Re: Is the server portion of freebsd-update open source?

2005-10-28 Thread markzero
Hello, > It looks like nearly all of your customizations simply involve removing > certain files from the system. FreeBSD Update is designed to handle > this situation: If there is a security update in sendmail and you have > deleted the sendmail binaries, FreeBSD Update will ignore that particul

Re: Non-executable stack

2005-10-28 Thread Kris Kennaway
On Fri, Oct 28, 2005 at 09:09:41AM +0200, Patrick Bihan-Faou wrote: > We are using the stack protection patches for GCC in production servers > running FreeBSD 4.11 and everything runs well. We are using a fairly > large number of ports (from samba to php to postgresql, etc.) and none > have sh

Re: Is the server portion of freebsd-update open source?

2005-10-28 Thread Colin Percival
markzero wrote: > In my case, all I'm after is a way to distribute a custom build of > FreeBSD. When I say custom, I really just mean a standard build with > a custom make.conf: > > [snip] > > I'd rather not use NFS, for security reasons, so I've had to resort > to ad-hoc shell scripts to do upda

Re: Non-executable stack

2005-10-28 Thread db
On Friday 28 October 2005 07:09, Patrick Bihan-Faou wrote: > We are using the stack protection patches for GCC in production servers > running FreeBSD 4.11 and everything runs well. We are using a fairly > large number of ports (from samba to php to postgresql, etc.) and none > have shown issues wi

Re: Non-executable stack

2005-10-28 Thread Patrick Bihan-Faou
db wrote: On Thursday 27 October 2005 19:58, you wrote: Ok thanks, but I was looking for a kernel level patch. Btw which ports will break? I did not keep a list, but as far as I remember, the 'pure-pw' binary from pure-ftpd was the last thing that failed. Because it was not visible in

Is the server portion of freebsd-update open source?

2005-10-28 Thread Nielsen
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 I'm wondering if/where I can get the server side component for freebsd-update. Presumably such a component would build and sign the binary patches and prepare them to be served via HTTP to the freebsd-update client. I need a system for distributing bi

chkrootkit 0.46 reboots FreeBSD 5.4-RELEASE-p8

2005-10-28 Thread Luiz Eduardo Roncato Cordeiro
Hello, Please, don't use chkrootkit 0.46 on production machines. The "chkproc" process sends a SIGXFSZ (25) signal to init, that interprets this signal as a "disaster" and reboots after a 30s sleep. I'm contacting the chkrootkit maintainer to fix this problem. Sorry, Cordeiro __

Re: Is the server portion of freebsd-update open source?

2005-10-28 Thread markzero
On Fri, Oct 28, 2005 at 12:03:13AM -0700, Colin Percival wrote: > > The FreeBSD Update build code is... umm... somewhere in between. I think > the best way to explain it is to say that I don't care about copyright on > the build code, but the code is a stinking pile of hacks upon hacks with > mul

Re: Is the server portion of freebsd-update open source?

2005-10-28 Thread Colin Percival
Nielsen wrote: > I need a system for distributing binary updates to a collection of > customized FreeBSD machines, jails, and embedded systems. freebsd-update > seems to be what I'm looking for, but I'm wondering if the server side > is a proprietary piece of technology held by someone somewhere, o