clarification of cvsup process.
Greg Groth
ggroth at gregs-garage.com
Thu Jun 15 19:31:02 UTC 2006
I have a FreeBSD 6.0 server that I manage that is used as a DNS / mail
server. In the wake of the recent sendmail security announcement, I'd
like to make sure I'm keeping the thing up to date. I tried to run the
patch as listed in the announcement, but the patch just seemed to hang,
so I killed the process and decided to go the cvsup route. now I
understand the whole cvsup process, as well as updating ports, but the
whole release tag thing still has me confused. If possible could
someone tell me if I'm doing this right or not, or have someone tell me
what I'm doing wrong.
I'm only interested in updating the system when a security need arises,
and have no desire to live on the "cutting edge". I handle the ports
through portaudit/portsnap/portmanager, and am looking to only update
the case system with cvsup.
Here is the list of commands I run to update the system.
# cvsup /usr/local/greg/cvsupfile
Contents of cvsupfile:
*default host=cvsup6.FreeBSD.org
*default base=/var/db
*default prefix=/usr
*default release=cvs tag=RELENG_6_0
*default delete use-rel-suffix
src-all
*default tag=.
# cd /usr/src
# make buildworld
# make buildkernel
# make installkernel
# reboot
After rebooting into single user mode:
# fsck -p
# mount -u /
# mount -a -t ufs
# swapon -a
# adjkerntz -i
# mergemaster -p
# make installworld
# mergemaster
# reboot
After rebooting:
# cd /etc/mail
# make all
# make install
# make restart
And that's it. I do the stuff in /etc/mail since I'm not sure running
make buildworld will update the cf files. The last patch that came out,
I did the same thing I outlined above, but I did not notice a change in
the version number of Sendmail when telnetting to it. I did a search
through the security notice, and took a look at all of the source files
on my machine that were updated. Although I could not find a version
number anywhere, I noticed that the timestamp for all of the affected
files had changed to the date listed in the announcement. I'm not sure
if Sendmail reports it's version from something hardcoded in the binary,
or if it comes from the cf file.
So does this look right? Or am I missing something obviously stupid?
Is my cvsupfile correct for what I want it to do?
TIA
Greg Groth
More information about the freebsd-questions
mailing list