On Wed, May 22, 2013 at 8:26 PM, Ed Flecko <edfle...@gmail.com> wrote:
> I'm confused about an effective way to keep my system patched and > up-to-date, and I'm hoping someone can clarify what seems like a lot of > options. > > I'll be running a production server (so security and stability are most > important) with a custom kernel and I want it to have all of the latest > security patches applied. I'll install from DVD and I'll chose the option > to install both the ports and the source. > > After this, it sure seems like the best way, in terms of speed to download > any updated files, is to use CTM as a cron job, but I think the FBSD > handbook recommends subversion? Also, I think I read that CTM won't update > documentation? Is that right? > > I also see some people say they use portsnap, portaudit and portupgrade. > For example, I came across this command: > > portsnap fetch && /usr/sbin/portsnap update && /usr/local/sbin/portaudit -F > && /usr/local/sbin/portupgrade –aR > > however these utilities are used more for keeping your ports collection > up-to-date (if you install software from ports), and not so much for > keeping your system patched from a security perspective - isn't that right? > > Hopefully, someone can clarify my confusion. > > Thank you! > > Ed > Hi Ed, To update my ports tree, I use "portsnap" tool. To install ports (or upgrade them) I use "portmaster". More information here: http://www.freebsd.org/doc/en/books/handbook/ports-using.html To update my sources tree, I use "subversion" tool. Then I rebuild world. More information here: http://www.freebsd.org/doc/en/books/handbook/svn.html & http://www.freebsd.org/doc/en/books/handbook/makeworld.html I use subversion to update my sources tree because I am running 9-STABLE. If you are running 9.x-RELEASE (or 8.x-RELEASE) you can use "freebsd-update" to sync sources and install binary patchs. As you are using custom kernel, you will have to recompile it. More information here: http://www.freebsd.org/doc/en/books/handbook/updating-upgrading-freebsdupdate.html I hope this help you. Kind regards, Alexandre _______________________________________________ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
