[NEWBIE] security updates?
Konrad Heuer
kheuer2 at gwdg.de
Fri May 2 05:07:53 PDT 2003
On Fri, 2 May 2003, Christian Traber wrote:
> I just installed freebsd5 and want to use it as a vpn-gateway.
> I found some security updates, but how can I install them?
> Do I really have to build everything from source? My BSD box
> has only a very small HD (< 1GB) and I don't want the
> downtime for a 'make world'.
>
> How do you make such updates on a production server?
Many security updates do not require to rebuild the whole os. Maybe you
need to rebuild and reinstall the kernel, which takes much less time and
can be done while the server is in normal operation. Sometimes only some
specific utility or daemon needs to be updated; here it is sufficient to
just restart the daemon.
If a full rebuild is required, you can split "make world" and still do the
time-consuming "make buildworld" in normal multi-user mode; downtime is
than limited to the "make installworld" process which needs much less
time.
If your harddisk is too small, you can make kernel and world on a
different system, export /usr/src and /usr/obj via NFS and mount them on
your server to install kernel and world.
But you're true, you need the whole source code if you want security.
Regards
Konrad Heuer (kheuer2 at gwdg.de) ____ ___ _______
GWDG / __/______ ___ / _ )/ __/ _ \
Am Fassberg / _// __/ -_) -_) _ |\ \/ // /
37077 Goettingen /_/ /_/ \__/\__/____/___/____/
Germany
More information about the freebsd-questions
mailing list