newest security patch and custom kernel

Tue Jan 15 10:24:41 PST 2008

Well it depends ... If you know it only change the version string i
whould say no on a production server.

bye
Norman

Am Dienstag, den 15.01.2008, 16:57 +0000 schrieb John Clement:
> > The -p10 includes no kernel updates so restarting is not neccesarry.
> 
> Would it not be advisable to reboot after installing a new kernel
> anyway, to make sure it restarts ok... better that than finding out it
> doesn't boot next time to reboot...
> 
> 
> > bye
> > Norman
> > 
> > Am Dienstag, den 15.01.2008, 08:52 +0100 schrieb zbigniew szalbot:
> > > Hello again,
> > >
> > > Norman Maurer pisze:
> > > > It should be enough to just building and installing the kernel.
> The
> > > > freebsd-update should have patched the kernel src files anyway.
> > > >
> > > Thank you for very helpful advice. One last question, is it
> necessary
> > > to restart the machine? Or can I keep it online after building and
> > > installing the kernel? I don't care about uname -a details not being
> > > updated unless the machine needs restarting to include the updates.
> > >
> > > Thank you!
> > >
> > > Zbigniew Szalbot
> > > > bye
> > > > Norman
> > > >
> > > >
> > > > Am Dienstag, den 15.01.2008, 07:24 +0100 schrieb zbigniew szalbot:
> > > > > Hello,
> > > > >
> > > > >
> > > > > Norman Maurer pisze:
> > > > > > Hi,
> > > > > >
> > > > > > the /usr/src/sys* stuff should be patched anyway. But you need
> > to build
> > > > > > your kernel again and install it to reflect the changes. Even
> > if i think
> > > > > > it only update the -p10 label in the case of -p10 patch set.
> > > > > >
> > > > > OK. So this page applies to me now?
> > > > > http://www.freebsd.org/doc/en_US.ISO8859-
> > 1/books/handbook/kernelconfig-building.html
> > > > >
> > > > >    1.
> > > > >
> > > > >       Change to the /usr/src directory:
> > > > >
> > > > >       # cd /usr/src
> > > > >
> > > > >
> > > > >    2.
> > > > >
> > > > >       Compile the kernel:
> > > > >
> > > > >       # make buildkernel KERNCONF=/MYKERNEL/
> > > > >
> > > > >
> > > > >    3.
> > > > >
> > > > >       Install the new kernel:
> > > > >
> > > > >       # make installkernel KERNCONF=/MYKERNEL/
> > > > >
> > > > >
> > > > >     *Note:* It is required to have full FreeBSD source tree to
> > build the
> > > > >     kernel.
> > > > >
> > > > >
> > > > > I am interested if I need to download latest FBSD sources then?
> I
> > have
> > > > > not touched them since I built a custom kernel.
> > > > >
> > > > > Thank you!
> > > > >
> > > > > Zbigniew Szalbot
> > > > >
> > > > > > cheers
> > > > > > Norman
> > > > > >
> > > > > >
> > > > > > Am Dienstag, den 15.01.2008, 07:03 +0100 schrieb zbigniew
> > szalbot:
> > > > > > > Hello,
> > > > > > >
> > > > > > > Using freebsd-update I applied the latest security patches
> > which were
> > > > > > > announced yesterday. However, I then notice this message:
> > > > > > >
> > > > > > > The following files will be updated as part of updating to
> > 6.2-RELEASE-p10:
> > > > > > > /boot/GENERIC/kernel
> > > > > > >
> > > > > > > My question is whether my update missed the point because I
> > have a
> > > > > > > custom kernel? If so, do I need to apply it manually as
> > described in the
> > > > > > > security advisory? If I still want to go down the binary
> > road, how can I
> > > > > > > make sure my custom kernel gets patched, too?
> > > > > > >
> > > > > > > Thank you very much!
> > > > > > >
> > > > > > > Zbigniew Szalbot
> > > > > > > _______________________________________________
> > > > > > > freebsd-questions at freebsd.org mailing list
> > > > > > > http://lists.freebsd.org/mailman/listinfo/freebsd-questions
> > > > > > > To unsubscribe, send any mail to "freebsd-questions-
> > unsubscribe at freebsd.org"
> > > > > >
> > > > > >
> > > >
> > > >
> > 
> > _______________________________________________
> > freebsd-questions at freebsd.org mailing list
> > http://lists.freebsd.org/mailman/listinfo/freebsd-questions
> > To unsubscribe, send any mail to "freebsd-questions-
> > unsubscribe at freebsd.org"