Skip site navigation (1)Skip section navigation (2) 
Date:      Sun, 21 Jun 2015 08:56:16 -0400
From:      "Michael B. Eichorn" <ike@michaeleichorn.com>
To:        Lev <leventelist@gmail.com>, freebsd-questions@freebsd.org
Subject:   Re: security patch vs. binary upgrade
Message-ID:  <1434891376.1433.15.camel@michaeleichorn.com>
In-Reply-To: <20150621124345.1a09b8f6@jive>
References:  <20150621124345.1a09b8f6@jive>
next in thread | previous in thread | raw e-mail | index | archive | help 

[-- Attachment #1 --]
On Sun, 2015-06-21 at 12:43 +0200, Lev wrote:
> Hello List,
> 
> 
> I installed FreeBSD 10.1 on my home server, and it runs as expected.
> 
> I don't really understand one thing:
> 
> What is the difference between
> 
> pkg update/upgrade
pkg is the binary update system (binaries here are often refered to as
packages) for the ports tree. It contains all of the ports that can be
distributed as binaries with default options. It is not recommended at
this time to mix binary packages with source installed ports. If you want
to use packages but want non-default options you can use poudriere and
host your own repository pretty easily.
> 
> freebsd-update fetch
> freebsd-update install
freebsd-update is the binary update system for the parts of the system
maintained by the FreeBSD developers. This provides updates for the
kernel and base system (the default install). FreeBSD can also be updated
from source, in fact if you move to -STABLE or -CURRENT source updates
are the only option.
> 
> If I patch my sustem with security patches, and then upgrade the binary
> packages will the patches lost?
Binary upgrades contain all FreeBSD provided security patches.
> 
> Btw... freebsd-update install writes this:
> 
> Installing
> updates...install: ///usr/src/contrib/file/magic/Magdir/kerberos: No 
> such file or directory
> install: ///usr/src/contrib/file/magic/Magdir/meteorological: No such 
> file or directory install: ///usr/src/contrib/file/magic/Magdir/qt: No
> such file or directory
> install: ///usr/src/crypto/openssl/util/mkbuildinf.pl: No such file or 
> directory
IIRC this is the result of a glitch in the 10-RELEASE installer or media.
It didn't install the source code for the base system in /usr/src. If you
want the source code download it from svn and put it in /usr/src. If you
dont need it you can tell freebsd-update not to update the source code by
removing src from the components list in /etc/freebsd-update.conf.
> 
> Is this okay?
> 
> Thanks,
> Lev
> 
> -- 
> 73 de HA5OGL
> Op.: Levente
[-- Attachment #2 --]
0	*H
010
	`He0	*H
000]0
	*H
010	UIL10U

StartCom Ltd.1+0)U"Secure Digital Certificate Signing1806U/StartCom Class 1 Primary Intermediate Client CA0
150613202446Z
160614003550Z0H10Uike@michaeleichorn.com1%0#	*H
	ike@michaeleichorn.com0"0
	*H
0
UՀ,k9D %Z|Y6J<rrK
g;&|uNlUE9)V.[ט̊:qS](#vSYDz*CpugYݔ,v<`j(waS#ڒ6n(K5'KVLåErv<J=[}W
bLA%gޭnVb|	I?M7D:$׃bM_T[,ƃ\00	U00U0U%0++0Ujj:	γ+39啖0U#0Sr풜\|~5NԸQ0!U0ike@michaeleichorn.com0LU C0?0;+70*0.+"http://www.startssl.com/policy.pdf0+00' StartCom Certification Authority0This certificate was issued according to the Class 1 Validation requirements of the StartCom CA policy, reliance only for the intended purpose in compliance of the relying party obligations.06U/0-0+)'%http://crl.startssl.com/crtu1-crl.crl0+009+0-http://ocsp.startssl.com/sub/class1/client/ca0B+06http://aia.startssl.com/certs/sub.class1.client.ca.crt0#U0http://www.startssl.com/0
	*H
x+ȐF}pw.XvF?rg
P]EOp)L˻yA
;hi0u2]m [Sbp$_
gr
Xm*YP3#H>mKAǠt)HO|=@}3ӝ'iO81>03	v'h5U
"H;ECZtpҗ4rWHu^6+i*kJL8shAV|5;?HMc\	j[j|+000]0
	*H
010	UIL10U

StartCom Ltd.1+0)U"Secure Digital Certificate Signing1806U/StartCom Class 1 Primary Intermediate Client CA0
150613202446Z
160614003550Z0H10Uike@michaeleichorn.com1%0#	*H
	ike@michaeleichorn.com0"0
	*H
0
UՀ,k9D %Z|Y6J<rrK
g;&|uNlUE9)V.[ט̊:qS](#vSYDz*CpugYݔ,v<`j(waS#ڒ6n(K5'KVLåErv<J=[}W
bLA%gޭnVb|	I?M7D:$׃bM_T[,ƃ\00	U00U0U%0++0Ujj:	γ+39啖0U#0Sr풜\|~5NԸQ0!U0ike@michaeleichorn.com0LU C0?0;+70*0.+"http://www.startssl.com/policy.pdf0+00' StartCom Certification Authority0This certificate was issued according to the Class 1 Validation requirements of the StartCom CA policy, reliance only for the intended purpose in compliance of the relying party obligations.06U/0-0+)'%http://crl.startssl.com/crtu1-crl.crl0+009+0-http://ocsp.startssl.com/sub/class1/client/ca0B+06http://aia.startssl.com/certs/sub.class1.client.ca.crt0#U0http://www.startssl.com/0
	*H
x+ȐF}pw.XvF?rg
P]EOp)L˻yA
;hi0u2]m [Sbp$_
gr
Xm*YP3#H>mKAǠt)HO|=@}3ӝ'iO81>03	v'h5U
"H;ECZtpҗ4rWHu^6+i*kJL8shAV|5;?HMc\	j[j|+0400
	*H
0}10	UIL10U

StartCom Ltd.1+0)U"Secure Digital Certificate Signing1)0'U StartCom Certification Authority0
071024210155Z
171024210155Z010	UIL10U

StartCom Ltd.1+0)U"Secure Digital Certificate Signing1806U/StartCom Class 1 Primary Intermediate Client CA0"0
	*H
0
	-).2AUGo#G
B|NDRpM-B=o-we5JQpa>O.#._<V
[~**pz~3WG.ᘟMlr[<Ce6fqO"uxfWN#uicgkv$Lb%y`_{`xK'GN00U00U0USr풜\|~5NԸQ0U#0N@[i04hCA0f+Z0X0'+0http://ocsp.startssl.com/ca0-+0!http://www.startssl.com/sfsca.crt0[UT0R0'%#!http://www.startssl.com/sfsca.crl0'%#!http://crl.startssl.com/sfsca.crl0U y0w0u+70f0.+"http://www.startssl.com/policy.pdf04+(http://www.startssl.com/intermediate.pdf0
	*H

}x,\c^#wMq}>UK/^yX֏y	frMIŲB61ymQ󸟆ҨݬZ0&;@#13qۑ&	̢o	6r_;GO>*I(	74XS1r3)!LJy6Kotˆ#
_wSr
;B
ADp(fs䰷6%.W0J3:bC<8t X1<Cn=t==wST~\wkBf|15zUP)(IjVB!OfI=bb\4-*em/нSJm7N[]'@ڽD9Kr>R7/|o^I@ټ'Pa$ z9a'L)(
I}vcH]۸D*W}
m>Q|C.(,lQ100010	UIL10U

StartCom Ltd.1+0)U"Secure Digital Certificate Signing1806U/StartCom Class 1 Primary Intermediate Client CA]0
	`He0	*H
	1	*H
0	*H
	1
150621125616Z0O	*H
	1B@N/D@Zǽ(,{G\?<Y{Tm\6[zl@0	+710010	UIL10U

StartCom Ltd.1+0)U"Secure Digital Certificate Signing1806U/StartCom Class 1 Primary Intermediate Client CA]0*H
	1010	UIL10U

StartCom Ltd.1+0)U"Secure Digital Certificate Signing1806U/StartCom Class 1 Primary Intermediate Client CA]0
	*H
yYY}/x6sNM6σg/6^=5fu|}H{>7lgF{Rq*	/%C­<4/[u:BRlݨ[Rma^Z*&}ݜ8} i4(Sk\;z4Af9C@}f9&+r)BمYhsBg+.&\/EԊ,Ob
*&Z#'

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?1434891376.1433.15.camel>