From owner-freebsd-security Thu Jul 26 4:20:31 2001 Delivered-To: freebsd-security@freebsd.org Received: from internethelp.ru (wh.internethelp.ru [212.113.112.145]) by hub.freebsd.org (Postfix) with ESMTP id 252FE37B405 for ; Thu, 26 Jul 2001 04:20:19 -0700 (PDT) (envelope-from nkritsky@internethelp.ru) Received: from IBMKA (ibmka.internethelp.ru. [192.168.0.6]) by internethelp.ru (8.9.3/8.9.3) with ESMTP id PAA11769; Thu, 26 Jul 2001 15:19:42 +0400 (MSD) Date: Thu, 26 Jul 2001 15:19:44 +0400 From: "Nickolay A.Kritsky" X-Mailer: The Bat! (v1.49) Personal Reply-To: "Nickolay A.Kritsky" Organization: IHelp X-Priority: 3 (Normal) Message-ID: <19360186994.20010726151944@internethelp.ru> To: Nuno Teixeira Cc: freebsd-security@FreeBSD.ORG Subject: Re: Updating security fixes without single user mode? In-reply-To: <20010726015730.F5227@gateway.bogus> References: <20010726015730.F5227@gateway.bogus> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org Hello Nuno, Thursday, July 26, 2001, 4:57:30 AM, you wrote: NT> Hello to all, NT> At my workstation I'm tracking STABLE with no problems. NT> At my server I just want to update the system with security fixes, etc. NT> My question is: NT> Tracking RELEASE_4_3 (for a RELEASE 4.3 system) is a good option, but after makeworld and makekernel, I need to NT> go into single user mode and make installworld and mergemaster. NT> The problem is that my server is at US and I live in Portugal! So, it's impossible to run NT> the system in single user mode. NT> What is the best way of maintain the system updated without single user mode? NT> Patches? Packages? NT> Thanks in advance, Correct me if I am wrong, but AFAIK the only reason to run installkernel in single-user mode is that some permissions cannot cannot be overrided by root in securelevel >1 . So the first way is obvious - run with securelevel 0. If you don't like it you can do something like this: add following lines to your /etc/rc if [ -f "/etc/rc.singluser" ] then /etc/rc.singluser rm /etc/rc.singleuser reboot fi ;------------------------------------------- ; NKritsky ; SysAdmin InternetHelp.Ru ; http://www.internethelp.ru ; mailto:nkritsky@internethelp.ru To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message