pkgsrc logo

Portable Package Management

pkgsrc is a framework for building over 20,000 open source software packages. It is the native package manager on SmartOS, NetBSD, and Minix, and is portable across 23 different operating systems. Use one package manager across all of your systems!

Joyent provide binary packages for SmartOS/illumos, macOS, Linux, and NetBSD.


Install on NetBSD

Packages are built on the latest development version of NetBSD/amd64 (currently 9.99.69) from pkgsrc trunk and updated every day. Note some important differences to other NetBSD package repositories:

  • All packages are signed, and /usr/pkg/sbin/pkg_add will refuse to install any unsigned packages (configured with VERIFIED_INSTALLATION=always set in /usr/pkg/etc/pkg_install.conf).
  • The bootstrap kit bundles /etc/openssl/certs/ containing certificates installed from the security/mozilla-rootcerts package, ensuring HTTPS will work without requiring any manual configuration.
  • A number of PKG_OPTIONS have been enabled by default to make packages as useful as possible.

The aim is to provide a repository that, for most users, will just work out of the box. If you have any requests for changes, please raise an issue here.

#
# Copy and paste the lines below to install the NetBSD/amd64 9.99.69 set.
#
BOOTSTRAP_TAR="bootstrap-netbsd-trunk-amd64-20200724.tar.gz"
BOOTSTRAP_SHA="85ff96c3f065d48f8c01137451dd0de25cdd6e60"

# Download the bootstrap kit to the current directory.
ftp https://pkgsrc.joyent.com/packages/NetBSD/bootstrap/${BOOTSTRAP_TAR}

# Verify the SHA1 checksum.
echo "${BOOTSTRAP_SHA}  ${BOOTSTRAP_TAR}" >check-shasum
sha1 -c check-shasum

# Verify PGP signature.  This step is optional, and requires gpg.
ftp https://pkgsrc.joyent.com/packages/NetBSD/bootstrap/${BOOTSTRAP_TAR}.asc
ftp -Vo - https://pkgsrc.joyent.com/pgp/5D402CC3.asc | gpg2 --import
gpg2 --verify ${BOOTSTRAP_TAR}.asc ${BOOTSTRAP_TAR}

#
# Remove any existing packages.  Note also that the bootstrap kit will
# install its own copies of the security/mozilla-rootcerts certificates
# into the /etc/openssl/certs/ directory.
#
rm -rf /usr/pkg /var/db/pkg /var/db/pkgin

# Install bootstrap kit to /usr/pkg
tar -zxpf ${BOOTSTRAP_TAR} -C /

# Add to PATH if necessary.
PATH=/usr/pkg/sbin:/usr/pkg/bin:$PATH

Post-Install Steps

Now that you're ready to go, here are some common commands you may want to run.

Use pkgin to install packages

pkgin is the front-end to the binary packages, and lets you search for, install, upgrade, and remove packages. It also provides some basic functionality for querying both local and remote packages. If you have used apt-get or yum you should find it to be very familiar.

Use pkg_* tools to manage packages

The underlying packaging tools are pkg_add, pkg_admin, pkg_create, pkg_delete, and pkg_info. If pkgin is equivalent to apt-get or yum, then these are the equivalent of dpkg or rpm. Here are some useful commands to get you started.

: Refresh the pkgin database with the latest version
$ sudo pkgin -y update

: Search for a package.  Regular expressions are supported.
$ pkgin search ^ffmpeg[0-9]$
ffmpeg4-4.1.1   Decoding, encoding and streaming software (v4.x)
ffmpeg3-3.4.5   Decoding, encoding and streaming software (v3.x)
ffmpeg2-2.8.14  Decoding, encoding and streaming software (v2.x)
ffmpeg1-1.2.12  Decoding, encoding and streaming software (v1.x)

: Install a package without prompting
$ sudo pkgin -y install ffmpeg4

: List all available packages
$ pkgin avail

: Upgrade all installed packages
$ sudo pkgin -y upgrade

: Remove a package
$ sudo pkgin -y remove ffmpeg4

: Automatically remove orphaned dependencies
$ sudo pkgin -y autoremove
: List installed packages.
$ pkg_info

: Query which package a file belongs to.
$ pkg_info -Fe /usr/pkg/bin/ffmpeg4
ffmpeg4-4.1.1

: List the contents of a package.
$ pkg_info -qL ffmpeg4
/usr/pkg/bin/ffmpeg4
/usr/pkg/bin/ffprobe4
[...]

: Perform an audit of all currently installed packages.
$ sudo pkg_admin fetch-pkg-vulnerabilities
$ pkg_admin audit
Package npm-6.9.0 has a denial-of-service vulnerability, see https://nvd.nist.gov/vuln/detail/CVE-2018-3721
Package nodejs-8.12.0 has a denial-of-service vulnerability, see https://nvd.nist.gov/vuln/detail/CVE-2018-7651
Package nodejs-8.12.0 has a http-response-splitting vulnerability, see https://nvd.nist.gov/vuln/detail/CVE-2018-12116
Package nodejs-8.12.0 has a spoofing vulnerability, see https://nvd.nist.gov/vuln/detail/CVE-2018-12123
[...]

: Create a binary package from some metadata files and package directory.
$ pkg_create -B build-info -c comment -d description -f packlist -I /usr/pkg -p files/ -U foo-1.0.tgz