Ports question ....
Mike Clarke
jmc-freebsd2 at milibyte.co.uk
Thu Aug 28 22:31:49 UTC 2014
On Thursday 28 August 2014 15:16:40 William A. Mahaffey III wrote:
> I think that is what I am asking .... To be more precise, how often
> should I check to see if it is updated, weekly, monthly, other ....
> I guess that is the nub of the question ....
It's largely down to what's most convenient for you.
There's a lot to be said for the "If it ain't broke don't mend it"
philosophy. If everything's working fine on your system and you don't
need the latest and greatest new feature recently added to one of your
ports then there's no real need to keep updating them.
If a port has just been updated to fix some freshly discovered
security issue then you need to upgrade it ASAP. Running the periodic
script from ports-mgmt/portaudit is a good way of being kept up to
date with new vulnerabilities affecting ports installed on your
system.
There could be a delay before a new version of a vulnerable port is
available. You can check what the latest revision level of a port is
by looking it up at <http://www.freshports.org>.
After running portsnap you can run "pkg version -vIL=" to see a list
of which ports have version numbers which differ from the latest.
You need to maintain all your ports in a consistent state, upgrading
just one port can lead to dependency problems so it's worth using
ports-mgmt/portmaster after running portsnap, this can upgrade all
affected ports.
If you only upgrade your ports when required by security issues then
you may find that there are lots of ports with newer versions so, to
reduce the workload, you might prefer to upgrade rather more
frequently than waiting until a security issue requires it.
Sometimes you will need to give some ports individual attention before
running a bulk upgrade. Check for this by seeing if any of your ports
are mentioned in /usr/ports/UPDATING - you only need to check entries
dated later than the last time you did an upgrade and take whatever
action is advised there.
If you pay attention to /usr/ports/UPDATING then portmaster will
usually upgrade all affected ports without problems but sometimes you
come across a situation that it can't handle and you might need to
deal with the problematic port yourself.
--
Mike Clarke
More information about the freebsd-questions
mailing list