Question about security updates.

rotten rottie r0tt13 at hotmail.com
Wed Dec 3 11:42:32 PST 2003 

here is a better example:

As you can see there is no port/package installed called openssh/ssh ....

vanapps01# pkg_info
cvsup-without-gui-16.1f General network file distribution system op
VS
expat-1.95.5        XML 1.0 parser written in C
ezm3-1.0            Easier, more portable Modula-3 distribution for
gettext-0.11.5_1    GNU gettext package
gmake-3.80          GNU version of 'make' utility
libiconv-1.8_2      A character set conversion library
libtool-1.3.4_4     Generic shared library support script


But ssh is installed by default during a stand/min install ....

vanapps01# whereis sshd
sshd: /usr/sbin/sshd /usr/share/man/man8/sshd.8.gz 
/usr/src/secure/usr.sbin/ssh

If you cvsup the src you can build a new one by going in openssh dir and 
typing make sshd ....

vanapps01# pwd
/usr/src/crypto

vanapps01# ls -la
total 18
drwxr-xr-x   6 root  wheel   512 Dec  2 20:48 .
drwxr-xr-x  20 root  wheel   512 Dec  2 21:22 ..
-rw-r--r--   1 root  wheel   520 Feb  9  2001 README
drwxr-xr-x  14 root  wheel  1024 Dec  2 20:45 heimdal
drwxr-xr-x   5 root  wheel  5120 Dec  2 20:46 openssh
drwxr-xr-x  15 root  wheel  1024 Dec  2 20:48 openssl
drwxr-xr-x   6 root  wheel   512 Dec  2 20:48 telnet

My questions pertain to this example .. ie if ssh had a bug which do you 
update ?? src/or ports ?? which is proper ?? Do I not install ssh at install 
time so I can install a port of ssh ?? or is there an easy way and I am 
making it complex ?

Thanks for you help so far ..

>From: "Pratt, Benjamin E." <bepratt at STCLOUDSTATE.EDU>
>To: rotten rottie <r0tt13 at HOTMAIL.COM>, freebsd-newbies at freebsd.org
>Subject: RE: Question about security updates.
>Date: Wed, 03 Dec 2003 13:20:04 -0600
>MIME-Version: 1.0
>Received: from tigger.stcloudstate.edu ([199.17.25.5]) by 
>mc12-f36.hotmail.com with Microsoft SMTPSVC(5.0.2195.6713); Wed, 3 Dec 2003 
>11:20:06 -0800
>Received: from exchange7.stcloudstate.edu ("port 29322"@[199.17.25.221]) by 
>TIGGER.STCLOUDSTATE.EDU (PMDF V6.2 #30669) with ESMTP id 
><01L3RECGTPQ600FFI5 at TIGGER.STCLOUDSTATE.EDU> for r0tt13 at HOTMAIL.COM; Wed, 
>03 Dec 2003 13:25:38 -0600 (CST)
>Received: from exchange.campus.stcloudstate.edu ([199.17.25.200]) by 
>exchange7.stcloudstate.edu with Microsoft SMTPSVC(5.0.2195.6713); Wed, 03 
>Dec 2003 13:20:04 -0600
>X-Message-Info: JGTYoYF78jHY9kzcWthfX8tUHvk/DNkI
>Return-path: <bepratt at STCLOUDSTATE.EDU>
>Message-id: 
><4F752E686C8E04449DCB9FA7C3BD967471822D at EXCHANGE.campus.stcloudstate.edu>
>X-MIMEOLE: Produced By Microsoft Exchange V6.0.6375.0
>Thread-Topic: Question about security updates.
>Thread-Index: AcO5ymD5t417PDTMSGerGCUMaSPvvwAB0DsA
>content-class: urn:content-classes:message
>X-MS-Has-Attach: yes
>X-MS-TNEF-Correlator:
>X-OriginalArrivalTime: 03 Dec 2003 19:20:04.0483 (UTC) 
>FILETIME=[74787D30:01C3B9D2]
>
>rottie -
>
>I'm fairly new to FreeBSD as well (a converted Mandrake user) and I have
>attached my little cheat sheet about working with the ports tree and
>running updates.
>
>From what I understand, the ports tree is not installed software, it's
>just a list of everything that can be installed and a location to easily
>install it.  Just because you have /usr/ports/security/ssh/ in your
>ports tree does not mean that it is installed.
>
>I hope that my attached file helps.  It's just what I've compiled into
>one place from my questions in different discussions and reading
>http://www.freebsd.org/handbook/.
>
>Good luck,
>
>Ben
>
>-----Original Message-----
>From: rotten rottie [mailto:r0tt13 at hotmail.com]
>Sent: Wednesday, December 03, 2003 12:21 PM
>To: freebsd-newbies at freebsd.org
>Subject: Question about security updates.
>
>I am a linux user that wants to switch to freebsd... I am a bit confused
>
>about applying updates etc..
>
>I installed a box for trial it was 5.1, I wanted to see if I could use
>ports
>to update openssh for a test examp. After the port installed I noticed
>that
>another version of openssh was installed on the system. I talked with a
>friend and he said that it was part of usr/src and I could update it by
>compiling the usr.bin version.. which was fine and worked. Here are my
>questions:
>
>1) if there are two trees(lack of better words) why would ssh exit in
>both
>the system tree and the ports tree ? Wouldnt it be better to have it in
>the
>ports tree ?
>
>2) I have used gentoo in the past and am curious if there is something
>simular to emerge -up world/system -- I would like to cvs the ports/sys
>and
>then be able to see if anything need upgrading .. is this possible ?
>
>3) Say there was a update to openssh .. which would be the proper way to
>
>update .. sync the sys tree and then just update ssh .. or sync the tree
>and
>recompile the system ? or remove the sys version and install the port
>version and update the port ?
>
>I am very happy with freebsd .. Im still in the exploring stage .. The
>reasons for my questions is that I am a little weary of using freebsd in
>
>production if I dont easily know when updates are avail, having to
>recompile
>the system everytime I need a patch for a service.
>
>Thanks for helping me convert,
>rottie
>
>_________________________________________________________________
>Tired of slow downloads and busy signals?  Get a high-speed Internet
>connection! Comparison-shop your local high-speed providers here.
>https://broadband.msn.com
>
>_______________________________________________
>freebsd-newbies at freebsd.org mailing list
>http://lists.freebsd.org/mailman/listinfo/freebsd-newbies
>To unsubscribe, send any mail to
>"freebsd-newbies-unsubscribe at freebsd.org"
><< BSD_Software.txt >>

_________________________________________________________________
Our best dial-up offer is back.  Get MSN Dial-up Internet Service for 6 
months @ $9.95/month now! http://join.msn.com/?page=dept/dialup

More information about the freebsd-newbies mailing list