Re: Cronjob Cvsup - What?
On 27/01/2013 06:34, Lowell Gilbert wrote: If you needed version control features on your ports tree (especially if you were regularly contributing changes to ports), getting and updating your tree through subversion would have some extra features you might want, but it doesn't sound as if that is the case for you. Unless you have a specific reason why portsnap doesn't fit your use case, it's definitely the way to go for just keeping a ports tree updated regularly. Last 10 years I am using cvsup. Any good guide for the transition to subversion ? For ports is easy(portsnap), but I for system update I still have problems saying good bye to old habits and I still use cvsup...:-) Peter ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: Cronjob Cvsup - What?
On 27/01/2013 00:11, W. D. wrote: What would be the best Cron command to keep ports updated on a daily basis? Try this as a crontab entry: 0 3 * * * * /usr/sbin/portsnap cron update Two points to note: 1) The 'cron' verb is important for anyone setting up an automated job like this. It causes portsnap to wait for a random number of seconds (but less than 1 hour) before connecting to the portsnap server. Since the tendency is for people to schedule cron jobs to happen on the hour, this helps to avoid everyone connecting at once and smooths out the server load. 2) This assumes that you have previously run portsnap fetch extract to get yourself a portsnap-ready copy of the ports tree. You only need to do that once, but you should move aside any pre-existing copy of /usr/ports obtained by any means other than portsnap(8) before you do (but keep anything under /usr/ports/distfiles and maybe /usr/ports/packages). Something like: cd /usr mv ports ports.old mkdir ports mv ports.old/distfiles ports/distfiles mv ports.old/packages ports/packages portsnap fetch extract Although this may be complicated if any of /usr/ports, /usr/ports/distfiles or /usr/ports/packages are on a separate partition or ZFS. I say 'move aside' due to the caution imbued by having been a professional sysadmin for more years than I care to remember. If you are still convinced of your own infallibility, then you might find rm(1) an acceptable alternative. Cheers, Matthew -- Dr Matthew J Seaman MA, D.Phil. PGP: http://www.infracaninophile.co.uk/pgpkey JID: matt...@infracaninophile.co.uk signature.asc Description: OpenPGP digital signature
Re: Cronjob Cvsup - What?
On Sunday 27 Jan 2013 09:46:51 Matthew Seaman wrote: to get yourself a portsnap-ready copy of the ports tree. You only need to do that once, but you should move aside any pre-existing copy of /usr/ports obtained by any means other than portsnap(8) before you do (but keep anything under /usr/ports/distfiles and maybe /usr/ports/packages). Something like: cd /usr mv ports ports.old mkdir ports mv ports.old/distfiles ports/distfiles mv ports.old/packages ports/packages portsnap fetch extract Although this may be complicated if any of /usr/ports, /usr/ports/distfiles or /usr/ports/packages are on a separate partition or ZFS. I suppose the best approach with ZFS would be to make a snapshot immediately prior to running portsnap. -- Mike Clarke ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: Cronjob Cvsup - What?
On 27/01/2013 08:35, Zyumbilev, Peter wrote: Last 10 years I am using cvsup. Any good guide for the transition to subversion ? Most of the guides around freebsd.org are aimed at developers who will be using SVN read-write. For simple read-only use (ie. not checking anything into the repository) the following should suffice: 0) Install svn It isn't part of the base system, and it has too many external dependencies with different licensing terms for it to be bought in easily. There's been some discussion about this, but it hasn't happened yet. If it did, the imported version would be fairly minimal, and anyone wanting to use it for serious development would probably just grab the ports version anyhow. If all you want to do is pull down a copy of the sources then you can turn off most of the options to reduce the fairly large dependency tree to something more manageable: BDB=off: Berkeley Database BOOK=off: Install the Subversion Book ENHANCED_KEYWORD=on: Enhanced svn:keyword support FREEBSD_TEMPLATE=on: FreeBSD Project log template GNOME_KEYRING=off: Build with GNOME Keyring auth support KDE_KWALLET=off: Build with KDE KWallet auth support MAINTAINER_DEBUG=off: Build debug version MOD_DAV_SVN=off: mod_dav_svn module for Apache 2.X MOD_DONTDOTHAT=off: mod_dontdothat for Apache 2.X NEON=off: WebDAV/Delta-V repo access module (neon) P4_STYLE_MARKERS=off: Perforce-style conflict markers SASL=off: SASL support SERF=on: WebDAV/Delta-V repo access module (serf) STATIC=off: Build static version (no shared libs) SVNAUTHZ_VALIDATE=off: install svnauthz-validate SVNMUCC=off: Install Multiple URL Command Client SVNSERVE_WRAPPER=off: Enable svnserve wrapper TEST=off: Run subversion test suite There is the new devel/subversion-static port which does all that, and compiles subversion with static linkage so it has *no* runtime dependencies on anything else. The disadvantage here is that if there is, say, a security hole discovered in the one of the libraries subversion links against, you won't secure the statically linked copy of subversion simply by updating to a fixed version of the shlib. subversion-static is really only intended for providing a one-off binary package that people can download and install in order to bootstrap a more standard FreeBSD environment. 1) Choose a SVN mirror close to you. Currently there are two choices: svn0.us-west.FreeBSD.org -- Western USA svn0.us-east.FreeBSD.org -- Eastern USA Use whichever one gives you best performance. Certainly from Europe at the moment us-east seems to be the best choice. The number of SVN mirrors and their global coverage should increase over time, but it will never need as many servers as the old cvsup network. The canonical list of SVN mirrors is here: http://www.freebsd.org/doc/en_US.ISO8859-1/books/handbook/svn-mirrors.html 2) Choose a protocol for access the SVN servers. Your choices in order of preference are svn:// https:// http:// Use svn:// for best performance. If you're concerned about MITM attacks injecting trojans into the FreeBSD sources, then use https and be sure to verify the certificate hashes on first connection. Otherwise, if you're stuck behind a restrictive firewall, use http:// 3) Choose which branch you want to mirror. It's relatively easy to switch between branches and doesn't involve downloading the entire contents of /usr/src all over again if you change your mind. However right now, the viable choices are head --- Current, the bleeding edge, really only suitable for development purposes stable/9 --- 9-STABLE Still a rapidly changing development branch, but not quite so close to the edge, and with less bleeding involved. stable/8 --- 8-STABLE Ditto. releng/9.1 --- 9.1-RELEASE This tracks any security patches to version 9.1. However, in this case you would be better advised to use freebsd-update(8) to maintain your /usr/src directory tree instead. Similarly releng/9.0 releng/8.3 releng/7.4 for other supported release versions. Don't be fooled into pulling down release/9.1.0 or the like -- this is not a *branch* but a *snapshot*. If you think you want release/9.1.0 then you really want releng/9.1 instead. 4) Make sure /usr/src is empty. Pre-existing files can cause you grief at some unexpected later date even if they don't cause the initial checkout to fail. 5) Put it all together. Run a command like so to check out the content of /usr/src for your chosen branch from your chosen
Re: Cronjob Cvsup - What?
On 27/01/2013 10:07, Mike Clarke wrote: I suppose the best approach with ZFS would be to make a snapshot immediately prior to running portsnap. Yes. That would do the trick quite neatly. In fact, snapshot before each time you run portsnap. Cheers Matthew -- Dr Matthew J Seaman MA, D.Phil. PGP: http://www.infracaninophile.co.uk/pgpkey JID: matt...@infracaninophile.co.uk signature.asc Description: OpenPGP digital signature
Re: Cronjob Cvsup - What?
On 27/01/2013 12:46, Matthew Seaman wrote: Cheers, Matthew Matthew, Fantastic howto ! Thanks ! Really a good job...as usual :-) Peter ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: Cronjob Cvsup - What?
Hello Matthew, Thanks for an outstanding piece of documentation. It resolves a number of concerns I had and convinced me to move from portsnap where I discovered an apparent bug that gave me security concerns. More specifically I manually edited /usr/ports/UPDATING and portsnap did not recognise the change and download a proper copy. The only downside with svn seems to be the 728 MB footprint. Cheers ... Mark On Sun, 27 Jan 2013 05:46:23 Matthew Seaman wrote: On 27/01/2013 08:35, Zyumbilev, Peter wrote: Last 10 years I am using cvsup. Any good guide for the transition to subversion ? Most of the guides around freebsd.org are aimed at developers who will be using SVN read-write. For simple read-only use (ie. not checking anything into the repository) the following should suffice: 0) Install svn It isn't part of the base system, and it has too many external dependencies with different licensing terms for it to be bought in easily. There's been some discussion about this, but it hasn't happened yet. If it did, the imported version would be fairly minimal, and anyone wanting to use it for serious development would probably just grab the ports version anyhow. If all you want to do is pull down a copy of the sources then you can turn off most of the options to reduce the fairly large dependency tree to something more manageable: BDB=off: Berkeley Database BOOK=off: Install the Subversion Book ENHANCED_KEYWORD=on: Enhanced svn:keyword support FREEBSD_TEMPLATE=on: FreeBSD Project log template GNOME_KEYRING=off: Build with GNOME Keyring auth support KDE_KWALLET=off: Build with KDE KWallet auth support MAINTAINER_DEBUG=off: Build debug version MOD_DAV_SVN=off: mod_dav_svn module for Apache 2.X MOD_DONTDOTHAT=off: mod_dontdothat for Apache 2.X NEON=off: WebDAV/Delta-V repo access module (neon) P4_STYLE_MARKERS=off: Perforce-style conflict markers SASL=off: SASL support SERF=on: WebDAV/Delta-V repo access module (serf) STATIC=off: Build static version (no shared libs) SVNAUTHZ_VALIDATE=off: install svnauthz-validate SVNMUCC=off: Install Multiple URL Command Client SVNSERVE_WRAPPER=off: Enable svnserve wrapper TEST=off: Run subversion test suite There is the new devel/subversion-static port which does all that, and compiles subversion with static linkage so it has *no* runtime dependencies on anything else. The disadvantage here is that if there is, say, a security hole discovered in the one of the libraries subversion links against, you won't secure the statically linked copy of subversion simply by updating to a fixed version of the shlib. subversion-static is really only intended for providing a one-off binary package that people can download and install in order to bootstrap a more standard FreeBSD environment. 1) Choose a SVN mirror close to you. Currently there are two choices: svn0.us-west.FreeBSD.org -- Western USA svn0.us-east.FreeBSD.org -- Eastern USA Use whichever one gives you best performance. Certainly from Europe at the moment us-east seems to be the best choice. The number of SVN mirrors and their global coverage should increase over time, but it will never need as many servers as the old cvsup network. The canonical list of SVN mirrors is here: http://www.freebsd.org/doc/en_US.ISO8859-1/books/handbook/svn-mirrors.html 2) Choose a protocol for access the SVN servers. Your choices in order of preference are svn:// https:// http:// Use svn:// for best performance. If you're concerned about MITM attacks injecting trojans into the FreeBSD sources, then use https and be sure to verify the certificate hashes on first connection. Otherwise, if you're stuck behind a restrictive firewall, use http:// 3) Choose which branch you want to mirror. It's relatively easy to switch between branches and doesn't involve downloading the entire contents of /usr/src all over again if you change your mind. However right now, the viable choices are head --- Current, the bleeding edge, really only suitable for development purposes stable/9 --- 9-STABLE Still a rapidly changing development branch, but not quite so close to the edge, and with less bleeding involved. stable/8 --- 8-STABLE Ditto. releng/9.1 --- 9.1-RELEASE This tracks any security patches to version 9.1. However, in this case you would be better advised to use freebsd-update(8) to maintain your /usr/src directory tree instead. Similarly
Re: Cronjob Cvsup - What?
On Sun, 27 Jan 2013 09:51:12 -0500 MFV mrk...@acm.org wrote: The only downside with svn seems to be the 728 MB footprint. With hard disc space running at around 10c per gigabyte it's a minor issue. -- Steve O'Hara-Smith st...@sohara.org ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: Cronjob Cvsup - What?
Steve O'Hara-Smith writes: The only downside with svn seems to be the 728 MB footprint. With hard disc space running at around 10c per gigabyte it's a minor issue. Doesn't that depend on whose money it is? Robert Huff ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: Cronjob Cvsup - What?
On Sun, 27 Jan 2013, Matthew Seaman wrote: 2) Choose a protocol for access the SVN servers. Your choices in order of preference are svn:// https:// http:// Use svn:// for best performance. If you're concerned about MITM attacks injecting trojans into the FreeBSD sources, then use https and be sure to verify the certificate hashes on first connection. Otherwise, if you're stuck behind a restrictive firewall, use http:// HTTPS is preferred. The SVN mirrors section of the Handbook will soon reflect that. Performance should not be very different from svn://. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: Cronjob Cvsup - What?
On Sun, 27 Jan 2013 09:51:12 -0500 MFV wrote: Hello Matthew, Thanks for an outstanding piece of documentation. It resolves a number of concerns I had and convinced me to move from portsnap where I discovered an apparent bug that gave me security concerns. More specifically I manually edited /usr/ports/UPDATING and portsnap did not recognise the change and download a proper copy. I don't see why that's a problem. The function of portsnap update is to update files in the tree that have been updated, deleted or added in the repository. Resynchronising the tree and it's metadata with the snapshot is what portsnap extract is for. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Cronjob Cvsup - What?
According to: http://www.freebsd.org/news/2012-compromise.html Cvsup is deprecated. If I have a Cron entry like: #- #Min HrDOM Mnth DOW Command # At 3:46 in the morning, everyday, as root, update the ports tree: 46 3 * * * /usr/local/bin/cvsup -h cvsup12.FreeBSD.org /usr/share/examples/cvsup/ports-supfile #- What should I use: freebsd-update, Subversion, portsnap, or what? What would be the best Cron command to keep ports updated on a daily basis? Thanks for any help you can provide. Start Here to Find It Fast! - http://www.US-Webmasters.com/best-start-page/ $9.99 Domain Names - http://domains.us-webmasters.com/ ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: Cronjob Cvsup - What?
W. D. w...@us-webmasters.com writes: According to: http://www.freebsd.org/news/2012-compromise.html Cvsup is deprecated. If I have a Cron entry like: #- #Min HrDOM Mnth DOW Command # At 3:46 in the morning, everyday, as root, update the ports tree: 46 3 * * * /usr/local/bin/cvsup -h cvsup12.FreeBSD.org /usr/share/examples/cvsup/ports-supfile #- What should I use: freebsd-update, Subversion, portsnap, or what? What would be the best Cron command to keep ports updated on a daily basis? portsnap is almost certainly the best answer for you. freebsd-update is for the base system, not ports. If you needed version control features on your ports tree (especially if you were regularly contributing changes to ports), getting and updating your tree through subversion would have some extra features you might want, but it doesn't sound as if that is the case for you. Unless you have a specific reason why portsnap doesn't fit your use case, it's definitely the way to go for just keeping a ports tree updated regularly. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
