The branch main has been updated by ziaee: URL: https://cgit.FreeBSD.org/src/commit/?id=464a351267dc0d1843b919dd72ad1c70c24815ce
commit 464a351267dc0d1843b919dd72ad1c70c24815ce Author: Alexander Ziaee <[email protected]> AuthorDate: 2026-05-14 21:05:07 +0000 Commit: Alexander Ziaee <[email protected]> CommitDate: 2026-05-14 21:05:12 +0000 Cloud releases: Switch to firstboot_pkg_upgrade Cloud images are deployed with base system packages. Introduce a firstboot package auto updater to patch the base system on first boot. MFC after: 1 hour MFC to: stable/15 Reviewed by: cperciva Sponsored by: Google Cloud Differential Revision: https://reviews.freebsd.org/D56890 --- release/tools/azure.conf | 5 +++-- release/tools/ec2-base.conf | 9 ++++++--- release/tools/gce.conf | 5 +++-- 3 files changed, 12 insertions(+), 7 deletions(-) diff --git a/release/tools/azure.conf b/release/tools/azure.conf index 7a4f0b5027cf..9a5c12424bd3 100644 --- a/release/tools/azure.conf +++ b/release/tools/azure.conf @@ -6,10 +6,10 @@ export VMSIZE=30g # Set to a list of packages to install. -export VM_EXTRA_PACKAGES="azure-agent python python3 firstboot-freebsd-update firstboot-pkgs" +export VM_EXTRA_PACKAGES="azure-agent python python3 firstboot-pkg-upgrade firstboot-pkgs" # Set to a list of third-party software to enable in rc.conf(5). -export VM_RC_LIST="ntpd sshd waagent firstboot_freebsd_update firstboot_pkgs" +export VM_RC_LIST="ntpd sshd waagent firstboot_pkg_upgrade firstboot_pkgs" # No swap space; waagent will allocate swap space on the resource disk. # See ResourceDisk.EnableSwap and ResourceDisk.SwapSizeMB in waagent.conf @@ -43,6 +43,7 @@ vm_extra_pre_umount() { cat << EOF >> ${DESTDIR}/etc/rc.conf ifconfig_hn0="SYNCDHCP" ntpd_sync_on_start="YES" +firstboot_pkg_upgrade_repos="FreeBSD-base" EOF cat << EOF >> ${DESTDIR}/boot/loader.conf diff --git a/release/tools/ec2-base.conf b/release/tools/ec2-base.conf index ffe2646240a5..24b2feb5f0d7 100644 --- a/release/tools/ec2-base.conf +++ b/release/tools/ec2-base.conf @@ -7,15 +7,15 @@ # * amazon-ssm-agent (not enabled by default, but some users need to use # it on systems not connected to the internet), # * ec2-scripts, which provides a range of EC2ification startup scripts, -# * firstboot-freebsd-update, to install security updates at first boot, +# * firstboot-pkg-upgrade, to install security updates at first boot, # * firstboot-pkgs, to install packages at first boot, and # * isc-dhcp44-client, used for IPv6 network setup. export VM_EXTRA_PACKAGES="${VM_EXTRA_PACKAGES} amazon-ssm-agent ec2-scripts \ - firstboot-freebsd-update firstboot-pkgs isc-dhcp44-client" + firstboot-pkg-upgrade firstboot-pkgs isc-dhcp44-client" # Services to enable in rc.conf(5). export VM_RC_LIST="${VM_RC_LIST} ec2_configinit ec2_ephemeral_swap \ - ec2_fetchkey ec2_loghostkey firstboot_freebsd_update firstboot_pkgs \ + ec2_fetchkey ec2_loghostkey firstboot_pkg_upgrade firstboot_pkgs \ growfs sshd" vm_extra_pre_umount() { @@ -24,6 +24,9 @@ vm_extra_pre_umount() { # via EC2 user-data. echo 'firstboot_pkgs_list="devel/py-awscli"' >> ${DESTDIR}/etc/rc.conf + # Limit firstboot_pkg_upgrade to the base system. + echo 'firstboot_pkg_upgrade_repos="FreeBSD-base"' >> ${DESTDIR}/etc/rc.conf + # Any EC2 ephemeral disks seen when the system first boots will # be "new" disks; there is no "previous boot" when they might have # been seen and used already. diff --git a/release/tools/gce.conf b/release/tools/gce.conf index 7298aabf3956..938672ac92e0 100644 --- a/release/tools/gce.conf +++ b/release/tools/gce.conf @@ -6,14 +6,14 @@ export VMSIZE=20g # Set to a list of packages to install. -export VM_EXTRA_PACKAGES="${VM_EXTRA_PACKAGES} firstboot-freebsd-update \ +export VM_EXTRA_PACKAGES="${VM_EXTRA_PACKAGES} firstboot-pkg-upgrade \ firstboot-pkgs google-cloud-sdk panicmail sudo \ sysutils/py-google-compute-engine lang/python \ lang/python3" # Set to a list of third-party software to enable in rc.conf(5). export VM_RC_LIST="ntpd sshd growfs \ - firstboot_pkgs firstboot_freebsd_update google_startup \ + firstboot_pkgs firstboot_pkg_upgrade google_startup \ google_accounts_daemon google_clock_skew_daemon \ google_instance_setup google_network_daemon" @@ -47,6 +47,7 @@ ifconfig_DEFAULT="SYNCDHCP mtu 1460" ntpd_sync_on_start="YES" # need to fill in something here #firstboot_pkgs_list="" +firstboot_pkg_upgrade_repos="FreeBSD-base" panicmail_autosubmit="YES" EOF
