Date: Fri, 01 Jul 2005 02:06:34 -0500 From: Jonathan Noack <noackjr@alumni.rice.edu> To: lars <lars@gmx.at> Cc: freebsd-stable@freebsd.org Subject: Re: How is the patchlevel set? Message-ID: <42C4EB7A.7000806@alumni.rice.edu> In-Reply-To: <42C45A55.4020303@gmx.at> References: <42C45A55.4020303@gmx.at>
next in thread | previous in thread | raw e-mail | index | archive | help
[-- Attachment #1 --] On 06/30/05 15:47, lars wrote: > I can't seem to find out how the patchlevel is set. > > Is it incremented with each SA's patch, kernel or world, > or only kernel or only world? > > Could anyone point me to some documentation by the FreeBSD project? > > I know this is the stable list, but I don't want to subscribe to > one more list just for this question. The patch level is set in src/sys/conf/newvers.sh. I believe this means that it is only updated after rebuilding the kernel (see 'sysctl kern.version'). I have often applied patches from Security Advisories and rebuilt only what was necessary instead of world/kernel. With a userland vulnerability, this is often the most expedient and unintrusive method. However, the new patch level is not set this way so you have to document the update for yourself. On client machines I sometimes do the full world/kernel rebuild and schedule a reboot just to avoid questions about whether the machine is up-to-date. -- Jonathan Noack | noackjr@alumni.rice.edu | OpenPGP: 0x991D8195 [-- Attachment #2 --] -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.1 (FreeBSD) iD8DBQFCxOt/UFz01pkdgZURAo4gAJ0eHIdGBKN7WGV7/nNJSvxNPbRYeACdGuQW DvB+FE3q95iBZrIVJpZXQhE= =AoqL -----END PGP SIGNATURE-----
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?42C4EB7A.7000806>