FreeBSD 12.1-RELEASE → FreeBSD 12.2 へアップグレード対応

FreeBSD 12.2 が公開されたのでアップグレードしました。
また、手順を残すためにメモ書きする事にしました。

作業時間

筆者の環境では、アップグレードに掛かった時間が約13時間ほど掛かりました。

旧カーネルバージョン確認

現在のカーネルバージョンを確認する。

uname -a

FreeBSD FreeBSD 12.1-RELEASE-p10 FreeBSD 12.1-RELEASE-p10 GENERIC  amd64

アップグレード実施

①．アップグレードのコマンドを実行する。

freebsd-update upgrade -r 12.2-RELEASE

②．Does this look reasonable は Y にする。

Looking up update.FreeBSD.org mirrors... 3 mirrors found.
Fetching metadata signature for 12.1-RELEASE from update2.freebsd.org... done.
Fetching metadata index... done.
Fetching 1 metadata files... done.
Inspecting system... done.

The following components of FreeBSD seem to be installed:
kernel/generic kernel/generic-dbg src/src world/base world/doc
world/lib32

The following components of FreeBSD do not seem to be installed:
world/base-dbg world/lib32-dbg

Does this look reasonable (y/n)?

③．アップグレードには長時間掛かるので様子を見ます。

Fetching metadata signature for 12.2-RELEASE from update2.freebsd.org... done.
Fetching metadata index... done.
Fetching 1 metadata patches. done.
Applying metadata patches... done.
Fetching 1 metadata files... done.
Inspecting system... done.
Fetching files from 12.1-RELEASE for merging... done.
Preparing to download files... done.
Fetching 46009 patches.....10...省略....46000.... done.
Applying patches... done.
Fetching 12182 files... ....10....省略....12180. done.
Attempting to automatically merge changes in files... done.

④．手動による修正が必要なコメントが表示する。

The following file could not be merged automatically: /etc/hosts.allow
Press Enter to edit this file in /usr/bin/vi and resolve the conflicts
manually...

<<<<<<< current version
ALL : localhost 127.0.0.1 192.168.0. : allow
sshd : .ne.jp : allow
ALL : ALL : deny
=======
#
#
# NOTE: The hosts.deny file is deprecated.
#       Place both 'allow' and 'deny' rules in the hosts.allow file.
#       See hosts_options(5) for the format of this file.
#       hosts_access(5) no longer fully applies.
#
# !!! requirements!


# The rules here work on a "First match wins" basis.
ALL : ALL : allow
# need to do it, here's how
#sshd : .evil.cracker.example.com : deny

# Protect against simple DNS spoofing attacks by checking that the
# forward and reverse records for the remote host match. If a mismatch
# occurs, access is denied, and any positive ident response within
# 20 seconds is logged. No protection is afforded against DNS poisoning,
# IP spoofing or more complicated attacks. Hosts with no reverse DNS
# pass this rule.
# Allow anything from localhost.  Note that an IP address (not a host
# name) *MUST* be specified for rpcbind(8).
ALL : localhost 127.0.0.1 : allow
#ALL : my.machine.example.com 192.0.2.35 : allow

# To use IPv6 addresses you must enclose them in []'s
#ALL : [fe80::%fxp0]/10 : allow
#ALL : [fe80::]/10 : deny
#ALL : [2001:db8:2:1:2:3:4:3fe1] : deny
#ALL : [2001:db8:2:1::]/64 : allow
sendmail : localhost : allow
#sendmail : .nice.guy.example.com : allow

# Exim is an alternative to sendmail, available in the ports tree
exim : localhost : allow
#exim : .nice.guy.example.com : allow
#exim : .evil.cracker.example.com : deny
exim : ALL : allow

# Rpcbind is used for all RPC services; protect your NFS!
# Rpcbind should be running with -W option to support this.
# (IP addresses rather than hostnames *MUST* be used here)
<<<<<<< current version
ALL : localhost 127.0.0.1 192.168.0. : allow
sshd : .ne.jp : allow
ALL : ALL : deny
=======
#
# hosts.allow access control file for "tcp wrapped" applications.
# $FreeBSD: releng/12.2/lib/libwrap/hosts.allow 338887 2018-09-22 13:17:30Z brd $
#
# NOTE: The hosts.deny file is deprecated.
#       Place both 'allow' and 'deny' rules in the hosts.allow file.
#       See hosts_options(5) for the format of this file.
#       hosts_access(5) no longer fully applies.
#
#   _____                                      _          _
#  | ____| __  __   __ _   _ __ ___    _ __   | |   ___  | |
#  |  _|   \ \/ /  / _` | | '_ ` _ \  | '_ \  | |  / _ \ | |
#  | |___   >  <  | (_| | | | | | | | | |_) | | | |  __/ |_|
#  |_____| /_/\_\  \__,_| |_| |_| |_| | .__/  |_|  \___| (_)
#                                     |_|
# !!! This is an example! You will need to modify it for your specific
# !!! requirements!


# Start by allowing everything (this prevents the rest of the file
# from working, so remove it when you need protection).
# The rules here work on a "First match wins" basis.
ALL : ALL : allow

新、旧との環境がマージされている状態なので、旧環境に合わせて修正するようにしました。

⑤．手動による修正が必要なコメントが表示する。

The following file could not be merged automatically: /etc/ntp.conf
Press Enter to edit this file in /usr/bin/vi and resolve the conflicts
manually...

<<<<<<< current version
pool            ntp.nict.jp iburst
pool            ntp.jst.mfeed.ad.jp iburst
#
# $FreeBSD: releng/12.2/usr.sbin/ntp/ntpd/ntp.conf 352865 2019-09-29 03:36:50Z cy $
#
# /etc/defaults/rc.conf on how to change the location.
#
>>>>>>> 12.2-RELEASE

restrict        127.0.0.1
=======
#
# The following pool statement will give you a random set of NTP servers
# geographically close to you.  A single pool statement adds multiple
# servers from the pool, according to the tos minclock/maxclock targets.
# See http://www.pool.ntp.org/ for details.  Note, pool.ntp.org encourages
# users with a static IP and good upstream NTP servers to add a server
# to the pool. See http://www.pool.ntp.org/join.html if you are interested.
#
# The option `iburst' is used for faster initial synchronization.
#
pool 0.freebsd.pool.ntp.org iburst

#
# If you want to pick yourself which country's public NTP server
# you want to sync against, comment out the above pool, uncomment
# the next one, and replace CC with the country's abbreviation.
# Make sure that the hostname resolves to a proper IP address!
#
# pool 0.CC.pool.ntp.org iburst

#
# To configure a specific server, such as an organization-wide local
# server, add lines similar to the following.  One or more specific
# servers can be configured in addition to, or instead of, any server
# pools specified above.  When both are configured, ntpd first adds all
#
#server time.my-internal.org iburst

#
# Security:
#
# By default, only allow time queries and block all other requests
# from unauthenticated clients.
#
# The "restrict source" line allows peers to be mobilized when added by
# ntpd from a pool, but does not enable mobilizing a new peer association
# by other dynamic means (broadcast, manycast, ntpq commands, etc).
#
# See http://support.ntp.org/bin/view/Support/AccessRestrictions
# for more information.
# Alternatively, the following rules would block all unauthorized access.
#
#restrict default ignore
#
# In this case, all remote NTP time servers also need to be explicitly
# allowed or they would not be able to exchange time information with
# this server.
#
# Please note that this example doesn't work for the servers in
# the pool.ntp.org domain since they return multiple A records.
#
#restrict 0.pool.ntp.org nomodify nopeer noquery notrap
#restrict 1.pool.ntp.org nomodify nopeer noquery notrap
#restrict 2.pool.ntp.org nomodify nopeer noquery notrap
<<<<<<< current version
pool            ntp.nict.jp iburst
pool            ntp.jst.mfeed.ad.jp iburst
pool            time.google.com iburst
=======
#
# $FreeBSD: releng/12.2/usr.sbin/ntp/ntpd/ntp.conf 352865 2019-09-29 03:36:50Z cy $
#
# Default NTP servers for the FreeBSD operating system.
#
# Don't forget to enable ntpd in /etc/rc.conf with:
# ntpd_enable="YES"
#
# The driftfile is by default /var/db/ntpd.drift, check
# /etc/defaults/rc.conf on how to change the location.
#
>>>>>>> 12.2-RELEASE

logfile         /var/log/ntpd.log
logconfig       =syncstatus +sysevents +clockall

<<<<<<< current version
restrict        default noquery nomodify notrap
restrict        192.168.0.0 mask 255.255.255.0 nomodify notrap
restrict        127.0.0.1
=======
#
# The following pool statement will give you a random set of NTP servers
# geographically close to you.  A single pool statement adds multiple

新、旧との環境がマージされている状態なので、旧環境に合わせて修正するようにしました。

⑥．Does this look reasonable は Y にする。

The following changes, which occurred between FreeBSD 12.1-RELEASE and
FreeBSD 12.2-RELEASE have been merged into /etc/group:
--- current version
+++ new version
@@ -1,6 +1,6 @@
-# $FreeBSD: releng/12.1/etc/group 336525 2018-07-19 23:55:29Z ian $
+# $FreeBSD: releng/12.2/etc/group 359447 2020-03-30 17:07:05Z brooks $
 #
 wheel:*:0:root,xxxxxx
 daemon:*:1:
 kmem:*:2:
 sys:*:3:
@@ -30,10 +30,11 @@
 audit:*:77:
 www:*:80:
 ntpd:*:123:
 _ypldap:*:160:
 hast:*:845:
+tests:*:977:
 nogroup:*:65533:
 nobody:*:65534:
 hamanaka:*:1001:
 _tss:*:601:
 messagebus:*:556:
Does this look reasonable (y/n)?

⑦．何度も確認するコメントが表示されるので
　　Does this look reasonable は Y にする。

The following changes, which occurred between FreeBSD 12.1-RELEASE and
FreeBSD 12.2-RELEASE have been merged into /etc/hosts.allow:
--- current version
+++ new version
@@ -1,3 +1,98 @@
+<<<<<<< current version
 ALL : localhost 127.0.0.1 192.168.0. : allow
 sshd : .ne.jp : allow
 ALL : ALL : deny
+=======
+#
+# hosts.allow access control file for "tcp wrapped" applications.
+# $FreeBSD: releng/12.2/lib/libwrap/hosts.allow 338887 2018-09-22 13:17:30Z brd $
+#
+# NOTE: The hosts.deny file is deprecated.
+#       Place both 'allow' and 'deny' rules in the hosts.allow file.
+#       See hosts_options(5) for the format of this file.
+#       hosts_access(5) no longer fully applies.
+#
+#   _____                                      _          _
+#  | ____| __  __   __ _   _ __ ___    _ __   | |   ___  | |
+#  |  _|   \ \/ /  / _` | | '_ ` _ \  | '_ \  | |  / _ \ | |
+#  | |___   >  <  | (_| | | | | | | | | |_) | | | |  __/ |_|
+#  |_____| /_/\_\  \__,_| |_| |_| |_| | .__/  |_|  \___| (_)
+#                                     |_|
+# !!! This is an example! You will need to modify it for your specific
+# !!! requirements!
+
+
+# Start by allowing everything (this prevents the rest of the file
+# from working, so remove it when you need protection).
+# The rules here work on a "First match wins" basis.
+ALL : ALL : allow
+
+# Wrapping sshd(8) is not normally a good idea, but if you
+# need to do it, here's how
+#sshd : .evil.cracker.example.com : deny
+
+# Protect against simple DNS spoofing attacks by checking that the
+# forward and reverse records for the remote host match. If a mismatch
+# occurs, access is denied, and any positive ident response within
+# 20 seconds is logged. No protection is afforded against DNS poisoning,
+# IP spoofing or more complicated attacks. Hosts with no reverse DNS
+# pass this rule.
+ALL : PARANOID : RFC931 20 : deny
+
+# Allow anything from localhost.  Note that an IP address (not a host
+# name) *MUST* be specified for rpcbind(8).
+ALL : localhost 127.0.0.1 : allow
+# Comment out next line if you build libwrap without IPv6 support.
+ALL : [::1] : allow
+#ALL : my.machine.example.com 192.0.2.35 : allow
+
+# To use IPv6 addresses you must enclose them in []'s
+#ALL : [fe80::%fxp0]/10 : allow
+#ALL : [fe80::]/10 : deny
+#ALL : [2001:db8:2:1:2:3:4:3fe1] : deny
+#ALL : [2001:db8:2:1::]/64 : allow
+
+# Sendmail can help protect you against spammers and relay-rapers
+sendmail : localhost : allow
+#sendmail : .nice.guy.example.com : allow
+#sendmail : .evil.cracker.example.com : deny
+sendmail : ALL : allow
+
+# Exim is an alternative to sendmail, available in the ports tree
+exim : localhost : allow
+#exim : .nice.guy.example.com : allow
+#exim : .evil.cracker.example.com : deny
+exim : ALL : allow
+
+# Rpcbind is used for all RPC services; protect your NFS!
+# Rpcbind should be running with -W option to support this.
+# (IP addresses rather than hostnames *MUST* be used here)
+#rpcbind : 192.0.2.32/255.255.255.224 : allow
+#rpcbind : 192.0.2.96/255.255.255.224 : allow
+rpcbind : ALL : deny
+
+# NIS master server. Only local nets should have access
+# (Since this is an RPC service, rpcbind needs to be considered)
+ypserv : localhost : allow
+#ypserv : .unsafe.my.net.example.com : deny
+#ypserv : .my.net.example.com : allow
+ypserv : ALL : deny
+
+# Provide a small amount of protection for ftpd
+ftpd : localhost : allow
+#ftpd : .nice.guy.example.com : allow
+#ftpd : .evil.cracker.example.com : deny
+ftpd : ALL : allow
+
+# You need to be clever with finger; do _not_ backfinger!! You can easily
+# start a "finger war".
+fingerd : ALL \
+       : spawn (echo Finger. | \
+        /usr/bin/mail -s "tcpd\: %u@%h[%a] fingered me!" root) & \
+       : deny
+
+# The rest of the daemons are protected.
+ALL : ALL \
+       : severity auth.info \
+       : twist /bin/echo "You are not welcome to use %d from %h."
+>>>>>>> 12.2-RELEASE
Does this look reasonable (y/n)? y

The following changes, which occurred between FreeBSD 12.1-RELEASE and
FreeBSD 12.2-RELEASE have been merged into /etc/master.passwd:
--- current version
+++ new version
@@ -1,6 +1,6 @@
-# $FreeBSD: releng/12.1/etc/master.passwd 337882 2018-08-15 23:18:34Z brd $
+# $FreeBSD: releng/12.2/etc/master.passwd 359447 2020-03-30 17:07:05Z brooks $
 #
 root:$6$f667jkxZL.fe8uP.$vv.KaVHMGyzFMkY/cEIHQBNrn6FGwYJk9kFUnwmyrNEYK9eVO9vfdUi55us02aw/lQmlzimV01dbPUe.WvJzx.:0:0::0:0:Charlie &:/root:/usr/local/bin/bash
 toor:*:0:0::0:0:Bourne-again Superuser:/root:
 daemon:*:1:1::0:0:Owner of many system processes:/root:/usr/sbin/nologin
 operator:*:2:5::0:0:System &:/:/usr/sbin/nologin
@@ -23,10 +23,11 @@
 auditdistd:*:78:77::0:0:Auditdistd unprivileged user:/var/empty:/usr/sbin/nologin
 www:*:80:80::0:0:World Wide Web Owner:/nonexistent:/usr/sbin/nologin
 ntpd:*:123:123::0:0:NTP Daemon:/var/db/ntp:/usr/sbin/nologin
 _ypldap:*:160:160::0:0:YP LDAP unprivileged user:/var/empty:/usr/sbin/nologin
 hast:*:845:845::0:0:HAST unprivileged user:/var/empty:/usr/sbin/nologin
+tests:*:977:977::0:0:Unprivileged user for tests:/nonexistent:/usr/sbin/nologin
 nobody:*:65534:65534::0:0:Unprivileged user:/nonexistent:/usr/sbin/nologin
 xxxxx:$6$0nHlRRzSmggpb.Lf$yWWPbjvxSFsIZQn3dD/o5SEx.XkkPIy8A8TJ9ReDMeTlChUGzax4YmHe4Uykw4xQ7ThZ8iTiWwF8m2efbJ6Ld.:1001:1001::0:0:User &:/home/xxxxx/xxxxx:/usr/local/bin/bash
 _tss:*:601:601:daemon:0:0:TCG Software Stack user:/var/empty:/usr/sbin/nologin
 messagebus:*:556:556::0:0:D-BUS Daemon User:/nonexistent:/usr/sbin/nologin
 avahi:*:558:558::0:0:Avahi Daemon User:/nonexistent:/usr/sbin/nologin
Does this look reasonable (y/n)? y

The following changes, which occurred between FreeBSD 12.1-RELEASE and
FreeBSD 12.2-RELEASE have been merged into /etc/ntp.conf:
--- current version
+++ new version
@@ -1,10 +1,118 @@
+<<<<<<< current version
 pool            ntp.nict.jp iburst
 pool            ntp.jst.mfeed.ad.jp iburst
 pool            time.google.com iburst
+=======
+#
+# $FreeBSD: releng/12.2/usr.sbin/ntp/ntpd/ntp.conf 352865 2019-09-29 03:36:50Z cy $
+#
+# Default NTP servers for the FreeBSD operating system.
+#
+# Don't forget to enable ntpd in /etc/rc.conf with:
+# ntpd_enable="YES"
+#
+# The driftfile is by default /var/db/ntpd.drift, check
+# /etc/defaults/rc.conf on how to change the location.
+#
+>>>>>>> 12.2-RELEASE

 logfile         /var/log/ntpd.log
 logconfig       =syncstatus +sysevents +clockall

+<<<<<<< current version
 restrict        default noquery nomodify notrap
 restrict        192.168.0.0 mask 255.255.255.0 nomodify notrap
 restrict        127.0.0.1
+=======
+#
+# The following pool statement will give you a random set of NTP servers
+# geographically close to you.  A single pool statement adds multiple
+# servers from the pool, according to the tos minclock/maxclock targets.
+# See http://www.pool.ntp.org/ for details.  Note, pool.ntp.org encourages
+# users with a static IP and good upstream NTP servers to add a server
+# to the pool. See http://www.pool.ntp.org/join.html if you are interested.
+#
+# The option `iburst' is used for faster initial synchronization.
+#
+pool 0.freebsd.pool.ntp.org iburst
+
+#
+# If you want to pick yourself which country's public NTP server
+# you want to sync against, comment out the above pool, uncomment
+# the next one, and replace CC with the country's abbreviation.
+# Make sure that the hostname resolves to a proper IP address!
+#
+# pool 0.CC.pool.ntp.org iburst
+
+#
+# To configure a specific server, such as an organization-wide local
+# server, add lines similar to the following.  One or more specific
+# servers can be configured in addition to, or instead of, any server
+# pools specified above.  When both are configured, ntpd first adds all
+# the specific servers, then adds servers from the pool until the tos
+# minclock/maxclock targets are met.
+#
+#server time.my-internal.org iburst
+
+#
+# Security:
+#
+# By default, only allow time queries and block all other requests
+# from unauthenticated clients.
+#
+# The "restrict source" line allows peers to be mobilized when added by
+# ntpd from a pool, but does not enable mobilizing a new peer association
+# by other dynamic means (broadcast, manycast, ntpq commands, etc).
+#
+# See http://support.ntp.org/bin/view/Support/AccessRestrictions
+# for more information.
+#
+restrict default limited kod nomodify notrap noquery nopeer
+restrict source  limited kod nomodify notrap noquery
+
+#
+# Alternatively, the following rules would block all unauthorized access.
+#
+#restrict default ignore
+#
+# In this case, all remote NTP time servers also need to be explicitly
+# allowed or they would not be able to exchange time information with
+# this server.
+#
+# Please note that this example doesn't work for the servers in
+# the pool.ntp.org domain since they return multiple A records.
+#
+#restrict 0.pool.ntp.org nomodify nopeer noquery notrap
+#restrict 1.pool.ntp.org nomodify nopeer noquery notrap
+#restrict 2.pool.ntp.org nomodify nopeer noquery notrap
+#
+# The following settings allow unrestricted access from the localhost
+restrict 127.0.0.1
+restrict ::1
+
+#
+# If a server loses sync with all upstream servers, NTP clients
+# no longer follow that server. The local clock can be configured
+# to provide a time source when this happens, but it should usually
+# be configured on just one server on a network. For more details see
+# http://support.ntp.org/bin/view/Support/UndisciplinedLocalClock
+# The use of Orphan Mode may be preferable.
+#
+#server 127.127.1.0
+#fudge 127.127.1.0 stratum 10
+
+# See http://support.ntp.org/bin/view/Support/ConfiguringNTP#Section_6.14.
+# for documentation regarding leapfile. Updates to the file can be obtained
+# from ftp://time.nist.gov/pub/ or ftp://tycho.usno.navy.mil/pub/ntp/.
+# Use either leapfile in /etc/ntp or periodically updated leapfile in /var/db.
+#leapfile "/etc/ntp/leap-seconds"
+leapfile "/var/db/ntpd.leap-seconds.list"
+
+# Specify the number of megabytes of memory that should be allocated and
+# locked. -1 (default) means "do not lock the process into memory".
+# 0 means "lock whatever memory the process wants into memory". Any other
+# number means to lock up to that number of megabytes into memory.
+# 0 may result in a segfault when ASLR with stack gap randomization
+# is enabled.
+#rlimit memlock 32
+>>>>>>> 12.2-RELEASE
Does this look reasonable (y/n)? y

The following changes, which occurred between FreeBSD 12.1-RELEASE and
FreeBSD 12.2-RELEASE have been merged into /etc/passwd:
--- current version
+++ new version
@@ -1,6 +1,6 @@
-# $FreeBSD: releng/12.1/etc/master.passwd 337882 2018-08-15 23:18:34Z brd $
+# $FreeBSD: releng/12.2/etc/master.passwd 359447 2020-03-30 17:07:05Z brooks $
 #
 root:*:0:0:Charlie &:/root:/usr/local/bin/bash
 toor:*:0:0:Bourne-again Superuser:/root:
 daemon:*:1:1:Owner of many system processes:/root:/usr/sbin/nologin
 operator:*:2:5:System &:/:/usr/sbin/nologin
@@ -23,10 +23,11 @@
 auditdistd:*:78:77:Auditdistd unprivileged user:/var/empty:/usr/sbin/nologin
 www:*:80:80:World Wide Web Owner:/nonexistent:/usr/sbin/nologin
 ntpd:*:123:123:NTP Daemon:/var/db/ntp:/usr/sbin/nologin
 _ypldap:*:160:160:YP LDAP unprivileged user:/var/empty:/usr/sbin/nologin
 hast:*:845:845:HAST unprivileged user:/var/empty:/usr/sbin/nologin
+tests:*:977:977:Unprivileged user for tests:/nonexistent:/usr/sbin/nologin
 nobody:*:65534:65534:Unprivileged user:/nonexistent:/usr/sbin/nologin
 xxxxx:*:1001:1001:User &:/home/xxxxx/xxxxx:/usr/local/bin/bash
 _tss:*:601:601:TCG Software Stack user:/var/empty:/usr/sbin/nologin
 messagebus:*:556:556:D-BUS Daemon User:/nonexistent:/usr/sbin/nologin
 avahi:*:558:558:Avahi Daemon User:/nonexistent:/usr/sbin/nologin
Does this look reasonable (y/n)? y

The following changes, which occurred between FreeBSD 12.1-RELEASE and
FreeBSD 12.2-RELEASE have been merged into /etc/profile:
--- current version
+++ new version
@@ -1,12 +1,8 @@
-# $FreeBSD: releng/12.1/bin/sh/profile 337849 2018-08-15 14:41:24Z brd $
+# $FreeBSD: releng/12.2/bin/sh/profile 363525 2020-07-25 11:57:39Z pstef $
 #
 # System-wide .profile file for sh(1).
-#
-# Uncomment this to give you the default 4.2 behavior, where disk
-# information is shown in K-Blocks
-# BLOCKSIZE=K; export BLOCKSIZE
 #
 # For the setting of languages and character sets please see
 # login.conf(5) and in particular the charset and lang options.
 # For full locales list check /usr/share/locale/*
 # You should also read the setlocale(3) man page for information
Does this look reasonable (y/n)? y

The following changes, which occurred between FreeBSD 12.1-RELEASE and
FreeBSD 12.2-RELEASE have been merged into /etc/ssh/sshd_config:
--- current version
+++ new version
@@ -1,7 +1,7 @@
 #      $OpenBSD: sshd_config,v 1.103 2018/04/09 20:41:22 tj Exp $
-#      $FreeBSD: releng/12.1/crypto/openssh/sshd_config 338561 2018-09-10 16:20:12Z des $
+#      $FreeBSD: releng/12.2/crypto/openssh/sshd_config 360313 2020-04-25 15:38:48Z emaste $

 # This is the sshd server system-wide configuration file.  See
 # sshd_config(5) for more information.

 # This sshd was compiled with PATH=/usr/bin:/bin:/usr/sbin:/sbin
@@ -103,11 +103,11 @@
 #PidFile /var/run/sshd.pid
 #MaxStartups 10:30:100
 #PermitTunnel no
 #ChrootDirectory none
 #UseBlacklist no
-#VersionAddendum FreeBSD-20180909
+#VersionAddendum FreeBSD-20200214

 # no default banner path
 #Banner none

 # override default of no subsystems
Does this look reasonable (y/n)? y
The following files will be removed as part of updating to
12.2-RELEASE-p0:
/boot/kernel/ipsec.ko
/etc/rc.d/abi
/usr/include/c++/v1/experimental/any
/usr/include/c++/v1/experimental/chrono
/usr/include/c++/v1/experimental/numeric
/usr/include/c++/v1/experimental/optional
/usr/include/c++/v1/experimental/ratio
/usr/include/c++/v1/experimental/string_view
/usr/include/c++/v1/experimental/system_error
/usr/include/c++/v1/experimental/tuple
/usr/include/net/if_tapvar.h
/usr/include/netinet/sctp_dtrace_declare.h
/usr/include/netinet/sctp_dtrace_define.h
/usr/include/ssp
/usr/include/ssp/ssp.h
/usr/include/ssp/stdio.h
/usr/include/ssp/string.h
/usr/include/ssp/unistd.h
/usr/lib/clang/8.0.1
/usr/lib/clang/8.0.1/include
/usr/lib/clang/8.0.1/include/__clang_cuda_builtin_vars.h
/usr/lib/clang/8.0.1/include/__clang_cuda_cmath.h
/usr/lib/clang/8.0.1/include/__clang_cuda_complex_builtins.h
/usr/lib/clang/8.0.1/include/__clang_cuda_device_functions.h
/usr/lib/clang/8.0.1/include/__clang_cuda_intrinsics.h
/usr/lib/clang/8.0.1/include/__clang_cuda_libdevice_declares.h
/usr/lib/clang/8.0.1/include/__clang_cuda_math_forward_declares.h
The following files will be added as part of updating to
12.2-RELEASE-p0:
/boot/gptboot.efi
/boot/gptboot.efifat
/boot/kernel/cp2112.ko
/boot/kernel/gpioths.ko
/boot/kernel/ice_ddp.ko
/boot/kernel/if_ice.ko
/boot/kernel/if_sume.ko
/boot/kernel/if_tuntap.ko
/boot/kernel/iicmux.ko
/boot/kernel/iwm9000fw.ko
/boot/kernel/iwm9260fw.ko
/boot/kernel/ltc430x.ko
/boot/kernel/safexcel.ko
/boot/kernel/sctp.ko
/boot/kernel/superio.ko
/boot/kernel/xdr.ko
/etc/os-release
/etc/rc.d/linux
/etc/rc.d/os-release
/etc/rc.d/sysvipc
/etc/ssl/blacklisted
/etc/ssl/blacklisted/128805a3.0
/etc/ssl/blacklisted/157753a5.0
/etc/ssl/blacklisted/4d4ba017.0
/etc/ssl/blacklisted/5c44d531.0
/etc/ssl/blacklisted/62744ee1.0
/etc/ssl/blacklisted/6410666e.0
The following files will be updated as part of updating to
12.2-RELEASE-p0:
/.cshrc
/.profile
/COPYRIGHT
/bin/[
/bin/cat
/bin/chflags
/bin/chio
/bin/chmod
/bin/cp
/bin/csh
/bin/date
/bin/dd
/bin/df
/bin/domainname
/bin/echo
/bin/ed
/bin/expr
/bin/freebsd-version
/bin/getfacl
/bin/hostname
/bin/kenv
/bin/kill
/bin/link
/bin/ln
/bin/ls
/bin/mkdir
/bin/mv
To install the downloaded upgrades, run "/usr/sbin/freebsd-update install".

アップグレード時に表示された情報です。
また、環境に不備があった場合に修正する必要があるのでメモ書きとして残す事にしました。

⑧．freebsd-update install を実行する。

[root@FreeBSD ~]# /usr/sbin/freebsd-update install
Installing updates...
Kernel updates have been installed.  Please reboot and run
"/usr/sbin/freebsd-update install" again to finish installing updates.

⑨．再起動する。

reboot

⑩．カーネルバージョンを確認する。

[root@FreeBSD ~]# uname -a
FreeBSD FreeBSD 12.2-RELEASE FreeBSD 12.2-RELEASE r366954 GENERIC  amd64

FreeBSD FreeBSD 12.2-RELEASE FreeBSD 12.2-RELEASE r366954 GENERIC amd64 と表示する事を確認する。

⑪．再度、freebsd-update install を実行する。

[root@FreeBSD ~]# /usr/sbin/freebsd-update install
Installing updates... done.

⑫．アップグレード時に使用した不要になったデータを削除する。

rm -rf /var/db/freebsd-update/files

FreeBSD 12.1-RELEASE → FreeBSD 12.2 へアップグレード対応

作業時間

旧カーネルバージョン確認

アップグレード実施

この記事を書いている人

よし

コメントを残すコメントをキャンセル

作業時間

旧カーネルバージョン確認

アップグレード実施

この記事を書いている人

よし

関連記事

コメントを残す コメントをキャンセル

コメントを残すコメントをキャンセル