From owner-freebsd-security@FreeBSD.ORG Tue Oct 17 23:07:29 2006 Return-Path: X-Original-To: freebsd-security@freebsd.org Delivered-To: freebsd-security@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 18D3216A47C; Tue, 17 Oct 2006 23:07:29 +0000 (UTC) (envelope-from michael@gargantuan.com) Received: from phoenix.gargantuan.com (srv01.lak.lwxdatacom.net [24.73.171.238]) by mx1.FreeBSD.org (Postfix) with ESMTP id 3599243D6E; Tue, 17 Oct 2006 23:07:24 +0000 (GMT) (envelope-from michael@gargantuan.com) Received: by phoenix.gargantuan.com (Postfix, from userid 1001) id 00EB62CF; Tue, 17 Oct 2006 19:07:22 -0400 (EDT) Date: Tue, 17 Oct 2006 19:07:22 -0400 From: "Michael W. Oliver" To: FreeBSD Security Officer Message-ID: <20061017230722.GH8866@gargantuan.com> Mail-Followup-To: FreeBSD Security Officer , FreeBSD Stable , freebsd security References: <453531C9.7080304@freebsd.org> MIME-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha1; protocol="application/pgp-signature"; boundary="1Ow488MNN9B9o/ov" Content-Disposition: inline In-Reply-To: <453531C9.7080304@freebsd.org> X-WWW-URL: http://michael.gargantuan.com X-GPG-PGP-Public-Key: http://michael.gargantuan.com/gnupg/pubkey.asc X-GPG-PGP-Fingerprint: 0881 F6F6 F92B F8A4 A1AB B3C3 B29C 7277 AC60 0B0E X-Home-Phone: +1-863-816-8091 X-Mobile-Phone: +1-863-738-2334 X-Mailing-Address0: 8008 Apache Lane X-Mailing-Address1: Lakeland, FL 33810-2172 X-Mailing-Address2: United States of America X-Guide-Questions: http://www.catb.org/~esr/faqs/smart-questions.html X-Guide-Netiquette: http://www.ietf.org/rfc/rfc1855.txt User-Agent: mutt-ng/devel-r774 (FreeBSD) Cc: freebsd security , FreeBSD Stable Subject: Re: FreeBSD 4.x EoL X-BeenThere: freebsd-security@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: "Security issues \[members-only posting\]" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 17 Oct 2006 23:07:29 -0000 --1Ow488MNN9B9o/ov Content-Type: text/plain; charset=iso-8859-1 Content-Disposition: inline Content-Transfer-Encoding: quoted-printable Colin, Thanks for the verbose and reasoned explanation. Since the email last week, I have taken the opportunity to upgrade two machines, one here and one remote (both with serial console) from 4.9->5.5->6.2PRE, and while I can't say that I did it blindfolded, it wasn't too painful. The upgrade instructions at... http://www.freebsd.org/releases/5.3R/migration-guide.html =2E..were as close to perfect as could be (and for those who might ask me for a step-by-step howto, look to the above URL). A few things that I should mention to others trying this are... 0. Backup, and then check your backups! 1. Be prepared to spend a lot of time in single-user mode, especially for the 4->5 step, because there is a LOT for mergemaster to do. The step from 5->6 is not nearly as painful. I didn't try to do the installworld and mergemaster in multiuser, and if you do then have a bigger set than I do. 2. Trust the migration guide when it says to use a default kernel configuration file unless you are 100% prepared to reap what you sow. 3. Be prepared to spend a lot of time (depending on the speed of your machines) rebuilding all of your ports. Don't skimp on this step. 4. On one of my machines (the local one, thank God!), I started getting weird pauses and bus errors when trying to rebuild my ports, and then noticed that the acpi.ko wasn't being loaded at boot. Turns out that I had disabled ACPI in the BIOS back when the machine was originally built for v4. Since switching on ACPI in the BIOS, those issues have totally cleared. All in all, it has been a good experience. I do sympathize with the folks who clamor for the death of v5 before v4, because v4 continues to be rock-solid stable for UP machines. Time will tell if v6 answers the shortcomings of v5 when compared to v4. Either way, the benefits of using FreeBSD far outweigh the costs, so I thank you and the rest of the development community. --=20 Mike Oliver, KI4OFU [see complete headers for contact information] ------------------------------------------------------------------------ If your email to me is rejected, it is likely a problem with the MTA on your end, so please send the error report to me at mwoliver at gmail dot com and I will investigate the issue. Thanks. ------------------------------------------------------------------------ --1Ow488MNN9B9o/ov Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.4 (FreeBSD) iD8DBQFFNWIqboLl4ADjAhARAgCZAKCvO9c+cuZbnp5xdJ3lJfgUyxTZ/ACeJJlc JGTXK6bKIAMfh/W65LM9W+A= =Gts7 -----END PGP SIGNATURE----- --1Ow488MNN9B9o/ov--