Re: Clarification on patching 5.5-release...
On 2015-01-17, Daniel Dickman didick...@gmail.com wrote: 1) Can patches be applied selectively and out of order? Don't do that. Actually, yes they can. If you can identify that a particular patch doesn't apply to your use of the system there's no particular need to apply it. I can't think of any patches where the order matters, though it might happen occasionally.
Re: Clarification on patching 5.5-release...
On 2015-01-17, Daniel Dickman didick...@gmail.com wrote: 1) Can patches be applied selectively and out of order? Don't do that. Actually, yes they can. If you can identify that a particular patch doesn't apply to your use of the system there's no particular need to apply it. I can't think of any patches where the order matters, though it might happen occasionally. Around 3 releases ago we noticed that our patches were becoming quite independent. That made me wonder whether we could make the descriptions less assertive. That might make people relax a bit, so they don't need to get a in a panic over a every diff for a feature they don't use. Don't worry. When diffs overlap in the future, we'll let you know. Otherwise, just track the assessments and make a decision. Risks have been quite low.
Re: Clarification on patching 5.5-release...
On Mon, Jan 19, 2015 at 08:11, Stuart Henderson wrote: On 2015-01-17, Daniel Dickman didick...@gmail.com wrote: 1) Can patches be applied selectively and out of order? Don't do that. Actually, yes they can. If you can identify that a particular patch doesn't apply to your use of the system there's no particular need to apply it. I can't think of any patches where the order matters, though it might happen occasionally. I wouldn't trust all the libssl diffs to apply cleanly out of order.
Clarification on patching 5.5-release...
Hello misc, I've got some simple questions on the patch process which I couldn't find answers to on my own. Currently I am running 5.5-RELEASE, and sitting on my 5.6 disc set waiting to upgrade. I want to make sure I've been patching my 5.5 system correctly first, though. :) 1) Can patches be applied selectively and out of order? 2) Is it necessary to reboot the system between each patch, or can a batch be applied, and then a reboot performed? 3) Early on I made what I hope is an inconsequential mistake. One of the first patches that I applied, I ran the signify command not from root, but using sudo, and didn't put sudo in the second part of the piped command. I didn't catch this until after going through the make obj, make and make install process (with sudo). When I realized the second part of the original signify command didn't work successfully as it was not run with root privileges, I just went through the process again, from the root account. Doing this seemed to be successful. Does anybody know if this would have failed for any reason? My next question is regarding patching the kernel, as is the case with the 013, 016 and 017 patches for OpenBSD 5.5-RELEASE. Unlike the other patches, kernel patches don't have explicit instructions on rebuilding the kernel. I believe I've found a correct procedure, and would like to confirm it will work. My system uses the AMD64 GENERIC.MP kernel. Is the below process correct? 1) Download the patch file and run the associated piped signify command 2) Then, run the following commands: cd /usr/src/sys/arch/amd64/conf config GENERIC.MP cd ../compile/GENERIC.MP make depend make make install reboot If this process is incorrect, what would I do instead? How would I back up the old kernel? Finally, I arrive at my last question, and it relates to another careless mistake on my part. :( I downloaded the sig files, and ran the associated signify commands for patch 013 and 016 before realizing they were kernel patches and I didn't know how to recompile the kernel yet. I caught 017 luckily (fool me thrice?). Is it a problem that the source patches for 013 and 016 have both been applied, without going through the make process between? If so, is there a way I can revert the 016 source patch so I can first make and install the 013 patch? If not, is it safe to recompile the kernel with both source patches in place? If yes, I assume it would also be safe to throw in 017 as well so I can get all three patches in with a single compile, correct? Many thanks to anybody who can assist me! :) Warm regards, Andrew Lester
Re: Clarification on patching 5.5-release...
Hi Andrew, On Sat, Jan 17, 2015 at 4:13 PM, Andrew Lester martinblan...@gmail.com wrote: Hello misc, I've got some simple questions on the patch process which I couldn't find answers to on my own. Currently I am running 5.5-RELEASE, and sitting on my 5.6 disc set waiting to upgrade. I want to make sure I've been patching my 5.5 system correctly first, though. :) You don't need to apply the 5.5 patches to upgrade to 5.6. Use your CD to upgrade to 5.6 and then apply the 5.6 errata. 1) Can patches be applied selectively and out of order? Don't do that. 2) Is it necessary to reboot the system between each patch, or can a batch be applied, and then a reboot performed? Read the instructions at the top of each patch. If it says to reboot, reboot. Obviously if you update your kernel you should reboot at the end. 3) Early on I made what I hope is an inconsequential mistake. One of the first patches that I applied, I ran the signify command not from root, but using sudo, and didn't put sudo in the second part of the piped command. I didn't catch this until after going through the make obj, make and make install process (with sudo). When I realized the second part of the original signify command didn't work successfully as it was not run with root privileges, I just went through the process again, from the root account. Doing this seemed to be successful. Does anybody know if this would have failed for any reason? I've no idea what you did. Follow the instructions and you won't have a problem. My next question is regarding patching the kernel, as is the case with the 013, 016 and 017 patches for OpenBSD 5.5-RELEASE. Unlike the other patches, kernel patches don't have explicit instructions on rebuilding the kernel. I believe I've found a correct procedure, and would like to confirm it will work. My system uses the AMD64 GENERIC.MP kernel. Is the below process correct? See the FAQ: http://www.openbsd.org/faq/faq5.html#BldKernel [...snip] Finally, I arrive at my last question, and it relates to another careless mistake on my part. :( I downloaded the sig files, and ran the associated signify commands for patch 013 and 016 before realizing they were kernel patches and I didn't know how to recompile the kernel yet. I caught 017 luckily (fool me thrice?). Is it a problem that the source patches for 013 and 016 have both been applied, without going through the make process between? If so, is there a way I can revert the 016 source patch so I can first make and install the 013 patch? If not, is it safe to recompile the kernel with both source patches in place? If yes, I assume it would also be safe to throw in 017 as well so I can get all three patches in with a single compile, correct? Don't waste your time on this, upgrade to 5.6 then follow the instructions for all the errata and you should be in good shape..