Re: No updates needed to update system to 6.2-RELEASE-p7?
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Rakhesh Sasidharan wrote: Philip M. Gollucci wrote: It might be nice to have freebsd-update update this portion of the kernel even if thats the only part thats updated. What me bugs most is that if you do make installworld, freebsd-update still wants to update everything. By the way, is there some way I can verify that my system has been patched for the newer updates? (Just so that I get the nagging feeling off my head that something's not alright). Some way I can check the named executable for instance to see its the latest ...? That indeed would be nice. Peter - -- http://www.boosten.org -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.3 (MingW32) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iD8DBQFGuq2Srvsez6l/SvARAlqNAJ9PAS43auLnJhIYFMSYAchEjTTxsgCgzdJX 9CEDdwjHG8CG1MINhbF+kWM= =Krd8 -END PGP SIGNATURE- ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: No updates needed to update system to 6.2-RELEASE-p7?
What me bugs most is that if you do make installworld, freebsd-update still wants to update everything. Oh, why does it do that? freebsd-update maintains a separate database or something of what's to be updated and not? Regards, Rakhesh ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: No updates needed to update system to 6.2-RELEASE-p7?
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Rakhesh Sasidharan wrote: What me bugs most is that if you do make installworld, freebsd-update still wants to update everything. Oh, why does it do that? freebsd-update maintains a separate database or something of what's to be updated and not? Yup, probably. Also (I think) there's no synchronisation between freebsd-update and options you set in /etc/make.conf (again, I'm not sure about this, but I do not want to try). For instance: in my make.conf is NO_BIND=true, because I upgraded to bind 9 long time ago and update it from ISC source. The latest patches however wanted to overwrite my named. Enough wining however: freebsd rocks :-) Peter - -- http://www.boosten.org -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.3 (MingW32) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iD8DBQFGurbhrvsez6l/SvARAiF0AJ9bh+WV4Gh5P/35uAg1tlr67xXYogCffs+6 vedpJU0m8kexhJXJeSt8NwY= =+1UA -END PGP SIGNATURE- ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: No updates needed to update system to 6.2-RELEASE-p7?
Peter Boosten wrote: -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Rakhesh Sasidharan wrote: What me bugs most is that if you do make installworld, freebsd-update still wants to update everything. Oh, why does it do that? freebsd-update maintains a separate database or something of what's to be updated and not? Yup, probably. Also (I think) there's no synchronisation between freebsd-update and options you set in /etc/make.conf (again, I'm not sure about this, but I do not want to try). For instance: in my make.conf is NO_BIND=true, because I upgraded to bind 9 long time ago and update it from ISC source. The latest patches however wanted to overwrite my named. Enough wining however: freebsd rocks :-) Touche! FreeBSD rocks! :) freebsd-update does binary updates. I guess that's why it doesn't honour the options in make.conf? But what you say is a point nevertheless. If I were to use the newer version of BIND from ports (for instance), then freebsd-update would end up replacing it ... hmm, not nice. Maybe there's some way to ignore certain stuff through freebsd-update.conf(5)? The IgnorePaths setting seems an option where one can set paths to be ignore ... I suppose that can be used in such a situation? (Any examples anyone?) Regards, Rakhesh ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
No updates needed to update system to 6.2-RELEASE-p7?
Hi, I had asked this question a few days earlier in another thread. Didn't get any replies, so asking it again in a post of its own. My FreeBSD 6.2 system is currently on 6.2-RELEASE-p4. I use freebsd-update to keep my system up-to-date and I've noticed that offlate there doesn't seem to be any updates to my system. Here's the update of a ''freebsd-update fetch'' on my system for instance: $ freebsd-update fetch Looking up update.FreeBSD.org mirrors... 1 mirrors found. Fetching metadata signature from update1.FreeBSD.org... done. Fetching metadata index... done. Inspecting system... done. Preparing to download files... done. No updates needed to update system to 6.2-RELEASE-p7. $ uname -a FreeBSD asterix 6.2-RELEASE-p4 FreeBSD 6.2-RELEASE-p4 #0: Thu Apr 26 17:40:53 UTC 2007[EMAIL PROTECTED]:/usr/obj/usr/src/sys/GENERIC i386 Is that normal? I mean, there obviously seems to be a 6.2-RELEASE-p7 but then why isn't my system getting updated to that? Is it coz I am not using the parts that are affected by the patches to 6.2-RELEASE-p7? Or have I misconfigured something? TIA, Rakhesh ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: No updates needed to update system to 6.2-RELEASE-p7?
On Aug 8, 2007, at 11:33 AM, Rakhesh Sasidharan wrote: No updates needed to update system to 6.2-RELEASE-p7. $ uname -a FreeBSD asterix 6.2-RELEASE-p4 FreeBSD 6.2-RELEASE-p4 #0: Thu Apr 26 17:40:53 UTC 2007[EMAIL PROTECTED]:/usr/obj/usr/src/sys/ GENERIC i386 Is that normal? I mean, there obviously seems to be a 6.2-RELEASE- p7 but then why isn't my system getting updated to that? Is it coz I am not using the parts that are affected by the patches to 6.2- RELEASE-p7? Or have I misconfigured something? Not all security patches involve updating the kernel. The recent ones have involved changes to BIND and the symlink attack starting up jails, and thus they do not result in the version printed by your kernel in dmesg or via uname changing. -- -Chuck ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: No updates needed to update system to 6.2-RELEASE-p7?
On Wed, Aug 08, 2007 at 10:33:38PM +0400, Rakhesh Sasidharan wrote: $ freebsd-update fetch Looking up update.FreeBSD.org mirrors... 1 mirrors found. Fetching metadata signature from update1.FreeBSD.org... done. Fetching metadata index... done. Inspecting system... done. Preparing to download files... done. No updates needed to update system to 6.2-RELEASE-p7. $ uname -a FreeBSD asterix 6.2-RELEASE-p4 FreeBSD 6.2-RELEASE-p4 #0: Thu Apr 26 17:40:53 UTC 2007[EMAIL PROTECTED]:/usr/obj/usr/src/sys/GENERIC i386 Is that normal? Yes. The updates coming after 4 did not effect the kernel (which holds the release number string), just some userland programs. So the userland programs have been updated, but that hasn't changed the version string in the kernel. If you rebuild the kernel, install it and reboot you'll see -p7. Roland -- R.F.Smith http://www.xs4all.nl/~rsmith/ [plain text _non-HTML_ PGP/GnuPG encrypted/signed email much appreciated] pgp: 1A2B 477F 9970 BA3C 2914 B7CE 1277 EFB0 C321 A725 (KeyID: C321A725) pgpoSjDwwtszY.pgp Description: PGP signature
Re: No updates needed to update system to 6.2-RELEASE-p7?
Chuck Swiger wrote: Not all security patches involve updating the kernel. The recent ones have involved changes to BIND and the symlink attack starting up jails, and thus they do not result in the version printed by your kernel in dmesg or via uname changing. I see. Thanks. Didn't realize that only when the kernel gets updated does the suffix change to -p7. I was under the impression that all updates change the kernel string to -p7 just to show that there's been some updates. Thanks again. Regards, Rakhesh ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: No updates needed to update system to 6.2-RELEASE-p7?
Rakhesh Sasidharan wrote: Chuck Swiger wrote: Not all security patches involve updating the kernel. The recent ones have involved changes to BIND and the symlink attack starting up jails, and thus they do not result in the version printed by your kernel in dmesg or via uname changing. I see. Thanks. Didn't realize that only when the kernel gets updated does the suffix change to -p7. I was under the impression that all updates change the kernel string to -p7 just to show that there's been some updates. That actually sounds like a bad thing IMHO. Because not -p4 is not -p4 -p4 = -p7 but for others it might =-p5 depending on the last time they updated. It might be nice to have freebsd-update update this portion of the kernel even if thats the only part thats updated. -- Philip M. Gollucci ([EMAIL PROTECTED]) 323.219.4708 Senior System Admin - Riderway, Inc. http://riderway.com 1024D/EC88A0BF 0DE5 C55C 6BF3 B235 2DAB B89E 1324 9B4F EC88 A0BF Work like you don't need the money, love like you'll never get hurt, and dance like nobody's watching. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: No updates needed to update system to 6.2-RELEASE-p7?
Philip M. Gollucci wrote: I see. Thanks. Didn't realize that only when the kernel gets updated does the suffix change to -p7. I was under the impression that all updates change the kernel string to -p7 just to show that there's been some updates. That actually sounds like a bad thing IMHO. Because not -p4 is not -p4 -p4 = -p7 but for others it might =-p5 depending on the last time they updated. It might be nice to have freebsd-update update this portion of the kernel even if thats the only part thats updated. I second that. Was confusing to me atleast, and I kept wondering all this file if something was wrong with my setup. Would be nice if the kernel was given a version bump to -p7 or whatever. Maybe its not possible for other practical reasons, in which perhaps the man page could mention this fact? By the way, is there some way I can verify that my system has been patched for the newer updates? (Just so that I get the nagging feeling off my head that something's not alright). Some way I can check the named executable for instance to see its the latest ...? Thanks, Rakhesh ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
