Skip to main content.

The basics of pkgsrc


Live demo in BSD Now Episode 038 | Originally written by TJ for | Last updated: 2014/05/21

NOTE: the author/maintainer of the tutorial(s) is no longer with the show, so the information below may be outdated or incorrect.

Way back in 1997, NetBSD forked the FreeBSD ports system to create their own project. It was to be called pkgsrc, or "package source." In the NetBSD tradition, portability was a major goal. This tutorial is being done on a FreeBSD system. Today, pkgsrc can be used on a large number of platforms. It offers both binary packages and a way to compile software from source. We're mainly going to be demonstrating how to do it by source, since binary packages may not be as up to date or even available for all platforms. As of the time we do this tutorial, binary packages are not cryptographically signed either. Getting pkgsrc over CVS is probably the most secure method right now. You can also fetch it over FTP and untar it if you want to. We'll start by checking out the pkgsrc tree via CVS and running the bootstrap command.

# cd /usr
# cvs -q -z2 -d checkout -P pkgsrc
# cd pkgsrc/bootstrap
# ./bootstrap

You can also append the "--unprivileged" flag to the bootstrap script to run as a non-root user. This will use ~/pkg/ instead of /usr/pkg as the prefix for binaries, config files and metadata information. To update your pkgsrc tree later on, run the following:

# cd /usr/pkgsrc
# cvs update -dP

Read and follow the directions printed afterwards. Once it finishes building the initial stuff, we can start installing the software we want. A good site to easily search pkgsrc is

# vi ~/.cvsrc

The official pkgsrc guide recommends the following options in your ~/.cvsrc

cvs -q -z2
checkout -P
update -dP
diff -upN
rdiff -u
release -d

You will need to add "/usr/pkg/bin:/usr/pkg/sbin" to the beginning of your $PATH variable. This will vary greatly depending on what shell you're using. On FreeBSD, with csh, this can be temporarily done like so:

# setenv PATH /usr/pkg/bin:/usr/pkg/sbin:$PATH

But it will not persist, so please add it to your /etc/login.conf or whatever file your shell sources. Now let's install tmux for our example. Note that we use "bmake" instead of "make" here.

# cd /usr/pkgsrc/misc/tmux
# bmake install clean clean-depends

Even with just a simple program like tmux, you may quickly find yourself with lots of other things installed because of dependencies. On my test system, tmux pulled in all of this:

# pkg_info

bootstrap-mk-files-20140314 *.mk files for the bootstrap bmake utility
bmake-20140314      Portable (autoconf) version of NetBSD 'make' utility
pkg_install-20130902nb1 Package management and administration tools for pkgsrc
digest-20121220     Message digest wrapper utility
nbpatch-20100124    Patch files using diff output
libtool-base-2.4.2nb6 Generic shared library support script (the script itself)
gmake-4.0           GNU version of 'make' utility
libiconv-1.14nb2    Character set conversion library
gettext-lib- Internationalized Message Handling Library (libintl)
gettext-tools- Tools for providing messages in different languages
gtar-base-1.27.1nb1 The GNU tape archiver with remote magnetic tape support
perl-5.18.2nb1      Practical Extraction and Report Language
p5-Perl4-CoreLibs-0.003nb2 Libraries historically supplied with Perl 4
openssl-1.0.1g      Secure Socket Layer and cryptographic library
libevent-2.0.21nb3  Asynchronous event notification library
tmux-1.9a           BSD-licensed terminal multiplexer (GNU Screen alternative)

Check where it's actually installed with:

# which tmux


If you'd like to remove something installed via pkgsrc, it's a very familiar command.

# pkg_delete tmux

There's also a command to check if any of your packages have known security vulnerabilities.

# pkg_admin fetch-pkg-vulnerabilities
# pkg_admin audit

To check if any of your packages are outdated, you should install the "lintpkgsrc" tool.

# cd /usr/pkgsrc/pkgtools/lintpkgsrc
# bmake install clean clean-depends

After updating your tree via CVS, check if anything needs to be upgraded like so:

# lintpkgsrc -i

Scan Makefiles: ..........

If there's an upgrade needed, change to that package's directory in /usr/pkgsrc and run

# bmake update

to get the newest version available in the tree. There are lots of configuration options for pkgsrc that you may be interested in. Specifically, some packages have different options they can be built with.

# cd /usr/pkgsrc/net/tor
# bmake show-options

Any of the following general options may be selected:
threads  Enable threads support.

These options are enabled by default:

These options are currently enabled:

You can select which build options to use by setting PKG_DEFAULT_OPTIONS

To set an option, you'll need to edit mk.conf and set what you want and don't want.

# vi /etc/mk.conf


If you're unsure, just go with the defaults and you'll probably be fine. Be sure to check the FAQ and official documentation for everything else.

Latest News

New announcement


We understand that Michael Dexter, Brad Davis, and George Rosamond think there should be more real news....

Two Year Anniversary


We're quickly approaching our two-year anniversary, which will be on episode 105. To celebrate, we've created a unique t-shirt design, available for purchase until the end of August. Shirts will be shipped out around September 1st. Most of the proceeds will support the show, and specifically allow us to buy...

New discussion segment


We're thinking about adding a new segment to the show where we discuss a topic that the listeners suggest. It's meant to be informative like a tutorial, but more of a "free discussion" format. If you have any subjects you want us to explore, or even just a good name...

How did you get into BSD?


We've got a fun idea for the holidays this year: just like we ask during the interviews, we want to hear how all the viewers and listeners first got into BSD. Email us your story, either written or a video version, and we'll read and play some of them for...

Episode 281: EPYC Server battle


Direct Download:MP3 AudioVideo Headlines scp client multiple vulnerabilities Overview SCP clients from multiple vendors are susceptible to a malicious scp server performing unauthorized changes to target directory and/or client output manipulation. Description Many scp clients fail to verify if the objects returned by the scp server match those it asked for. This issue dates back to 1983 and...

Episode 280: FOSS clothing


Direct Download:MP3 AudioVideo Headlines A EULA in FOSS clothing? There was a tremendous amount of reaction to and discussion about my blog entry on the midlife crisis in open source. As part of this discussion on HN, Jay Kreps of Confluent took the time to write a detailed response — which...

Episode 279: Future of ZFS


Direct Download:MP3 AudioVideo Headlines The future of ZFS in FreeBSD The sources for FreeBSD's ZFS support are currently taken directly from Illumos with local ifdefs to support the peculiarities of FreeBSD where the Solaris Portability Layer (SPL) shims fall short. FreeBSD has regularly pulled changes from Illumos and tried to push...

Episode 278: The real McCoy


Direct Download:MP3 AudioVideo Interview - Kirk McKusick - 25 years of FreeBSD How Kirk got started in BSD, at the very beginning Predicting the Future How the code and community grew The leadership of the project, and how it changed over time UFS over the years (reading disks from 1982 in 2018) Conferences The rise and fall of...