Monday, November 24, 2003

Finding the Name of FreeBSD Packages to Install

I usually install FreeBSD applications using the ports system, but I wanted to know how to use the package collection as well. I wondered how to quickly locate the name and URL of a package so I could pass them as a parameter to pkg_add -r. Using this command FreeBSD fetches the package specified and installs any dependencies automatically.

I found the answer at the FreeBSD Ports Changes page. Here you can query for a package (or port) by name, and more importantly, specify which distribution you want. For example, if you wanted to install Nessus, you could choose from:

  • FreeBSD 4.9 RELEASE: packages created when 4.9 REL was announced

  • FreeBSD 4.x STABLE: the most up-to-date packages built for FreeBSD 4-stable

  • FreeBSD 5.1 RELEASE: packages created when 5.1 REL was announced

  • FreeBSD 5.x CURRENT: the most up-to-date packages built for FreeBSD 5-current


Let's say I wanted to install Nessus. What do these packages look like for the i386 architecture?

Essentially you have to recognize what version of FreeBSD you're running, and then select the appropriate package. Let's say I'm maintaining a FreeBSD 4.9 RELEASE system and want to install Nessus as if the package was installed from the 4.9 REL CD-ROM. In that case I'd choose the nessus-2.0.7.tgz package for FreeBSD 4.9 RELEASE. I use this option when I create installation instructions for Sguil, to simulate building a server using only the CD-ROM packages.

Most people want to run the newest edition of any application. If I wanted the latest and greatest version of Nessus on my 4.9 RELEASE system 'janney', I'd install nessus-2.0.8a.tgz. The second option looks like this:


janney# pkg_add -r ftp://ftp6.freebsd.org/pub/FreeBSD/ports/i386/
packages-4-stable/All/nessus-2.0.8a.tgz
Fetching ftp://ftp6.freebsd.org/pub/FreeBSD/ports/i386/
packages-4-stable/All/nessus-2.0.8a.tgz... Done.
Fetching ftp://ftp6.freebsd.org/pub/FreeBSD/ports/i386/
packages-4-stable/All/nessus-libraries-2.0.8a.tgz... Done.
Fetching ftp://ftp6.freebsd.org/pub/FreeBSD/ports/i386/
packages-4-stable/All/nessus-libnasl-2.0.8a.tgz... Done.

To simulate installing Nessus as a package on a FreeBSD 5.1 RELEASE system 'moog' from a 5.1 REL CD-ROM, I'd add the old nessus-2.0.5_1.tbz package. To get the very latest version of Nessus on a FreeBSD 5.1 system I'd add nessus-2.0.8a.tbz. The second option looks like this:

moog# pkg_add -r ftp://ftp6.freebsd.org/pub/FreeBSD/ports/
i386/packages-current/All/nessus-devel-2.0.8a.tbz
Fetching ftp://ftp6.freebsd.org/pub/FreeBSD/ports/i386/
packages-current/All/nessus-devel-2.0.8a.tbz... Done.
Fetching ftp://ftp6.freebsd.org/pub/FreeBSD/ports/i386/
packages-current/All/nessus-libraries-devel-2.0.8a.tbz... Done.
Fetching ftp://ftp6.freebsd.org/pub/FreeBSD/ports/i386/
packages-current/All/nessus-libnasl-devel-2.0.8a.tbz... Done.

Notice the different package compression schemes -- .tgz for the 4.9 system and .tbz for the 5.1 system. Also see that I passed the entire package URL as an argument to 'pkg_add -r'. The '-r' switch tells pkg_add the package is "remote." For each installation I chose "ftp6.freebsd.org" rather than simply "ftp.freebsd.org". This made pkg_add use one of the mirror sites rather than pound the main FTP server.

In each case I got the appropriate URL from the FreeBSD Ports Changes page. What if I didn't specify the URL, but only the package name?

On a FreeBSD 4.9 system, this happens:

bourque# pkg_add -r nessus
Fetching ftp://ftp.freebsd.org/pub/FreeBSD/ports/i386/
packages-4.9-release/Latest/nessus.tgz... Done.
Fetching ftp://ftp.freebsd.org/pub/FreeBSD/ports/i386/
packages-4.9-release/All/nessus-libraries-2.0.7.tgz... Done.
Fetching ftp://ftp.freebsd.org/pub/FreeBSD/ports/i386/
packages-4.9-release/All/nessus-libnasl-2.0.7.tgz... Done.

On a FreeBSD 5.1 system, this happens:

moog# pkg_add -r nessus
Fetching ftp://ftp.freebsd.org/pub/FreeBSD/ports/i386/
packages-5.1-release/Latest/nessus.tbz... Done.
Fetching ftp://ftp.freebsd.org/pub/FreeBSD/ports/i386/
packages-5.1-release/All/nessus-libraries-2.0.5_1.tbz... Done.
Fetching ftp://ftp.freebsd.org/pub/FreeBSD/ports/i386/
packages-5.1-release/All/nessus-libnasl-2.0.5_1.tbz... Done.

Notice in each case the packages built for the RELEASE are installed by default. There is probably a way to change this behavior to automatically retrieve the latest edition, but I haven't found it yet.

Here's another example. I chose this one so you could see how the package installation process solves dependency issues. Here I install darkstat, a lightweight alternative to ntop.

bourque# pkg_add -r ftp://ftp.freebsd.org/pub/FreeBSD/ports/
i386/packages-4-stable/All/darkstat-2.6.tgz
Fetching ftp://ftp.freebsd.org/pub/FreeBSD/ports/i386/
packages-4-stable/All/darkstat-2.6.tgz... Done.
Fetching ftp://ftp.freebsd.org/pub/FreeBSD/ports/i386/
packages-4-stable/All/libiconv-1.9.1_3.tgz... Done.
Fetching ftp://ftp.freebsd.org/pub/FreeBSD/ports/i386/
packages-4-stable/All/gettext-0.12.1.tgz... Done.


Keep in mind that package installation bypasses all of the benefits of installing the source code through the ports system.

If you want to install a slew of packages at the same time, check out POPS: "Package Of the PackageS" for FreeBSD. This is a ~600 MB CD-ROM .iso with various packages selected by the POPS creator. He likens POPS to a "Linux distribution" in the sense that most FreeBSD installations are fairly minimal.

On a related note, the other king of software installation, Debian, released 3.0r2 last week. The Slashdot thread was informative. I learned of useful sites like apt-get.org and backports.org, as well as tools like apt-secure and aptitude.