From owner-freebsd-questions Sat Nov 23 23: 2:39 2002 Delivered-To: freebsd-questions@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 2C40E37B401 for ; Sat, 23 Nov 2002 23:02:36 -0800 (PST) Received: from sub21-156.member.dsl-only.net (sub21-156.member.dsl-only.net [63.105.21.156]) by mx1.FreeBSD.org (Postfix) with ESMTP id 7CEBD43E91 for ; Sat, 23 Nov 2002 23:02:35 -0800 (PST) (envelope-from nkinkade@sub21-156.member.dsl-only.net) Received: from nkinkade by sub21-156.member.dsl-only.net with local (Exim 4.10) id 18Fqmj-000LEe-00 for freebsd-questions@FreeBSD.ORG; Sat, 23 Nov 2002 23:02:29 -0800 Date: Sat, 23 Nov 2002 23:02:29 -0800 From: Nathan Kinkade To: freebsd-questions Subject: Re: Next steps... (long) Message-ID: <20021124070229.GJ69767@sub21-156.member.dsl-only.net> Reply-To: nkinkade@dsl-only.net Mail-Followup-To: freebsd-questions References: <3DE070D9.5000808@panix.com> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <3DE070D9.5000808@panix.com> User-Agent: Mutt/1.4i Sender: owner-freebsd-questions@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG On Sat, Nov 23, 2002 at 10:25:29PM -0800, nuk wrote: > Hello all, > > I've recently retired my home Linux boxes in favor of some new > challenges... one of which is building a small home LAN server on an > older Panasonic CF-71 P2-300 laptop w/ 128MB RAM and a 6GB HD. > > Installation went pretty smoothly, w/ some minor recalibration needed to > overcome several years of tinkering w/ Linux. I installed using the 4.7 > mini-iso, doing a plain 'User' install. Then, since I have a slow 56k > dialup line at home, I managed to arrange to use a broadband connection > long enough to cvsup to RELENG_4_7, and the ports and docs as well. > Downloaded a few niceties like a couple different shells, vim-lite, > screen, sudo ,etc. at the same time and installed them using ports. > > I've built custom kernels in Linux, but it's been a while. And it > appears the system upgrade process in FreeBSD is completely unlike what > I'm used to. The laptop in question has a busted screen, which is why > it's being relegated to headless server duty. For various reasons, it's > *not* situated physically close to another computer w/ a monitor that I > could hi-jack the cable from temporarily to do some of the single-user > mode stuff. > > I *think* I understand enough about what I need to do next from looking > at the Handbook and other on-line documents, but I would like some > confirmation from a more knowledgeable user before I commit any further. > What I believe I need to do next is: > > 1. Update sources via CVS **I've got separate supfiles set up to do src > independent of ports independent of docs. Since this is going to be a > 'production' system, using the CVS tag RELENG_4_7, it shouldn't change > very often, correct? What is a good recommended interval for updating > the sources via cvs in this case? Weekly, monthly, semi-annually, not > until next release/upgrade? What about the ports and docs? This system > isn't going to see a lot of 'interactive' user activity. Mainly a > server for stuff like dns, dhcp, ntp, email, news, maybe a little bit of > http/mysql stuff and bit of light programming via the shell, but that's > it. Once I get the programs/services installed and setup the way I > want, it's unlikely I'll be changing them very much. Do I need to > bother updating the ports more than maybe once a week, or more likely, > once a month? > > 2. Rebuild the system. I've been reviewing the material in the > Handbook and at http://www.mostgraveconcern.com/freebsd/ on make world. > When I get the laptop set back up, I will be digging thru > /usr/src/UPDATING as recommended. I'm pretty sure I can work my way > thru that part. I guess the only points needing clarification are: I > assume its probably a good idea (at least for now) to do the make world > step independently of futzing w/ the kernel config, correct? And as far > as doing the system upgrade w/o physically hooking the laptop up to a > separate monitor, etc. I need to shut down as many services/processes as > is feasible, just prior to doing the make installworld step, right? > Kind of related to the above question about how often to cvsup sources, > but I assume that when ever I do that, I need to jump thru the same > hoops here, as far as shutting everything down, and rebooting? Since my > 'normal' access to this box is via network/ssh, how do I make *sure* > that I will be able to get back into the machine remotely when it comes > back up? > > 3. Configure and rebuild a custom kernel for the local machine. It > runs fine w/ the GENERIC kernel for now, but it might be nice to trim > things down a bit (and just mainly for the experience). > > 4. Again, going back to the first part: After I get to this point, I > should have a freshly built system that is more or less optimized for > the hardware it's running on, and the only thing I really need to update > periodically is the ports tree, and watch for security updates. > Speaking of which, does a make world rebuild the stuff built from ports > as well, or do they each have to be done separately. Similarly, if > there are security updates, do I have to cvsup the whole thing, source > and ports again, and redo the whole make world/reboot dog-n-pony show, > or is there a way of just updating the afflicted portion (I would assume > so, but I figure it's better to find out early on) > > Well, that's about it for this round. Like I said, I've been looking > thru a fair bit of online material, but some of it doesn't quite click > as I don't have a baseline reference to relate it to, since I mainly > stuck w/ binary packages in Linux, and only infrequently rebuilt the kernel. > > Any help, comments, or suggestions are gratefully appreciated. > > Thanks, > > nuk 1) You somewhat answered your own question on this one. If it's just going to be a box with 4.7-RELEASE that will almost never undergo changes, then I see little reason to update your sources very frequently. In this case, you could just as easily update your sources manually when you feel that an upgrade is necessary - maybe due to new features or security updates, etc. Although, on a modem connecton maybe it would be good to update in the middle of the night a-la cron? I'm sure that some people on the list may disagree with me on the frequency of source updates. 2) Also make sure tha that you read up at: http://www.freebsd.org/doc/en_US.ISO8859-1/books/handbook/cutting-edge.html After you make your new kernel, upon reboot you can fall back on the old kernel if you really get into trouble. However, I wouldn't say that updating the entire system is generally a process well suited to be done remotely. I'm not saying that it can't be done, just that your asking for trouble if you don't have the ability to quickly gain console access. 4) No, a rebuilding the system does not update your installed ports. You will have to update them by hand. Check out the port called 'portupgrade'. It has an option to allow you to update, in one fell-swoop, all of your installed ports, although I wouldn't recommend that on most systems. Do yourself a favor and subscribe to freebsd-announce, where, as far as I know, all critical security announcements are copied. For most security related issues there is a work-around given, however, depending on the nature of the problem the work-around may be unacceptable to you, in which case it may be easiest to update the whole system. Nathan To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message