How is the patchlevel set?
Jonathan Noack
noackjr at alumni.rice.edu
Fri Jul 1 07:06:46 GMT 2005
On 06/30/05 15:47, lars wrote:
> I can't seem to find out how the patchlevel is set.
>
> Is it incremented with each SA's patch, kernel or world,
> or only kernel or only world?
>
> Could anyone point me to some documentation by the FreeBSD project?
>
> I know this is the stable list, but I don't want to subscribe to
> one more list just for this question.
The patch level is set in src/sys/conf/newvers.sh. I believe this means
that it is only updated after rebuilding the kernel (see 'sysctl
kern.version').
I have often applied patches from Security Advisories and rebuilt only
what was necessary instead of world/kernel. With a userland
vulnerability, this is often the most expedient and unintrusive method.
However, the new patch level is not set this way so you have to
document the update for yourself. On client machines I sometimes do the
full world/kernel rebuild and schedule a reboot just to avoid questions
about whether the machine is up-to-date.
--
Jonathan Noack | noackjr at alumni.rice.edu | OpenPGP: 0x991D8195
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 187 bytes
Desc: OpenPGP digital signature
Url : http://lists.freebsd.org/pipermail/freebsd-stable/attachments/20050701/fd9eea92/signature.bin
More information about the freebsd-stable
mailing list