From owner-freebsd-questions@FreeBSD.ORG Tue Mar 9 17:44:17 2010 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 9179A1065673 for ; Tue, 9 Mar 2010 17:44:17 +0000 (UTC) (envelope-from ptkrisada@gmail.com) Received: from fg-out-1718.google.com (fg-out-1718.google.com [72.14.220.154]) by mx1.freebsd.org (Postfix) with ESMTP id 1DB778FC15 for ; Tue, 9 Mar 2010 17:44:15 +0000 (UTC) Received: by fg-out-1718.google.com with SMTP id 22so2306287fge.13 for ; Tue, 09 Mar 2010 09:44:15 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:received:received:date:from:to:subject :message-id:mail-followup-to:mime-version:content-type :content-disposition:content-transfer-encoding:user-agent :x-operating-system; bh=w+PWjNAMzPOdbMzIPd8ktg9lKtZemHkt/4+AvLdLNTU=; b=Chm9p/5AmcNGn4dTEf/8KDXKLWRdhgNYdZdXQeU1s0chCKO+PioUjV4eH44D6Xmfq5 0TOGLfNtjh31U56DJqHRO/hdjsnUDlnWFLPWDQWoWVTs1txzKX0+ml8nD9LubGRA45GF cYTGJFJN9IVKXzDPWLPOM/cQFPXdjh4U8VAlI= DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=date:from:to:subject:message-id:mail-followup-to:mime-version :content-type:content-disposition:content-transfer-encoding :user-agent:x-operating-system; b=umRJTQAmkrLfGGROsIKWLNSd+yfbgHWFMHqTwgv3Zc1XvU1HMeyP7JYLQYTJhsStXS h+wpePQqN1R6CwXVNCynRlSXW/BjUDCfiNW/BBIpr2O2uHctHGvsZa5lZj02TOB9BGVC iE6BWnJAZUOSsAvsPftEMfx+3LCUfvFMJea+A= Received: by 10.87.38.38 with SMTP id q38mr609923fgj.66.1268156654903; Tue, 09 Mar 2010 09:44:14 -0800 (PST) Received: from gmail.com (125.27.78.70.adsl.dynamic.totbb.net [125.27.78.70]) by mx.google.com with ESMTPS id d6sm8392930fga.2.2010.03.09.09.44.11 (version=TLSv1/SSLv3 cipher=RC4-MD5); Tue, 09 Mar 2010 09:44:13 -0800 (PST) Date: Wed, 10 Mar 2010 00:45:50 +0700 From: Pongthep Kulkrisada To: freebsd-questions@freebsd.org Message-ID: <20100309174550.GB1753@gmail.com> Mail-Followup-To: freebsd-questions@freebsd.org Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable User-Agent: Mutt/1.4.2.3i X-Operating-System: FreeBSD/8.0-RELEASE-p2 (i386) Subject: Re: Updating the system and ports X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 09 Mar 2010 17:44:17 -0000 * Chuck Swiger (cswiger@mac.com) wrote: > If you track RELENG_8, you get -STABLE system from a build cycle. If you > track RELENG_8_0, you are tracking the security branch and get your own > "official" -RELEASE system from the build cycle. > > http://www.freebsd.org/security/ says: >=20 > "Supported FreeBSD Releases >=20 > The FreeBSD Security Officer provides security advisories for several > branches of FreeBSD development. These are the -STABLE Branches and the > Security Branches. (Advisories are not issued for the -CURRENT Branch.) >=20 > ? The -STABLE branch tags have names like RELENG_7. The corresponding > builds have names like FreeBSD 7.0-STABLE. >=20 > ? Each FreeBSD Release has an associated Security Branch. The Security > Branch tags have names like RELENG_7_0. The corresponding builds have nam= es > like FreeBSD 7.0-RELEASE-p1." You explained very clear, much appreciated. > However, one does not normally swap back and forth between building from > source and doing binary upgrades, although it's certainly fine if you > wanted to get freebsd-upgrade working and use it from here on out. I only wanted to try again because the previous tries failed. I actually was not expecting any update to be occured. =46rom now on I should adhere with binary update, very fast. It also synchronizes source tree with binary. But I'm still question that how can we keep long uptime, if we always boot. Some boxes have been serving for many years without shutdown. > > 3. freebsd-update did not request for mergemaster(8). [edit] > > How can we ensure that things in /etc go well? >=20 > Read /usr/src/UPDATING for notes about important changes. Very technical, few people can understand. It's good anyway. :-) > Run mergemaster -iU, although you don't need to bother unless you're movi= ng > to at least a .x upgrade or there was a specific mention in the security > advisory otherwise. Okay. > I update most systems at least as often as FreeBSD security advisories ar= e posted; Where or which mailing lists? Is there any ``push model'' like Windows Update? It will prompt right after boot finish, when new patches exist. > and ports whenever portaudit warns of an issue. If a new version of > something which is a primary function of some box is updated, I might upd= ate > more frequently for such a specific reason. I have just know that ports-mgmt/portaudit can also report the availability= of new ports. I thought that it only issues warnings when security vulnerabilities occurs. > I have test machines that get updated about weekly. I have firewall boxe= s with multiyear uptimes where I've only updated OpenSSH+OpenSSL when neede= d, since port 22 for management is all they do. So you didn't update the system to keep long uptime. > I'm going to conclude from this question that you aren't running producti= on systems. :-) Yes I'm a novice (hobbyist). :-) > You only need to rebuild all ports when you are updating the system for a= major release, like from 7.x to 8.x. Otherwise, portmaster, portupgrade, = etc will determine which ports have changes and only rebuild those ones. I shall use portmaster whenever I update *major* or *minor* release. But excluding patches. Thanks, Pongthep