Date: Thu, 04 Oct 2007 15:34:07 -0500 From: Kevin Kinsey <kdk@daleco.biz> To: Bill Stwalley <stwalley2004@gmail.com> Cc: freebsd-questions@freebsd.org Subject: Re: too late to change to security branch? Message-ID: <47054E3F.1060709@daleco.biz> In-Reply-To: <687f2b920710030143w188eba97sac9858f70015fe90@mail.gmail.com> References: <687f2b920709262347l23b3d6cfv3969ea804f4963c3@mail.gmail.com> <20070930110108.T79156@obelix.home.rakhesh.com> <687f2b920710030143w188eba97sac9858f70015fe90@mail.gmail.com>
next in thread | previous in thread | raw e-mail | index | archive | help
Bill Stwalley wrote: > On 9/30/07, Rakhesh Sasidharan <rakhesh@rakhesh.com> wrote: >> >> Hi Bill! >> >>> I have servers running 6.1 and 6.2. I use freebsd-update in cron jobs >> to >>> install binary security update to the base system, and use >> cvsup/portupgrade >>> in cron jobs to install port updates. By default, cvsup uses CURRENT >>> branch. >> The ports system doesn't have any branches. The same tree is used between >> all the different FreeBSD branches so you can't just track security >> updates only. You track it using portupgrade/ cvsup. >> >> The base system has many branches. In your case, you seem to be following >> the security branches for 6.1 and 6.2 using freebsd-update. >> >>> I am tired of some updates breaking something unnecessarily, and am >> thinking >>> of changing to SECURITY branch in cvsup. Is that possible? Some of my >>> ports are already locally compiled with customized options. >> Maybe you can provide more info on what's breaking? >> >> I use FreeBSD for a couple of headless machines. No X and other stuff, but >> I haven't had any breakages so far. *touchwood* Do go though the UPDATING >> file to check out any gotchas before updating. >> >> HTH, >> >> >> - Rakhesh >> http://rakhesh.net/ >> > > I'm grateful to all your clarifications, as I feel this operation system is > really supported with care. > > Our uw-imap was broken recently for a few days as people could not login, so > I had to switch to dovecot. Nothing was mentioned in the UPDATING file, > although there was indeed a big update of uw-imap. I only got relieved > after finding > http://lists.freebsd.org/pipermail/freebsd-ports/2007-October/044051.htmlposted > a couple days later. > > Things similar to this, although to less extent, did happen once a couple > months, sometimes the "postfix" and other startup scripts in > /usr/local/etc/rc.d/ will be renamed to "postfix.sh" or vice verser by port > upgrade, that broke my other scripts. > > As everyone appears to suggest against updating ports in cron job and > suggest reading UPDATING instead and then updating by hand, I'm really > curious: Is it practical to do that when you manage a dozen servers? I > imagine doing that alone would be a substantial job. However crontab > updated ports do take down services from time to time. > > Best, Bill In the Handbook, Chapter 23.5, is one plan: http://www.freebsd.org/doc/en_US.ISO8859-1/books/handbook/small-lan.html HTH, Kevin Kinsey -- APL is a natural extension of assembler language programming; ...and is best for educational purposes. -- A. Perlis
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?47054E3F.1060709>