From owner-freebsd-questions@FreeBSD.ORG Fri Nov 6 18:12:40 2009 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 8B4721065676 for ; Fri, 6 Nov 2009 18:12:40 +0000 (UTC) (envelope-from sonicy@otenet.gr) Received: from rosebud.otenet.gr (rosebud.otenet.gr [83.235.67.32]) by mx1.freebsd.org (Postfix) with ESMTP id 0E9B28FC14 for ; Fri, 6 Nov 2009 18:12:39 +0000 (UTC) Received: from pulstar.local (athedsl-4493911.home.otenet.gr [94.71.94.95]) by rosebud.otenet.gr (8.13.8/8.13.8/Debian-3) with ESMTP id nA6ICVfN004344; Fri, 6 Nov 2009 20:12:37 +0200 Message-ID: <4AF4670F.7040103@otenet.gr> Date: Fri, 06 Nov 2009 20:12:31 +0200 From: Manolis Kiagias User-Agent: Thunderbird 2.0.0.23 (Macintosh/20090812) MIME-Version: 1.0 To: Roger References: <9d972bed0911060931k4ee2a5b7n9d62db23beeb6367@mail.gmail.com> In-Reply-To: <9d972bed0911060931k4ee2a5b7n9d62db23beeb6367@mail.gmail.com> X-Enigmail-Version: 0.96.0 Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: 7bit Cc: freebsd-questions@freebsd.org Subject: Re: Help understanding basic FreeBSD concepts (ports, updates, jails) X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 06 Nov 2009 18:12:40 -0000 Roger wrote: > Hello all, > > I'm coming from Linux and I would appreciate it if I could get some > help understanding some basic FreeBSD concepts. > Here is the output of 'uname -r' is "7.2-RELEASE-p4". > > My first concerned is how do I keep FreeBSD up to date. > According to the FreeBSD site, the lastest production release is 7.2. > Is this the version that is recommended to have in a production > server? > Yes. > According to what I have read from the Handbook and searches in > google, the way to stay up to date > binary wise is to use "freebsd-update", is this correct? > Yes, and... > I believe freebsd-update will update the base system but not the > ports. Please correct me if I'm wrong. > > you are right! > My second concerned is the ports. In the file "ports-supfile" there is > one option, "*default release=cvs tag=.". > I believe this specifies which cvs tag to use when pulling files from > the ports. At one point I had "*default release=cvs > tag=RELEASE_7_2_0". > When I pulled the ports using the "RELEASE_7_2_0" tag and tried to > build "portsupgrade" the installation failed because the ruby version > that was going to be installed I believe had a security problem. (I > love the fact that I was stopped from installing software that is > KNOWN to be vulnerable). > I figured that maybe I needed to get the latest version. So I went > ahead and changed the cvs tag to "." (which I believe means the head > version). > This is correct. For a ports supfile you would want to always get the latest ports version, so tag=. will do it. > I updated the ports and then tried the installation again, this time > the installation went further but failed again due to the fact that > my libtool (I can't remember the exact name) was older than what the > installation required. So that threw me off. > You have installed some ports from the DVD or compiled them using the default (non-updated) ports tree. Your libtool (a port) is out of date and you need to upgrade it. Use ports-mgmt/portupgrade to perform port upgrades and read /usr/ports/UPDATING for special notes regarding specific ports. You will find a note on libtool in there too. > I believe that libtool is part of the base system and not the ports, correct? > No, this is a port. If it were a base system component it would already be up to date as you are running -p4 > So that made me think that maybe because of using the latest version > of the ports I can build certain ports if my base is not > concurrent (in terms of what the ports requires and what my system > offers) with the port system. > So my question is this, if my FreeBSD release is 7.2-RELEASE-p4 which > tag should I set for the ports system? > Always use tag=. for the ports supfile. Your problem comes from the fact you have already installed some older programs. > Should I put the tag "RELEASE_7_2_0" and then wait for a security fix > of the particular port (ruby) and then proceed to install? > What is the recommended approach if your aim is to have your system up > to date and stable? > No. What I would recommend is to install a base system from CD, do not install any packages from it (except maybe linux_base, the linux emulation) and then after installation, proceed to update your ports tree and install everything else from ports. The packages in the official media get outdated very fast, and if you are installing packages from a several months old release chances are some of them will have to be upgraded before you can install other packages from the updated ports tree. Spare yourself the time and install everything from your updated ports tree. > Another question that I have about the port system is, if LibX has a > security update (or simply a bug fix) and programs from the ports > programA, programB and programC depend on that library what is the > recommended way to perform the upgrade that will also handle upgrading > those programs? > > Yes, portupgrade (and other programs in the ports-mgmt/* category) can handle this type of problem. Specific instructions for upgrading in this case are listed in /usr/ports/UPDATING. These are usually something like portupgrade -Rf pkg-x-y-z > My third item is jails. I currently have only one external IP. I would > like to setup two jails, one for apache and the other for postfix. > Would that require more external IPs? If I wanted to have ssh access > to the host and the jails that would definitely will require 3 > external IPs right? > > Not much experience with jails here, someone else will hopefully answer this for you!