I have a dev server for our developers that holds around 40 jails,
each jail has php, mysql, python etc.
The server is now 7.0 and was wondering what is the best practice to
maintain security patches and kernel updates and I came out with the
following idea :
1.- freebsd-update fetch install ( host system)
2.- rebuild kernel ( I have a custom kernel )
3.- ezjail-update -b ( update basejail for all jails )
4.- run in cron portaudit on the jails for thirty party security updates
5.- run portupgrade in case of a security update or for apps upgrade
on the jails.
I red in some forums that if you run freebsd-update you will need to
do a portuprade -fa to reinstall all the thirty party apps because
freebsd-update could upgrade or remove some libraries linked to that
programs, is this true ?, will be better to run a cvsup and instead ?
That are some points of my idea but reading on internet I finished
more confuse about how will be the best way to do this.
any ideas will more appreciate.
firstname.lastname@example.org mailing list
To unsubscribe, send any mail to