Date: Mon, 30 Jun 2008 12:26:05 +0200 From: Kris Kennaway <kris@FreeBSD.org> To: Andy Kosela <andy.kosela@gmail.com> Cc: freebsd-stable@freebsd.org Subject: Re: tracking -stable in the enterprise Message-ID: <4868B4BD.9030002@FreeBSD.org> In-Reply-To: <3cc535c80806290345s2d7ec96bse2587642bcaf5086@mail.gmail.com> References: <3cc535c80806290345s2d7ec96bse2587642bcaf5086@mail.gmail.com>
next in thread | previous in thread | raw e-mail | index | archive | help
Andy Kosela wrote: > On Jun 25, 2008, at 3:46 AM, Peter Wemm wrote: >> I think we still have FreeBSD-3.x machines in production. I know we >> have FreeBSD-4.3. 99.9% of security issues don't affect us. We have >> our own package system built on top of FreeBSD's pkg_add format and >> have the ability to push packages to machines. If circumstances >> warrant it, we can push a fix for something. It'll either push a new >> binary or be a source patch that is compiled directly on the machines >> in question. The machines run a custom software stack. More often >> we push fixes for driver or performance fixes or things like timezone >> updates. > > Ports infrastructure do not support such old FreeBSD versions, so how > do you deal with that? Do you maintain your own CVS branches of > selected packages and backports necessary security patches? I guess it > demands considerable effort to compile the latest apache on FreeBSD > 3.x or 4.x. > It would be easy to maintain 4.x compatibility in Yahoo's package system. They probably only need a relatively small number of ports, and there is no need to stay in sync with changes to the ports infrastructure. Those changes are almost all completely gratuitous from the point of view of deploying packages within a site since they are changes to the *ports* infrastructure. The FreeBSD *package* infrastructure has changed almost not at all over time (but yahoo have their own package system anyway). To the extent that the vendor applications still support old versions, the model would be the same: vendor source + patches --> binary. You can do that with a system based on the ports collection from last century if you like :) I would guess that Yahoo actually forked the ports system long ago (in the 2.x days?) or never used it directly, and either port their changes directly or by taking patches from freebsd ports. Kris
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?4868B4BD.9030002>