Date: Sat, 29 Apr 2006 18:13:52 -0400 From: Kris Kennaway <kris@obsecurity.org> To: Chris Maness <chris@chrismaness.com> Cc: freebsd-ports@freebsd.org, Kris Kennaway <kris@obsecurity.org> Subject: Re: Upgrade Tool Message-ID: <20060429221351.GA67787@xor.obsecurity.org> In-Reply-To: <4453E231.1030107@chrismaness.com> References: <44538D42.8030301@chrismaness.com> <20060429185437.GA62359@xor.obsecurity.org> <4453E231.1030107@chrismaness.com>
next in thread | previous in thread | raw e-mail | index | archive | help
--FL5UXtIhxfXey3p5 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On Sat, Apr 29, 2006 at 03:01:21PM -0700, Chris Maness wrote: > Kris Kennaway wrote: > >On Sat, Apr 29, 2006 at 08:58:58AM -0700, Chris Maness wrote: > > =20 > >>Currently, I download the tarballs for each specific application by=20 > >>hand, delete the old folder, then untar the new directory in the ports= =20 > >>tree. Is there an app that does this without having to do this by=20 > >>hand. I know about cvs syncing the whole ports tree, but I prefer to= =20 > >>upgrade the specific applications that have issues not the whole tree. > >> =20 > > > >This is much harder than you might think; often applications depend on > >other applications and infrastructure elements in complex and > >unintuitive ways, so you will easily get your system into an > >inconsistent, unbuildable state following this method. > > > >The only foolproof way to do it is to update the entire tree; tools > >like portsnap and cvsup make this *really easy*, so why add extra > >effort and risks? > > > >Kris > > =20 > I do this because it is not necessary to build every third party=20 > application just because I have a problem with one. I have ran into=20 > this UNIX version of DLL hell, but it was easy to fix after I synced the= =20 > whole tree and ran portupgrade -a. That just rebuilt everything=20 > installed, and made everything current. I have been upgrading single=20 > apps by hand with no ill results for a while. The only time igot into=20 > trouble was after I synced the whole tree and tried only upgrading some= =20 > of the apps. It just seems like re-compiling every application every=20 > time portaudit finds a security hole is a waste of processor time. Except that portupgrade -a doesn't do this. Anyway, no-one is forcing you to run portupgrade -a if you don't want to. IMO, it's still not worth the hassle of manually updating your ports tree in little bits and pieces, even if there was a foolproof way to do that. Kris --FL5UXtIhxfXey3p5 Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.3 (FreeBSD) iD8DBQFEU+UfWry0BWjoQKURAnmiAKDxSoDk8mZVCVP5XEIfxDvVZ37xAQCgjQPV vn26HQpZfdTkDbfNXLRh480= =7r9E -----END PGP SIGNATURE----- --FL5UXtIhxfXey3p5--
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20060429221351.GA67787>