portmaster best practices

Victor Sudakov vas at mpeks.tomsk.su
Mon Jan 23 10:32:37 UTC 2012

Hello portmaster users,

If portaudit shows that some installed packages have vulnerabilities,
what do you usually do?

Do you upgrade only the vulnerable packages, or vulnerable packages
and dependent packages (portmaster -r), or perhaps all packages
(portmaster -a)? Or do you "pkg_delete -a" all packages first and then
reinstall from scratch (from `portmaster --list-origins` perhaps)?

I am a bit uneasy about "portmaster -a" because, for example, in the
output below it intends to install a package which is already

pg01-sibptus# portmaster -n -a
===>>> Gathering distinfo list for installed ports

	Upgrade php5-ldap-5.3.5_1 to php5-ldap-5.3.9
	Install net/openldap24-sasl-client
	Upgrade postgresql-server-9.0.1 to postgresql-server-9.0.6_3
	Upgrade tcl-8.5.9 to tcl-8.5.11
	Upgrade vim-7.3.81 to vim-7.3.121
	Install devel/gettext

===>>> Proceed? y/n [y] n

===>>> If you would like to upgrade or install some, but not
       all of the above try adding '-i' to the command line.
pg01-sibptus# pkg_info -xo openldap
Information for openldap-sasl-client-2.4.24:


Victor Sudakov,  VAS4-RIPE, VAS47-RIPN
sip:sudakov at sibptus.tomsk.ru

More information about the freebsd-questions mailing list