Date: Mon, 12 Jul 2010 20:31:06 +0100 From: Michael <mlmichael70@gmail.com> To: Mike Clarke <jmc-freebsd2@milibyte.co.uk> Cc: freebsd-questions@freebsd.org Subject: Re: Staying up to date with security patches Message-ID: <4C3B6D7A.90603@gmail.com> In-Reply-To: <201007022258.29863.jmc-freebsd2@milibyte.co.uk> References: <AANLkTinaGDq6EzcnDKmFrpDFyyYwW71_vT_lvoLhyAI8@mail.gmail.com> <201007022258.29863.jmc-freebsd2@milibyte.co.uk>
next in thread | previous in thread | raw e-mail | index | archive | help
On 02/07/2010 22:58, Mike Clarke wrote: > On Friday 02 July 2010, Ed Flecko wrote: > >> Since I will be doing a custom kernel at some point, I won't use >> freebsd-update, I'm using cvsup instead. > > The alternative would be to just use the source code patches from the > security-advisories mailing list. That way you don't have to rebuild > the whole base system each time, though some of the patches will > require the kernel to be rebuilt. > That's what I used to do and it works. Only trouble is that in some cases it turns out that it's not enough to simply follow instructions from security advisory. You have to manually make other parts of the system otherwise updating will fail. I found it somewhat confusing and time consuming. Now I'm using freebsd-update with my custom built kernel and it also works fine. I just have to remember to rebuild and reinstall my kernel every time after using freebsd-update (or in fact only when kernel code is affected). That way I got very quick and no-brainer system updates. Is it not advised to do it this way? Michael
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?4C3B6D7A.90603>