Date: Wed, 22 May 2013 13:23:39 -0700 From: Ed Flecko <edflecko@gmail.com> To: freebsd-questions@freebsd.org Subject: Re: Keeping my system up to date with CTM or subversion? Message-ID: <CAFS4T6avtrKH3BHSBzPMxoBPcS3tuWfvFAW7ZuZvZm7MNGuNBg@mail.gmail.com> In-Reply-To: <CA%2B8gk9-AaTU35=OGA189o-9q_Z4gOe9b0ogwfsSHgBPTBCwExw@mail.gmail.com> References: <CAFS4T6aVmg%2BRJzGVHW==nhe8mGE0uEUdSRYaJSC=OBw-uajKdQ@mail.gmail.com> <CA%2B8gk9-AaTU35=OGA189o-9q_Z4gOe9b0ogwfsSHgBPTBCwExw@mail.gmail.com>
next in thread | previous in thread | raw e-mail | index | archive | help
Alexandre, Yes, that helps - thank you. So once you have a system up and running, how do you monitor if and when you need to upgrade your ports tree? By the way, your ports tree is different than installed software packages, right? In other words, the only reason people even bother to upgrade their ports tree is so that IF you install a package from source - the source is current? Is that correct? When security vulnerabilities are discovered and patches released by FBSD, the patch will tell you what steps you need to take to apply the patch and stay up to date, won't it? Ed On Wed, May 22, 2013 at 1:00 PM, Alexandre <axelbsd@ymail.com> wrote: > On Wed, May 22, 2013 at 8:26 PM, Ed Flecko <edflecko@gmail.com> wrote: > >> I'm confused about an effective way to keep my system patched and >> up-to-date, and I'm hoping someone can clarify what seems like a lot of >> options. >> >> I'll be running a production server (so security and stability are most >> important) with a custom kernel and I want it to have all of the latest >> security patches applied. I'll install from DVD and I'll chose the optio= n >> to install both the ports and the source. >> >> After this, it sure seems like the best way, in terms of speed to downlo= ad >> any updated files, is to use CTM as a cron job, but I think the FBSD >> handbook recommends subversion? Also, I think I read that CTM won't upda= te >> documentation? Is that right? >> >> I also see some people say they use portsnap, portaudit and portupgrade. >> For example, I came across this command: >> >> portsnap fetch && /usr/sbin/portsnap update && /usr/local/sbin/portaudit >> -F >> && /usr/local/sbin/portupgrade =96aR >> >> however these utilities are used more for keeping your ports collection >> up-to-date (if you install software from ports), and not so much for >> keeping your system patched from a security perspective - isn't that >> right? >> >> Hopefully, someone can clarify my confusion. >> >> Thank you! >> >> Ed >> > > Hi Ed, > > To update my ports tree, I use "portsnap" tool. To install ports (or > upgrade them) I use "portmaster". More information here: > http://www.freebsd.org/doc/en/books/handbook/ports-using.html > To update my sources tree, I use "subversion" tool. Then I rebuild world. > More information here: > http://www.freebsd.org/doc/en/books/handbook/svn.html & > http://www.freebsd.org/doc/en/books/handbook/makeworld.html > I use subversion to update my sources tree because I am running 9-STABLE. > If you are running 9.x-RELEASE (or 8.x-RELEASE) you can use > "freebsd-update" to sync sources and install binary patchs. As you are > using custom kernel, you will have to recompile it. More information here= : > http://www.freebsd.org/doc/en/books/handbook/updating-upgrading-freebsdup= date.html > > I hope this help you. > > Kind regards, > Alexandre > > >
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?CAFS4T6avtrKH3BHSBzPMxoBPcS3tuWfvFAW7ZuZvZm7MNGuNBg>