DaemonForums  

Go Back   DaemonForums > FreeBSD > FreeBSD General

FreeBSD General Other questions regarding FreeBSD which do not fit in any of the categories below.

Reply
 
Thread Tools Display Modes
  #1   (View Single Post)  
Old 25th July 2008
tommytom tommytom is offline
Real Name: Thomas Jreige
New User
 
Join Date: Jul 2008
Location: Australia
Posts: 1
Thanked 0 Times in 0 Posts
Smile Update FreeBSD /usr/src

Hi Everyone,

How can I update the /usr/src for FreeBSD version 7.0 using cvs?
I have not been using cvs for a long time.

Thanks.

Tom.
Reply With Quote
  #2   (View Single Post)  
Old 25th July 2008
jbhappy's Avatar
jbhappy jbhappy is offline
Real Name: Jeff
Port Guard
 
Join Date: Jun 2008
Location: MI, US
Posts: 30
Thanked 4 Times in 3 Posts
Default

csup(1) is a popular choice. see the man page and /usr/share/examples/cvsup for more information. let us know if you have further questions.
Reply With Quote
  #3   (View Single Post)  
Old 25th July 2008
graudeejs's Avatar
graudeejs graudeejs is offline
Real Name: Aldis Berjoza
formerly killasmurf86
 
Join Date: Jul 2008
Location: Riga, Latvia
Posts: 588
Thanked 29 Times in 26 Posts
Default

supfile:
Code:
*default host=cvsup3.lv.freebsd.org
*default base=/usr
*default prefix=/usr
*default release=cvs
*default delete use-rel-suffix compress
*default tag=.
#RELENG_7_0

#ports-all
src-all
replace default host to your local host

run cvsup /path/to/supfile
Reply With Quote
  #4   (View Single Post)  
Old 25th July 2008
DutchDaemon's Avatar
DutchDaemon DutchDaemon is offline
Real Name: Ben
Spam Refugee
 
Join Date: Jul 2008
Location: Rotterdam, The Netherlands
Posts: 337
Thanked 32 Times in 30 Posts
Default

I use a little 'csupper' script, which uses the port sysutils/fastest_cvsup to find the fastest mirror in my vicinity:

Code:
#!/usr/local/bin/bash

server=`/usr/local/bin/fastest_cvsup -Q -c nl,de,be,uk`
day=`/bin/date +%a`

echo "
Using $server today.
"
if [ $day == "Sun" ]
then
echo "
Full source tree compare (not using csup -s)."
/usr/bin/csup -4 -h $server -l /tmp/csup.lock -z -L 2 /etc/cvsupfile
else
echo "
Fast source tree compare (using csup -s)."
/usr/bin/csup -4 -h $server -l /tmp/csup.lock -z -s -L 2 /etc/cvsupfile
fi
The cvsupfile looks like this:

Code:
*default host=cvsup6.nl.freebsd.org
*default base=/usr
*default prefix=/usr
*default release=cvs tag=RELENG_7
*default delete use-rel-suffix
*default compress
src-all
Reply With Quote
  #5   (View Single Post)  
Old 25th July 2008
ninjatux's Avatar
ninjatux ninjatux is offline
Real Name: Baqir Majlisi
Spam Deminer
 
Join Date: May 2008
Location: Antarctica
Posts: 293
Thanked 15 Times in 15 Posts
Default

I have this section in make.conf. I also have cronjobs configured for updating ports and src. But if I have to, I can run make update in /usr/ports and or /usr/src to update either or both.

Code:
# --< updating :: BEGIN >------------------------------------------------------
SUP_UPDATE=     yes
SUPHOST=        cvsup3.us.freebsd.org
SUP=            /usr/bin/csup
SUPFILE=        /usr/share/examples/cvsup/stable-supfile
PORTSSUPFILE=   /usr/share/examples/cvsup/ports-supfile
# --< updating :: END >--------------------------------------------------------
__________________
"UNIX is basically a simple operating system, but you have to be a genius to understand the simplicity."
MacBook Pro (Darwin 9), iMac (Darwin 9), iPod Touch (Darwin 9), Dell Optiplex GX620 (FreeBSD 7.1-STABLE)
Reply With Quote
  #6   (View Single Post)  
Old 29th July 2008
audio audio is offline
Port Guard
 
Join Date: May 2008
Posts: 17
Thanked 0 Times in 0 Posts
Default

In a production environment would you use csup RELENG_7 or would you just apply security patches manually as they come out on the mailing list?
Reply With Quote
  #7   (View Single Post)  
Old 29th July 2008
graudeejs's Avatar
graudeejs graudeejs is offline
Real Name: Aldis Berjoza
formerly killasmurf86
 
Join Date: Jul 2008
Location: Riga, Latvia
Posts: 588
Thanked 29 Times in 26 Posts
Default

I would use RELENG_7_0 as it includes source security patches, but then you need to rebuild system
Or you can binary update system (don't remember what was name of script or prog, i don't use it, since i use FreeBSD at home)
Reply With Quote
  #8   (View Single Post)  
Old 29th July 2008
audio audio is offline
Port Guard
 
Join Date: May 2008
Posts: 17
Thanked 0 Times in 0 Posts
Default

Quote:
Originally Posted by killasmurf View Post
I would use RELENG_7_0 as it includes source security patches, but then you need to rebuild system
Or you can binary update system (don't remember what was name of script or prog, i don't use it, since i use FreeBSD at home)
So if you apply a patch manually following a security advisory you don't have to rebuild kernel/world, you just have to recompile the vulnerable software... or does it patch the vulnerable binary so you don't even have to recompile?
Reply With Quote
  #9   (View Single Post)  
Old 29th July 2008
TerryP's Avatar
TerryP TerryP is offline
Arp Constable
 
Join Date: May 2008
Location: USofA
Posts: 1,547
Thanked 112 Times in 104 Posts
Default

(note this is as _I_ understand it and the accuracy of this post is not assured.)


The security advisories that come out generally fit into the format of:


What is the problem
Who does it effect
How do we deal with it


In the case of FreeBSD-SA-08:06.bind, only the relevant software needs to have patches applied to the appropriate source code on your system (bind9 stuff), then recompiled and reinstalled. freebsd-update even allows us to skip that part and just use binary diffs and what not.


There is no need to update the entire system in order to correct the security issue, unless you want to or need to rebuild world, kernel, and ports while you are at it. Which is probably a waste of time and extra work for you, if you've got to keep that thing more stable then the US deficit getting bigger.


Code:
Affects:        All supported FreeBSD versions.
Corrected:      2008-07-12 10:07:33 UTC (RELENG_6, 6.3-STABLE)
                2008-07-13 18:42:38 UTC (RELENG_6_3, 6.3-RELEASE-p3)
                2008-07-13 18:42:38 UTC (RELENG_7, 7.0-STABLE)
                2008-07-13 18:42:38 UTC (RELENG_7_0, 7.0-RELEASE-p3)

This basically means that as of YYYYY-MM-DD at HH:MM:SS Zulu time the stable branch has the patches committed in addition to what ever is already in the stable branch. And that the security branches for the releases in question have also been updated, e..g RELENG_7 => 7 stable code from 2008-07-13 18:42:38Z and later are not affected by the security issue.

Thus equaling 7 stable before the patch + the patch. While RELENG_7_0 => 7.0-Release + patches + this patch; which won't include anything from 7 stable that wasn't patched in, e.g. because of a security advisory.


It's basically, do you want the original release plus security patches or do you want the stable branch as of whenever the patch was committed. And unless you explicitly checkout that revision, when you go to update a 7 stable machine you get any commits made to that branch afterwards too, whether security or not.


Again, this is as I understand things, not to say that I'm right! lol.
__________________
My Journal

Thou shalt check the array bounds of all strings (indeed, all arrays), for surely where thou typest ``foo'' someone someday shall type ``supercalifragilisticexpialidocious''.
Reply With Quote
Old 29th July 2008
jbhappy's Avatar
jbhappy jbhappy is offline
Real Name: Jeff
Port Guard
 
Join Date: Jun 2008
Location: MI, US
Posts: 30
Thanked 4 Times in 3 Posts
Default

Quote:
Originally Posted by TerryP View Post
Again, this is as I understand things, not to say that I'm right! lol.
I'd say you're pretty much right. The one thing I'd add is that some patches, particularly those to OpenSSL, will require rebuilding world and kernel, even if you're running -RELEASE. Those seem pretty rare, though.
Reply With Quote
Old 31st July 2008
audio audio is offline
Port Guard
 
Join Date: May 2008
Posts: 17
Thanked 0 Times in 0 Posts
Default

That clears things up for me, thanks guys!
Reply With Quote
Reply

Tags
7.0, cvs, freebsd, src

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump

Similar Threads
Thread Thread Starter Forum Replies Last Post
Cannot update with CVS guitarscn OpenBSD Installation and Upgrading 3 7th September 2009 11:12 PM
freebsd-update bsdperson FreeBSD Installation and Upgrading 10 16th January 2009 10:14 AM
Need to update my FreeBSD...help jedispy FreeBSD Ports and Packages 4 9th June 2008 05:34 PM
Update from 6.1 to 6.3 did nothing? alanthing FreeBSD Installation and Upgrading 4 8th June 2008 02:28 PM
FreeBSD supported branches update corey_james FreeBSD Security 0 3rd June 2008 03:55 AM


All times are GMT. The time now is 09:03 PM.


Powered by vBulletin® Version 3.8.4
Copyright ©2000 - 2014, Jelsoft Enterprises Ltd.
Content copyright © 2007-2010, the authors
Daemon image copyright ©1988, Marshall Kirk McKusick