--- /dev/null
+# $FreeBSD: stable/12/usr.sbin/freebsd-update/freebsd-update.conf 337338 2018-08-04 22:25:41Z brd $
+
+# Trusted keyprint. Changing this is a Bad Idea unless you've received
+# a PGP-signed email from <security-officer@FreeBSD.org> telling you to
+# change it and explaining why.
+KeyPrint 800651ef4b4c71c27e60786d7b487188970f4b4169cc055784e21eb71d410cc5
+
+# Server or server pool from which to fetch updates. You can change
+# this to point at a specific server if you want, but in most cases
+# using a "nearby" server won't provide a measurable improvement in
+# performance.
+ServerName update.FreeBSD.org
+
+# Components of the base system which should be kept updated.
+Components world
+
+# Example for updating the userland and the kernel source code only:
+# Components src/base src/sys world
+
+# Paths which start with anything matching an entry in an IgnorePaths
+# statement will be ignored.
+IgnorePaths
+
+# Paths which start with anything matching an entry in an IDSIgnorePaths
+# statement will be ignored by "freebsd-update IDS".
+IDSIgnorePaths /usr/share/man/cat
+IDSIgnorePaths /usr/share/man/whatis
+IDSIgnorePaths /var/db/locate.database
+IDSIgnorePaths /var/log
+
+# Paths which start with anything matching an entry in an UpdateIfUnmodified
+# statement will only be updated if the contents of the file have not been
+# modified by the user (unless changes are merged; see below).
+UpdateIfUnmodified /etc/ /var/ /root/ /.cshrc /.profile
+
+# When upgrading to a new FreeBSD release, files which match MergeChanges
+# will have any local changes merged into the version from the new release.
+MergeChanges /etc/
+
+### Default configuration options:
+
+# Directory in which to store downloaded updates and temporary
+# files used by FreeBSD Update.
+# WorkDir /var/db/freebsd-update
+
+# Destination to send output of "freebsd-update cron" if an error
+# occurs or updates have been downloaded.
+# MailTo root
+
+# Is FreeBSD Update allowed to create new files?
+# AllowAdd yes
+
+# Is FreeBSD Update allowed to delete files?
+# AllowDelete yes
+
+# If the user has modified file ownership, permissions, or flags, should
+# FreeBSD Update retain this modified metadata when installing a new version
+# of that file?
+# KeepModifiedMetadata yes
+
+# When upgrading between releases, should the list of Components be
+# read strictly (StrictComponents yes) or merely as a list of components
+# which *might* be installed of which FreeBSD Update should figure out
+# which actually are installed and upgrade those (StrictComponents no)?
+# StrictComponents no
+
+# When installing a new kernel perform a backup of the old one first
+# so it is possible to boot the old kernel in case of problems.
+BackupKernel no
+
+# If BackupKernel is enabled, the backup kernel is saved to this
+# directory.
+# BackupKernelDir /boot/kernel.old
+
+# When backing up a kernel also back up debug symbol files?
+BackupKernelSymbolFiles no
--- /dev/null
+#!/bin/sh
+
+# Update freebsd base of all running jails
+#
+# one has first to create the suitable configuration file
+# by default /usr/local/etc/jail-update.conf
+# or pass it as the first argument
+#
+#
+
+usage() {
+ echo 'Usage: ...'
+ echo -e '-c\tconfiguration file'
+ echo -e '\t\tdefault to /usr/local/etc/jail-update.conf'
+ echo -e '-j\tjail list'
+ echo -e '\t\tdefault to all running jails'
+ echo -e '-u\tthis message'
+ echo '-------------------------------------------------'
+}
+
+parse() {
+ RED='\033[0;31m'
+ NC='\033[0m' # No Color
+ while getopts "cuj:" option
+ do
+ case ${option} in
+ c)
+ CONF=${OPTARG}
+ ;;
+ j)
+ JLIST=${OPTARG}
+ ;;
+ *)
+ usage
+ exit 0
+ ;;
+ esac
+ done
+}
+
+# default parameters
+CONF=/usr/local/etc/jail-update.conf
+# get currently running names (or jids) list
+JLIST=`jls name 2>/dev/null`
+
+parse ${*}
+
+[ -z "${JLIST}" ] && echo 'no jail to check.exiting.' && exit 0
+[ ! -r "${CONF}" ] && echo 'no configuration file for updating.exiting.' && exit 1
+
+echo ''
+echo 'Ready to update jail(s) <'${JLIST}'>, according to the <'${CONF}'> configuration.'
+echo ''
+
+for J in ${JLIST};
+do
+ # jail path
+ JPATH=`jls -j ${J} path 2>/dev/null`
+ if [ -n "${JPATH}" ]; then
+ echo '[ :: ' $J ' ::]'
+ # freebsd version this jail is running
+ JVERSION=`jexec ${J} freebsd-version -u`
+ if [ -n "${JVERSION}" ]; then
+ echo 'Updating <'${J}'> from version <'${JVERSION}'>, path <${JPATH}>.'
+ freebsd-update -f ${CONF} --currently-running ${JVERSION} -b ${JPATH} fetch install
+
+ else
+ echo 'Unable to get jail <'${J}'> path.Skipping'
+
+ fi
+
+ else
+ echo 'Jail <'${J}'> unavailable.Skipping.'
+
+ fi
+done
+
--- /dev/null
+#!/bin/sh
+
+all_jails=`jls jid`
+DO_CLEAN=""
+DO_DIST=""
+
+do_all_jails(){
+
+ echo '---------------------------------------'
+ echo ":: Host ::"
+ echo
+ pkg upgrade
+ echo
+ echo Cleaning host
+ echo
+ [ -n "${DO_CLEAN}" ] && pkg ${DO_CLEAN}
+ [ -n "${DO_CLEAN}" ] && pkg ${DO_DIST}
+ for j in ${all_jails}
+ do
+ echo '---------------------------------------'
+ echo ":: jail `jls -j ${j} name` [ ${j} ] ::"
+ echo ''
+
+ pkg -j ${j} upgrade
+ echo
+ echo Cleaning
+ echo
+ [ -n "${DO_CLEAN}" ] && pkg -j ${j} ${DO_CLEAN}
+ echo
+ echo Cleanup distfiles
+ echo
+ [ -n "${DO_CLEAN}" ] && pkg -j ${j} ${DO_DIST}
+ done
+}
+
+echo
+read -r -p "Would you like to clean up (autoremove) ports ? [Y/n] " yn
+echo
+
+case "${yn}" in
+ [Yy][eE][sS]|[yY])
+ DO_CLEAN="autoremove"
+ ;;
+ *)
+ ;;
+esac
+
+
+echo
+read -r -p "Would you like to remove distfiles ? [Y/n] " yn
+echo
+
+case "${yn}" in
+ [Yy][eE][sS]|[yY])
+ DO_DIST="clean -a"
+ ;;
+ *)
+ ;;
+esac
+echo removing distfiles
+do_all_jails