Skip site navigation (1)Skip section navigation (2) 
Date:      Fri, 04 May 2012 08:52:24 +0100
From:      Matthew Seaman <m.seaman@infracaninophile.co.uk>
To:        freebsd-questions@freebsd.org
Subject:   Re: freebsd-update not updating reported patchlevel
Message-ID:  <4FA38AB8.7010806@infracaninophile.co.uk>
In-Reply-To: <201205032243.q43Mh6x5030357@mail.r-bonomi.com>
References:  <201205032243.q43Mh6x5030357@mail.r-bonomi.com>
next in thread | previous in thread | raw e-mail | index | archive | help 
This is an OpenPGP/MIME signed message (RFC 2440 and 3156)
--------------enig2563DB417E68E6F500EED892
Content-Type: text/plain; charset=ISO-8859-1
Content-Transfer-Encoding: quoted-printable

On 03/05/2012 23:43, Robert Bonomi wrote:
> Amazingly, this very question was covered on this list within the last =
few
> hours.   <grin>

It's not that much of a coincidence.  We always get a rash of queries
like this every time there's a security advisory and consequently a lot
of people are updating.

> Executive summary:
> the kernel ID string that uname reports changes only when the -kernel- =
is
> changed.
>=20
> -p4, -p5, -p6, and -p7. have -not- involved any changes to the kernel.
> hence the ID string has stayed at '-p3'.
>=20
> While this _is_ counter-intuitive, it does make sense to avoid pushing =
a
> new k ernel out, and/or forcing an admin to rebuild a custom kernel, wh=
en
> the -only- change would be to the ID string.

I wonder if it would be possible or indeed worthwhile to have a very
small kld or sysctl that shows the current patch level and that can be
updated without replacing the kernel entire.  Obviously, this introduces
the possibility of faking the patchlevel, so perhaps this should be
constructed so it can only be modified on reboot.

	Hmmmm....

	Matthew

--=20
Dr Matthew J Seaman MA, D.Phil.                   7 Priory Courtyard
                                                  Flat 3
PGP: http://www.infracaninophile.co.uk/pgpkey     Ramsgate
JID: matthew@infracaninophile.co.uk               Kent, CT11 9PW


--------------enig2563DB417E68E6F500EED892
Content-Type: application/pgp-signature; name="signature.asc"
Content-Description: OpenPGP digital signature
Content-Disposition: attachment; filename="signature.asc"

-----BEGIN PGP SIGNATURE-----
Version: GnuPG/MacGPG2 v2.0.16 (Darwin)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/

iEYEARECAAYFAk+jirgACgkQ8Mjk52CukIwPZACdFTWpXyY8Mpg9bcEpyvBR0cuk
R24Anim4N8p7+5MSf7lLTNLTF7Dc5Iow
=JN2f
-----END PGP SIGNATURE-----

--------------enig2563DB417E68E6F500EED892--

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?4FA38AB8.7010806>