FreeBSD pkg (manual) upgrade thingy

For working with locked packages (the ones which must be upgraded through compilation because of using custom options)

# filename: pkg-lock-outdated

pkg query -e '%k = 1' %o | while read pkgorig; do
  pkg version -ovL => -O "$pkgorig"

The script above is to list locked packages which need upgrading. And to upgrade everything at once (and sit in front of PC waiting for whole process)


listfile="/tmp/pkgforupgrade.$(date '+%Y%m%d%H%M%S')"
pkg-lock-outdated | cut -f 1 -d '<' > "$listfile"

while read <&3 outdated; do
  pkg unlock "$outdated"
  portmaster "$outdated"
  pkg lock "$outdated"
done 3< "$listfile"

rm -f "$listfile"

There’s another alternative of unlocking all packages at once, run batched portmaster, and lock them all again.

PostgreSQL authentication quick start

Connecting to PostgreSQL from command line can be a bit confusing.

For starter, just like MySQL, psql command defaults to connecting to socket instead of tcp. To make matter confusing, most PostgreSQL installation defaults to ident (also called peer)authentication for socket connection: it basically matches current user’s username (ssh login, etc) with PostgreSQL equivalent.

So, instead of using this to login from root to PostgreSQL superuser (usually named postgres or pgsql):

# psql -U postgres

you do this (assuming sudo installed):

# sudo -u postgres psql

The configuration for this is located in pg_hba.conf of PostgreSQL data (or config in Debian) directory (/etc/postgresql/$version/main in Debian, /usr/local/pgsql/data in FreeBSD, /opt/PostgreSQL/$version/data in EnterpriseDB PostgreSQL).

To switch to password based authentication for all methods just replace ident (or peer) with md5 in respective lines and reload/restart the service. Don’t forget to set password for postgres user first before changing this otherwise you won’t be able to connect. You can then connect using psql to any user using password.

FreeBSD is Rolling Release (the ports)

Don’t get tricked by the “release” system. Apart of the base system, FreeBSD perfectly qualifies as rolling release. I guess it’s also why the binary package management sucked so badly. You won’t find how to upgrade certain packages using binary method in their Ports’ UPDATING page.

Here’s the example:

  AFFECTS: users of archivers/libarchive

  libarchive has been updated to version 3.0.3, with a shared library bump.
  This requires dependent ports to be rebuilt.

  # portmaster -r libarchive
  # portupgrade -r archivers/libarchive

You would think the dependent packages got version bump to ensure their proper dependency – but they didn’t. Instead you had to recompile everything depending on it.

And then there’s another case:

  AFFECTS: users of graphics/libungif

  libungif is obsolete, please deinstall it and rebuild all ports using
  it with graphics/giflib.

  # portmaster -o graphics/giflib graphics/libungif
  # portmaster -r giflib
  # portupgrade -o graphics/giflib graphics/libungif
  # portupgrade -rf giflib

Of course, ArchLinux kind of managed to do it but that’s a purely binary rolling release Linux distro. The maintainer worked hard to ensure such kind of thing get handled properly by all their users which mostly use binary packages. FreeBSD on other hand tried to claim capable of both but it really isn’t (unless I missed something).

I’m intending to contact pkgng creator to ask his opinion about this but have yet to do it…

OpenBSD 5.0

This blog is now running on OpenBSD 5.0. Too bad php-fpm didn’t get to 5.0.

OpenBSD 5.0 GENERIC.MP#59 i386

The upgrade process went without any problems. Upgrading packages also went relatively well apart of php being a failure because of change to infrastructure (which allowed multiple versions to be installed). Otherwise everything upgraded without hitch and finished quickly. Sure is nice depart from FreeBSD’s ports which takes hours to update a package (upgrading system is relatively quick though using freebsd-update).

Unless there’s critical security vulnerability or something happened to the datacenter, I expect there will be no reboot until next upgrade (6 month uptime). We will see.

ZFS on Desktop – Which OS?

I’ve been thinking about this lately, especially after seeing this:

[root@einhart ~]# pkg_version -vIL=>
binutils-2.21 < needs updating (index has 2.21.1)
bitstream-vera-1.10_4 < needs updating (index has 1.10_5)
chromium-12.0.742.112 < needs updating (index has 12.0.742.124)
droid-fonts-ttf-20100214_1 < needs updating (index has 20110324)
exiv2-0.21,1 < needs updating (index has 0.21.1,1)
gawk-3.1.8 < needs updating (index has 4.0.0)
gcc- < needs updating (index has
gnutls-2.12.7_1 < needs updating (index has 2.12.7_2)
libidn-1.19 < needs updating (index has 1.22)
openjdk6-b22_6 < needs updating (index has b23)
p5-Net-DBus-0.33.6 < needs updating (index has 1.0.0)
p5-libwww-5.837 Fetching ‘/usr/ports/www/chromium’

To build Chromium, you should have around 1 GB of memory
and a fair amount of free diskspace (~ 1.5GB).

===> Vulnerability check disabled, database not found
===> License BSD LGPL21 MPL accepted by the user
===> Found saved configuration for chromium-12.0.742.112
=> chromium-courgette-redacted-12.0.742.124.tar.xz doesn’t seem to exist in /usr/ports/distfiles/.
=> Attempting to fetch
chromium-courgette-redacted-12.0.742.124.tar.x 0% of 114 MB 35 kBps^C

And did you notice that “you should have around 1 GB of memory and a fair amount of free diskspace”? Yeah, it does use that much memory to update a web browser. Something that takes few seconds on Windows and Fedora and few minutes on Ubuntu takes almost hours to do on FreeBSD. Downloading source notwithstanding, compiling it also takes long, long time.

If anything, this is why I hate FreeBSD. And you will mention use package except that there’s no H.264 video support and possible chance of conflicting package difference between my system and the buildbot. As much as I want to use binary packages, they come in unwanted forms:

* GNOME 2 pulls Samba4 for God knows why reason
* Some pacakges don’t have optimization enabled
* Mplayer doesn’t have VDPAU
* Some packages must be installed manually (Java, Opera)
* Portupgrade takes minutes to compute what to do (something which is done in seconds in Ubuntu)

As much as I can tolerate this shit, the very fact that VirtualBox under FreeBSD takes much more CPU certainly doesn’t help.

So, I guess I’ll try yet another OS. There are several options so here are overview of current choices.


* Extremely simple
* Up to date packages
* Highly customizable
* Stable ZFS


* Customization comes at cost: compile time
* No good virtualization option
* A package management that is comparable with slowpoke
* No flash (yes there’s linux flashplugin ports but it’s a joke)
* Awesomely slow video playback even optimized on Firefox


* Based on FreeBSD, has some of familiarity
* Binary packages that’s not too slow
* Stable ZFS


* Also no good virtualization
* Epic size of packages (eg. [a hundred megabytes for Firefox](


* Stable, greatest ZFS
* Zones
* Good VirtualBox support
* Flash support


* Complex
* Doesn’t survive trivial hardware change without Live CD/USB
* Outdated packages
* Non-existent packages
* Manual compiling of `mplayer` is a must since the defaults on various repositories are crap
* Still beta
* Doesn’t recognize FreeBSD’s GPT (at least on `oi_148`)
* Ugly freetype2 (no support for subpixel hinting apart of manual compile)

Ubuntu Linux

* Latest, greatest software
* Good software support
* Good virtualization


* Unstable ZFS
* Linux

Note that I only include Ubuntu in Linux category since it’s the only OS having both working nvidia driver and precompiled ZFS module, saving me lots of headaches.

FreeBSD: 0, NetBSD: 1, OpenBSD: 1

Sil3112 (SiliconImage SATALink RAID PCI Card) is not properly supported by FreeBSD. The installer halted successfully on all my three attempt at installing it. (First one even stopped when formatting – said that it can’t find the hard disk drive LOL).

OTOH, NetBSD and OpenBSD can use that piece of hardware just fine albeit the claim of the card as “crappy” on certain mailing lists.