1.3.4 - Provider reposync enhancements
Released September 08, 2025
This is a small release that changes a few behaviors for reposync in providers that require sudo privileges.
FreeBSD provider now has a reposync implementation that requires sudo, in order to enhance reliability and security
All providers that require sudo use absolute paths when calling their commands, in line with the generated sudo snippets.
The second change should have no impact on your systems, and the change is reflected in the documentation.
The first change however may need some configuration adjustments, if you want to opt into the new feature.
FreeBSD Provider Changes (potential actions required)
Previously, the FreeBSD provider's reposync method was basically a no-op, and did nothing. If your sudo policy (either globally or local to freebsd hosts) is skip (which is the default), nothing changes, and you can continue using the software as-is if you are happy with the behavior.
If you have a global policy set to nopasswd, ensure your FreeBSD systems have sudoers configured for Exosphere.
You should configure this either way if you wish to be able to perform a repository sync (^x in the ui, or refresh --sync in the cli) on FreeBSD hosts.
This is not mandatory, and you could instead elect to run pkg update -q via a cron or periodic job on the systems to ensure repository freshness.
Why the late change?
Previously, the FreeBSD provider worked on the assumption that the upgrade process synchronized repositories automatically during updates/upgrades -- which it does. However, this does not actually occur in the simulation mode we use to query available updates on the systems.
Given the presence of the sudoers policy system, and the fact that doing nothing maintains the existing behavior, I've elected to make an actual reposync available on FreeBSD hosts, as an incremental fix.
What's Changed
Recommend uvx over uv tool in docs
Require sudo privileges for FreeBSD reposync, use absolute paths for sudo