Date: Sat, 10 Feb 2007 17:51:23 -0800 From: Michael <bsdquestions@gmail.com> To: Michael <bsdquestions@gmail.com>, FreeBSD - Questions <freebsd-questions@freebsd.org> Subject: Re: cvsup tag for ports Message-ID: <45CE769B.60708@gmail.com> In-Reply-To: <20070211002949.GA6384@falcon.midgard.homeip.net> References: <45CE41ED.3050900@gmail.com> <20070210230636.GA5968@falcon.midgard.homeip.net> <45CE5846.80002@gmail.com> <20070211002949.GA6384@falcon.midgard.homeip.net>
next in thread | previous in thread | raw e-mail | index | archive | help
Erik Trulsson wrote: > On Sat, Feb 10, 2007 at 03:41:58PM -0800, Michael wrote: > >> Erik Trulsson wrote: >> >>> On Sat, Feb 10, 2007 at 02:06:37PM -0800, Michael wrote: >>> >>> >>>> Hello everyone, >>>> >>>> I'm building a production server and I have what may seem to be a very >>>> simple question so I hope it only requires a simple answer. >>>> >>>> As I've studied the FreeBSD Handbook as well as the man pages for this, >>>> it's still not clear to me which tag I should use for a production server. >>>> >>>> For my sources I always use the security branch for the release we are >>>> using so that they stay stable and also plug most of the security issues >>>> as they arise and so the sources tag is always RELENG_6_2. >>>> >>>> For the ports, the default tag is always tag=. which I'm not sure is the >>>> best thing for a production server since that's the tab for -CURRENT. >>>> On one hand it makes sense to track that branch for ports because that's >>>> where fixes would go for applications as they find them, but I'm not >>>> convinced this is the best thing for a production server and wonder if I >>>> should also use the security branch for the ports. >>>> >>>> My first question is, does any real security fixes go into the ports >>>> when you pull from a security branch? In other words, do maintainers >>>> actually submit fixes to that branch for the ports? >>>> >>>> I have a similiar question for the docs as well, should we be tracking >>>> only the security branch when using cvsup for sources, ports and doc's? >>>> >>>> >>> Neither the ports tree nor the docs tree is branched. I.e. there is no >>> security branch for ports. >>> On the other hand you are not required to update installed ports/packages >>> just because you update the ports tree. >>> >>> >>> >>> >> What do you mean they aren't branched? Of course they are or they >> wouldn't be in cvs and if I changed the tag, it wouldn't do anything >> (they wouldn't change on running cvsup), but they do change (ports get >> deleted/added/edited.), so I'm not following you here. >> >> Can you elaborate on what you mean? >> > > What I mean is that the ports tree only has a single CVS branch, HEAD, which > is what you get with tag=. > There are no other branches. (Unlike the src/ tree which does have several > different branches in addition to HEAD.) > There are tags (like RELEASE_6_2_0 or RELEASE_5_2_1) that identify the ports > tree at some specific point in time. > If you update the ports tree with e.g. tag=RELEASE_6_2_0 you will get the > ports tree in the same state as was shipped with FreeBSD 6.2-RELEASE. > If you use the same tag a couple of months later you will get exactly the > same thing - the ports tree as was shipped with FreeBSD 6.2-RELEASE. > > If you want to get updates to the ports tree you will have to use tag=. or > wait until a new release has been made and use the tag corresponding to that > particular release. > > > OK, that makes sense. Now getting back to my original question, if you are running a production server, does it make sense to pull down ports which are under the -CURRENT tag=. or should anyone who's running a production server just stick with what's in the current release ports? Would I benefit more from pulling down the most current ports because it offers the most up to date packages? If neither is safer than I think it's probably ok to just continue to pull down the most current, if that's not true than I should probably just use the ports which came with the release. This is what I'd like people's comments on more than anything else. Thanks for your feedback I really appreciate it. Michael Lawver
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?45CE769B.60708>