Date: Tue, 16 Dec 2003 22:24:37 -0600 From: "Kevin D. Kinsey, DaleCo, S.P." <kdk@daleco.biz> To: Gordon Vrololjak <gvrdolja@nature.Berkeley.EDU> Cc: freebsd-newbies@freebsd.org Subject: Re: updating question (fwd) Message-ID: <3FDFDA85.2070707@daleco.biz> In-Reply-To: <Pine.GSO.4.58.0312161713181.184@nature.Berkeley.EDU> References: <Pine.GSO.4.58.0312041636010.17776@nature.Berkeley.EDU> <3FCFDAC9.6040908@daleco.biz> <Pine.GSO.4.58.0312161713181.184@nature.Berkeley.EDU>
next in thread | previous in thread | raw e-mail | index | archive | help
Gordon Vrololjak wrote:
>Ouch... ! That means I should try the make world method and recompile
>everything? Seems less of a pain to reinstall. Or should I do a
>'portupgrade -a' after updating with cvsup?
>
>I just want to keep up with security updates to keep the system secure.
>Gordon
>
>
>
Well, "make world/make buildkernel" et al doesn't make you
create off-box backups and leave you with a non-running
system while you wipe a disk and start over, for one thing... ;-)
Or maybe I misunderstand what you're saying....
It really would depend a bit on your hardware. My servers
do their rebuilds overnight, generally. At home, on Athlon
1800+, the building probably takes less time then d'loading
new source over the modem .... couple of hours max. And,
like I said, I can usually do some work while it does its thing;
just have to reboot after "make installkernel". Surely not
*much* worse than "Windows Update" (at least not when
a new SP comes out ;-) ).
If you just want to stay secure, for many "advisories" there
is a patch submitted against the "buggy" code. You apply
the patch and then recompile/reinstall only the program(s)
that are affected.
Every once in a while it's a biggy (sendmail, BIND, etc.)
and "make world" seems a good alternative. I almost
always use "make world", because, as I said, it's little
skin off my nose, and I like bright shiny new toys ... ;-)
As for your ports, "portupgrade" is wonderful. But, if you've
any quantity of them, it can be quite a big deal. I've done
"portupgrade -arR" twice on my desktop system. Two days,
generally; as stated, a lot of that is just downloading the new
source. I have XFree, Gnome, 3 other wm's, Apache, PHP, GIMP,
MySQL, Acroread, Mozilla, Opera, JDK ... tons of stuff to
upgrade each time. God forbid I ever install Openoffice.... :o
If you're just concerned about security, I'd just "portupgrade"
which ever program has the new version out, although after a
while you get behind with dependencies. In these days of ADSL
and cable modems, it doesn't seem that big of a deal to me (I just
wish I could get it here in the sticks....)
Also, I hope it's clear that "make world" and "portupgrade" do
two different things ... one rebuilds the base system, the other
rebuilds most 3rd party SW you have installed....
KDK
>>For the system itself, use the method shown
>>in the FreeBSD handbook ("new" method, Chapter
>>21 "The Cutting Edge").
>>
>>For 3rd party software, install from the ports tree,
>>then use portupgrade (also in ports) to keep up
>>with the changes. An excellent article by Dru Lavigne:
>>
>>http://www.onlamp.com/pub/a/bsd/2003/08/28/FreeBSD_Basics.html
>>
>>HTH,
>>
>>Kevin Kinsey
>>
>>
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?3FDFDA85.2070707>