From owner-freebsd-questions@FreeBSD.ORG Fri May 4 07:52:28 2012 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [69.147.83.52]) by hub.freebsd.org (Postfix) with ESMTP id D174C106566B for ; Fri, 4 May 2012 07:52:28 +0000 (UTC) (envelope-from m.seaman@infracaninophile.co.uk) Received: from smtp.infracaninophile.co.uk (smtp6.infracaninophile.co.uk [IPv6:2001:8b0:151:1:3cd3:cd67:fafa:3d78]) by mx1.freebsd.org (Postfix) with ESMTP id 5903A8FC0A for ; Fri, 4 May 2012 07:52:28 +0000 (UTC) Received: from seedling.black-earth.co.uk (seedling.black-earth.co.uk [IPv6:2001:8b0:151:1:fa1e:dfff:feda:c0bb]) (authenticated bits=0) by smtp.infracaninophile.co.uk (8.14.5/8.14.5) with ESMTP id q447qOi1005091 (version=TLSv1/SSLv3 cipher=DHE-RSA-CAMELLIA256-SHA bits=256 verify=NO) for ; Fri, 4 May 2012 08:52:24 +0100 (BST) (envelope-from m.seaman@infracaninophile.co.uk) X-DKIM: OpenDKIM Filter v2.5.2 smtp.infracaninophile.co.uk q447qOi1005091 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=infracaninophile.co.uk; s=201001-infracaninophile; t=1336117944; bh=sLItrCe7xpTStpIrerzfPNoPHdvgVUUaAXs989c4+Gg=; h=Date:From:To:Subject:References:In-Reply-To:Cc:Content-Type: Message-ID:Mime-Version; b=K3DaWbbIDMskJh8ZJmqBmtl0JagVAByG+lOrqixwJwpnhIp0u5Ehk3/nhykHu9Ozt tmUey3d6YynoJ/gQcgbNG9vjV5zjQ07RFN7AbdaDNaR7mwDReLw/TvlIFQl1ogQ775 qv0NVU6rLb1qT0YQbsh8axCu+GZF/vKGOqn1lGug= Message-ID: <4FA38AB8.7010806@infracaninophile.co.uk> Date: Fri, 04 May 2012 08:52:24 +0100 From: Matthew Seaman User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.6; rv:12.0) Gecko/20120428 Thunderbird/12.0.1 MIME-Version: 1.0 To: freebsd-questions@freebsd.org References: <201205032243.q43Mh6x5030357@mail.r-bonomi.com> In-Reply-To: <201205032243.q43Mh6x5030357@mail.r-bonomi.com> X-Enigmail-Version: 1.4.1 OpenPGP: id=60AE908C Content-Type: multipart/signed; micalg=pgp-sha1; protocol="application/pgp-signature"; boundary="------------enig2563DB417E68E6F500EED892" X-Virus-Scanned: clamav-milter 0.97.4 at lucid-nonsense.infracaninophile.co.uk X-Virus-Status: Clean X-Spam-Status: No, score=-2.0 required=5.0 tests=ALL_TRUSTED,AWL,BAYES_00, DKIM_ADSP_ALL,DKIM_SIGNED,T_DKIM_INVALID autolearn=no version=3.3.2 X-Spam-Checker-Version: SpamAssassin 3.3.2 (2011-06-06) on lucid-nonsense.infracaninophile.co.uk Subject: Re: freebsd-update not updating reported patchlevel X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 04 May 2012 07:52:28 -0000 This is an OpenPGP/MIME signed message (RFC 2440 and 3156) --------------enig2563DB417E68E6F500EED892 Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: quoted-printable On 03/05/2012 23:43, Robert Bonomi wrote: > Amazingly, this very question was covered on this list within the last = few > hours. It's not that much of a coincidence. We always get a rash of queries like this every time there's a security advisory and consequently a lot of people are updating. > Executive summary: > the kernel ID string that uname reports changes only when the -kernel- = is > changed. >=20 > -p4, -p5, -p6, and -p7. have -not- involved any changes to the kernel. > hence the ID string has stayed at '-p3'. >=20 > While this _is_ counter-intuitive, it does make sense to avoid pushing = a > new k ernel out, and/or forcing an admin to rebuild a custom kernel, wh= en > the -only- change would be to the ID string. I wonder if it would be possible or indeed worthwhile to have a very small kld or sysctl that shows the current patch level and that can be updated without replacing the kernel entire. Obviously, this introduces the possibility of faking the patchlevel, so perhaps this should be constructed so it can only be modified on reboot. Hmmmm.... Matthew --=20 Dr Matthew J Seaman MA, D.Phil. 7 Priory Courtyard Flat 3 PGP: http://www.infracaninophile.co.uk/pgpkey Ramsgate JID: matthew@infracaninophile.co.uk Kent, CT11 9PW --------------enig2563DB417E68E6F500EED892 Content-Type: application/pgp-signature; name="signature.asc" Content-Description: OpenPGP digital signature Content-Disposition: attachment; filename="signature.asc" -----BEGIN PGP SIGNATURE----- Version: GnuPG/MacGPG2 v2.0.16 (Darwin) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iEYEARECAAYFAk+jirgACgkQ8Mjk52CukIwPZACdFTWpXyY8Mpg9bcEpyvBR0cuk R24Anim4N8p7+5MSf7lLTNLTF7Dc5Iow =JN2f -----END PGP SIGNATURE----- --------------enig2563DB417E68E6F500EED892--