Date: Tue, 24 Jan 2012 15:49:05 +0700 From: Victor Sudakov <vas@mpeks.tomsk.su> To: freebsd-questions@freebsd.org Subject: Re: portmaster best practices Message-ID: <20120124084905.GB99094@admin.sibptus.tomsk.ru> In-Reply-To: <20120123203502.GC32692@slackbox.erewhon.net> References: <20120123103232.GA79175@admin.sibptus.tomsk.ru> <20120123203502.GC32692@slackbox.erewhon.net>
next in thread | previous in thread | raw e-mail | index | archive | help
Roland Smith wrote: > > > > If portaudit shows that some installed packages have vulnerabilities, > > what do you usually do? > > It depends on the vulnerability and what the package does. I will de-install > it if I think that the vulnerability is critical for me and there is no > workaround. > > Look at freshports [http://www.freshports.org/commits.php] regularly to see if > updates for vulnerable packages are available. This is pretty obvious and I run portsnap from cron. > > Generally I like to run 'portsnap fetch update' followed by 'portmaster -ai' > (after reading /usr/ports/UPDATING) every week. This keeps the number of huge > compilefests (like gettext updates :-() to a minimum. Has portmaster ever screwed things up for you? > > For efficiency, I tend to keep one machine up-to-date in that way, > and use rsync to then distribute the changes in /usr/local to my > other machines. This only works for machines that are on the same > major FreeBSD version and architecture, of course. That's interesting. Do you also rsync /var/db/pkg ? -- Victor Sudakov, VAS4-RIPE, VAS47-RIPN sip:sudakov@sibptus.tomsk.ru
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20120124084905.GB99094>