Howto: Bootstrap an existing Install

To bootstrap pkgbase, we’ll be using bectl(8). To be fair, you should be using bectl(8) whenever you’re doing major changes to your systems!

Create a new Boot Environment

To make our lives easier, we can set up the repository as described on the front page before creating the BE.

Another way to make our lives easier is to create a -recursive boot environment:

~ $ sudo bectl create -r PkgBase 


To use our BE, we’ll enter a jail:

~ $ sudo -H bectl jail -o host=inherit \
    -o ip4=inherit -o ip6=inherit \
    -o allow.chflags=1 PkgBase

This command will mount the BE in a temporary directory, and drop us into a jail with the bectl(8) documented defaults and our -overrides. From the set above, the network options allow us to use the host’s network, and the allow.chflags option allows us to modify protected files and directories, which is what we’re about to do.

We are now ready to bootstrap:

~ $ sudo pkg update -r FreeBSD-base
~ $ sudo pkg install -g 'FreeBSD-*'

This will -glob-match all packages starting with FreeBSD- and install them. Once done, we need to

Cleanup builds all sensible kernel packages:

~ $ pkg info | grep FreeBSD-kernel
FreeBSD-kernel-generic-13.0.a2.20210123174755 FreeBSD GENERIC kernel
FreeBSD-kernel-generic-dbg-13.0.a2.20210123174755 FreeBSD GENERIC kernel -dbg
FreeBSD-kernel-minimal-13.0.a2.20210123174755 FreeBSD MINIMAL kernel
FreeBSD-kernel-minimal-dbg-13.0.a2.20210123174755 FreeBSD MINIMAL kernel -dbg

The generic kernel is the default kernel. We can either pick which kernel we want to keep, and pkg-remove(8) all others, or we leave the them all installed and choose via the bootloader.


Since pkg(8) “knows” that none of the files existing on your system prior to pkgbase installation are part of a package, it “saves” them as .pkgsave files. Most of those files can be deleted. Not so these ones in /etc:


and these root profiles:


In theory, you can simply copy the .pkgsave over the base-file. To make sure you’re getting what you’re expecting, you can diff(1) before.

But if, like me, you messed up anywhere along the way, the safest way to restore these files is to copy them from the host into the jail. For that we can look up where the jail is mounted and copy the files from the host in:

~ $ bectl list
BE      Active Mountpoint         Space Created
PkgBase -      /tmp/be_mount.UxgO 57.1G 2021-01-20 20:38
default NR     /                  19.5G 2020-12-14 10:38

After restoring /etc/master.passwd from the host, it might be tempting to also restore /etc/spwd.db and /etc/pwd.db, but it is far more reliable to open vipw(8), and save-close it.

Unless you have knowingly modified any existing files, it is now time to remove all .pkgsave files for good:

~ $ sudo find /libexec/ /lib /rescue/ /usr/ /bin /sbin /boot \
        -name \*.pkgsave -delete

and rebuild /boot/kernel/linker.hints:

~ $ sudo -H service kldxref onerestart

We can now exit the jail.


If your computer has UEFI, there is one more step before you can fully experience all the new goodies after a reboot. You have to copy the new loader.efi to the EFI partition. But first, we have to find it:

~ $ geom label status -s
msdosfs/EFISYS  N/A  ada0p1
  gpt/gptboot0  N/A  ada0p2

and now we can mount it:

~ $ sudo mount -t msdosfs /dev/msdosfs/EFISYS /boot/efi

To save ourselves the trouble of finding this next time, we can put an entry into /etc/fstab:

/dev/msdosfs/EFISYS     /boot/efi       msdos   rw,noauto       0       0

Now, we can,

~ $ sudo cp /boot/loader.efi /boot/efi/EFI/freebsd/loader.efi

and reboot (again).