Bug 204549

Summary: freebsd-update should fetch e.g. /etc/ntp.conf.default
Product: Base System Reporter: dave
Component: confAssignee: Warner Losh <imp>
Status: New ---    
Severity: Affects Many People CC: cperciva, doc, emaste, erik, grahamperrin, ngie
Priority: --- Flags: imp: mfc-stable14+
imp: mfc-stable13+
Version: 9.3-RELEASE   
Hardware: Any   
OS: Any   
See Also: https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=273155

Description dave 2015-11-14 20:44:52 UTC
If I modify /etc/ntp.conf to add say my ADSL router, freebsd-update will not retrieve any new version.  Instead, it should maintain say /etc/ntp.conf.default, and let the user sort it out.

If I dare to modify a user-modifiable file:

aneurin# freebsd-update fetch          
Looking up update.FreeBSD.org mirrors... none found.
Fetching metadata signature for 9.3-RELEASE from update.FreeBSD.org... done.
Fetching metadata index... done.
Inspecting system... done.
Preparing to download files... done.

The following files are affected by updates, but no changes have
been downloaded because the files have been modified locally:
/etc/ntp.conf

The following files will be removed as part of updating to 9.3-RELEASE-p30:

aneurin# 

If I capitulate and put the original back:

aneurin# freebsd-update fetch        
Looking up update.FreeBSD.org mirrors... none found.
Fetching metadata signature for 9.3-RELEASE from update.FreeBSD.org... done.
Fetching metadata index... done.
Inspecting system... done.
Preparing to download files... done.

The following files will be removed as part of updating to 9.3-RELEASE-p30:

aneurin#

I then have to restore my changes...
Comment 1 dave 2016-01-09 17:33:44 UTC
Any progress on this, anyone? It's been two months, and so far not even so much as an acknowledgement...
Comment 2 Enji Cooper freebsd_committer freebsd_triage 2016-01-09 20:43:43 UTC
How are you using freebsd-update.conf? The default version seems (haven't tested) that it should handle merging properly...
Comment 3 dave 2016-06-10 20:44:14 UTC
(In reply to Ngie Cooper from comment #2)
Sorry for the delay; things sorta got away from me...

Here are the bits I changed:

# Components of the base system which should be kept updated.
Components world kernel
# DH 3/11/15 Components src world kernel

(I don't keep source here; no room on the disk.)

# Directory in which to store downloaded updates and temporary
# files used by FreeBSD Update.
# WorkDir /var/db/freebsd-update
# DH
WorkDir /usr/local/freebsd-update

(I have more room on /usr/local than I do on /var.)
Comment 4 dave 2016-07-14 00:07:21 UTC
Was my reply of any use?
Comment 5 Colin Percival freebsd_committer freebsd_triage 2016-07-14 00:36:11 UTC
Sorry, just saw this PR now.  Short answer, freebsd-update does merging for files in /etc/ but only when upgrading between releases; when I wrote it we didn't expect to ever have security updates making changes to files in /etc/.
Comment 6 dave 2016-07-25 23:01:39 UTC
Well, it's not a security update as such;  merely a way to not have to manually update ntp.conf by hand, as it's user-maintained.  Will there be a resolution?
Comment 7 Erik Cederstrand 2016-09-02 07:42:43 UTC
I'm having the same issue. If I modify /etc/ntp.conf, freebsd-update always wants to update it:

/home/admin% sudo freebsd-update fetch
Looking up update.FreeBSD.org mirrors... 4 mirrors found.
Fetching metadata signature for 10.1-RELEASE from update5.freebsd.org... done.
Fetching metadata index... done.
Inspecting system... done.
Preparing to download files... done.

No updates needed to update system to 10.1-RELEASE-p37.
/home/admin% echo "tinker panic 0" >> /etc/ntp.conf  
/home/admin% sudo freebsd-update fetch
Looking up update.FreeBSD.org mirrors... 4 mirrors found.
Fetching metadata signature for 10.1-RELEASE from update5.freebsd.org... done.
Fetching metadata index... done.
Inspecting system... done.
Preparing to download files... done.

The following files are affected by updates, but no changes have
been downloaded because the files have been modified locally:
/etc/ntp.conf

No updates needed to update system to 10.1-RELEASE-p37.
/home/admin%
Comment 8 Graham Perrin 2023-08-16 06:15:59 UTC
Need help - update failing?
<https://old.reddit.com/r/freebsd/comments/15lmvna/-/>

Why is freebsd-update (or maybe etcupdate?) suddenly incapable of merging sshd_config?
<https://old.reddit.com/r/freebsd/comments/15rhk7x/-/>

I'll draw attention to comment 5 here.
Comment 9 Graham Perrin 2023-08-16 06:41:41 UTC
<https://docs.freebsd.org/en/books/handbook/book/#freebsdupdate-security-patches>

> Applying Security Patches

This section of the FreeBSD Handbook will benefit from: 

1. a (blue ⓘ) note box describing the bug

2. subsequent text, not within the box, to describe a workaround – maybe with 
   /etc/ssh/sshd_config as an example.
Comment 10 Graham Perrin 2023-08-16 06:54:54 UTC
(In reply to Graham Perrin ◐ from comment #9)

See also: bug 273155

> 273155 – Add a BUGS section to freebsd-update(8)
Comment 11 Graham Perrin 2023-08-20 10:15:29 UTC
<https://github.com/freebsd/freebsd-src/pull/826>
Comment 12 commit-hook freebsd_committer freebsd_triage 2024-02-02 20:39:38 UTC
A commit in branch main references this bug:

URL: https://cgit.FreeBSD.org/src/commit/?id=a8c1ffca7a594733a91c1513d0185be174d1115f

commit a8c1ffca7a594733a91c1513d0185be174d1115f
Author:     Graham Perrin <grahamperrin@gmail.com>
AuthorDate: 2023-08-19 14:52:18 +0000
Commit:     Warner Losh <imp@FreeBSD.org>
CommitDate: 2024-02-02 20:35:25 +0000

    freebsd-update(8): Explain conflicts in /etc

    Unlike etcupdate(8), freebsd-update only prints the files with
    conflicts. It doesn't merge.

    PR: 204549
    Reviewed by: imp
    Pull Request: https://github.com/freebsd/freebsd-src/pull/826

 usr.sbin/freebsd-update/freebsd-update.8 | 9 +++++++++
 1 file changed, 9 insertions(+)
Comment 13 Mark Linimon freebsd_committer freebsd_triage 2024-02-08 02:50:56 UTC
^Triage: assign to committer.
Comment 14 Warner Losh freebsd_committer freebsd_triage 2024-02-08 05:19:59 UTC
Well, I tagged this as MFC... then read the bug closely... this is a different bug.