Some kind of intranet update system for FreeBSD?
infofarmer at mail.ru
Sun Apr 3 07:15:07 PDT 2005
Fabian Keil wrote:
> "Andrew P." <infofarmer at mail.ru> wrote:
>>>>I dream about a server running on my main machine,
>>>>which gets queries from intranet freebsd boxes that
>>>>want to be updated. The server negotiates with each
>>>>client and acts as requested:
>>>> 1.1) fetches a binary package, or
>>>> 1.2) fetches a source package, or
>>>> 1.3) finds a binary/source in its cache, and
>>>> 2) builds a package if needed, and
>>>> 3) gives binary/source to the client
>>>Its doable, providing both boxes have identical CPU's and
>>>the port build options on both have the same options. If the CPU's
>>>are not identical are you willing to build every thing to the lowest
>>>common denominator such as CPUTYPE?=i486 ? If this is the
>>>case then really all you have to do is make sure you have
>>>a /usr/ports/packages dir on one machine then upgrade portmanager -u.
>>>This will put a package for everything upgraded
>>>into /usr/ports/packages/All. nfs share /usr/ports/packages/All
>>>directory with the other machine and on that one upgrade with something
>>>like portupgrade -aP.
>>Thanks, I'll try to do this via ftp. What about the
>>system itself? Is there an easy way to copy all the
>>binaries from one box to another?
> Your building machine can share /usr/src/ via nfs.
> You can then do a "make buildworld" on the server
> and "make installworld" on every machine.
> If the kernels are the same, you can use the same build
> on every machine as well. As Michael has already mentioned,
> you have to keep /etc/make.conf general.
So basically, to substantially facilitate the update
process all we have to do is to share /usr/src and
Will it be ok to share them read-only if I do all the
building on the server?
Is it a serious security issue to give recursive
read-access to these folders to maliscious parties?
(I mean besides of letting them know versions of
all your server software).
P.S. Still, IMHO a nicely-designed port would be
great. I mean we do have portupgrade for crying out
loud. If we have something for a network of freebsd
boxes, we could start talking enterprise-level
P.P.S. What a pity that we don't have tarfs/ftpfs.
Okay, that's just a sidenote.
More information about the freebsd-questions