Skip site navigation (1)Skip section navigation (2) 
Date:      Thu, 30 Jun 2005 02:23:56 -0500
From:      Nikolas Britton <nikolas.britton@gmail.com>
To:        Nekdo Nekje <umeglic@gmail.com>
Cc:        freebsd-questions@freebsd.org
Subject:   Re: Keeping 5.4 RELEASE up to date
Message-ID:  <ef10de9a0506300023754677d@mail.gmail.com>
In-Reply-To: <515659fd05062923352f6f36d0@mail.gmail.com>
References:  <515659fd05062923352f6f36d0@mail.gmail.com>
next in thread | previous in thread | raw e-mail | index | archive | help 
On 6/30/05, Nekdo Nekje <umeglic@gmail.com> wrote:
> Hello, list...
>=20
> I sort of have this question about FreeBSD... I'm a newbie so please
> bear with me.. ;)
>=20
> I'm building a firewall on 5.4 release. I have a clean install and I
> would like some way so I can update the system. For what I understand,
> one can download patches and apply them manually. What I'm looking for
> is a way so I can automatically update all the necessary files,
> preferably the binary way.
>=20
> I searched the Internet and found a way to do it in a document, bu it
> was written for 5.2 release and I was wondering if it's okay to use it
> on 5.4?
>=20
> http://www.taosecurity.com/keeping_freebsd_up-to-date.html
>=20
> Any thoughts on this??
>=20

Most everything in that article should still apply.

In my opinion it's a bit too optimistic to expect the update process
to be %100 automated.

Off the top of my head I'd setup a cron job that run's every few
days... something such as this:

date > /root/build_date && nice +20 cvsup -g -L 0 /root/release-sup &&
cd /usr/src && nice +20 make buildworld && nice +20 make buildkernel
&& nice +20 make installkernel && date >> /root/build_date

This way all you will have to do is  run make installworld and
mergemaster when a security alert is issued. make sure your cvsup
release tag is set to a release/security branch like RELENG_5_4 and
not set to -STABLE i.e. RELENG_5.

I'm positive there are better ways then the one I showed you. I'm sure
the guys here can help you out some more.

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?ef10de9a0506300023754677d>