On Wed, Jan 21, 2004 at 01:55:38AM -0800, Loren M. Lang wrote: > When I install a new port, does it upgrade any already installed ports > if the new port depends on them. And to upgrade any security fixes, > just running cvsup on the ports tree, then running portupgrade?
Generally, no. If you go into the port directory and delete and re-install the port, it won't check that all of the dependencies are up to date. portupgrade(1) is the solution to that and other considerations of keeping an array of ported software up to date. There's no distinction made between updates to the ports tree to close security holes or to introduce new features. You should set up a watch on the ports you're interested in at http://www.freshports.org/ -- the commit log messages will tell you why ports were updated. > Also, is there any way to automate this, I have a freebsd mail server > setup for a company that I may not get to visit very often. Then again, > it may not be the wisest to upgrade software with no one to monitor it. It usually helps to have a spare system you can run the same software on, to test out any updates before you apply them to the production server. It's also good to have good backups and be capable of backing out any changes if necessary. > Is there any way to select just major security and avoid upgrading ports > that just add features? Only by keeping a close eye on commit messages in the ports CVS, following the freebsd-ports@ mailing list, and by general awareness of security issues around the net. > And does the freebsd kernel also get upgraded. Would I have to > reinstall it or would the port do it automatically? No, updating the ports is a completely separate operation to updating the base system. Unlike dealing with ports, by tracking one of the security branches of the OS, you will automatically get just the security fixes and any really vital bug-fixes. You can receive notifications of problems in the base system by subscribing to the [EMAIL PROTECTED] and [EMAIL PROTECTED] lists. Updating the base system involves compiling and reinstalling all of the userland utilities, system shared libraries etc. You have to recompile and reinstall the kernel in synch with that, or various utilities like top(1) and ps(1) will cease to work. Cheers, Matthew -- Dr Matthew J Seaman MA, D.Phil. 26 The Paddocks Savill Way PGP: http://www.infracaninophile.co.uk/pgpkey Marlow Tel: +44 1628 476614 Bucks., SL7 1TH UK
Description: PGP signature