From nobody Mon Jan 15 18:14:48 2024 X-Original-To: freebsd-hackers@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4TDL061LSSz57Fn0; Mon, 15 Jan 2024 18:15:02 +0000 (UTC) (envelope-from theraven@FreeBSD.org) Received: from smtp.freebsd.org (smtp.freebsd.org [IPv6:2610:1c1:1:606c::24b:4]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "smtp.freebsd.org", Issuer "R3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4TDL060q4yz4Kxg; Mon, 15 Jan 2024 18:15:02 +0000 (UTC) (envelope-from theraven@FreeBSD.org) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1705342502; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=d0/IbcyKDemaHn7DKPTlbBlpVQncBceJ6kYfFdjJf1U=; b=uxi/zy1WLcTULjTCB8MGAEr7EAjawZPs46/9TAV+W6PFu7INdgBUto9oaLC8FsvLW++x72 eeVMsb+tPhug6Vq2eCX+uCGwVeMWBxLCFRJHiYVQwTBQDcTTQFy1LBhB057VgFz8E0CM0x ssQzBRLVmVwzsJ9RDRGwWQ+LH756jZhLtp79s0FOj2+MA58Aqg/TBJDvJqjUYAhb7U8H3k wcTpeLiuVgMZUM83vGhLKmt+mYt998tyKS2FLnSYrJ6Z5s9ilO3nEC5czIyuUS/OPTsVFA +Sk/CALqAw89gcIVlV23Op0MuK+O5YbZvGG0hMcSQbDuYzBY8h8iRU0/huB/Ew== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1705342502; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=d0/IbcyKDemaHn7DKPTlbBlpVQncBceJ6kYfFdjJf1U=; b=Mh7vnvBG8vQdDKKwicM2rovmymzCcHmlx0k4bBVM3/lR5WEj0lyYNbxy1zmVSWjgS50AtE jfc2GTkZV16fpBQ0qjty4GjS5FCwHVgvWTW45trTQsFMS/Jtpt9MC03XacWHCXPaJVIjCO ArX5DvmXqJQIxVApRTUSrCPJWEpGH0oiwiln66X0I7oOZapDW4y9oK2cy6wjHlFVeDqnRY aeWaEKhkQ5Iq+oPmDN0LOv0P2qBAZlwKNevyJtbKEp8CpqbJrUh6a5iSHKntbkU5IT4JXQ hCdntJxa5uc3Q3qMHJxWazpiyuDEhuFId+Qy2m1loONBBIK1EnGtQY7JOM0j0w== ARC-Authentication-Results: i=1; mx1.freebsd.org; none ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1705342502; a=rsa-sha256; cv=none; b=FHi9DpkyXsUV46FLnQ2+cZQSFYiuNytbQR3UBzwUvTHb3O0JG3/GruV9yqOY/WdHHzlASz ZZR4JoW2XzXUZFUy3goVX9LtJBkE0iLlSCJKTgn8cW1VtJrfF85Uvse2Z8ISstDfVeSKzB owOoCal0eipJGGUNVuboiGrb7vg2GF5q8kwvE5JH52BO4QSpcWgYqfhn+9kJNEuxiRg03e +8AhuJm6s5YyETimTmBROo71oNdaDR4+ibzrVv82Uofa1KhfaAnAEA72t7J+IVKsnU4HE2 ZkLJq5hZOrAMb+ORiVtX9v+2HTfO9OvyP0eL4n7bFIs+IMW+h3aRqg3ZvrgEhg== Received: from smtp.theravensnest.org (smtp.theravensnest.org [45.77.103.195]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) (Authenticated sender: theraven) by smtp.freebsd.org (Postfix) with ESMTPSA id 4TDL056m5xzM0B; Mon, 15 Jan 2024 18:15:01 +0000 (UTC) (envelope-from theraven@FreeBSD.org) Received: from smtpclient.apple (host81-141-223-70.range81-141.btcentralplus.com [81.141.223.70]) by smtp.theravensnest.org (Postfix) with ESMTPSA id 5CA86BE07; Mon, 15 Jan 2024 18:15:00 +0000 (GMT) Content-Type: text/plain; charset=utf-8 List-Id: Technical discussions relating to FreeBSD List-Archive: https://lists.freebsd.org/archives/freebsd-hackers List-Help: List-Post: List-Subscribe: List-Unsubscribe: Sender: owner-freebsd-hackers@freebsd.org Mime-Version: 1.0 (Mac OS X Mail 16.0 \(3774.200.91.1.1\)) Subject: Re: How to upgrade an EOL FreeBSD release or how to make it working again From: David Chisnall In-Reply-To: Date: Mon, 15 Jan 2024 18:14:48 +0000 Cc: John F Carr , freebsd-arm , freebsd-hackers , FreeBSD Mailing List , "freebsd-xen@freebsd.org" , FreeBSD Current , Warner Losh , =?utf-8?Q?Roger_Pau_Monn=C3=A9?= Content-Transfer-Encoding: quoted-printable Message-Id: References: To: Mario Marietto X-Mailer: Apple Mail (2.3774.200.91.1.1) On 15 Jan 2024, at 16:46, Mario Marietto wrote: >=20 > The ARM Chromebook is based on armv7,it is still recent. For reference, the ARMv7 architecture was introduced in 2005. The last = cores that implemented the architecture were released in 2014. This is = not a =E2=80=98recent=E2=80=99 architecture, it=E2=80=99s one that=E2=80=99= s 19 years old and has been largely dead for several years. > But let's change perspective for a moment,don't think about the ARM = Chromebook. My question is : how to upgrade FreeBSD when it goes EOL. Generally, run `freebsd-update`. This is a very different question from = =E2=80=98how do I do a new install of an old an unsupported version?' > I ask this because there is a huge difference here between FreeBSD and = Linux. Today if you need to use , for example Ubuntu 14.0, you can use = it as is. Yes,there will be a lot of bugs,but it will work without = crashes. But if you want to use an old FreeBSD system,nothing will work = for you. So,do you know some methods to install even packages or ports ? = You know,there are cases when you need to do some experiments so that = you can keep your machine off the internet,so you aren't scared that = someone can compromise it. Totally prohibiting the users to use an old = system,removing ports and packages is not a choice that I approve of. = And I'm not the only one that thinks like this. If you want to use an old and unsupported version of FreeBSD, no one is = stopping you, but: - You will need to build the releases. The source code is still in = git, you can. The scripts for building the release images are right = there in the repo. Just grab the relevant release or releng branch and = go. - You will need to build packages. Newer versions of the ports tree = will not be tested with the older release, so you may need to use an = older checkout of the ports tree. Poudriere will build a package repo = for you. =20 In both cases, if you=E2=80=99re using older versions you almost = certainly *will* have security vulnerabilities. The project strongly = advises you not to do this and not to blame us when you install = known-insecure software and end up compromised. The project does not have enough active contributors to keep maintaining = things indefinitely. This is why release have a five-year supported = lifetime. If you want to pick up an old branch and maintain it, = you=E2=80=99re welcome to. In the past, companies have picked up old = branches and maintained them for customers that had a dependency on = them. If you want to pay someone to maintain an old branch (and have = deep pockets) then there are probably a few companies that will happily = take your money. Maintaining binaries is a slightly different issue, but it=E2=80=99s not = totally unrelated. Keeping old packages around consumes disk space and = costs the project money (remember, every package is mirrored across the = CDN, so this isn=E2=80=99t just a single disk). Even if it were free, = philosophically, I think making it easy for users to install = known-insecure software is a bad idea but if you want to keep a package = repo with out-of-date packages online indefinitely then you can. You = can run Poudriere and even cross-compile from a fairly beefy cloud = machine quite easily. It=E2=80=99s been a while since I did a full package build, but I would = guess that you could do a single package build (all ports) for about $50 = on a cloud VM, more (2-3x) if it=E2=80=99s emulated. Storing the = results for a small number of users will cost around $10-20/month. If = you think this is an important thing to do, then you are absolutely = welcome to spend your own money on doing it. David