On 6/19/05, [EMAIL PROTECTED] <[EMAIL PROTECTED]> wrote: > > On Mon, Jun 20, 2005 at 01:49:47AM +0200, Ingo Schwarze wrote: > > > >>... I'm not quite sure what you are talking about - neither on > >> http://www.openbsd.org/errata37.html nor on > >> http://www.openbsd.org/errata36.html > >> i'm aware of any reference to em(4). > > > > That's true, but it looks like there is a minor, unannounced patch to > > sys/dev/pci/if_em.c -- version 1.39 is -release, but version 1.39.2.1 is > > tagged for -stable. > > > > See http://www.openbsd.org/cgi-bin/cvsweb/src/sys/dev/pci/if_em.c > > > >> > (Btw: why are just critical patches listed?)). > >> > >> The patch branch is a good choice if you want to maintain > >> a system to be as stable as possible. You do not want to > >> have anything patched in there unless it is critical. > > > > And, per FAQ #5.1, the stable branch includes "...some simple fixes that > > do not merit an errata entry." This must be one of those. > > > >> ...install a clean copy from you CDROM, then apply once > >> more all the patches from > >> http://www.openbsd.org/errata??.html > > > > The other choice is to follow -stable, using AnonCVS, CVSup, > > or CTM. > > > >> ...As long as you use the patch branch, the number of patches > >> is small, so you can (and should) look at each individual > >> patch anyway, just before you apply it. Thus, automation > >> is no issue in the first place. > > > > I would agree, if one is manually applying the eratta patches manually. > > That's not *exactly* the same as following the CVS patch branch. > > But when following -stable via the CVS tree, there are indeed minor fixes > > that are not on the errata pages; these get installed as well. > > > >> ...Helping you would be easier if you explained more clearly > >> what you are trying to accomplish and why you are patching > >> so much that you lose track of what you are doing. > > > > I absolutely agree. Our assumption is a botched attempt at installing > > -stable, but we really don't know. > > > > [EMAIL PROTECTED] suggested in his thread-starting e-mail: > > > >>That would work if the users use just "make build" and if they don#t play > >>with compiler-settings. > > > > Best practice is to first rebuild the -stable kernel before building a > > -stable userland (FAQ 5.3). > > > > -Josh Grosse- > > Yes but that's not exactly what I think about. > I think about a enviroment where e.g. multiple Boxes have to be checked > and where not all Boxes have e.g. Internetacces.
What about building binary patches in one server in packages and then installing them on the rest of your servers? You could checksum these binaries and know if they were already applied to some server. http://www.openbsd.org.mx/santana/binpatch.html http://www.openbsd.org.mx/pub/check-patches -- Gerardo Santana Gsmez Garrido http://www.openbsd.org.mx/santana/ "Entre los individuos, como entre las naciones, el respeto al derecho ajeno es la paz" -Don Benito Juarez
