From owner-freebsd-questions@FreeBSD.ORG Mon Dec 8 17:30:38 2003 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id D880C16A4CF for ; Mon, 8 Dec 2003 17:30:38 -0800 (PST) Received: from mailout.informatik.tu-muenchen.de (mailout.informatik.tu-muenchen.de [131.159.0.5]) by mx1.FreeBSD.org (Postfix) with ESMTP id 6A70443D2A for ; Mon, 8 Dec 2003 17:30:35 -0800 (PST) (envelope-from barner@in.tum.de) Received: from zi025.glhnet.mhn.de (localhost.glhnet.mhn.de. [127.0.0.1]) by zi025.glhnet.mhn.de (8.12.9p2/8.12.9) with ESMTP id hB91UTGv001763; Tue, 9 Dec 2003 02:30:29 +0100 (CET) (envelope-from simon@zi025.glhnet.mhn.de) Received: (from simon@localhost) by zi025.glhnet.mhn.de (8.12.9p2/8.12.9/Submit) id hB91USfR001762; Tue, 9 Dec 2003 02:30:28 +0100 (CET) (envelope-from simon) Date: Tue, 9 Dec 2003 02:30:27 +0100 From: Simon Barner To: Vahric MUHTARYAN Message-ID: <20031209013027.GC1099@zi025.glhnet.mhn.de> References: <012701c3bde4$4acf2b30$019c9752@xp> Mime-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha1; protocol="application/pgp-signature"; boundary="M9NhX3UHpAaciwkO" Content-Disposition: inline In-Reply-To: <012701c3bde4$4acf2b30$019c9752@xp> User-Agent: Mutt/1.5.4i X-Virus-Scanned: by amavisd-new at informatik.tu-muenchen.de cc: FreeBSD questions List Subject: Re: Why userland , basesystem and Kernel are together?! X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 09 Dec 2003 01:30:39 -0000 --M9NhX3UHpAaciwkO Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable > I want to ask why userland , base-system and Kernel are together ?!= =20 Because some userland programs make assumptions on internal kernel structures. Examples: top, fstat, fsck, ... And, most important: Every compiled application needs libc as a wrapper for system calls (which toggle all kinds of actions in the kernel). You can imagine what happens if your libc does not match your kernel version, and something really important changed. > What > is the meaning of this . I mean sync. all source and start to build new > system from the beginning is to hard , it takes too much time and can have > some risk .I don't understand How ISP can use FreeBSD because at the > building time , machine will be off. Okey Maybe yahoo can use it because > it's clustered environment and it's easyly remove one of the machine inst= all > new version or patch it if any problem occur it can be reinstalled after > that making standart configuration now it's ready. You will find a test and build machine on almost any _professional_ installation (independently, if FreeBSD is used as OS). > I think that Kernel must be seperate of userland because it's managing > and controling processes and I don't need rebuild kernel too much if I ha= ve > no problem with device driver or if I don't need to add something to ker= nel > for support ( instead of Firewall or like important things ) . >=20 >=20 > Why some programs are in base system . What is the meaning of Sendmail > or SSH in base system . Programs are only executable things What is the > relation about those programs with base system ?! Because FreeBSD is more than a kernel, but a full Operating System, and as therefore it needs software for basic services like email, remote login, ... >=20 >=20 > in list Some members said that I can patch a system with watching > Security Advisories but same people said that " Sometimes it'wont and I h= ave > to do full kernel / world / build / plus install and reboot " Why ? What > is the problem ?! Of course, you can perform an update for a userland application in FreeBSD without a reboot. The benefit of tracking one of the security branches and doing the full buildworld procedure is, that you are using a well-defined snapshot of the FreeBSD source repository. When you see a security advisory, and you update to the latest security release, you can be sure, that your system will still work afterwards (a.k.a QA provided by the FreeBSD security team). If you don't want to track that branch, there are still the pointers to patches that apply against supported releases. Due to the lack of man power, older versions of FreeBSD cannot be supported for eternity. And if you dislike the idea of keeping your sources up-to-date, there is also a binary security update mechanism: ports/security/freebsd-update >=20 > Which list I have to watch for which Relese will have production qual= ity > ?!! At the present, you should install FreeBSD 4.9 and either update to the latest security release _or_ use the freebsd-update port. Once you use the source method, you will not be able to use the binary updates since the patches won't probably apply. Regards, Simon --M9NhX3UHpAaciwkO Content-Type: application/pgp-signature; name="signature.asc" Content-Description: Digital signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.3 (FreeBSD) iD8DBQE/1SWzCkn+/eutqCoRAs7HAKCS7KTi4hXFbinRk31qch8CL6vM+ACg+euN FE060TtobOZ5A5fc/oPfGhc= =Ij8u -----END PGP SIGNATURE----- --M9NhX3UHpAaciwkO--