From owner-freebsd-questions@FreeBSD.ORG Fri Oct 6 15:07:23 2006 Return-Path: X-Original-To: freebsd-questions@freebsd.org Delivered-To: freebsd-questions@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id C15B916A417 for ; Fri, 6 Oct 2006 15:07:23 +0000 (UTC) (envelope-from xfb52@dial.pipex.com) Received: from smtp-out2.blueyonder.co.uk (smtp-out2.blueyonder.co.uk [195.188.213.5]) by mx1.FreeBSD.org (Postfix) with ESMTP id D36AC43D46 for ; Fri, 6 Oct 2006 15:07:22 +0000 (GMT) (envelope-from xfb52@dial.pipex.com) Received: from [172.23.170.137] (helo=anti-virus01-08) by smtp-out2.blueyonder.co.uk with smtp (Exim 4.52) id 1GVrIH-00018X-H6; Fri, 06 Oct 2006 16:07:21 +0100 Received: from [82.41.253.33] (helo=[192.168.0.2]) by asmtp-out1.blueyonder.co.uk with esmtp (Exim 4.52) id 1GVrIG-0007Y1-Bj; Fri, 06 Oct 2006 16:07:20 +0100 Message-ID: <45267126.6000000@dial.pipex.com> Date: Fri, 06 Oct 2006 16:07:18 +0100 From: Alex Zbyslaw User-Agent: Mozilla/5.0 (X11; U; FreeBSD i386; en-GB; rv:1.7.13) Gecko/20060515 X-Accept-Language: en MIME-Version: 1.0 To: Chris References: <2403D229-1D39-40F8-9C40-01A7DEF8ED5D@cbpratt.prohosting.com> In-Reply-To: <2403D229-1D39-40F8-9C40-01A7DEF8ED5D@cbpratt.prohosting.com> Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit Cc: FreeBSD Questions Subject: Re: Portsnap Update Question X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 06 Oct 2006 15:07:23 -0000 Chris wrote: > > I'm preparing to apply all the recent updates to the production > servers I have on 6.1 R P6 tomorrow morning and want to make certain > I fully update the servers with the window of I have. I'll cvsup, > build and install world and kernel through the normal process. What > I've been doing is then running portsnap fetch update to apply > patches to the ports. In doing so, I've not seen recompilations take > place and remained somewhat fuzzy as to whether I was merely > retrieving snapshots of source for whatever is in /usr/ports or if in > addition, somehow binary changes were being applied to programs I've > already installed (e.g., I have mysql and rsync installed from ports > on every machine, would they be updated). Perhaps I should be > remaking them? You've only updated the skeleton directories which are used to build ports. You have not updated the ports themselves. After your portsnap run "pkg_version -L=" and anything marked '<' is out of date. Also consider installing portaudit which tells you about installed ports which have security bugs which may affect you. You could consider only updating ports which have security holes, for example. And you'll at least be aware of what security issues might exist even if you don't fix them :-) Investigate portupgrade or portmanager for doing the updating. I prefer the former and it has a good man page. --Alex