Port Upgrades

Matthew Seaman m.seaman at infracaninophile.co.uk
Wed Jan 21 02:21:27 PST 2004


On Wed, Jan 21, 2004 at 01:55:38AM -0800, Loren M. Lang wrote:
> When I install a new port, does it upgrade any already installed ports
> if the new port depends on them.  And to upgrade any security fixes,
> just running cvsup on the ports tree, then running portupgrade?

Generally, no.  If you go into the port directory and delete and
re-install the port, it won't check that all of the dependencies are
up to date.  portupgrade(1) is the solution to that and other
considerations of keeping an array of ported software up to date.

There's no distinction made between updates to the ports tree to close
security holes or to introduce new features.  You should set up a
watch on the ports you're interested in at http://www.freshports.org/
-- the commit log messages will tell you why ports were updated.
 
> Also, is there any way to automate this, I have a freebsd mail server
> setup for a company that I may not get to visit very often.  Then again,
> it may not be the wisest to upgrade software with no one to monitor it.

It usually helps to have a spare system you can run the same software
on, to test out any updates before you apply them to the production
server.  It's also good to have good backups and be capable of backing
out any changes if necessary.
 
> Is there any way to select just major security and avoid upgrading ports
> that just add features?

Only by keeping a close eye on commit messages in the ports CVS,
following the freebsd-ports@ mailing list, and by general awareness of
security issues around the net.
 
> And does the freebsd kernel also get upgraded.  Would I have to
> reinstall it or would the port do it automatically?

No, updating the ports is a completely separate operation to updating
the base system.  Unlike dealing with ports, by tracking one of the
security branches of the OS, you will automatically get just the
security fixes and any really vital bug-fixes.  You can receive
notifications of problems in the base system by subscribing to the
freebsd-announce at ... and freebsd-security at ... lists.

Updating the base system involves compiling and reinstalling all of
the userland utilities, system shared libraries etc.  You have to
recompile and reinstall the kernel in synch with that, or various
utilities like top(1) and ps(1) will cease to work.

	Cheers,

	Matthew

-- 
Dr Matthew J Seaman MA, D.Phil.                       26 The Paddocks
                                                      Savill Way
PGP: http://www.infracaninophile.co.uk/pgpkey         Marlow
Tel: +44 1628 476614                                  Bucks., SL7 1TH UK
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 187 bytes
Desc: not available
Url : http://lists.freebsd.org/pipermail/freebsd-questions/attachments/20040121/82d56c46/attachment.bin


More information about the freebsd-questions mailing list