Date: Fri, 2 Jul 2010 12:55:25 -0700 From: Ed Flecko <edflecko@gmail.com> To: freebsd-questions@freebsd.org Subject: Staying up to date with security patches Message-ID: <AANLkTinaGDq6EzcnDKmFrpDFyyYwW71_vT_lvoLhyAI8@mail.gmail.com>
next in thread | raw e-mail | index | archive | help
Hi folks, I've carefully read many different sources about keeping FreeBSD up to date, and I'm not quite "crystal-clear". I'm building a server with 8.0, and because it's a server, it will have very little software installed on it (probably Apache, maybe BIND, etc.), and my primary concern is that it's stable and secure from a "patching perspective" (I'll work on "hardening" the OS later). Since I will be doing a custom kernel at some point, I won't use freebsd-update, I'm using cvsup instead. If I understand the docs correctly, I want my "supfile" (in my case, I'm simply modifying "stable-supfile") file to have an entry like: *default release=cvs tag=RELENG_8_0 1.) The _0 will keep me up to date with the security patches, which is what I'm after, right? 2.) How often "should" one synchronize your server (PC, etc.)? You don't need to do it daily with cron, do you? I've subscribed to the FreeBSD security update list, so that's probably the only time one really needs to synchronize, rebuild, etc., isn't it? 3.) What's the smartest way to keep your installed applications updated (i.e., Apache, BIND, etc.)? 4.) Finally, where's the best URL to scour past FreeBSD posts/answers? Thank you! Ed
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?AANLkTinaGDq6EzcnDKmFrpDFyyYwW71_vT_lvoLhyAI8>