Downloading 10.2-RELEASE-p10 source without prayer

Matthew Seaman matthew at
Wed Jan 20 08:20:22 UTC 2016

On 20/01/2016 01:30, Chris Stankevitz wrote:
> On Tue, Jan 19, 2016 at 4:45 PM, Chris Stankevitz
> <chrisstankevitz at> wrote:
>> > Of course I'm being sarcastic about the prayer... but is there a way
>> > (a tarball or special SVN tag/branch) to get the "official"
>> > 10.2-RELEASE-p10 code?  What do the freebsd-update servers use?

> I could just look at "svn log -l 1" and see if it jives more or less
> with the most recent freebsd-announce email.

Depends how paranoid you want to be.

If you download one of the DVD installation images, that should include
base system sources and will have offline checksums that you can verify.

You can then apply the patches from all of the SAs and ENs published
since, all of which are digitally signed.  That's probably as good as
you can get in ensuring you've got authentic, untampered sources.

Most people would find it good enough to use eg. freebsd-update -- the
updates are cryptographically signed, so you can be reasonably certain
that what it installs on your system is the same as what it has on the
servers.  It does use a pretty direct connection to the master SVN
repository for obtaining the code it builds from, but you generally have
to trust that it is using unadulterated sources itself.  freebsd-update
can maintain a copy of /usr/src for you.

Or else you can just checkout the RELENG-10 branch from one of the SVN

# cd /usr
# svn co src

The SSL cert on the server should be sufficient guarantee you've not
been spoofed into some MITM scenario.



-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 957 bytes
Desc: OpenPGP digital signature
URL: <>

More information about the freebsd-questions mailing list