FreeBSD Update is the binary update solution [Re: HEADS UP: Release schedule for 2006]

Scott Long scottl at samsco.org
Sat Dec 17 17:19:26 PST 2005


Peter Jeremy wrote:
> On Sat, 2005-Dec-17 23:35:34 +0100, Kövesdán Gábor wrote:
> 
>>I agree. And after all, tracking a security branch isn't too difficult, 
> 
> ...
> 
>># cd /usr/src
>># patch < /path/to/patch
>># cd /usr/src/gnu/usr.bin/cvs/cvsbug
>># make obj && make depend && make && make install
>># cd /usr/src/gnu/usr.bin/send-pr
>># make obj && make depend && make && make install
>>
>>Is that difficult?
> 
> 
> Speaking as a developer, I think it's trivially easy.
> 
> As an end user, I don't think this is acceptable.  Firstly, it
> requires that the user has installed the src distribution - which is
> optional.  Secondly, the user is expected to use development tools
> without understanding what they do - this is scary for them.  Running
> the above commands is OK as long as nothing goes wrong but the
> "support" group (who inhabit -questions and answer seemingly silly
> questions) are going to have to cope with people who've made a typo
> somewhere in the sequence and can't explain exactly what they did -
> without putting them off FreeBSD.
> 
> I think FreeBSD Update shows the way forward but IMHO there needs to
> be an "official" binary update tool accessible from www.freebsd.org.
> 

FreeBSD Update was written by, and is continuously maintained by the
actual FreeBSD Security Officer.  It's as official as it gets.  If
the only barrier to acceptance is that it's not distributed from the
FreeBSD.org domain, then a) that's a silly argument, and b) it's easily
solvable so long as Colin agrees.

Scott


More information about the freebsd-current mailing list