From owner-freebsd-questions@FreeBSD.ORG Tue Jun 8 16:17:07 2004 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 4C4DB16A4CE for ; Tue, 8 Jun 2004 16:17:07 +0000 (GMT) Received: from dyer.circlesquared.com (host217-45-219-83.in-addr.btopenworld.com [217.45.219.83]) by mx1.FreeBSD.org (Postfix) with ESMTP id 2EA8E43D2D for ; Tue, 8 Jun 2004 16:17:04 +0000 (GMT) (envelope-from peter@circlesquared.com) Received: from circlesquared.com (localhost.petanna.net [127.0.0.1]) i58GJhXu049009; Tue, 8 Jun 2004 17:19:52 +0100 (BST) (envelope-from peter@circlesquared.com) Message-ID: <40C5E71F.6010702@circlesquared.com> Date: Tue, 08 Jun 2004 17:19:43 +0100 From: Peter Risdon User-Agent: Mozilla/5.0 (X11; U; FreeBSD i386; en-US; rv:1.7b) Gecko/20040327 X-Accept-Language: en-us, en MIME-Version: 1.0 To: Bill Moran References: <40C5BCAC.6090401@circlesquared.com> <20040608102534.63e0259b.wmoran@potentialtech.com> In-Reply-To: <20040608102534.63e0259b.wmoran@potentialtech.com> Content-Type: text/plain; charset=us-ascii; format=flowed Content-Transfer-Encoding: 7bit cc: freebsd-questions@freebsd.org Subject: Re: Wisdom of automating upgrades X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 08 Jun 2004 16:17:07 -0000 Bill Moran wrote: >Peter Risdon wrote: > > >>cvsup'ing overnight is routine and fine. >> >>The make build/install stuff seems a bit more delicate. I'm happy that I >>have figured out how to automate this, but not _whether_ I should do so. >>I am of course only considering tracking RELENG_4 at this stage. >> >> > >Why not just cvsup/buildworld/buildkernel nightly, and monitor the FreeBSD >security advisory list. When a security problem is found, you only have to >installworld/installkernel, which is usually pretty quick. > > Yes, it is. That's a good compromise. >>Ports are perhaps more likely to be problematic (though less likely to >>be a blocker to remote fixing than a failure to boot). >> >> >> >Install portaudit, which will include nightly audits of port problems in your >daily run email. This takes the guesswork out of when to upgrade. By cvsupping >the ports nightly, you only have to run portupgrade to get things updated. > >Because of the dependencies in ports (which can get rather complex) I wouldn't >recommend automatically doing much with ports. > > If something in the dependency tree is broken or is imperfectly handled without manual intervention, the upgrade process stops short of deinstalling the existing port. Otherwise, the thought of automation wouldn't have crossed my mind. Of course, the time spent tidying up such situations might outweigh the time saved. A more severe problem would occur when a configuration file format changes, or there's deprecation and replacement. Perhaps I should say I'm pretty sure full automation would be unwise. It isn't unobvious and if it hasn't yet been done there's probably a reason for it. I'm trying to get a handle on what that is and to what extent solutions such as the one you suggested above can be used. Peter