From owner-freebsd-questions@FreeBSD.ORG Wed Mar 8 18:37:19 2006 Return-Path: X-Original-To: freebsd-questions@freebsd.org Delivered-To: freebsd-questions@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 797AD16A420 for ; Wed, 8 Mar 2006 18:37:19 +0000 (GMT) (envelope-from nalists@scls.lib.wi.us) Received: from mail.scls.lib.wi.us (mail.scls.lib.wi.us [198.150.40.25]) by mx1.FreeBSD.org (Postfix) with ESMTP id 24E4143D70 for ; Wed, 8 Mar 2006 18:37:14 +0000 (GMT) (envelope-from nalists@scls.lib.wi.us) Received: from [172.26.2.238] ([172.26.2.238]) by mail.scls.lib.wi.us (8.12.9p2/8.12.9) with ESMTP id k28IbChG061044; Wed, 8 Mar 2006 12:37:12 -0600 (CST) (envelope-from nalists@scls.lib.wi.us) Message-ID: <440F2458.8060302@scls.lib.wi.us> Date: Wed, 08 Mar 2006 12:37:12 -0600 From: Greg Barniskis User-Agent: Thunderbird 1.5 (Windows/20051201) MIME-Version: 1.0 To: Chris Maness References: <20060308120036.5784916A423@hub.freebsd.org> <20060308100648.U67765@ns1.internetinsite.com> In-Reply-To: <20060308100648.U67765@ns1.internetinsite.com> Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit Cc: freebsd-questions@freebsd.org Subject: Re: To track or not to track X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 08 Mar 2006 18:37:19 -0000 Chris Maness wrote: > I just wanted to get pros and cons for tracking the whole port tree on a > production server. > > Any opinions? If by track you mean regularly download, compile and install all available updates, the big con is that you can sometimes break your box. More frequently you won't break anything but may need to spend considerable time babysitting the process, often needlessly since many updates are for features you'll never use. Tracking updates aggressively is a job for a dedicated build/test server that makes packages and dishes them out on demand, as needed (via NFS, rsync or your favorite sync method) first to other test servers and then to production servers.This way production boxes only get tested updates, on your schedule, for your reasons. You can best follow the "not broke, don't fix" credo by regularly doing cvsup (in case an upgrade is suddenly required), but only doing updates on production servers when: * there is an official FreeBSD security alert * portaudit throws a fit based on one or more of your installed port versions * some business requirement of yours creates a definitive need to have the latest version of something -- Greg Barniskis, Computer Systems Integrator South Central Library System (SCLS) Library Interchange Network (LINK) , (608) 266-6348