On 6/30/05, Nekdo Nekje <[EMAIL PROTECTED]> wrote: > Hello, list... > > I sort of have this question about FreeBSD... I'm a newbie so please > bear with me.. ;) > > I'm building a firewall on 5.4 release. I have a clean install and I > would like some way so I can update the system. For what I understand, > one can download patches and apply them manually. What I'm looking for > is a way so I can automatically update all the necessary files, > preferably the binary way. > > I searched the Internet and found a way to do it in a document, bu it > was written for 5.2 release and I was wondering if it's okay to use it > on 5.4? > > http://www.taosecurity.com/keeping_freebsd_up-to-date.html > > Any thoughts on this?? >
Most everything in that article should still apply. In my opinion it's a bit too optimistic to expect the update process to be %100 automated. Off the top of my head I'd setup a cron job that run's every few days... something such as this: date > /root/build_date && nice +20 cvsup -g -L 0 /root/release-sup && cd /usr/src && nice +20 make buildworld && nice +20 make buildkernel && nice +20 make installkernel && date >> /root/build_date This way all you will have to do is run make installworld and mergemaster when a security alert is issued. make sure your cvsup release tag is set to a release/security branch like RELENG_5_4 and not set to -STABLE i.e. RELENG_5. I'm positive there are better ways then the one I showed you. I'm sure the guys here can help you out some more. _______________________________________________ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"