On Sat, Jun 29, 2024 at 3:29 AM jonathon575 <jonathon...@protonmail.com> wrote:
> For the current release 7.5, specifically for security patches, if we > downloaded the security patches located at any of the mirror links, for > example, > > https://mirror.hs-esslingen.de/pub/OpenBSD/syspatch/7.5/amd64/ > > manually verified the signature with signify, then changed the online path > under /etc/installurl to point to the usb/location that contains the > downloaded security patch files, and then executed the command syspatch, > usually, the security patch files gets pulled from the pointed physical > location and gets updated, however, my question is, would that be > sufficient for patching the system, or do we actually have to compile from > source and include the security patch files in the compilation process? > It is my understanding that it will work as you desire. Modifying /etc/installurl allows you to specify which mirror you want to download from, and if you choose to maintain your own private mirror with only a subset of files you can do so. Note that, iirc, /etc/installurl should point to a directory that contains a "syspatch" subdirectory which contains a "7.5" subdirectory, etc. Do not point /etc/installurl directly at the folder containing the syspatch files, point it at the root under which you are mirroring the structure of an official mirror. Your private mirror can contain releases, patches and syspatches for multiple versions and architectures, and the directory structure is needed to keep those things separated and locatable. -ken
