From owner-freebsd-questions@FreeBSD.ORG Wed May 22 18:26:53 2013 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.freebsd.org (mx1.FreeBSD.org [8.8.178.115]) by hub.freebsd.org (Postfix) with ESMTP id B96533A7 for ; Wed, 22 May 2013 18:26:53 +0000 (UTC) (envelope-from edflecko@gmail.com) Received: from mail-qe0-f53.google.com (mail-qe0-f53.google.com [209.85.128.53]) by mx1.freebsd.org (Postfix) with ESMTP id 82733CE1 for ; Wed, 22 May 2013 18:26:53 +0000 (UTC) Received: by mail-qe0-f53.google.com with SMTP id s14so1337512qeb.26 for ; Wed, 22 May 2013 11:26:47 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:date:message-id:subject:from:to:content-type; bh=8O0e9vrX6LtSg6srnOzrfj0X3wm+k4+TnOrkabQa7p0=; b=PYG2MdNYDc2cOdXQuUmYGUcud6K+SYQYmKCd8tdRlnMs3IGExkcbg9YoJaGsKfbYVX Mz9SLMgCZwtplnUV/+wl04By73HJfzL3okdH4ekTW42fxdSyLj2hnuR2YkXXFFMWxcAN LKj67zoZpPn8HlpCjITyx3oBIL6hzRb2+7ubFj7Ckh0tkTjQuBmjvYZV4TchwF3cl/4s B3ClI0MrQDgTgsSZEso8Y3MVxFZCAzF46eKZw0H3IF7qzc/+EKuUsteqLzNiNemrMz6f USoUhJHD/meaPLfU1vtf2dL7CeEV5NMM1xx/rlSjMAzDxpsx7q31csX3xWXa7kKueRV2 mYOQ== MIME-Version: 1.0 X-Received: by 10.229.196.200 with SMTP id eh8mr2991651qcb.96.1369247207289; Wed, 22 May 2013 11:26:47 -0700 (PDT) Received: by 10.49.35.139 with HTTP; Wed, 22 May 2013 11:26:47 -0700 (PDT) Date: Wed, 22 May 2013 11:26:47 -0700 Message-ID: Subject: Keeping my system up to date with CTM or subversion? From: Ed Flecko To: freebsd-questions@freebsd.org Content-Type: text/plain; charset=windows-1252 Content-Transfer-Encoding: quoted-printable X-Content-Filtered-By: Mailman/MimeDel 2.1.14 X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.14 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 22 May 2013 18:26:53 -0000 I'm confused about an effective way to keep my system patched and up-to-date, and I'm hoping someone can clarify what seems like a lot of options. I'll be running a production server (so security and stability are most important) with a custom kernel and I want it to have all of the latest security patches applied. I'll install from DVD and I'll chose the option to install both the ports and the source. After this, it sure seems like the best way, in terms of speed to download any updated files, is to use CTM as a cron job, but I think the FBSD handbook recommends subversion? Also, I think I read that CTM won't update documentation? Is that right? I also see some people say they use portsnap, portaudit and portupgrade. For example, I came across this command: portsnap fetch && /usr/sbin/portsnap update && /usr/local/sbin/portaudit -F && /usr/local/sbin/portupgrade =96aR however these utilities are used more for keeping your ports collection up-to-date (if you install software from ports), and not so much for keeping your system patched from a security perspective - isn't that right? Hopefully, someone can clarify my confusion. Thank you! Ed