From owner-freebsd-questions@FreeBSD.ORG Mon Mar 29 13:40:54 2004 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id E0B0816A4CE for ; Mon, 29 Mar 2004 13:40:54 -0800 (PST) Received: from thalia.otenet.gr (mailsrv.otenet.gr [195.170.0.5]) by mx1.FreeBSD.org (Postfix) with ESMTP id 2A8D643D54 for ; Mon, 29 Mar 2004 13:40:53 -0800 (PST) (envelope-from keramida@ceid.upatras.gr) Received: from gothmog.gr (patr530-a091.otenet.gr [212.205.215.91]) by thalia.otenet.gr (8.12.10/8.12.10) with ESMTP id i2TLebqP013795; Tue, 30 Mar 2004 00:40:38 +0300 (EEST) Received: from gothmog.gr (gothmog [127.0.0.1]) by gothmog.gr (8.12.11/8.12.11) with ESMTP id i2TLeaiv003143; Tue, 30 Mar 2004 00:40:36 +0300 (EEST) (envelope-from keramida@ceid.upatras.gr) Received: (from giorgos@localhost) by gothmog.gr (8.12.11/8.12.11/Submit) id i2TLeaRf003142; Tue, 30 Mar 2004 00:40:36 +0300 (EEST) (envelope-from keramida@ceid.upatras.gr) Date: Tue, 30 Mar 2004 00:40:36 +0300 From: Giorgos Keramidas To: Charles Swiger Message-ID: <20040329214036.GA2847@gothmog.gr> References: <38632096-81B7-11D8-A410-00039352A78A@calarts.edu> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: cc: Sean Murphy cc: freebsd-questions@freebsd.org Subject: Re: Security Updates and Patching Two Choices? X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 29 Mar 2004 21:40:55 -0000 On 2004-03-29 15:07, Charles Swiger wrote: >On Mar 29, 2004, at 2:28 PM, Sean Murphy wrote: >>I don't want to build "all" sources when I just need these on my >>system (bin, man, and crypto). The same selection I use from a new >>install from /stand/sysinstall. Is that possible? > > If you look at /etc/default/make.conf for a bunch of components > starting with NO_, you can set those to get something close to what > you've asked for. Good idea :-) >> If a tag just the 4_9 Release in the CVSupfile can i just ignore the >> mergemaster? also can I just CVSup the sources and build the ones I >> want? (see above) > > Generally one can ignore doing the mergemaster simply for a security > patch. Unless, of course, the security patch fixes problems in /etc files that mergemaster *must* update. It's not very difficult to run mergemaster. I wouldn't recomment avoiding it altogether. Instead, I'd probably recommend one of two things, or both at the same time: a. Read the available documentation about /etc files. You don't have to learn all the (admittedly, mostly boring) details about every single file there is. Just skim through the manpages to get a general idea of what purpose each file serves. b. Install (almost blindly) all the files that mergemaster wants to "update", unless you are absolutely certain you have made manually some changes to the installed version. c. Merging the files which contain local changes is easy enough, as long as you spend a few moments to read the sdiff(1) manpage. This is the tool mergemaster uses to "merge" the files it updates. Please, do not skip running mergemaster :-) - Giorgos