From owner-freebsd-questions@FreeBSD.ORG Tue Apr 5 15:29:25 2005 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id F2CF416A4CE for ; Tue, 5 Apr 2005 15:29:24 +0000 (GMT) Received: from mail27.sea5.speakeasy.net (mail27.sea5.speakeasy.net [69.17.117.29]) by mx1.FreeBSD.org (Postfix) with ESMTP id BA00743D3F for ; Tue, 5 Apr 2005 15:29:24 +0000 (GMT) (envelope-from freebsd-questions-local@be-well.ilk.org) Received: (qmail 25165 invoked from network); 5 Apr 2005 15:29:24 -0000 Received: from dsl092-078-145.bos1.dsl.speakeasy.net (HELO be-well.ilk.org) ([66.92.78.145]) (envelope-sender ) by mail27.sea5.speakeasy.net (qmail-ldap-1.03) with SMTP for ; 5 Apr 2005 15:29:24 -0000 Received: by be-well.ilk.org (Postfix, from userid 1147) id 6226D2D; Tue, 5 Apr 2005 11:29:23 -0400 (EDT) Sender: lowell@be-well.ilk.org To: "Kenneth A. Bond" References: <20050404133030.37194.qmail@web90206.mail.scd.yahoo.com> From: Lowell Gilbert Date: 05 Apr 2005 11:29:23 -0400 In-Reply-To: <20050404133030.37194.qmail@web90206.mail.scd.yahoo.com> Message-ID: <44psx98coc.fsf@be-well.ilk.org> Lines: 34 User-Agent: Gnus/5.09 (Gnus v5.9.0) Emacs/21.3 MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii cc: freebsd-questions@freebsd.org Subject: Re: Keeping installed packages up to date X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list Reply-To: freebsd-questions@freebsd.org List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 05 Apr 2005 15:29:25 -0000 "Kenneth A. Bond" writes: > I have followed the steps outlined in Richard > Bejtlich's document Keeping FreeBSD Applications > Up-To-Date > (http://www.taosecurity.com/keeping_freebsd_applications_up-to-date.html) Did you look at the official FreeBSD documentation before following third-party advice? Both the FreeBSD FAQ and FreeBSD Handbook have advice on this. > My question is: is there an easier way of updating my > installed packages? Several. You might try ctm(1). Fuller details are in the Handbook, if I recall. Anonymous cvs access could work too, but is unlikely to be allowed through the firewall if cvsup is not. > The process described above is > incredibly time-consuming. I would like to know if > there is a less time consuming method, since I have > managers foaming at the mouth for my servers to be up > and online with the latest updates, as soon as > possible. Are these the same managers who are insisting on blocking cvsup for security reasons? If corporate security policy is to disallow system updates, perhaps it would be inappropriate for you to find a way to circumvent the security policy... If you think that circumventing the security policy *is* what you want to do, you could consider tunneling your cvsup connections through ssh(1) or some similar technique. Or you could make things easier by simply automating the (early parts of the) procedure you're currently using.