From owner-freebsd-security Wed Jul 25 18: 4:30 2001 Delivered-To: freebsd-security@freebsd.org Received: from axl.seasidesoftware.co.za (axl.seasidesoftware.co.za [196.31.7.201]) by hub.freebsd.org (Postfix) with ESMTP id AE76137B403 for ; Wed, 25 Jul 2001 18:04:25 -0700 (PDT) (envelope-from sheldonh@starjuice.net) Received: from sheldonh (helo=axl.seasidesoftware.co.za) by axl.seasidesoftware.co.za with local-esmtp (Exim 3.31 #1) id 15PZaR-0006HG-00; Thu, 26 Jul 2001 03:05:11 +0200 From: Sheldon Hearn To: Nuno Teixeira Cc: freebsd-security@freebsd.org Subject: Re: Updating security fixes without single user mode? In-reply-to: Your message of "Thu, 26 Jul 2001 01:57:30 +0100." <20010726015730.F5227@gateway.bogus> Date: Thu, 26 Jul 2001 03:05:11 +0200 Message-ID: <24133.996109511@axl.seasidesoftware.co.za> Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org On Thu, 26 Jul 2001 01:57:30 +0100, Nuno Teixeira wrote: > What is the best way of maintain the system updated without single user mode? > > Patches? Packages? Intelligent application of patches and careful rebuilding of affected binaries. This requires quite a good understanding of how the FreeBSD build fits together. You can get away with reading the advisories carefully. Should you ever need a patch that involves a change to the kernel, your SOL. You can do the installkernel, installworld and mergemaster in multiuser mode and hope for the best (as many people do) when you reboot. However, kernel changes on a release security branch are expected to be infrequent. Ciao, Sheldon. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message