From owner-freebsd-questions@FreeBSD.ORG Tue Mar 7 23:25:05 2006 Return-Path: X-Original-To: freebsd-questions@freebsd.org Delivered-To: freebsd-questions@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 29FF816A420 for ; Tue, 7 Mar 2006 23:25:05 +0000 (GMT) (envelope-from rczero@mail.com) Received: from webmail-outgoing.us4.outblaze.com (webmail-outgoing2.us4.outblaze.com [205.158.62.67]) by mx1.FreeBSD.org (Postfix) with ESMTP id CF51D43D48 for ; Tue, 7 Mar 2006 23:25:04 +0000 (GMT) (envelope-from rczero@mail.com) Received: from unknown (unknown [192.168.9.180]) by webmail-outgoing.us4.outblaze.com (Postfix) with QMQP id 2A0F5180021F for ; Tue, 7 Mar 2006 23:24:37 +0000 (GMT) X-OB-Received: from unknown (205.158.62.62) by wfilter.us4.outblaze.com; 7 Mar 2006 23:24:37 -0000 Received: by ws1-7.us4.outblaze.com (Postfix, from userid 1001) id 1B4FA1157FE; Tue, 7 Mar 2006 23:24:37 +0000 (GMT) Content-Disposition: inline Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="iso-8859-1" MIME-Version: 1.0 From: "Steve P." To: freebsd-questions@freebsd.org Date: Tue, 07 Mar 2006 18:24:37 -0500 Received: from [66.139.242.2] by ws1-7.us4.outblaze.com with http for rczero@mail.com; Tue, 07 Mar 2006 18:24:37 -0500 X-Originating-Ip: 66.139.242.2 X-Originating-Server: ws1-7.us4.outblaze.com Message-Id: <20060307232437.1B4FA1157FE@ws1-7.us4.outblaze.com> Subject: Re: Best practises in maintaining a small system X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 07 Mar 2006 23:25:05 -0000 I apologize for the format of this text. I promise when I pasted it into my= mail app, it did not look this way! Please let me get it looking right first. Thanks.=20 ----- Original Message ----- From: "Steve P."=20 To: freebsd-questions@freebsd.org Subject: Best practises in maintaining a small system Date: Tue, 07 Mar 2006 18:00:04 -0500 Greetings, I want to learn how to maintain a small server environment, focusing on installation and maintanance of kernel and software. My scope in this exercise is limited to a small ftp server in a production environment. I believe this means I want to track "security" branch. What I imagine is having two boxes: test and production. But for this exercise, the two systems will really be one or two disk drives I can swap out of one box. I don't want to consider users in this exercise. I am not looking for a cookbook explanation, but just tips and/or references to other doc to make this work. I have read the handbook nearly cover to cover, and have a well read copy of Complete Fbsd. Please make ref's to any of these or other doc. While I am a newbie, I have used these tools somewhat effectively: cvsup and supfiles, pkg_add, portupgrade, portsnap, portaudit, freebsd-update, built ports using make, config'ed and built kernels. System Installation:1. Using ISO 1 of the Fbsd 386 Release 6.0 CD, install the developer distribution. a. The screen says "full sources", does this mean kernel and base sources? b. I am confused about userland. Is userland everything you install, plus ports, except the kernel? c. Should I slice my drive and partition it at this point for the test environment? 2. Configure networking, add users, etc and finish initial installation, verify system runs and has connectivity. 3. Should I stop here to update any software that has been added to this point? a. I know from working with freebsd-update that there are security fixes for the kernel. What is best practise to get the kernel secure again? On one of my present boxes, I had used sysintall to populate /usr/src/sys (I think) with kernel sources. Would I do this now? I have only used the "traditional" method of cd /usr/src/sys/i386/compile/TESTKERNEL, then make depend install etc. b. What is the procedure at this point to get userland right? (Assuming userland is all but kernel) c. Where does cvsup's src/all come into this? 4. Use portsnap fetch/extract to get /usr/ports to make install clean the very few ports that would be needed on this ftp server. Post installation 1. Mount the test hard drive and copy production to test. a. Are there any tips on the best way to copy drives? I want to be able to boot the test system just like the production system to test updates, etc. 2. Now, using the test environment, what is the best procedure to keep abreast of kernel and userland issues? 3. What is the procedure to "recompile" my system to keep the kernel and userland up to date? I realize that this process is usually contrained by "don't fix what ain't broken", and the need to keep the server up nearly 24/7. I hope this is not too much to bite off in one email. If so, I will still appreciate any tips. Best Regards,Steve. -- ___________________________________________________ Play 100s of games for FREE! http://games.mail.com/ _______________________________________________ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscribe@freebsd.org" --=20 ___________________________________________________ Play 100s of games for FREE! http://games.mail.com/