From owner-freebsd-security Thu Aug 9 19:41:26 2001 Delivered-To: freebsd-security@freebsd.org Received: from cloud9.pain.net (cloud9.pain.net [209.58.150.180]) by hub.freebsd.org (Postfix) with ESMTP id 3C20837B403 for ; Thu, 9 Aug 2001 19:41:20 -0700 (PDT) (envelope-from erb@cloud9.pain.net) Received: from localhost (erb@localhost) by cloud9.pain.net (8.11.5/8.11.1) with ESMTP id f7A2eZt33996; Thu, 9 Aug 2001 22:40:35 -0400 (EDT) (envelope-from erb@cloud9.pain.net) Date: Thu, 9 Aug 2001 22:40:35 -0400 (EDT) From: erb To: Jim Durham Cc: Josef Karthauser , Nuno Teixeira , Subject: Re: RELEASE 4.3 -> RELENG_4_3: SUCCESSFULLY but ... In-Reply-To: Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org Hmm.. I only update the 'world' if I am changing something that requires it, other then that I use a crontab entry that looks similiar to this.. #run cvsup every week at 2:30 AM (Friday) + compile/install new kernel 30 2 * * 5 root newkernel and the newkernel script is as follows.. #!/bin/sh # New kernel script, will cvsup, configure, compiling and install # new kernel from source. -erb # PATH=/sbin:/bin:/usr/sbin:/usr/bin:/usr/local/sbin:/usr/local/bin export PATH cvsup -g -L 2 /etc/supfile >/var/tmp/cvsup.out 2>&1 cd /usr/src/sys/i386/conf config CLOUD9 >/var/tmp/config.out 2>&1 cd /usr/src make update >/var/tmp/update.out 2>&1 #make buildworld >/var/tmp/buildworld.out 2>&1 #make installworld >/var/tmp/installworld.out 2>&1 make buildkernel KERNCONF=CLOUD9 >/var/tmp/buildkernel.out 2>&1 make installkernel KERNCONF=CLOUD9 >/var/tmp/installkernel.out 2>&1 echo "CVSUp, & Kernel compile/install completed. For more information referr to /var/tmp and browse through the .out files." | mail -s "cvsup & kernel compile completed" sysadmin@cloud9.pain.net seems to do the trick just fine, could anyone let me know if this is a bad idea? On Thu, 9 Aug 2001, Jim Durham wrote: > On Wed, 1 Aug 2001, Josef Karthauser wrote: > > > On Wed, Aug 01, 2001 at 10:01:41PM +0100, Nuno Teixeira wrote: > > > > > My question is: what is the real danger of doing `installworld` in > > > multiuser mode? I have doing a lot of tests in other machines tracking > > > STABLE and I have no problems so far. > > > > I've _always_ done installworld in multiuser on many servers. That > > doesn't mean that it's the safest way, but it was safe enough for me. > > > > Joe > > > > Well, I got talked into trying this and it panic'd the running > kernel, so I won't do it that way again! I know lots of folks have > gotten away with this, but it seems to be Russian Roulette.. > > I now have a "boot.config" file with "-h" in it and a null modem > cable to my portmaster. I reboot into single-user, telnet into > the portmaster and get on the serial port. Works very well. > You could also cross-connect serial ports from another server. > > -Jim Durham > > > > > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-security" in the body of the message > To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message