On Sat, 22 Nov 2014, bodie wrote: > On 22.11.2014 03:40, John Merriam wrote: >> On Fri, 21 Nov 2014, Comète wrote: >>> 21 novembre 2014 23:00 "John Merriam" <j...@johnmerriam.net> a écrit: >>>> Hello. I am trying to write a script to check for updates to the binary >>>> packages by checking the output of pkg_add then sending an e-mail if >>>> something is found. ... >>> >>> Maybe you're looking for this ? >>> http://www.mtier.org/index.php/solutions/apps/openup/ >>> >>> Morgan >>> >> >> Hmmm. Thanks for the suggestion. I'm looking for something much simpler >> though (KISS principle has been good to me in the past). My main question >> is is there something better than `pkg_add -Iusx | grep -v "^quirks\-"` to >> check for updates to packages? > > You did not mention what version of OpenBSD you are using. Is it -release, > -stable or -current?
At the moment I am on 5.6-release > For -release, -stable there are hardly any updates during 6 months period > so checking it everyday is quite pointless. For -current you need to follow > at least current.html and mirrors for new snapshots eg. and what's most > important > you must keep system in sync so you will be doing update of packages in any > case no matter how much of them updated. Looking back at the past couple releases it looks like there haven't been any updates to the binary packages at all? That seems kind of surprising to me. I'm used to running Debian stable where there are lots of package updates. Debian almost never updates anything in their stable releases unless there is a security issue, but still there are lots of updates. > So for -release/-stable your script is of use (plus security.html of course), > but doesn't need to be run everyday for sure. In organizations you will need > to have some release/patching calendar anyway to make managers happy and they > will not allow patching window quite often so something like once a month > like Microsoft or quaterly will be more then enough. > > About -current...new packages most of the time mean that you need new OS too > so you will have process for complete upgrade anyway in place and then your > script may fill mailbox daily with a lot of info which soon no one will read > because it's simply not only info created out of one machine by cron and all > other stuff like log monitors and such. > > >> >> openup looks to be doing something similar for the update checking >> portion by using pkg_info output then fed to pkg_add to check for updates. >> Not sure why it wouldn't just use pkg_add to check for the updates. The >> code is also kinda odd to me. Seems overly complicated and looks to be >> doing some things that I'm not so sure I would want to be doing on my >> machines. >> >> Anyway, if there aren't any other tips or suggestions, I'll just go with >> what I have and adjust if I find issues down the road. Thanks! Please forgive my ignorance on this issue since the last time I used OpenBSD pkg_add didn't have all this update checking stuff. I used binary packages because that's what the FAQ recommends. Would I be better off using ports instead? Are the ports updated more frequently? I really like the stability of -release (or -stable I guess) but I don't want to lose out on security updates to the packages/ports... -- John Merriam
