> I want to ask why userland , base-system and Kernel are together ?!
Because some userland programs make assumptions on internal kernel structures. Examples: top, fstat, fsck, ... And, most important: Every compiled application needs libc as a wrapper for system calls (which toggle all kinds of actions in the kernel). You can imagine what happens if your libc does not match your kernel version, and something really important changed. > What > is the meaning of this . I mean sync. all source and start to build new > system from the beginning is to hard , it takes too much time and can have > some risk .I don't understand How ISP can use FreeBSD because at the > building time , machine will be off. Okey Maybe yahoo can use it because > it's clustered environment and it's easyly remove one of the machine install > new version or patch it if any problem occur it can be reinstalled after > that making standart configuration now it's ready. You will find a test and build machine on almost any _professional_ installation (independently, if FreeBSD is used as OS). > I think that Kernel must be seperate of userland because it's managing > and controling processes and I don't need rebuild kernel too much if I have > no problem with device driver or if I don't need to add something to kernel > for support ( instead of Firewall or like important things ) . > > > Why some programs are in base system . What is the meaning of Sendmail > or SSH in base system . Programs are only executable things What is the > relation about those programs with base system ?! Because FreeBSD is more than a kernel, but a full Operating System, and as therefore it needs software for basic services like email, remote login, ... > > > in list Some members said that I can patch a system with watching > Security Advisories but same people said that " Sometimes it'wont and I have > to do full kernel / world / build / plus install and reboot " Why ? What > is the problem ?! Of course, you can perform an update for a userland application in FreeBSD without a reboot. The benefit of tracking one of the security branches and doing the full buildworld procedure is, that you are using a well-defined snapshot of the FreeBSD source repository. When you see a security advisory, and you update to the latest security release, you can be sure, that your system will still work afterwards (a.k.a QA provided by the FreeBSD security team). If you don't want to track that branch, there are still the pointers to patches that apply against supported releases. Due to the lack of man power, older versions of FreeBSD cannot be supported for eternity. And if you dislike the idea of keeping your sources up-to-date, there is also a binary security update mechanism: ports/security/freebsd-update > > Which list I have to watch for which Relese will have production quality > ?!! At the present, you should install FreeBSD 4.9 and either update to the latest security release _or_ use the freebsd-update port. Once you use the source method, you will not be able to use the binary updates since the patches won't probably apply. Regards, Simon
Description: Digital signature