Date: Tue, 24 Apr 2012 11:02:56 -0000 From: "Prabhpal S. Mavi" <prabhpal@digital-infotech.net> To: "Lars Wilke" <lw@lwilke.de> Cc: freebsd-stable@freebsd.org Subject: Re: FreeBSD_9.0_Port_Upgrade - Exclude Ports Message-ID: <cf34cc7bedbe94cf27843b448d97ef1d.squirrel@mail.digital-infotech.net> In-Reply-To: <fvug69-r8v.ln1@lwilke.de> References: <542d8a7ba1b614d2260f117a29e412cb.squirrel@mail.digital-infotech.net> <fvug69-r8v.ln1@lwilke.de>
next in thread | previous in thread | raw e-mail | index | archive | help
> * Prabhpal S. Mavi wrote: >> Dear FreeBSD Friends, >> >> i have FreeBSD 9.0 Stable Running the following roles for past four >> months. Everything is functioning smooth alright. I read that system >> should be upgraded frequently. i am afraid that if i upgrade something >> can >> break. >> >> i am planing to run it like that until FreeBSD 9.2 is out, perhaps two >> years before upgrade. i am not sure if this is a good idea. i seek your >> advice about the upgrade. >> >> ROLE: Postfix Mail Server With Virtual Users Support Using MySQL >> Database, >> Apache Web Server, Certificate Authority (CA). Squirrelmail, Postfix >> Admin, Maia MailGuard Postfix-Admin, SPF, Postgray Filter, >> spamassassin, >> Clamav. >> [...] > > First you have to be aware that the stable tree in FBSD means something > completly different than a release in Red Hat/CentOS land. > > Here stable is the stable branch which gets updates, bugfixes and new > features. From this branch the next release is created. > > These updates and new features might not be as disruptive as > in the development branch but still things change. > So you might consider using a release branch instead, which only gets > security and critical bugfixes. > > Critical really means critical here and not every bugfix around. > In this regard a release branch is very stable :) > > So with stable you are really tracking a rolling release more like > Debian testing or say a rolling release repository like the fasttrack > repo in CentOS/Scientific Linux. > > While the release branch is more like staying on the same minor release > in Red Hat. But the minor release in Red Hat gets far more updates even > for not so serious bugs and sometimes even driver updates. > > The last part is AFAIU the reason that many people recomend the stable > branch in FBSD, b/c you get bugfixes and some driver updates faster or > even at all. > > If you would be on the release branch you would either have to switch > to stable or wait for the next release branch to get these updates and > fixes. > > As you are on stable i would suggest a test machine with the same > setup, or at least a virtual machine with the same setup. Maybe a jail > will do for you, else you could use something like virtualbox. > > Backups, always have backups and do some backups before doing something. > Under Linux there is a nifty tool called etckeeper, it basically hooks > into the package manager and tracks changes to /etc via version control. > No idea if something like this is available under FBSD but you could > roll your own ... > > If you use ZFS snapshots are easy and cheap, also there is basic Live > Upgrade/Boot Environment support. > > http://anonsvn.h3q.com/projects/freebsd-patches/wiki/manageBE > > If you use ZFS, i really suggest you look into this one, b/c it allows > you to switch your complete system around at will. Also, the updates > can be tested on an exact production copy without affecting the running > system. > > On the security side i would suggest some form of host basesd intrusion > detection and some common sense hardening. > > Generally monitoring (alarming+capacity/trending) for a live service is > a good idea, too. > > Accompanied by following the security advisories and using portaudit > should > be enough, i guess ... > > hth > --lars > > _______________________________________________ > freebsd-stable@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-stable > To unsubscribe, send any mail to "freebsd-stable-unsubscribe@freebsd.org" > Dear All, First, thank you very much for your valuable advice time and efforts you did put to write the response. how can i exclude some ports from being update when using port manager utility? i mean which switch can i use or edit the file for exclude. Thanks / Regards Thanks / Regards Prabhpal
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?cf34cc7bedbe94cf27843b448d97ef1d.squirrel>