Date: Fri, 2 May 2003 14:07:40 +0200 (CEST) From: Konrad Heuer <kheuer2@gwdg.de> To: Christian Traber <christian@traber-net.de> Cc: freebsd-questions@freebsd.org Subject: Re: [NEWBIE] security updates? Message-ID: <20030502135931.N89463-100000@gwdu60.gwdg.de> In-Reply-To: <3EB25ACA.1000409@traber-net.de>
next in thread | previous in thread | raw e-mail | index | archive | help
On Fri, 2 May 2003, Christian Traber wrote: > I just installed freebsd5 and want to use it as a vpn-gateway. > I found some security updates, but how can I install them? > Do I really have to build everything from source? My BSD box > has only a very small HD (< 1GB) and I don't want the > downtime for a 'make world'. > > How do you make such updates on a production server? Many security updates do not require to rebuild the whole os. Maybe you need to rebuild and reinstall the kernel, which takes much less time and can be done while the server is in normal operation. Sometimes only some specific utility or daemon needs to be updated; here it is sufficient to just restart the daemon. If a full rebuild is required, you can split "make world" and still do the time-consuming "make buildworld" in normal multi-user mode; downtime is than limited to the "make installworld" process which needs much less time. If your harddisk is too small, you can make kernel and world on a different system, export /usr/src and /usr/obj via NFS and mount them on your server to install kernel and world. But you're true, you need the whole source code if you want security. Regards Konrad Heuer (kheuer2@gwdg.de) ____ ___ _______ GWDG / __/______ ___ / _ )/ __/ _ \ Am Fassberg / _// __/ -_) -_) _ |\ \/ // / 37077 Goettingen /_/ /_/ \__/\__/____/___/____/ Germany
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20030502135931.N89463-100000>