Random Musings

O for a muse of fire, that would ascend the brightest heaven of invention!

Building a custom base FreeBSD OCI container image

Tuesday, 10 Jun 2025 Tags: containersfreebsd

Now that FreeBSD 14.3 is out, it’s much simpler to build a custom base OCI container image than before. These brief instructions assume that you are running this on a standard FreeBSD 14.3 or later system.

Create this simple Containerfile:

FROM ghcr.io/freebsd/freebsd-runtime:14.3@sha256:3a5ffe995405b5f6300797b38d87328a267bbeeb550d3707c9c5e0a76827a978
RUN /bin/pkg install -yr FreeBSD-base FreeBSD-utilities

By using the sha256 digest of the image, we are providing a strong guarantee of provenance of the base image, even though this has been pulled form Then build the image with podman build:

# podman build \
  --volume /usr/local/sbin/pkg:/bin/pkg \
  --env IGNORE_OSVERSION=yes \
  --env ABI=FreeBSD:14:$(sysctl -n hw.machine_arch) \
  --env OSVERSION=1403000 \
  --no-hosts \
  --tag freebsd-base:14.3 \
  --file Containerfile

The --volume option mounts the host’s pkg binary into the container, so that we don’t need to bootstrap the package manager inside the container.

The various --env options are to ensure that the package manager uses the expected ABI and OSVERSION values, and not to divine them from the host system, and the sysctl command ensures that the correct ABI is chosen.

The --no-hosts option is used to prevent Podman from trying to mount the host /etc/hosts file into the container, which is normally used to provide hostname resolution for the container. This is not necessary for a base image, and it prevents the FreeBSD-runtime package failing during installation, as it also supplies an /etc/hosts file.

The --tag option names the resulting image as freebsd-base:14.3, so that it can be easily referenced later in other builds.

The output will be similar to this:

STEP 1/3: FROM ghcr.io/freebsd/freebsd-runtime:14.3
STEP 2/3: ENV "IGNORE_OSVERSION"="yes" "ABI"="FreeBSD:14:amd64" "OSVERSION"="1403000"
--> Using cache d4ed785704c58074ddd8e624101bc6eed0b7209bf108b5d4ee25c0db3107e0b1
--> d4ed785704c5
STEP 3/3: RUN /bin/pkg install -yr FreeBSD-base FreeBSD-utilities
pkg: Warning: Major OS version upgrade detected.  Running "pkg bootstrap -f" recommended
Updating FreeBSD-base repository catalogue...
[6e473408e783] Fetching meta.conf: . done
[6e473408e783] Fetching data.pkg: ... done
Processing entries: .......... done
FreeBSD-base repository update completed. 525 packages processed.
FreeBSD-base is up to date.
The following 8 package(s) will be affected (of 0 checked):

New packages to be INSTALLED:
        FreeBSD-blocklist: 14.3 [FreeBSD-base]
        FreeBSD-libcasper: 14.3 [FreeBSD-base]
        FreeBSD-libldns: 14.3 [FreeBSD-base]
        FreeBSD-libmagic: 14.3 [FreeBSD-base]
        FreeBSD-tcpd: 14.3 [FreeBSD-base]
        FreeBSD-ufs: 14.3 [FreeBSD-base]
        FreeBSD-utilities: 14.3 [FreeBSD-base]
        FreeBSD-zfs: 14.3 [FreeBSD-base]

Number of packages to be installed: 8

The process will require 83 MiB more space.
14 MiB to be downloaded.
[6e473408e783] [1/8] Fetching FreeBSD-tcpd-14.3.pkg: .. done
[6e473408e783] [2/8] Fetching FreeBSD-zfs-14.3.pkg: .......... done
[6e473408e783] [3/8] Fetching FreeBSD-libmagic-14.3.pkg: .......... done
[6e473408e783] [4/8] Fetching FreeBSD-libcasper-14.3.pkg: . done
[6e473408e783] [5/8] Fetching FreeBSD-libldns-14.3.pkg: ......... done
[6e473408e783] [6/8] Fetching FreeBSD-blocklist-14.3.pkg: .. done
[6e473408e783] [7/8] Fetching FreeBSD-ufs-14.3.pkg: .......... done
[6e473408e783] [8/8] Fetching FreeBSD-utilities-14.3.pkg: .......... done
Checking integrity... done (0 conflicting)
[6e473408e783] [1/8] Installing FreeBSD-blocklist-14.3...
[6e473408e783] [1/8] Extracting FreeBSD-blocklist-14.3: .... done
[6e473408e783] [2/8] Installing FreeBSD-libcasper-14.3...
[6e473408e783] [2/8] Extracting FreeBSD-libcasper-14.3: . done
[6e473408e783] [3/8] Installing FreeBSD-libldns-14.3...
[6e473408e783] [3/8] Extracting FreeBSD-libldns-14.3: . done
[6e473408e783] [4/8] Installing FreeBSD-libmagic-14.3...
[6e473408e783] [4/8] Extracting FreeBSD-libmagic-14.3: .... done
[6e473408e783] [5/8] Installing FreeBSD-tcpd-14.3...
[6e473408e783] [5/8] Extracting FreeBSD-tcpd-14.3: ..... done
[6e473408e783] [6/8] Installing FreeBSD-ufs-14.3...
[6e473408e783] [6/8] Extracting FreeBSD-ufs-14.3: .......... done
[6e473408e783] [7/8] Installing FreeBSD-utilities-14.3...
[6e473408e783] [7/8] Extracting FreeBSD-utilities-14.3: ......... done
[6e473408e783] [8/8] Installing FreeBSD-zfs-14.3...
[6e473408e783] [8/8] Extracting FreeBSD-zfs-14.3: .......... done
COMMIT freebsd-base:14.3
--> d2280fbf2bc8
Successfully tagged localhost/freebsd-base:14.3
d2280fbf2bc802aa961fd4fbb8ab6542105356f8183c69625af169a619e1166d

Your project may need additional packages, so you can add them to the RUN line above.