"Online" Updating of OpenSSL
khatfield at socllc.net
khatfield at socllc.net
Thu Jun 12 17:46:45 UTC 2014
There are a few ways to do it and I'm certain there is an easier method than what I'm recommending. However, you can use portmaster, for example. You could also use this wrapper script:
http://www.charlieroot.de/bsd/pkg_depends.pl
With no arguments you're going to pull everything. I would recommend looking at running services and using this script to view the dependencies per service package.
Ensuring that (of course) restart all services with open ports after the upgrade. (Web/email/ssh/etc)
Best of luck
> On Jun 12, 2014, at 10:52 AM, "Florian Heigl" <florian.heigl at gmail.com> wrote:
>
> Hi,
>
> I suppose we pretty much all went through some updates since April.
> So far, I have been rebooting the affected systems during the OpenSSL updates to make sure the services are all properly restarted.
>
>
> I’d like to switch to some kind of restarting only the affected services, as that would minimize the downtimes from minutes to seconds.
>
> But how do you identify the affected applications and relate them to scripts in /etc/rc.d /usr/local/etc/rc.d ?
>
> How are you guys handling it?
>
> - Identifying what’s really linked to openssl / gnutls / whatever
> - Restarting gracefully at the right time
>
> Greetings,
> Florian
> _______________________________________________
> freebsd-isp at freebsd.org mailing list
> http://lists.freebsd.org/mailman/listinfo/freebsd-isp
> To unsubscribe, send any mail to "freebsd-isp-unsubscribe at freebsd.org"
More information about the freebsd-isp
mailing list