Not so long ago I wrote about how you can configure FreeBSD to email you regarding available updates on a weekly basis. This is something that I have had in place for a while now, and I really enjoy the ability to keep things on the patched (read: bleeding) edge. Recently I found a small issue with the setup I had been using. I wanted to share the fix with anyone that may have been doing the same thing.
First of all, let me tell you about the issue I came across.
When I would recieve an email regarding available updates I would connect to the FreeBSD Jail and use
portmaster -a -d to apply all available updates. I noticed that the number of updates applied did not match the number of updates listed in the email. Odd. Well, after thinking about it for a bit I realized what the problem was.
The cron job (as seen in the previous post) was running at the same time on the FreeBSD host as well as the FreeBSD Jail. Why is that a problem, you ask? Remember the slight variation in the host cronjob verses the jail. The host system is pulling down the updated ports tree before it compares and emails any available updates. The problem is introduced because the jails start doing their comparison and email reporting right away, while the host system is fetching and applying the updated tree. Oops! The ports tree update isn’t finished fast enough for the jails to actually have the new information.
The solution I came up with is a very simple one. Simply update the cron daily run time on the host to give it an adequate headstart from the jails. On my systems the /etc/crontab files now look like this:
# Perform daily/weekly/monthly maintenance.<br /> 1 2 * * * root periodic daily<br /> 15 4 * * 6 root periodic weekly<br /> 30 5 1 * * root periodic monthly<br />
# Perform daily/weekly/monthly maintenance.<br /> 1 3 * * * root periodic daily<br /> 15 4 * * 6 root periodic weekly<br /> 30 5 1 * * root periodic monthly
If you didn’t notice the change look closer. It’s a very small fix. The “periodic daily” row on the host is now set to run at 2:00am while the same field is set to 3:00am on the jail. I’m sure that is more than enough time for the host to update the ports tree before the jails start to do their reporting.
In conclusion, if you’re using a similar reporting system you’ll likely want to apply this small change as well. Giving the host system enough time to update the ports tree will be critical in getting updated, accurate information within the jail systems.