Skip site navigation (1)Skip section navigation (2)
Date:      Wed, 22 May 2013 11:26:47 -0700
From:      Ed Flecko <edflecko@gmail.com>
To:        freebsd-questions@freebsd.org
Subject:   Keeping my system up to date with CTM or subversion?
Message-ID:  <CAFS4T6aVmg+RJzGVHW==nhe8mGE0uEUdSRYaJSC=OBw-uajKdQ@mail.gmail.com>

Next in thread | Raw E-Mail | Index | Archive | Help
I'm confused about an effective way to keep my system patched and
up-to-date, and I'm hoping someone can clarify what seems like a lot of
options.

I'll be running a production server (so security and stability are most
important) with a custom kernel and I want it to have all of the latest
security patches applied. I'll install from DVD and I'll chose the option
to install both the ports and the source.

After this, it sure seems like the best way, in terms of speed to download
any updated files, is to use CTM as a cron job, but I think the FBSD
handbook recommends subversion? Also, I think I read that CTM won't update
documentation? Is that right?

I also see some people say they use portsnap, portaudit and portupgrade.
For example, I came across this command:

portsnap fetch && /usr/sbin/portsnap update && /usr/local/sbin/portaudit -F
&& /usr/local/sbin/portupgrade =96aR

however these utilities are used more for keeping your ports collection
up-to-date (if you install software from ports), and not so much for
keeping your system patched from a security perspective - isn't that right?

Hopefully, someone can clarify my confusion.

Thank you!

Ed



Want to link to this message? Use this URL: <http://docs.FreeBSD.org/cgi/mid.cgi?CAFS4T6aVmg+RJzGVHW==nhe8mGE0uEUdSRYaJSC=OBw-uajKdQ>