cvsup tag for ports

Erik Trulsson ertr1013 at
Sat Feb 10 23:06:41 UTC 2007

On Sat, Feb 10, 2007 at 02:06:37PM -0800, Michael wrote:
> Hello everyone,
> I'm building a production server and I have what may seem to be a very 
> simple question so I hope it only requires a simple answer.
> As I've studied the FreeBSD Handbook as well as the man pages for this, 
> it's still not clear to me which tag I should use for a production server.
> For my sources I always use the security branch for the release we are 
> using so that they stay stable and also plug most of the security issues 
> as they arise and so the sources tag is always RELENG_6_2.
> For the ports, the default tag is always tag=. which I'm not sure is the 
> best thing for a production server since that's the tab for -CURRENT.  
> On one hand it makes sense to track that branch for ports because that's 
> where fixes would go for applications as they find them, but I'm not 
> convinced this is the best thing for a production server and wonder if I 
> should also use the security branch for the ports.
> My first question is, does any real security fixes go into the ports 
> when you pull from a security branch?  In other words, do maintainers 
> actually submit fixes to that branch for the ports?
> I have a similiar question for the docs as well, should we be tracking 
> only the security branch when using cvsup for sources, ports and doc's?

Neither the ports tree nor the docs tree is branched.  I.e. there is no
security branch for ports.  
On the other hand you are not required to update installed ports/packages
just because you update the ports tree.

<Insert your favourite quote here.>
Erik Trulsson
ertr1013 at

More information about the freebsd-questions mailing list