From owner-freebsd-questions@FreeBSD.ORG Thu Jun 15 19:47:11 2006 Return-Path: X-Original-To: freebsd-questions@freebsd.org Delivered-To: freebsd-questions@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 6DC4216A41A for ; Thu, 15 Jun 2006 19:47:11 +0000 (UTC) (envelope-from ggroth@gregs-garage.com) Received: from mail.gregs-garage.com (h-64-105-8-34.chcgilgm.covad.net [64.105.8.34]) by mx1.FreeBSD.org (Postfix) with ESMTP id D692A43D45 for ; Thu, 15 Jun 2006 19:47:10 +0000 (GMT) (envelope-from ggroth@gregs-garage.com) Received: from [10.10.10.124] (localhost.gregs-garage.com [127.0.0.1]) (authenticated bits=0) by mail.gregs-garage.com (8.13.4/8.13.4) with ESMTP id k5FJk6s7048171; Thu, 15 Jun 2006 14:46:06 -0500 (CDT) (envelope-from ggroth@gregs-garage.com) Message-ID: <4491B9DD.6090707@gregs-garage.com> Date: Thu, 15 Jun 2006 14:49:49 -0500 From: Greg Groth User-Agent: Thunderbird 1.5.0.4 (Windows/20060516) MIME-Version: 1.0 To: Bill Moran References: <4491B615.1080704@gregs-garage.com> <20060615154212.c08bf59c.wmoran@collaborativefusion.com> In-Reply-To: <20060615154212.c08bf59c.wmoran@collaborativefusion.com> Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit Cc: freebsd-questions@freebsd.org Subject: Re: clarification of cvsup process. X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 15 Jun 2006 19:47:11 -0000 On 6/15/2006 2:42 PM, Bill Moran wrote: > In response to Greg Groth : > >> I have a FreeBSD 6.0 server that I manage that is used as a DNS / mail >> server. In the wake of the recent sendmail security announcement, I'd >> like to make sure I'm keeping the thing up to date. I tried to run the >> patch as listed in the announcement, but the patch just seemed to hang, >> so I killed the process and decided to go the cvsup route. now I >> understand the whole cvsup process, as well as updating ports, but the >> whole release tag thing still has me confused. If possible could >> someone tell me if I'm doing this right or not, or have someone tell me >> what I'm doing wrong. >> >> I'm only interested in updating the system when a security need arises, >> and have no desire to live on the "cutting edge". I handle the ports >> through portaudit/portsnap/portmanager, and am looking to only update >> the case system with cvsup. >> >> Here is the list of commands I run to update the system. >> >> # cvsup /usr/local/greg/cvsupfile >> >> Contents of cvsupfile: >> >> *default host=cvsup6.FreeBSD.org >> *default base=/var/db >> *default prefix=/usr >> *default release=cvs tag=RELENG_6_0 >> *default delete use-rel-suffix >> >> >> src-all >> *default tag=. > > Note that you set the tag=RELENG_6_0 ... which is what you want, then you > reset it tag=. -- which will give you 6-STABLE -- not what you want. > > Remove the *default tag=. line. Out of curiosity, can you revert back to RELENG_6_0 from 6_STABLE? Obviously I already ran this process... > >> # cd /usr/src >> # make buildworld >> # make buildkernel >> # make installkernel >> # reboot >> >> After rebooting into single user mode: >> >> # fsck -p >> # mount -u / >> # mount -a -t ufs >> # swapon -a >> # adjkerntz -i >> # mergemaster -p >> # make installworld >> # mergemaster >> # reboot >> >> After rebooting: >> >> # cd /etc/mail >> # make all >> # make install >> # make restart >> >> And that's it. I do the stuff in /etc/mail since I'm not sure running >> make buildworld will update the cf files. The last patch that came out, >> I did the same thing I outlined above, but I did not notice a change in >> the version number of Sendmail when telnetting to it. > > I don't know if the patch updates sendmail's internal version or not. > > What does uname -a tell you after the upgrade? > mail# uname -a FreeBSD mail.domain.com 6.0-RELEASE-p6 FreeBSD 6.0-RELEASE-p6 #1: Tue Mar 28 13:46:24 CST 2006 ggroth@ns1.domain.com:/usr/obj/usr/src/sys/GENERIC i386 (the real domain has been obfuscated) Thanks for the reply. Greg Groth