Keeping my system up to date with CTM or subversion?
axelbsd at ymail.com
Wed May 22 20:01:01 UTC 2013
On Wed, May 22, 2013 at 8:26 PM, Ed Flecko <edflecko at gmail.com> wrote:
> I'm confused about an effective way to keep my system patched and
> up-to-date, and I'm hoping someone can clarify what seems like a lot of
> I'll be running a production server (so security and stability are most
> important) with a custom kernel and I want it to have all of the latest
> security patches applied. I'll install from DVD and I'll chose the option
> to install both the ports and the source.
> After this, it sure seems like the best way, in terms of speed to download
> any updated files, is to use CTM as a cron job, but I think the FBSD
> handbook recommends subversion? Also, I think I read that CTM won't update
> documentation? Is that right?
> I also see some people say they use portsnap, portaudit and portupgrade.
> For example, I came across this command:
> portsnap fetch && /usr/sbin/portsnap update && /usr/local/sbin/portaudit -F
> && /usr/local/sbin/portupgrade –aR
> however these utilities are used more for keeping your ports collection
> up-to-date (if you install software from ports), and not so much for
> keeping your system patched from a security perspective - isn't that right?
> Hopefully, someone can clarify my confusion.
> Thank you!
To update my ports tree, I use "portsnap" tool. To install ports (or
upgrade them) I use "portmaster". More information here:
To update my sources tree, I use "subversion" tool. Then I rebuild world.
More information here: http://www.freebsd.org/doc/en/books/handbook/svn.html
I use subversion to update my sources tree because I am running 9-STABLE.
If you are running 9.x-RELEASE (or 8.x-RELEASE) you can use
"freebsd-update" to sync sources and install binary patchs. As you are
using custom kernel, you will have to recompile it. More information here:
I hope this help you.
More information about the freebsd-questions