On May 22, 2006, at 6:45 AM, Steven Hartland wrote:
On good example of portupgrade "going off on one" is a simple
upgrade of mtr we dont install any X on our machines so mtr-nox11
is installed. Whenever I've tried portupgrade in the past its
always trolled of and started downloading and build t
On May 22, 2006, at 12:38 AM, Brent Casavant wrote:
So, in short, that's why *I* rarely update ports for security reasons.
Another valid reason is configuration management. We run web
services, and in order to ensure nothing breaks, we have to use a
fixed set of code. Upgrading any piec
Quoting Frank Steinborn <[EMAIL PROTECTED]>:
Chris H. wrote:
This brings up a point I have been wanting to bring up for over a mos.;
I adopted an "orphaned" port (contacted the owner, whom then relenquished
ownership to me.). But found it _more_ than difficult to discover how
to inform the fBSD
Chris H. wrote:
> This brings up a point I have been wanting to bring up for over a mos.;
> I adopted an "orphaned" port (contacted the owner, whom then relenquished
> ownership to me.). But found it _more_ than difficult to discover how
> to inform the fBSD port(s) system of it's new, *un*orphaned
Quoting Ion-Mihai IOnut Tetcu <[EMAIL PROTECTED]>:
On Mon, 22 May 2006 11:40:16 +0200
Marian Hettwer <[EMAIL PROTECTED]> wrote:
> ports tree in the process, the end result is a bit more undefined. One
> thing that I wish for is that the ports tree would branch for releases,
> and that those b
Quoting Paul Allen <[EMAIL PROTECTED]>:
From Scott Long <[EMAIL PROTECTED]>, Sun, May 21, 2006 at 11:44:27PM -0600:
I share this frustration with you. I was once told that the pain in
upgrading is due largely to a somewhat invisible difference between
installing a pre-compiled package, and buil
On May 22, 2006, at 11:49, Allen wrote:
On my Slackware machines, it was no problem at all, I'd use wget to
grab
the patch .tgz file, then do this:
upgradepkg *.tgz
I believe there was some talk in the past of treating the base system
like a package. NetBSD has some code that does this
05:23:50 1000
To: FreeBSD User
Subject: Re: FreeBSD Security Survey
On Mon, 2006-May-22 15:20:11 -, FreeBSD User wrote:
> Since time is always and issue, if the system could by default
> (without an admin having to write scripts and/or apps, or manually
> update) update
> And it's not only HR lack problem, we would need more hardware for the
> package building cluster too.
A lot of us run 24/7 netted servers with spare cycles, & wouldn't
be averse to allocating the idle loop to package building for
freebsd.org, but 3 problems:
- package building at prsent
On Mon, 2006-May-22 15:20:11 -, FreeBSD User wrote:
> Since time is always and issue, if the system could by default
> (without an admin having to write scripts and/or apps, or manually
> update) update itself for both system and installed ports/packages, it
> likely would reduce securi
>From Doug Hardie <[EMAIL PROTECTED]>, Sun, May 21, 2006 at 11:48:51PM -0700:
> Failover sounds good in theory but has significant issues in practice
> that make it sometimes worse than the alternative. Take mail
> spools. If you failover, mail the user saw before has disappeared.
> Then w
On Mon, May 22, 2006 at 12:06:54AM -0400, Brandon S. Allbery KF8NH wrote:
>
> On May 21, 2006, at 11:55 , Colin Percival wrote:
>
> >The Security Team has been concerned for some time by anecdotal
> >reports
> >concerning the number of FreeBSD systems which are not being promptly
> >updated or
Charles Howse wrote:
Just curious, where are WITHOUT_X11 and WITHOUT_GUI documented? I
don't see either in /usr/share/examples/etc/make.conf, nor in man
make.conf.
Many options (not all) are described in /usr/ports/KNOBS (but withou
WITH_/WITHOUT_ prefixes)
Miroslav Lachman
___
As an administrator, time is always an issue. FreeBSD has proven
itself time and again. Having said that, one "wish" would be to have
a default/built-in security update mechanism.
Since time is always and issue, if the system could by default
(without an admin having to write scri
Paul Allen wrote:
...
> Some speculation: I've always thought portupgrade did the Wrong
> Thing(tm) by consulting the dependency graph in /var/db. Better to
> merely learn which packages were installed and then exclusively use
> the port information...
Well, a.o. portmaster tries just to do th
On May 22, 2006, at 9:12 AM, Jonathan Noack wrote:
On 05/22/06 06:45, Steven Hartland wrote:
Brent Casavant wrote:
On Sun, 21 May 2006, Colin Percival wrote:
So, in short, that's why *I* rarely update ports for security
reasons.
There are steps that could be taken at the port maintenanc
On 05/22/06 06:45, Steven Hartland wrote:
> Brent Casavant wrote:
>> On Sun, 21 May 2006, Colin Percival wrote:
>
>> So, in short, that's why *I* rarely update ports for security reasons.
>>
>> There are steps that could be taken at the port maintenance level that
>> would work well for my particu
On 05/22/06 05:40, Marian Hettwer wrote:
> Scott Long wrote:
>>> Brent Casavant wrote:
While I find ports to be the single most useful feature of the FreeBSD
experience, and can't thank contributors enough for the efforts, I on
the other hand find updating my installed ports collecti
On Mon, 22 May 2006 12:43:47 +0200
Marian Hettwer <[EMAIL PROTECTED]> wrote:
> -BEGIN PGP SIGNED MESSAGE-
> Hash: SHA1
>
> Hi Ion,
>
> Ion-Mihai IOnut Tetcu wrote:
>
> >>I have to agree on that statement. I would love to see branched ports.
> >>This can get very important on servers, we
Brent Casavant wrote:
On Sun, 21 May 2006, Colin Percival wrote:
So, in short, that's why *I* rarely update ports for security reasons.
There are steps that could be taken at the port maintenance level that
would work well for my particular case, however that's beyond the
scope of the survey.
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Hi Ion,
Ion-Mihai IOnut Tetcu wrote:
>>I have to agree on that statement. I would love to see branched ports.
>>This can get very important on servers, were you don't want to have
>>major upgrades, but only security updates.
>>I guess it's a question
On Mon, 22 May 2006 11:40:16 +0200
Marian Hettwer <[EMAIL PROTECTED]> wrote:
> > ports tree in the process, the end result is a bit more undefined. One
> > thing that I wish for is that the ports tree would branch for releases,
> > and that those branches would get security updates. I know that
Le 22/05/2006 11:43, Michel Talon a ?crit:
>
> OpenBSD doesn't have next to 15000 ports. In my opinion, this richness is
> one of the main assets of FreeBSD, and by necessity implies a great difficulty
> to maintain everything in a coherent and secure state. You have only to
> contemplate the yea
Scott Long <[EMAIL PROTECTED]> writes:
> I share this frustration with you. I was once told that the pain in
> upgrading is due largely to a somewhat invisible difference between
> installing a pre-compiled package, and building+installing a port. In
> theory, if you stick to one method or the o
>> ports tree in the process, the end result is a bit more undefined. One
>> thing that I wish for is that the ports tree would branch for releases,
>> and that those branches would get security updates. I know that this
>> would involve an exponentially larger amount of effort from the ports
>>
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Hi there,
Scott Long wrote:
> Brent Casavant wrote:
>
>> While I find ports to be the single most useful feature of the FreeBSD
>> experience, and can't thank contributors enough for the efforts, I on
>> the other hand find updating my installed por
On Sun, 2006-05-21 at 23:44 -0600, Scott Long wrote:
> ports tree in the process, the end result is a bit more undefined. One
> thing that I wish for is that the ports tree would branch for releases,
> and that those branches would get security updates. I know that this
> would involve an expone
Hi,
We don't use binary update as we use custom kernels.
We're using portaudit for security flaw with the installed ports but I don't
think there is any equivalent for the base and kernel? I'm subscribed and
I'm monitoring the FreeBSD Security Advisories mailing-list but there is (as
far as I kn
On Monday 22 May 2006 01:44, Scott Long wrote:
> Brent Casavant wrote:
> > On Sun, 21 May 2006, Colin Percival wrote:
> >>In order to better understand
> >>which FreeBSD versions are in use, how people are (or aren't)
> >> keeping them updated, and why it seems so many systems are not
> >> being up
On May 21, 2006, at 22:41, David Nugent wrote:
A good failover strategy comes into play here.
If you have one, then taking a single production machine off-line
for a short period should be no big deal, even routine, and should
not even be noticed by users if done correctly. This should be
On 5/22/06, Colin Percival <[EMAIL PROTECTED]> wrote:
If you administrate system(s) running FreeBSD (in the broad sense of "are
responsible for keeping system(s) secure and up to date"), please visit
http://people.freebsd.org/~cperciva/survey.html
and complete the survey below before May 31st,
>From Scott Long <[EMAIL PROTECTED]>, Sun, May 21, 2006 at 11:44:27PM -0600:
> I share this frustration with you. I was once told that the pain in
> upgrading is due largely to a somewhat invisible difference between
> installing a pre-compiled package, and building+installing a port. In
> theory
Brent Casavant wrote:
On Sun, 21 May 2006, Colin Percival wrote:
In order to better understand
which FreeBSD versions are in use, how people are (or aren't) keeping
them updated, and why it seems so many systems are not being updated, I
have put together a short survey of 12 questions.
I a
Doug Hardie wrote:
On May 21, 2006, at 20:55, Colin Percival wrote:
If you administrate system(s) running FreeBSD (in the broad sense of
"are
responsible for keeping system(s) secure and up to date"), please visit
http://people.freebsd.org/~cperciva/survey.html
and complete the survey below b
On Sun, 21 May 2006, Colin Percival wrote:
> In order to better understand
> which FreeBSD versions are in use, how people are (or aren't) keeping
> them updated, and why it seems so many systems are not being updated, I
> have put together a short survey of 12 questions.
I applaud this survey, h
On May 21, 2006, at 20:55, Colin Percival wrote:
If you administrate system(s) running FreeBSD (in the broad sense
of "are
responsible for keeping system(s) secure and up to date"), please
visit
http://people.freebsd.org/~cperciva/survey.html
and complete the survey below before May 31st,
On May 21, 2006, at 11:55 , Colin Percival wrote:
The Security Team has been concerned for some time by anecdotal
reports
concerning the number of FreeBSD systems which are not being promptly
updated or are running FreeBSD releases which have passed their End of
Life dates and are no longer s
37 matches
Mail list logo
