On Monday, March 08, 2004 1:56:24 PM [EMAIL PROTECTED] wrote:

|>Date: Mon, 8 Mar 2004 12:22:09 -0500
|>From: Bart Silverstrim <[EMAIL PROTECTED]>
|>Subject: Re: Update utility
|>To: "Ioannis Vranos" <[EMAIL PROTECTED]>
|>Cc: FreeBSD Questions Mailing List <[EMAIL PROTECTED]>
|>Content-Type: text/plain; charset=US-ASCII; format=flowed
|>On Mar 8, 2004, at 12:15 PM, Ioannis Vranos wrote:
|>> Is there any utility in FreeBSD 4.9 to check for possible updates/bug 
|>> fixes
|>> via internet?
|>I *think* have have kind of a handle on this on the server I just 
|>I usually do a cvsup to update the list of the ports tree, then use a 
|>procedure I picked out of http://www.freebsddiary.org/portupgrade.php 
|>to update applications with portupgrade.
|>If anyone else has a method other than this, I'd love to know the 
|>procedure :-)
|>This only updates ports.  Updating FreeBSD, I don't know of anything 
|>other than if you find a security advisory, you have to have the src 
|>tree and patch that portion and recompile whatever had the 
|>vulnerability, following the advisory instructions.  I'm thinking that 
|>since most daemons/applications are from ports, keeping your ports tree 
|>updated should limit most remote exploits...I would be interested in 
|>knowing of a way to check whether the installation of the OS is up to 
|>date, though.

********** Reply Separator **********
Monday, March 08, 2004 3:24:31 PM

I use what many might consider a rather contorted mix of programs to
update my system.

First, I log in as root. I could use 'sudo' but I have found that at
times portupgrade does not work correctly with it. Even when I add the
'-s' switch. In any case, I run them in the following order as

1)      cvsup
2)      pkgdb -aFfuv
3)      portsdb -Uu
4)      portupgrade -aDDPrRvy
5)      periodic weekly

I am not sure if this is the absolute correct way to do things; however,
so far I have not experienced any problems doing it this way. You could
skip step five if your system is on 24/7 or at least when the cron job
is scheduled to run.

You might want to throw a 'portsclean -CDDLPP' into the mix also prior
to step five.

I am sure that others will have far better suggestions.

Gerard Seibert

[EMAIL PROTECTED] mailing list
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

Reply via email to