clarification of cvsup process.

Thu, 15 Jun 2006 12:31:35 -0700

I have a FreeBSD 6.0 server that I manage that is used as a DNS / mail server. In the wake of the recent sendmail security announcement, I'd like to make sure I'm keeping the thing up to date. I tried to run the patch as listed in the announcement, but the patch just seemed to hang, so I killed the process and decided to go the cvsup route. now I understand the whole cvsup process, as well as updating ports, but the whole release tag thing still has me confused. If possible could someone tell me if I'm doing this right or not, or have someone tell me what I'm doing wrong.
I'm only interested in updating the system when a security need arises, and have no desire to live on the "cutting edge". I handle the ports through portaudit/portsnap/portmanager, and am looking to only update the case system with cvsup. 

Here is the list of commands I run to update the system.

# cvsup /usr/local/greg/cvsupfile

Contents of cvsupfile:

*default host=cvsup6.FreeBSD.org
*default base=/var/db
*default prefix=/usr
*default release=cvs tag=RELENG_6_0
*default delete use-rel-suffix


src-all
*default tag=.

# cd /usr/src
# make buildworld
# make buildkernel
# make installkernel
# reboot

After rebooting into single user mode:

# fsck -p
# mount -u /
# mount -a -t ufs
# swapon -a
# adjkerntz -i
# mergemaster -p
# make installworld
# mergemaster
# reboot

After rebooting:

# cd /etc/mail
# make all
# make install
# make restart


And that's it.  I do the stuff in /etc/mail since I'm not sure running 
make buildworld will update the cf files.  The last patch that came out, 
I did the same thing I outlined above, but I did not notice a change in 
the version number of Sendmail when telnetting to it.  I did a search 
through the security notice, and took a look at all of the source files 
on my machine that were updated.  Although I could not find a version 
number anywhere, I noticed that the timestamp for all of the affected 
files had changed to the date listed in the announcement.  I'm not sure 
if Sendmail reports it's version from something hardcoded in the binary, 
or if it comes from the cf file.



So does this look right?  Or am I missing something obviously stupid? 
Is my cvsupfile correct for what I want it to do?


TIA

Greg Groth
_______________________________________________
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"






















					Reply via email to