From owner-freebsd-questions@FreeBSD.ORG Mon Sep 20 18:31:17 2004 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 4146916A4CE for ; Mon, 20 Sep 2004 18:31:17 +0000 (GMT) Received: from internet.potentialtech.com (h-66-167-251-6.phlapafg.covad.net [66.167.251.6]) by mx1.FreeBSD.org (Postfix) with ESMTP id 092E143D1D for ; Mon, 20 Sep 2004 18:31:17 +0000 (GMT) (envelope-from wmoran@potentialtech.com) Received: from working.potentialtech.com (pa-plum-cmts1e-68-68-113-64.pittpa.adelphia.net [68.68.113.64]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by internet.potentialtech.com (Postfix) with ESMTP id 5485769A87; Mon, 20 Sep 2004 14:31:16 -0400 (EDT) Date: Mon, 20 Sep 2004 14:31:15 -0400 From: Bill Moran To: "Kenneth A. Bond" Message-Id: <20040920143115.4ca3f91d.wmoran@potentialtech.com> In-Reply-To: <20040920181039.42245.qmail@web53405.mail.yahoo.com> References: <20040920181039.42245.qmail@web53405.mail.yahoo.com> Organization: Potential Technologies X-Mailer: Sylpheed version 0.9.12 (GTK+ 1.2.10; i386-portbld-freebsd4.9) Mime-Version: 1.0 Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit cc: freebsd-questions@FreeBSD.org Subject: Re: Core System Update X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 20 Sep 2004 18:31:17 -0000 "Kenneth A. Bond" wrote: > Hello, > I am trying to determine how often to update my systems. > Currently I am using anoncvs in order to synch my source. > >From there I run the typical > > # make buildworld > # make buildkernel > # make installkernel > # > # mergemaster -p# make installworld# mergemaster# reboot > > Should I only perform this when a security vulnerability is found? > > I am trying to achieve maximum uptime for these systems and want to > confirm how often I should perform a core system update. Please wrap you lines aroun 72 chars. See http://www.lemis.com/questions.html If you're shooting for max uptime and the most stable system, you can follow the procedure I follow for most of my clients: 1) Install the latests 4.x-RELEASE 2) cvsup to RELENG_4_x (currently RELENG_4_10) 3) rebuild/reinstall the core system. 4) When 4.11 comes out, schedule a weekend and cvsup the system to RELENG_4_11, rebuild/reinstall. Pay special attention to /usr/src/UPDATING, repeat for 4.12, etc 5) Subscribe to FreeBSD-security. When a vuln is announced, recvsup to the RELENG_4_x and rebuild/reinstall 6) Step 5 can occasionally be skipped. For example, there were many sites that I had using FreeBSD that I didn't have to update when bind problems were fixed, because they weren't running DNS servers. If you're not sure, you're safer updating than not. -- Bill Moran Potential Technologies http://www.potentialtech.com