Date: Mon, 19 Dec 2005 13:33:07 -0600 From: Greg Barniskis <nalists@scls.lib.wi.us> To: freebsd-questions@freebsd.org Subject: Re: ports security branch Message-ID: <43A70AF3.2080101@scls.lib.wi.us> In-Reply-To: <124C8EC79D9A6FBB2A645B28@Paul-Schmehls-Computer.local> References: <43A6CA19.5020100@mail.ru> <124C8EC79D9A6FBB2A645B28@Paul-Schmehls-Computer.local>
next in thread | previous in thread | raw e-mail | index | archive | help
Paul Schmehl wrote: > I'm not sure what you mean by "suffering all the intricacies". Cvsup > will fetch all the ports that have updates (assuming you use the right > config - man is your friend), so you really don't have to do much except > launch cvsup (if you haven't already scheduled it routinely) and then > launch portupgrade once cvsup is done. > > When I set up a new server, one of the first things I do, before > installing any applications, is run cvsup to update everything. Then I > setup cvsup to run nightly, and only then to I begin installing whatever > applications that particular server might need. I do a very similar thing only I don't cvsup/portupgrade frequently, I portaudit frequently and then cvsup/portupgrade on demand. This way is somewhat less intrusive, as there are frequently port version bumps available that are not security related and certainly not required for continuity of service. When first getting used to this stuff I thought it moderately burdensome compared to automatic binary updates, but I quickly came to understand the value of being able to choose exactly what, how and when to upgrade. All regrets soon faded. Intricacies and suffering? Sometimes yes, but not that frequently, and it's worth it. -- Greg Barniskis, Computer Systems Integrator South Central Library System (SCLS) Library Interchange Network (LINK) <gregb at scls.lib.wi.us>, (608) 266-6348
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?43A70AF3.2080101>