I responded to a query on FreeBSD-stable about upgrading ports on a system that hadn't been kept particularly up to date, and I was asked to make a Web page out of my reply. Here goes.
Having just gone through this in two different environments, I can very very strongly recommend doing the following. It's not the “easy button” of the TV commercials, but it will make things much much easier in the future.
# pkg set -A 1 -g '*' # pkg query -e '%#r==0' '%n-%v: %c'
pkg queryto identify the leaf packages that are the ones you actually wanted explicitly to have installed. For each one of those:
# pkg set -A 0 packagename
# pkg query -e '%a==0' '%o' > pkg-list
# pkg autoremove
(You can iterate the last three steps, aborting
autoremove each time but the last, until it doesn't
offer to remove anything you care about keeping.)
Repeat this process for each machine, and merge the
resulting pkg-list files using
-u. Make sure that pkgng is enabled for ports in
poudriere optionsfor each jail and setname (if you created any sets following the customization section referenced above), providing the package list you constructed, to make sure that any new options are configured as you require them.
poudriere bulkfor each jail and setname (if you created any), providing the package list as before. This will create a pkgng repository for each jail and set, which you can serve by HTTP (using your choice of Web server) or SSH (with pkgng 1.1+), and all of these packages will have been built in a clean jail and (if their dependencies were specified correctly) will have no library inconsistencies.
pkg upgrade -fyon all of your machines, and resolve any inconsistencies by
pkg remove-ing the offending local package.
That seems like a lot of work, and it is, but having done it, there's a huge benefit the next time you want to do update your systems:
pkg install -fR somepackage, then do those first.
pkg upgrade -yto upgrade any remaining packages.
Even for just three machines it was worth going through this process—and worth unifying all of my package sets and options. Since I now do one build instead of three, I'm no longer so concerned about minimizing dependencies; it's no big deal if some X libraries get installed on my server.