypkg autoremove.

Marking an installed package asnot automatic can be done using:

# pkg set -A 0 devel/cmake

4.4.12. Removing Stale Packages

By default, pkg stores binary packages in a cache directory defined byPKG_CACHEDIR inpkg.conf(5).Only copies of the latest installed packages are kept. Older versions of pkg kept all previous packages.To remove these outdated binary packages, run:

# pkg clean

The entire cache may be cleared by running:

# pkg clean -a

4.4.13. Locking and Unlocking Packages

pkg-lock(8) is used to lock packages against reinstallation, modification or deletion.pkg-unlock(8) unlocks the named packages.Either variant only has an effect on currently installed packages.Consequently it is impossible to block installation of a new package by using this mechanism, unless such an installation implies updating a locked package.

For example, to locknginx-lite:

# pkg lock nginx-lite

And to unlocknginx-lite:

# pkg unlock nginx-lite

4.4.14. Modifying Package Metadata

Software within the FreeBSD Ports Collection can undergo major version number changes.To address this, pkg has a built-in command to update package origins.This can be useful, for example, iflang/python3 is renamed tolang/python311 so thatlang/python3 can now represent version3.11.

To change the package origin for the above example, run:

# pkg set -o lang/python3:lang/python311

As another example, to updatelang/ruby31 tolang/ruby32, run:

# pkg set -o lang/ruby31:lang/ruby32

When changing package origins, it is important to reinstall packages that are dependent on the package with the modified origin.To force a reinstallation of dependent packages, run:

# pkg install -Rf lang/ruby32

4.5. Using the Ports Collection

The Ports Collection is a set ofMakefiles, patches, and description files.Each set of these files is used to compile and install an individual application on FreeBSD, and is called aport.

By default, the Ports Collection itself is stored as a subdirectory of/usr/ports.

Before installing and using the Ports Collection, please be aware that it is generally ill-advised to use the Ports Collection in conjunction with the binary packages provided via pkg to install software.pkg, by default, tracks quarterly branch-releases of the ports tree and not HEAD.Dependencies could be different for a port in HEAD compared to its counterpart in a quarterly branch release and this could result in conflicts between dependencies installed by pkg and those from the Ports Collection.If the Ports Collection and pkg must be used in conjunction, then be sure that the Ports Collection and pkg are on the same branch release of the ports tree.

The Ports Collection contains directories for software categories.Inside each category are subdirectories for individual applications.Each application subdirectory contains a set of files that tells FreeBSD how to compile and install that program, called aports skeleton.Each port skeleton includes these files and directories:

  • Makefile: contains statements that specify how the application should be compiled and where its components should be installed.

  • distinfo: contains the names and checksums of the files that must be downloaded to build the port.

  • files/: this directory contains any patches needed for the program to compile and install on FreeBSD. This directory may also contain other files used to build the port.

  • pkg-descr: provides a more detailed description of the program.

  • pkg-plist: a list of all the files that will be installed by the port. It also tells the ports system which files to remove upon deinstallation.

Some ports includepkg-message or other files to handle special situations.For more details on these files, and on ports in general, refer to theFreeBSD Porter’s Handbook.

The port does not include the actual source code, also known as adistfile.The extract portion of building a port will automatically save the downloaded source to/usr/ports/distfiles.

4.5.1. Installing the Ports Collection

Before an application can be compiled using a port, the Ports Collection must first be installed.If it was not installed during the installation of FreeBSD, use the following method to install it:

Procedure: Git Method

If more control over the ports tree is needed or if local changes need to be maintained, or if running FreeBSD-CURRENT,Git can be used to obtain the Ports Collection.Refer tothe Git Primer for a detailed description of Git.

We add--depth 1 to the git command line to clone the tree without obtaining the commit history, which saves time and is acceptable for most users.When maintaining custom changes to the ports tree, or need the history for any reason, omit the--depth 1 argument below.

  1. Git must be installed before it can be used to check out the ports tree. If a copy of the ports tree is already present, install Git like this:

    # cd /usr/ports/devel/git# make install clean

    If the ports tree is not available, or pkg is being used to manage packages, Git can be installed as a package:

    # pkg install git

  2. Check out a copy of the HEAD branch of the ports tree:

    # git clone --depth 1 https://git.FreeBSD.org/ports.git /usr/ports

  3. Or, check out a copy of a quarterly branch:

    # git clone --depth 1 https://git.FreeBSD.org/ports.git -b 2023Q1 /usr/ports

  4. As needed, update/usr/ports after the initial Git checkout:

    # git -C /usr/ports pull

  5. As needed, switch/usr/ports to a different quarterly branch:

    # git -C /usr/ports fetch --depth 1 origin 2023Q2:2023Q2# git -C /usr/ports switch 2023Q2

4.5.2. Installing Ports

This section provides basic instructions on using the Ports Collection to install or remove software.The detailed description of availablemake targets and environment variables is available inports(7).

Before compiling any port, be sure to update the Ports Collection as described in the previous section.Since the installation of any third-party software can introduce security vulnerabilities, it is recommended to first checkhttps://vuxml.freebsd.org/ for known security issues related to the port.Alternatively, runpkg audit -F before installing a new port.This command can be configured to automatically perform a security audit and an update of the vulnerability database during the daily security system check. For more information, refer topkg-audit(8) andperiodic(8).

Using the Ports Collection assumes a working Internet connection.It also requires superuser privilege.

To compile and install the port, change to the directory of the port to be installed, then typemake install at the prompt.Messages will indicate the progress:

# cd /usr/ports/sysutils/lsof# make install>> lsof_4.88D.freebsd.tar.gz doesn't seem to exist in /usr/ports/distfiles/.>> Attempting to fetch from ftp://lsof.itap.purdue.edu/pub/tools/unix/lsof/.===>  Extracting for lsof-4.88...[extraction output snipped]...>> Checksum OK for lsof_4.88D.freebsd.tar.gz.===>  Patching for lsof-4.88.d,8===>  Applying FreeBSD patches for lsof-4.88.d,8===>  Configuring for lsof-4.88.d,8...[configure output snipped]...===>  Building for lsof-4.88.d,8...[compilation output snipped]...===>  Installing for lsof-4.88.d,8...[installation output snipped]...===>   Generating temporary packing list===>   Compressing manual pages for lsof-4.88.d,8===>   Registering installation for lsof-4.88.d,8===>  SECURITY NOTE:      This port has installed the following binaries which execute with      increased privileges./usr/local/sbin/lsof#

Sincelsof is a program that runs with increased privileges, a security warning is displayed as it is installed.Once the installation is complete, the prompt will be returned.

Some shells keep a cache of the commands that are available in the directories listed in thePATH environment variable, to speed up lookup operations for the executable file of these commands.Users of thetcsh shell should typerehash so that a newly installed command can be used without specifying its full path.Usehash -r instead for thesh shell.Refer to the documentation for the shell for more information.

During installation, a working subdirectory is created which contains all the temporary files used during compilation.Removing this directory saves disk space and minimizes the chance of problems later when upgrading to the newer version of the port:

# make clean===>  Cleaningforlsof-88.d,8#

To save this extra step, instead usemake install clean when compiling the port.

4.5.2.1. Customizing Ports Installation

Some ports provide build options which can be used to enable or disable application components, provide security options, or allow for other customizations.Examples includewww/firefox andsecurity/gpgme.If the port depends upon other ports which have configurable options,it may pause several times for user interaction as the default behavior is to prompt the user to select options from a menu.To avoid this and do all of the configuration in one batch, runmake config-recursive within the port skeleton.Then, runmake install [clean] to compile and install the port.

When usingconfig-recursive, the list of ports to configure are gathered by theall-depends-list target.It is recommended to runmake config-recursive until all dependent ports options have been defined,and ports options screens no longer appear, to be certain that all dependency options have been configured.

There are several ways to revisit a port’s build options menu in order to add, remove, or change these options after a port has been built.One method is tocd into the directory containing the port and typemake config.Another option is to usemake showconfig.Another option is to executemake rmconfig which will remove all selected options and allows to start over.All of these options, and others, are explained in great detail inports(7).

The ports system usesfetch(1) to download the source files, which supports various environment variables.TheFTP_PASSIVE_MODE,FTP_PROXY, andFTP_PASSWORD variables may need to be set if the FreeBSD system is behind a firewall or FTP/HTTP proxy.Seefetch(3) for the complete list of supported variables.

For users who cannot be connected to the Internet all the time,make fetch can be run within/usr/ports,to fetch all distfiles, or within a category, such as/usr/ports/net, or within the specific port skeleton.Note that if a port has any dependencies, running this command in a category or ports skeleton willnot fetch the distfiles of ports from another category.Instead, usemake fetch-recursive to also fetch the distfiles for all the dependencies of a port.

In rare cases, such as when an organization has a local distfiles repository, theMASTER_SITES variable can be used to override the download locations specified in theMakefile.When using, specify the alternate location:

# cd /usr/ports/directory# make MASTER_SITE_OVERRIDE= \ftp://ftp.organization.org/pub/FreeBSD/ports/distfiles/ fetch

TheWRKDIRPREFIX andPREFIX variables can override the default working and target directories. For example:

# make WRKDIRPREFIX=/usr/home/example/ports install

will compile the port in/usr/home/example/ports and install everything under/usr/local.

# make PREFIX=/usr/home/example/local install

will compile the port in/usr/ports and install it in/usr/home/example/local. And:

# make WRKDIRPREFIX=../ports PREFIX=../local install

will combine the two.

These can also be set as environmental variables.Refer to the manual page for the shell for instructions on how to set an environmental variable.

4.5.3. Removing Installed Ports

Installed ports can be uninstalled usingpkg delete.Examples for using this command can be found in thepkg-delete(8) manual page.

Alternately,make deinstall can be run in the port's directory:

# cd /usr/ports/sysutils/lsof# make deinstall===>  Deinstallingforsysutils/lsof===>   DeinstallingDeinstallation has been requestedforthe following 1 packages:lsof-4.88.d,8The deinstallation will free 229 kB[1/1] Deleting lsof-4.88.d,8...done

It is recommended to read the messages as the port is uninstalled.If the port has any applications that depend upon it, this information will be displayed but the uninstallation will proceed.In such cases, it may be better to reinstall the application in order to prevent broken dependencies.

4.5.4. Upgrading Ports

Over time, newer versions of software become available in the Ports Collection.This section describes how to determine which software can be upgraded and how to perform the upgrade.

To determine if newer versions of installed ports are available, ensure that the latest version of the ports tree is installed,using the updating command described inGit Method.The following command will list the installed ports which are out of date:

# pkg version -l "<"

Before attempting an upgrade, read/usr/ports/UPDATING from the top of the file to the date closest to the last time ports were upgraded or the system was installed.This file describes various issues and additional steps users may encounter and need to perform when updating a port, including such things as file format changes, changes in locations of configuration files, or any incompatibilities with previous versions.Make note of any instructions which match any of the ports that need upgrading and follow these instructions when performing the upgrade.

4.5.4.1. Tools to Upgrade and Manage Ports

The Ports Collection contains several utilities to perform the actual upgrade.Each has its strengths and weaknesses.

Historically, most installations used either Portmaster or Portupgrade.Synth is a newer alternative.

The choice of which tool is best for a particular system is up to the system administrator.It is recommended practice to back up data before using any of these tools.

4.5.4.2. Upgrading Ports Using Portmaster

ports-mgmt/portmaster is a very small utility for upgrading installed ports.It is designed to use the tools installed with the FreeBSD base system without depending on other ports or databases.To install this utility as a port:

# cd /usr/ports/ports-mgmt/portmaster# make install clean

Portmaster defines four categories of ports:

  • Root port: has no dependencies and is not a dependency of any other ports.

  • Trunk port: has no dependencies, but other ports depend upon it.

  • Branch port: has dependencies and other ports depend upon it.

  • Leaf port: has dependencies but no other ports depend upon it.

To list these categories and search for updates:

# portmaster -L===>>> Root ports(No dependencies, not depended on)===>>> ispell-3.2.06_18===>>> screen-4.0.3===>>> New version available: screen-4.0.3_1===>>> tcpflow-0.21_1===>>> 7 root ports...===>>> Branch ports(Have dependencies, are depended on)===>>> apache22-2.2.3===>>> New version available: apache22-2.2.8...===>>> Leaf ports(Have dependencies, not depended on)===>>> automake-1.9.6_2===>>> bash-3.1.17===>>> New version available: bash-3.2.33...===>>> 32 leaf ports===>>> 137 total installed ports===>>> 83 have new versions available

This command is used to upgrade all outdated ports:

# portmaster -a

By default, Portmaster makes a backup package before deleting the existing port.If the installation of the new version is successful, Portmaster deletes the backup.Using-b instructs Portmaster not to automatically delete the backup.Adding-i starts Portmaster in interactive mode, prompting for confirmation before upgrading each port.Many other options are available.Read through the manual page forportmaster(8) for details regarding their usage.

If errors are encountered during the upgrade process, add-f to upgrade and rebuild all ports:

# portmaster -af

Portmaster can also be used to install new ports on the system, upgrading all dependencies before building and installing the new port.To use this function, specify the location of the port in the Ports Collection:

# portmaster shells/bash

More information aboutports-mgmt/portmaster may be found in itspkg-descr.

4.5.4.3. Upgrading Ports Using Portupgrade

Portupgrade is deprecated and will be removed in the near future.

ports-mgmt/portupgrade is another utility that can be used to upgrade ports.It installs a suite of applications which can be used to manage ports.However, it is dependent upon Ruby. To install the port:

# cd /usr/ports/ports-mgmt/portupgrade# make install clean

Before performing an upgrade using this utility, it is recommended to scan the list of installed ports usingpkgdb -F and to fix all the inconsistencies it reports.

To upgrade all the outdated ports installed on the system, useportupgrade -a.Alternately, include-i to be asked for confirmation of every individual upgrade:

# portupgrade -ai

To upgrade only a specified application instead of all available ports, useportupgradepkgname.It is very important to include-R to first upgrade all the ports required by the given application:

# portupgrade -R firefox

If-P is included, Portupgrade searches for available packages in the local directories listed inPKG_PATH.If none are available locally, it then fetches packages from a remote site.If packages can not be found locally or fetched remotely, Portupgrade will use ports.To avoid using ports entirely, specify-PP.This last set of options tells Portupgrade to abort if no packages are available:

# portupgrade -PP gnome3

To just fetch the port distfiles, or packages, if-P is specified, without building or installing anything, use-F.For further information on all of the available switches, refer to the manual page forportupgrade.

More information aboutports-mgmt/portupgrade may be found in itspkg-descr.

4.5.5. Ports and Disk Space

Using the Ports Collection will use up disk space over time.After building and installing a port, runningmake clean within the ports skeleton will clean up the temporarywork directory.If Portmaster is used to install a port, it will automatically remove this directory unless-K is specified.If Portupgrade is installed, this command will remove allwork directories found within the local copy of the Ports Collection:

# portsclean -C

In addition, outdated source distribution files accumulate in/usr/ports/distfiles over time.To use Portupgrade to delete all the distfiles that are no longer referenced by any ports:

# portsclean -D

Portupgrade can remove all distfiles not referenced by any port currently installed on the system:

# portsclean -DD

If Portmaster is installed, use:

# portmaster --clean-distfiles

By default, this command is interactive and prompts the user to confirm if a distfile should be deleted.

In addition to these commands,ports-mgmt/pkg_cutleaves automates the task of removing installed ports that are no longer needed.

4.6. Building Packages with poudriere

poudriere is aBSD-licensed utility for creating and testing FreeBSD packages.It uses FreeBSD jails to set up isolated compilation environments.These jails can be used to build packages for versions of FreeBSD that are different from the system on which it is installed, and also to build packages for i386 if the host is an amd64 system.Once the packages are built, they are in a layout identical to the official mirrors.These packages are usable bypkg(8) and other package management tools.

poudriere is installed using theports-mgmt/poudriere package or port.The installation includes a sample configuration file/usr/local/etc/poudriere.conf.sample.Copy this file to/usr/local/etc/poudriere.conf.Edit the copied file to suit the local configuration.

WhileZFS is not required on the system running poudriere, it is beneficial.WhenZFS is used,ZPOOL must be specified in/usr/local/etc/poudriere.conf andFREEBSD_HOST should be set to a nearby mirror.DefiningCCACHE_DIR enables the use ofdevel/ccache to cache compilation and reduce build times for frequently-compiled code.It may be convenient to put poudriere datasets in an isolated tree mounted at/poudriere.Defaults for the other configuration values are adequate.

The number of processor cores detected is used to define how many builds will run in parallel.Supply enough virtual memory, either withRAM or swap space.If virtual memory runs out, the compilation jails will stop and be torn down, resulting in weird error messages.

4.6.1. Initialize Jails and Port Trees

After configuration, initialize poudriere so that it installs a jail with the required FreeBSD tree and a ports tree.Specify a name for the jail using-j and the FreeBSD version with-v.On systems running FreeBSD/amd64, the architecture can be set with-a to eitheri386 oramd64.The default is the architecture shown byuname.

# poudriere jail -c -j 13amd64 -v 13.1-RELEASE[00:00:00] Creating 13amd64 fs at /poudriere/jails/13amd64...done[00:00:00] Using pre-distributed MANIFESTforFreeBSD 13.1-RELEASE amd64[00:00:00] Fetching baseforFreeBSD 13.1-RELEASE amd64/poudriere/jails/13amd64/fromftp/base.txz              125 MB 4110 kBps    31s[00:00:33] Extracting base...done[00:00:54] Fetching srcforFreeBSD 13.1-RELEASE amd64/poudriere/jails/13amd64/fromftp/src.txz               154 MB 4178 kBps    38s[00:01:33] Extracting src...done[00:02:31] Fetching lib32forFreeBSD 13.1-RELEASE amd64/poudriere/jails/13amd64/fromftp/lib32.txz              24 MB 3969 kBps    06s[00:02:38] Extracting lib32...done[00:02:42] Cleaning up...done[00:02:42] Recording filesystem stateforclean...done[00:02:42] Upgrading using ftp/etc/resolv.conf -> /poudriere/jails/13amd64/etc/resolv.confLooking up update.FreeBSD.org mirrors... 3 mirrors found.Fetching public key from update4.freebsd.org...done.Fetching metadata signaturefor13.1-RELEASE from update4.freebsd.org...done.Fetching metadata index...done.Fetching 2 metadata files...done.Inspecting system...done.Preparing to download files...done.Fetching 124 patches.....10....20....30....40....50....60....70....80....90....100....110....120..done.Applying patches...done.Fetching 6 files...done.The following files will be added as part of updating to13.1-RELEASE-p1:/usr/src/contrib/unbound/.github/usr/src/contrib/unbound/.github/FUNDING.yml/usr/src/contrib/unbound/contrib/drop2rpz/usr/src/contrib/unbound/contrib/unbound_portable.service.in/usr/src/contrib/unbound/services/rpz.c/usr/src/contrib/unbound/services/rpz.h/usr/src/lib/libc/tests/gen/spawnp_enoexec.shThe following files will be updated as part of updating to13.1-RELEASE-p1:[…]Installing updates...Scanning //usr/share/certs/blacklistedforcertificates...Scanning //usr/share/certs/trustedforcertificates...done.13.1-RELEASE-p1[00:04:06] Recording filesystem stateforclean...done[00:04:07] Jail 13amd64 13.1-RELEASE-p1 amd64 is ready to be used
# poudriere ports -c -p local -m git+https[00:00:00] Creatinglocalfs at /poudriere/ports/local...done[00:00:00] Checking out the ports tree...done

On a single computer, poudriere can build ports with multiple configurations, in multiple jails, and from different port trees.Custom configurations for these combinations are calledsets.See the CUSTOMIZATION section ofpoudriere(8) for details afterports-mgmt/poudriere orports-mgmt/poudriere-devel is installed.

The basic configuration shown here puts a single jail-, port-, and set-specificmake.conf in/usr/local/etc/poudriere.d.The filename in this example is created by combining the jail name, port name, and set name:13amd64-local-workstation-make.conf.The systemmake.conf and this new file are combined at build time to create themake.conf used by the build jail.

Packages to be built are entered in13amd64-local-workstation-pkglist (ports withFLAVORS can be defined with @FLAVOR):

editors/emacsdevel/gitdevel/php-composer2@php82ports-mgmt/pkg...

Options and dependencies for the specified ports are configured:

# poudriere options -j 13amd64 -p local -z workstation -f 13amd64-local-workstation-pkglist

Finally, packages are built and a package repository is created:

# poudriere bulk -j 13amd64 -p local -z workstation -f 13amd64-local-workstation-pkglist

While running, pressingCtrl+t displays the current state of the build.poudriere also builds files in/poudriere/logs/bulk/jailname that can be used with a web server to display build information.

After completion, the new packages are now available for installation from the poudriere repository.

For more information on using poudriere, seepoudriere(8) and the main web site,https://github.com/freebsd/poudriere/wiki.

4.6.2. Configuring pkg Clients to Use a poudriere Repository

While it is possible to use both a custom repository along side of the official repository, sometimes it is useful to disable the official repository.This is done by creating a configuration file that overrides and disables the official configuration file.Create/usr/local/etc/pkg/repos/FreeBSD.conf that contains the following:

FreeBSD: {enabled: no}

Usually it is easiest to serve a poudriere repository to the client machines via HTTP.Set up a webserver to serve up the package directory, for instance:/usr/local/poudriere/data/packages/13amd64, where13amd64 is the name of the build.

If the URL to the package repository is:https://pkg.example.com/13amd64,then the repository configuration file in/usr/local/etc/pkg/repos/custom.conf would look like:

custom: {url: "https://pkg.example.com/13amd64",enabled: yes,}

If exposing the package repository to the internet is not desired, thefile:// protocol can be used to point to the repository directly:

custom: {url: "file:///usr/local/poudriere/data/packages/11amd64",enabled: yes,}

4.7. Post-Installation Considerations

Regardless of whether the software was installed from a binary package or port, most third-party applications require some level of configuration after installation.The following commands and locations can be used to help determine what was installed with the application.

  • Most applications install at least one default configuration file in/usr/local/etc. In cases where an application has a large number of configuration files, a subdirectory will be created to hold them. Often, sample configuration files are installed which end with a suffix such as.sample. The configuration files should be reviewed and possibly edited to meet the system’s needs. To edit a sample file, first copy it without the.sample extension.

  • Applications which provide documentation will install it into/usr/local/share/doc and many applications also install manual pages. This documentation should be consulted before continuing.

  • Some applications run services which must be added to/etc/rc.conf before starting the application. These applications usually install a startup script in/usr/local/etc/rc.d. SeeStarting Services for more information.

    By design, applications do not run their startup script upon installation, nor do they run their stop script upon deinstallation or upgrade.This decision is left to the individual system administrator.

  • Users ofcsh(1) should runrehash to rebuild the known binary list in the shellsPATH.

  • Usepkg info to determine which files, man pages, and binaries were installed with the application.

4.8. Dealing with Broken Ports

When a port does not build or install, try the following:

  1. Search to see if there is a fix pending for the port in theProblem Report database. If so, implementing the proposed fix may fix the issue.

  2. Ask the maintainer of the port for help. Typemake maintainer in the ports skeleton or read the port’sMakefile to find the maintainer’s email address. Remember to include the output leading up to the error in the email to the maintainer.

    Some ports are not maintained by an individual but instead by a group maintainer represented by amailing list.Many, but not all, of these addresses look likefreebsd-listname@FreeBSD.org.Please take this into account when sending an email.

    In particular, ports maintained byports@FreeBSD.org are not maintained by a specific individual.Instead, any fixes and support come from the general community who subscribe to that mailing list. More volunteers are always needed!

    If there is no response to the email, use Bugzilla to submit a bug report using the instructions inWriting FreeBSD Problem Reports.

  3. Fix it! ThePorter’s Handbook includes detailed information on the ports infrastructure, enabling the fixing of occasional broken ports or the submission of new ones. Install the package instead of the port using the instructions inUsing pkg for Binary Package Management.

Last modified on: September 27, 2025 byBenedict Reuschling

Home

Table of Contents

Resources

[8]ページ先頭
©2009-2025 Movatter.jp