Date: Mon, 20 Sep 2004 15:01:33 -0400 From: "Haulmark, Chris" <chris@sigd.net> To: "Bill Moran" <wmoran@potentialtech.com>, "Kenneth A. Bond" <fhb_1969@yahoo.ca> Cc: freebsd-questions@FreeBSD.org Subject: RE: Core System Update Message-ID: <6FC9F9894A9F8C49A722CF9F2132FC2201D951BA@ms05.mailstreet2003.net>
next in thread | raw e-mail | index | archive | help
=20 > -----Original Message----- > From: owner-freebsd-questions@freebsd.org=20 > [mailto:owner-freebsd-questions@freebsd.org] On Behalf Of Bill Moran > Sent: Monday, September 20, 2004 1:31 PM > To: Kenneth A. Bond > Cc: freebsd-questions@FreeBSD.org > Subject: Re: Core System Update >=20 > "Kenneth A. Bond" <fhb_1969@yahoo.ca> wrote: >=20 > > Hello, > > I am trying to determine how often to update my systems. > > Currently I am using anoncvs in order to synch my source. > > >From there I run the typical > > =20 > > # make buildworld > > # make buildkernel > > # make installkernel > > #=20 > > # mergemaster -p# make installworld# mergemaster# reboot > >=20 > > Should I only perform this when a security vulnerability is found? > >=20 > > I am trying to achieve maximum uptime for these systems and want to > > confirm how often I should perform a core system update. >=20 > Please wrap you lines aroun 72 chars. See > http://www.lemis.com/questions.html >=20 > If you're shooting for max uptime and the most stable system, you can > follow the procedure I follow for most of my clients: > 1) Install the latests 4.x-RELEASE > 2) cvsup to RELENG_4_x (currently RELENG_4_10) > 3) rebuild/reinstall the core system. > 4) When 4.11 comes out, schedule a weekend and cvsup the system to > RELENG_4_11, rebuild/reinstall. Pay special attention to > /usr/src/UPDATING, repeat for 4.12, etc > 5) Subscribe to FreeBSD-security. When a vuln is announced, recvsup > to the RELENG_4_x and rebuild/reinstall Or simply follow the alert's patch instructions if it is unrelated to a kernel fix. A service or two would require to be restarted after being = patched. > 6) Step 5 can occasionally be skipped. For example, there were many > sites that I had using FreeBSD that I didn't have to update when > bind problems were fixed, because they weren't running DNS servers. > If you're not sure, you're safer updating than not. For instance, today, a CVS server had a security alert sent out, which = is not important to those of us who do not use CVS server. >=20 > --=20 > Bill Moran > Potential Technologies > http://www.potentialtech.com > _______________________________________________ > freebsd-questions@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-questions > To unsubscribe, send any mail to=20 > "freebsd-questions-unsubscribe@freebsd.org" >=20 > -- Chris Haulmark System Admin. Freelancer "In market for IT corrections for a salary."=20
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?6FC9F9894A9F8C49A722CF9F2132FC2201D951BA>