From owner-freebsd-questions Sun Apr 1 22:29:38 2001 Delivered-To: freebsd-questions@freebsd.org Received: from va.com.au (va.com.au [203.15.106.1]) by hub.freebsd.org (Postfix) with ESMTP id 6E30F37B719 for ; Sun, 1 Apr 2001 22:29:35 -0700 (PDT) (envelope-from jesse@va.com.au) Received: from [10.0.1.52] (61.9.190.29) by va.com.au with ESMTP (Eudora Internet Mail Server 2.2.2); Mon, 2 Apr 2001 14:59:31 +0930 Mime-Version: 1.0 X-Sender: jesse@mail.va.com.au Message-Id: In-Reply-To: References: Date: Mon, 2 Apr 2001 15:29:30 +1000 To: Alex Charalabidis From: jesse reynolds Subject: Re: can FreeBSD apply security updates without making world? Cc: Content-Type: text/plain; charset="us-ascii" ; format="flowed" Sender: owner-freebsd-questions@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG At 23:47 -0500 1/4/2001, Alex Charalabidis wrote: >On Mon, 2 Apr 2001, jesse reynolds wrote: > >> Hi folx >> >> I'm having trouble working out how to automatically install the >> latest security patched versions of server software (eg BIND). >> >> I would have thought there'd be a way of getting the latest port, or >> the latest package if it's available, and installing it. >> >FreeBSD security advisories include links to replacement packages for the >insecure components if it's feasible to simply replace them. Right. > > However the problem with ports is that you virtually have to upgrade >> your OS to the very latest version in order for the latest port to >> actually build. (not always the case, but mostly). >> >Rarely the case, actually, though you might need an update package for the >ports collection itself. Sadly it's been mostly the case for me. I'll try an update package for ports, again, but last time I tried thereafter every port I tried to run said "sorry, your version of freebsd is not new enough, please install the latest freebsd" - or something to that effect. > > what about packages, is the way to go to download a package for the >> OS version you're running (eg FreeBSD 3.3-RELEASE or 4.1-RELEASE) and >> install it over the top of what you've got? >> >For packages, you ought to remove the old package before installing the >new one; for ports, after a successful 'make,' pkg_delete or 'make >deinstall' the old version before your 'make install.' okay, does package deletion remove config files as well? > > What about existing config files? Will installing new packages over >> the top of already installed ports "just work", or will it require >> backing up all data/configs and fiddling around with it afterwards? >> >Depends how old your previous installation is. If you're forced to upgrade >from v1.1 to v2.2, of course you have to reckon with config changes. I'd >back up anyway. > yep. rightyho. suck it and see. So, case in point, i want to upgrade to the latest BIND, I currently have FreeBSD 3.3-RELEASE on this box, and I believe I installed the BIND from the ports collection of that release, it's version 8.1.2. However there is no pkg_info for bind on this box... how easy will it be to upgrade it do you think? Cheers Jesse -- Jesse Reynolds - Virtual Artists Pty Ltd - http://www.va.com.au Email: jesse (at) va.com.au > Web Hosting Phone: +61 8 8223 2288 > Streaming Media Hosting ?: http://jesse.va.com.au > Telehousing / Colocation > Internet Application Design "This is the time, and this is the record of the time. " To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message