Skip site navigation (1)Skip section navigation (2)
Date:      Mon, 20 Sep 2004 15:01:33 -0400
From:      "Haulmark, Chris" <chris@sigd.net>
To:        "Bill Moran" <wmoran@potentialtech.com>, "Kenneth A. Bond" <fhb_1969@yahoo.ca>
Cc:        freebsd-questions@FreeBSD.org
Subject:   RE: Core System Update
Message-ID:  <6FC9F9894A9F8C49A722CF9F2132FC2201D951BA@ms05.mailstreet2003.net>

next in thread | raw e-mail | index | archive | help
=20

> -----Original Message-----
> From: owner-freebsd-questions@freebsd.org=20
> [mailto:owner-freebsd-questions@freebsd.org] On Behalf Of Bill Moran
> Sent: Monday, September 20, 2004 1:31 PM
> To: Kenneth A. Bond
> Cc: freebsd-questions@FreeBSD.org
> Subject: Re: Core System Update
>=20
> "Kenneth A. Bond" <fhb_1969@yahoo.ca> wrote:
>=20
> > Hello,
> > I am trying to determine how often to update my systems.
> > Currently I am using anoncvs in order to synch my source.
> > >From there I run the typical
> > =20
> > # make buildworld
> > # make buildkernel
> > # make installkernel
> > #=20
> > # mergemaster -p# make installworld# mergemaster# reboot
> >=20
> > Should I only perform this when a security vulnerability is found?
> >=20
> > I am trying to achieve maximum uptime for these systems and want to
> > confirm how often I should perform a core system update.
>=20
> Please wrap you lines aroun 72 chars.  See
> http://www.lemis.com/questions.html
>=20
> If you're shooting for max uptime and the most stable system, you can
> follow the procedure I follow for most of my clients:
> 1) Install the latests 4.x-RELEASE
> 2) cvsup to RELENG_4_x (currently RELENG_4_10)
> 3) rebuild/reinstall the core system.
> 4) When 4.11 comes out, schedule a weekend and cvsup the system to
>    RELENG_4_11, rebuild/reinstall.  Pay special attention to
>    /usr/src/UPDATING, repeat for 4.12, etc
> 5) Subscribe to FreeBSD-security.  When a vuln is announced, recvsup
>    to the RELENG_4_x and rebuild/reinstall

Or simply follow the alert's patch instructions if it is unrelated to a
kernel fix.  A service or two would require to be restarted after being =
patched.

> 6) Step 5 can occasionally be skipped.  For example, there were many
>    sites that I had using FreeBSD that I didn't have to update when
>    bind problems were fixed, because they weren't running DNS servers.
>    If you're not sure, you're safer updating than not.

For instance, today, a CVS server had a security alert sent out, which =
is
not important to those of us who do not use CVS server.

>=20
> --=20
> Bill Moran
> Potential Technologies
> http://www.potentialtech.com
> _______________________________________________
> freebsd-questions@freebsd.org mailing list
> http://lists.freebsd.org/mailman/listinfo/freebsd-questions
> To unsubscribe, send any mail to=20
> "freebsd-questions-unsubscribe@freebsd.org"
>=20
>

--
Chris Haulmark
System Admin. Freelancer
"In market for IT corrections for a salary."=20



Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?6FC9F9894A9F8C49A722CF9F2132FC2201D951BA>