Date: Tue, 4 Feb 2014 00:48:13 +0000 (UTC) From: Dru Lavigne <dru@FreeBSD.org> To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r43745 - head/en_US.ISO8859-1/books/handbook/cutting-edge Message-ID: <201402040048.s140mDSR073327@svn.freebsd.org>
next in thread | raw e-mail | index | archive | help
Author: dru Date: Tue Feb 4 00:48:13 2014 New Revision: 43745 URL: http://svnweb.freebsd.org/changeset/doc/43745 Log: Edits to first section of Updating section. Improve the introduction. Update the config file entries. Sponsored by: iXsystems Modified: head/en_US.ISO8859-1/books/handbook/cutting-edge/chapter.xml Modified: head/en_US.ISO8859-1/books/handbook/cutting-edge/chapter.xml ============================================================================== --- head/en_US.ISO8859-1/books/handbook/cutting-edge/chapter.xml Tue Feb 4 00:31:27 2014 (r43744) +++ head/en_US.ISO8859-1/books/handbook/cutting-edge/chapter.xml Tue Feb 4 00:48:13 2014 (r43745) @@ -160,63 +160,68 @@ <see>updating-upgrading</see> </indexterm> - <para>Applying security patches is an important part of - maintaining computer software, especially the operating system. - For the longest time on &os;, this process was not an easy one. - Patches had to be applied to the source code, the code rebuilt - into binaries, and then the binaries had to be - re-installed.</para> - - <para>This is no longer the case as &os; now includes a utility - called <command>freebsd-update</command>. This utility - provides two separate functions. First, it allows for binary - security and errata updates to be applied to the &os; base - system without the build and install requirements. Second, the - utility supports minor and major release upgrades.</para> - - <note> - <para>Binary updates are available for all architectures and - releases currently supported by the security team. Before - updating to a new release, its release announcement should be - reviewed as it contains important information pertinent to the + <para>Applying security patches in a timely manner and + upgrading to a newer release of + an operating system are important aspects of + ongoing system administration. + &os; includes a utility + called <command>freebsd-update</command> which can be used to + perform both these tasks.</para> + + <para>This utility supports binary + security and errata updates to &os;, + without the need to manually compile and install the patch or a + new kernel. Binary updates are available for all architectures and + releases currently supported by the security team. The list of + supported releases and their estimated end-of-life dates are listed at <uri + xlink:href="http://www.FreeBSD.org/security/">http://www.FreeBSD.org/security/</uri>.</para>; + + <para>This utility also supports operating system upgrades to minor point + releases as well as upgrades to another release branch. Before + upgrading to a new release, review its release announcement + as it contains important information pertinent to the release. Release announcements are available from <uri xlink:href="http://www.FreeBSD.org/releases/">http://www.FreeBSD.org/releases/</uri>.</para>; - </note> - + + <note> <para>If a <command>crontab</command> utilizing the features of &man.freebsd-update.8; exists, it must be - disabled before the following operation is started.</para> + disabled before upgrading the operating system.</para> + </note> + + <para>This section describes the configuration file used by + <command>freebsd-update</command>, demonstrates how to + apply a security patch and how to upgrade to a minor or major + operating system release, and discusses some of the considerations + when upgrading the operating system.</para> <sect2 xml:id="freebsdupdate-config-file"> <title>The Configuration File</title> - <para>Some users may wish to tweak the default configuration + <para>The default configuration file for + <command>freebsd-update</command> works as-is. Some users may wish to tweak the default configuration in <filename>/etc/freebsd-update.conf</filename>, allowing - better control of the process. The options are well - documented, but the following may require a bit more + better control of the process. The comments in this file explain the available options, + but the following may require a bit more explanation:</para> <programlisting># Components of the base system which should be kept updated. -Components src world kernel</programlisting> +Components world kernel</programlisting> <para>This parameter controls which parts of &os; will be kept - up-to-date. The default is to update the source code, the - entire base system, and the kernel. Components are the same - as those available during installation. For instance, adding - <literal>world/games</literal> would allow game patches to be - applied. Using <literal>src/bin</literal> would allow the - source code in <filename>src/bin</filename> - to be updated.</para> - - <para>The best option is to leave this at the default as - changing it to include specific items requires the user to - list every item to be updated. This could have disastrous + up-to-date. The default is to update the + entire base system and the kernel. Individual components can + instead be specified, such as + <literal>src/base</literal> or + <literal>src/sys</literal>. However, the best option is to leave this at the default as + changing it to include specific items requires + every needed item to be listed. Over time, this could have disastrous consequences as source code and binaries may become out of sync.</para> <programlisting># Paths which start with anything matching an entry in an IgnorePaths # statement will be ignored. -IgnorePaths</programlisting> +IgnorePaths /boot/kernel/linker.hints</programlisting> <para>To leave specified directories, such as <filename>/bin</filename> or @@ -233,7 +238,7 @@ UpdateIfUnmodified /etc/ /var/ /root/ /. <para>This option will only update unmodified configuration files in the specified directories. Any changes made by the - user will invalidate the automatic updating of these files. + user will prevent the automatic updating of these files. There is another option, <literal>KeepModifiedMetadata</literal>, which will instruct <command>freebsd-update</command> to save the changes during @@ -241,14 +246,14 @@ UpdateIfUnmodified /etc/ /var/ /root/ /. <programlisting># When upgrading to a new &os; release, files which match MergeChanges # will have any local changes merged into the version from the new release. -MergeChanges /etc/ /var/named/etc/</programlisting> +MergeChanges /etc/ /var/named/etc/ /boot/device.hints</programlisting> <para>List of directories with configuration files that <command>freebsd-update</command> should attempt to merge. The file merge process is a series of &man.diff.1; patches similar to &man.mergemaster.8;, but with fewer options. - Merges are either accepted, open an editor, or - <command>freebsd-update</command> will abort. When in doubt, + Merges are either accepted, open an editor, or cause + <command>freebsd-update</command> to abort. When in doubt, backup <filename>/etc</filename> and just accept the merges. See <xref linkend="mergemaster"/> for more information about <command>mergemaster</command>.</para> @@ -259,7 +264,7 @@ MergeChanges /etc/ /var/named/etc/</prog <para>This directory is where all patches and temporary files are placed. In cases where the user is doing a version - upgrade, this location should have a least a gigabyte of disk + upgrade, this location should have at least a gigabyte of disk space available.</para> <programlisting># When upgrading between releases, should the list of Components be
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?201402040048.s140mDSR073327>