Questions about patches
Colin Percival
colin.percival at wadham.ox.ac.uk
Thu Apr 10 07:09:24 PDT 2003
At Tue, 8 Apr 2003 18:24:59 -0700, Chris Miller wrote:
>I've scoured the FreeBSD site and other resources for a
>couple of days, but I've found no binary way of patching the OS as I'm
>accustomed to doing with BSD/OS and RedHat. So my first question is;
>Is/will there be a better method of patching the core OS in the future
>that addresses only the affected components?
You're probably looking for http://www.daemonology.net/freebsd-update/
It only addresses the core OS, and only works if you're starting from a
binary install of FreeBSD, but it will keep you up to date on the
appropriate security branch. I'm building updates for 4.7 and 4.8 right
now, but if you don't trust me (and there's no reason why you should) the
code is there for anyone to build the updates themselves.
Hopefully this will get into the ports tree some day (*cough*
ports/50202 *cough*) but it isn't there yet.
> From what I can surmise, the proceedure for patching
>applications in a multi server environment is to update the ports tree and
>to build/install/test these on a build server, and then package them up
>and install them remotely via pkg_add. Questions; 1. Is this the best way
>to apply patches to applications? 2. Are there any plans to provide a
>better notification system when applications are patched similar to what
>RedHat has done with Bugzilla?
Yes, that's probably the best way to keep your installed ports up to
date. Go to freshports.org and register to receive email about updates to
the ports you use.
Colin Percival
PS. I'm not subscribed to -questions, so make sure you CC me if you expect
a response.
More information about the freebsd-questions
mailing list