From owner-freebsd-questions Fri Sep 6 9:52:50 2002 Delivered-To: freebsd-questions@freebsd.org Received: from mx1.FreeBSD.org (mx1.FreeBSD.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 497DF37B400 for ; Fri, 6 Sep 2002 09:52:47 -0700 (PDT) Received: from obsecurity.dyndns.org (adsl-64-165-226-88.dsl.lsan03.pacbell.net [64.165.226.88]) by mx1.FreeBSD.org (Postfix) with ESMTP id 97B0E43E42 for ; Fri, 6 Sep 2002 09:52:46 -0700 (PDT) (envelope-from kris@obsecurity.org) Received: by obsecurity.dyndns.org (Postfix, from userid 1000) id 23C1666D7A; Fri, 6 Sep 2002 09:52:46 -0700 (PDT) Date: Fri, 6 Sep 2002 09:52:45 -0700 From: Kris Kennaway To: magudexter Cc: freebsd-questions@freebsd.org Subject: Re: Updating the system means recompiling the ports also? Message-ID: <20020906165245.GA72459@xor.obsecurity.org> References: <20020906143516.90728.qmail@web20305.mail.yahoo.com> Mime-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha1; protocol="application/pgp-signature"; boundary="bg08WKrSYDhXBjb5" Content-Disposition: inline In-Reply-To: <20020906143516.90728.qmail@web20305.mail.yahoo.com> User-Agent: Mutt/1.4i Sender: owner-freebsd-questions@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG --bg08WKrSYDhXBjb5 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline On Fri, Sep 06, 2002 at 07:35:16AM -0700, magudexter wrote: > 1. all the ports worked without a glich. Anyway do I > have to recompile them in order for the changes to > take place. For instance the bufferoverflows in > OpenSSL - the system doesn't have them anymore but > what about apache/php for example. > I'm also watching the upgrade from a practical > point of view of a sysadmin: say a bug which involves > making world (such as the OpenSSL) appears and you > have a production server full of mysql and others > servers/ports. > What do you guys do? Follow the directions in the relevant security advisory. Most ports use shared libraries and therefore do not need to be recompiled when the library changes. > And one other problem - I found out that the kernel > optimized for my machine made using the 'new way' > (handbook quote): > is about 4Mb(bigger then the GENERIC one which has > more than 20 more options) while build using the 'old > way' (i.e. config/make depend/make/make install) is > far more little (1.8Mb). I think you're confusing kernel.debug with the installed kernel. The former contains full debugging information and is used for analyzing a kernel panic. When it is installed this debugging information is stripped out. Kris --bg08WKrSYDhXBjb5 Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.7 (FreeBSD) iD8DBQE9eN1dWry0BWjoQKURAs9ZAJwMaqRKkgjGgPIMWR0TH1qkfZV4HQCgyfYr h0dghm/Q1EzmbRJ97L0TpkM= =+GF3 -----END PGP SIGNATURE----- --bg08WKrSYDhXBjb5-- To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message