Keeping my system up to date with CTM or subversion?

Thu May 23 01:10:13 UTC 2013

On Wed, 22 May 2013 13:23:39 -0700, Ed Flecko wrote:
> So once you have a system up and running, how do you monitor if and when
> you need to upgrade your ports tree?

This highly depends on your "updating policy". There are three
mainstream opinions:

a) always update, regularly (e. g. once a week)

b) only update if security requires it (e. g. when portaudit alerts)

c) update as soon as an additional functionality is desired

Of course, "combined opinions" are also valid. :-)

For updating the ports tree, portsnap is the eaiest tool. However,
if you follow opinion a) and update _very_ regularly (e. g. daily),
you could use SVN to obtain the (smaller) deltas to your local tree.
This also helps because you can directly access the tree and don't
have to wait until a snapshot is made available. For "higher update
frequencies", this is often the better approach.

There is another valid opinion: Install once, make sure everything
works, never touch a running system. I'm a big fan of this attitude,
at least on my home systems. ;-)

> By the way, your ports tree is different than installed software packages,
> right?

That is possible when you update your ports tree (by whatever
method) _after_ you have installed something. A typical conclusion
is that you might need to rebuild stuff as soon as you install
something with that (newer) tree.

Example: Tree is at version 12345, you install foo-1.0 which
depends on bar-1.5. Two weeks later, you update your ports tree
and get version 23456. You don't want to touch foo and bar, but
you now need to install baz which requires bar-1.6 (which has
now arrived in the tree). So now you need to update bar from
1.5 to 1.6, and _maybe_ also foo to a newer version (whatever
that might be).

> In other words, the only reason people even bother to upgrade their
> ports tree is so that IF you install a package from source - the source is
> current? Is that correct?

Maybe the wording is a bit strange, but yes, updating the ports
tree means to have the lastest and _consistent_ versions of all
the programs in the tree (so their "interconnections" will work
properly). This is also helpful when you install from different
sources, e. g. some stuff from source, some stuff as binary
packages from Latest/.

> When security vulnerabilities are discovered and patches released by FBSD,
> the patch will tell you what steps you need to take to apply the patch and
> stay up to date, won't it?

The OS patches are announced that way. You should always read the
UPDATING files in /usr/src (for the OS) and /usr/ports (for installed
applications) to make sure you're not missing a simple (but important)
step during upgrades.

Patches for the OS are of course handled independently from those
applying to applications from the ports collection.

-- 
Polytropon
Magdeburg, Germany
Happy FreeBSD user since 4.0
Andra moi ennepe, Mousa, ...