>     I want to ask why userland , base-system and Kernel are together ?! 

Because some userland programs make assumptions on internal kernel
structures. Examples: top, fstat, fsck, ...

And, most important: Every compiled application needs libc as a wrapper
for system calls (which toggle all kinds of actions in the kernel).
You can imagine what happens if your libc does not match your kernel
version, and something really important changed.

> What
> is the meaning of this . I mean sync. all source and start to build new
> system from the beginning is to hard , it takes too much time and can have
> some risk .I don't understand How ISP can use FreeBSD because at the
> building time , machine will be off. Okey Maybe yahoo can use it because
> it's clustered environment and it's easyly remove one of the machine install
> new version or patch it if any problem occur it can be reinstalled after
> that making standart configuration now it's ready.

You will find a test and build machine on almost any _professional_
installation (independently, if FreeBSD is used as OS).

>     I think that Kernel must be seperate of userland because it's managing
> and controling processes and I don't need rebuild kernel too much if I have
> no problem with device driver or if I don't need to add something  to kernel
> for support ( instead of Firewall or like important things ) .
>     Why some programs are in base system . What is the meaning of Sendmail
> or SSH in base system . Programs are only executable things What is the
> relation about those programs with base system ?!

Because FreeBSD is more than a kernel, but a full Operating System, and
as therefore it needs software for basic services like email, remote
login, ...

>        in list Some members said that I can patch a system with watching
> Security Advisories but same people said that " Sometimes it'wont and I have
> to do full kernel / world / build / plus install and reboot "  Why ?  What
> is the problem ?!

Of course, you can perform an update for a userland application in
FreeBSD without a reboot.

The benefit of tracking one of the security branches and doing the full
buildworld procedure is, that you are using a well-defined snapshot of
the FreeBSD source repository. When you see a security advisory, and you
update to the latest security release, you can be sure, that your system
will still work afterwards (a.k.a QA provided by the FreeBSD security
team). If you don't want to track that branch, there are still the
pointers to patches that apply against supported releases. Due to the
lack of man power, older versions of FreeBSD cannot be supported for

And if you dislike the idea of keeping your sources up-to-date, there is
also a binary security update mechanism:


>     Which list I have to watch for which Relese will have production quality
> ?!!

At the present, you should install FreeBSD 4.9 and either update to the
latest security release _or_ use the freebsd-update port. Once you use
the source method, you will not be able to use the binary updates since
the patches won't probably apply.


Attachment: signature.asc
Description: Digital signature

Reply via email to