Re: keeping freebsd uptodate - doubt

[J65nko BSD]

On Fri, 04 Feb 2005 22:16:30 -0600, Billy Newsom <[EMAIL PROTECTED]> wrote:
> saravanan ganapathy wrote:
>  >   cvsup -g -L 2 /root/ports-supfile
>
> Once you get your cvsup stuff straightened out, try this script, which I run
> every other day.  Change the Log file if you want.  This updates my sources
> to stable and updates the ports tree.  I use two different cvsup files and
> commands so the two don't get confused.  Don't try to use the same config
> file and cvsup command for the two different types of updates!!  (In my
> experience, you're asking for trouble.)
>
> You will need to install a few ports first, but you should get the idea.  If
> you read the output every day (or you could email it to yourself, which I may
> eventually do if I like it), you will see which ports need to be updated.
> This script will probably contiune to get better as it gets added to.  Like I
> need to include the security audited version of ports that need updated!
>
> BEGIN CODE... mydaily.sh
> #!/bin/sh
> #
> # Billy borrowed stuff on 12/18/2004 from:
> #http://www.oreillynet.com/pub/wlg/6041?page=last&x-order=date
> #
> LOGF="/var/log/cvsup.log"
> echo "START @ `/bin/date`" >>$LOGF
> #/bin/date >>$LOGF
> #use fastest_cvsup to find fastest geographically
> #close mirror; I'll check Canada and the US
>
> if SERVER=`/usr/local/bin/fastest_cvsup -Q -c ca,us`; then
> echo "Using STABLE Server:" $SERVER >>$LOGF
> /usr/local/bin/cvsup -L1 -h $SERVER -l /var/log/cvs-lock-s
> /root/stable-supfile >>$LOGF
> echo "STABLE done @ `/bin/date`" >>$LOGF
>   else
>echo "cvsup-STABLE has a fastest_cvsup problem on...`/bin/date`" >>$LOGF
> fi
>
> if SERVER=`/usr/local/bin/fastest_cvsup -Q -c ca,us`; then
> echo "Using PORTS Server:" $SERVER >>$LOGF
> /usr/local/bin/cvsup -L0 -h $SERVER -l /var/log/cvs-lock-p
> /root/ports-supfile >>$LOGF
> echo "PORTS done @ `/bin/date`" >>$LOGF
>   else
>echo "cvsup-PORTS has a fastest_cvsup problem on...`/bin/date`" >>$LOGF
> fi
>
> #-U (which takes a long time to execute) isn't needed
> #with the fetchindex command
> cd /usr/ports
> make fetchindex >>$LOGF
> /usr/local/sbin/portsdb -u >>$LOGF
> # command1 2>&1 | command2
>
> # echo "Looking for security patches"
> # freebsd-update fetch
> # This program not working for me.  unComment above line if it works for U.
>
> echo "The following ports need upgrading" >>$LOGF
> /usr/local/sbin/portversion -l "<" >>$LOGF
> echo "" >>$LOGF
> echo "STOP at `/bin/date`." >>$LOGF
> echo "" >>$LOGF
>
> END CODE... mydaily.sh
>
> --
> Billy
> ___
You can use "exec"  at the top of your script to redirect all output
to a file. This way don't need to add ">>$LOG" at the end of each
line.


#!/bin/sh

LOGF="/var/log/cvsup.log"

# --- redirect all script output to logfile
exec >>${LOGF}  2>&1


=Adriaan=
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

Re: keeping freebsd uptodate - doubt

[Billy Newsom]

saravanan ganapathy wrote:
>   cvsup -g -L 2 /root/ports-supfile
Once you get your cvsup stuff straightened out, try this script, which I run 
every other day.  Change the Log file if you want.  This updates my sources 
to stable and updates the ports tree.  I use two different cvsup files and 
commands so the two don't get confused.  Don't try to use the same config 
file and cvsup command for the two different types of updates!!  (In my 
experience, you're asking for trouble.)

You will need to install a few ports first, but you should get the idea.  If 
you read the output every day (or you could email it to yourself, which I may 
eventually do if I like it), you will see which ports need to be updated. 
This script will probably contiune to get better as it gets added to.  Like I 
need to include the security audited version of ports that need updated!

BEGIN CODE... mydaily.sh
#!/bin/sh
#
# Billy borrowed stuff on 12/18/2004 from:
#http://www.oreillynet.com/pub/wlg/6041?page=last&x-order=date
#
LOGF="/var/log/cvsup.log"
echo "START @ `/bin/date`" >>$LOGF
#/bin/date >>$LOGF
#use fastest_cvsup to find fastest geographically
#close mirror; I'll check Canada and the US
if SERVER=`/usr/local/bin/fastest_cvsup -Q -c ca,us`; then
   echo "Using STABLE Server:" $SERVER >>$LOGF
   /usr/local/bin/cvsup -L1 -h $SERVER -l /var/log/cvs-lock-s 
/root/stable-supfile >>$LOGF
   echo "STABLE done @ `/bin/date`" >>$LOGF
 else
  echo "cvsup-STABLE has a fastest_cvsup problem on...`/bin/date`" >>$LOGF
fi

if SERVER=`/usr/local/bin/fastest_cvsup -Q -c ca,us`; then
   echo "Using PORTS Server:" $SERVER >>$LOGF
   /usr/local/bin/cvsup -L0 -h $SERVER -l /var/log/cvs-lock-p 
/root/ports-supfile >>$LOGF
   echo "PORTS done @ `/bin/date`" >>$LOGF
 else
  echo "cvsup-PORTS has a fastest_cvsup problem on...`/bin/date`" >>$LOGF
fi

#-U (which takes a long time to execute) isn't needed
#with the fetchindex command
cd /usr/ports
make fetchindex >>$LOGF
/usr/local/sbin/portsdb -u >>$LOGF
# command1 2>&1 | command2
# echo "Looking for security patches"
# freebsd-update fetch
# This program not working for me.  unComment above line if it works for U.
echo "The following ports need upgrading" >>$LOGF
/usr/local/sbin/portversion -l "<" >>$LOGF
echo "" >>$LOGF
echo "STOP at `/bin/date`." >>$LOGF
echo "" >>$LOGF
END CODE... mydaily.sh
--
Billy
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

Re: keeping freebsd uptodate - doubt

[Mark Rowlands]

On Wednesday 02 February 2005 17:08, Robert Huff wrote:
> Karol Kwiatkowski writes:
> >  Someone else should comment on that, but I think updating (cvsup)
> >  ports tree once a week should be often enough to track changes
> >  and rare enough to not overload mirrors.
>
>   The other theory involves more frequent (i,e, daily) but
> presumably smaller updates.
>   On the gripping hand ... I'm not convinced the mirrors are
> in danger of overload except possibly at the end of a ports freeze.
>
>

an alternative is to subscribe to freshports  portswatch service and be 
notified  of changes to your installed ports and update accordingly.

fastest_cvsup (from the ports collection natch) can also be employed to locate 
the  fastest cvsup server for you
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

Re: keeping freebsd uptodate - doubt

[Oliver Leitner]

On Wednesday 02 February 2005 17:08, Robert Huff wrote:
> Karol Kwiatkowski writes:
> >  Someone else should comment on that, but I think updating (cvsup)
> >  ports tree once a week should be often enough to track changes
> >  and rare enough to not overload mirrors.
>
>   The other theory involves more frequent (i,e, daily) but
> presumably smaller updates.
>   On the gripping hand ... I'm not convinced the mirrors are
> in danger of overload except possibly at the end of a ports freeze.
>
>
>   Robert Huff
>
>
> ___
> freebsd-questions@freebsd.org mailing list
> http://lists.freebsd.org/mailman/listinfo/freebsd-questions
> To unsubscribe, send any mail to
> "[EMAIL PROTECTED]"

Well... in general the daily small updates is a good idea, *if* youre not on 
a dialup, isdn or slow austrian cable connection, things can get annoying 
with that...

besides the more obvious reason why daily updates on every package isnt a 
good idea, if you dont want to read UPDATES file daily;)

Greetings
Oliver Leitner
Technical Staff
http://www.shells.at
-- 
By reading this mail you agree to the following:

using or giving out the email address and any 
other info of the author of this email is strictly forbidden.
By acting against this agreement the author of this mail 
will take possible legal actions against the abuse.
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

Re: keeping freebsd uptodate - doubt

[Robert Huff]

Karol Kwiatkowski writes:

>  Someone else should comment on that, but I think updating (cvsup)
>  ports tree once a week should be often enough to track changes
>  and rare enough to not overload mirrors.

The other theory involves more frequent (i,e, daily) but
presumably smaller updates.
On the gripping hand ... I'm not convinced the mirrors are
in danger of overload except possibly at the end of a ports freeze.


Robert Huff


___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

Re: keeping freebsd uptodate - doubt

[Karol Kwiatkowski]

saravanan ganapathy wrote:
> What is the recommended period to update the ports?

Someone else should comment on that, but I think updating (cvsup)
ports tree once a week should be often enough to track changes and
rare enough to not overload mirrors. That applies to single desktop
machine, if you're using more machines / servers it's probably better
to setup local mirror for that.

As for installed ports, I think you should update installed port when:

1. there are security patches available (a must)
2. there is a new version available with new features / better
performance / etc (but only if you need/want the new functionality)

ad1:
You have already installed portaudit which takes care of security
warnings. Have a look at daily "security run output" emails. For
example, today I got:

> [snip]
> Checking for a current audit database:
> 
> Database created: Tue Feb  1 02:40:19 CET 2005
> 
> Checking for packages with security vulnerabilities:
> 
> Affected package: perl-5.8.5
> Type of problem: perl -- File::Path insecure file/directory permissions.
> Reference: 
> 
> [snip]

Then I went to http://www.freebsd.org/ports/index.html, saw it has
been already updated in ports, fired up cvsup...

ad2:
When such event occurs (say, new version of KDE) just update ports
tree and do a portupgrade.


> Is there any announcements for any port update? So
> that I can manually update the ports.

I think http://www.freshports.org/ or
http://www.freebsd.org/ports/index.html could be what you want.


> Is portupgrade contains the security patches also?

I'm not sure what that means. Portupgrade simply updates a port, it
takes all patches provided by port manager, applies them, compile,
etc. (in case of building from source). So, if there are any security
patches for a port, yes, portupgrade will take care of them.


Hope that helps,

Karol

-- 
Karol Kwiatkowski  
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

Re: keeping freebsd uptodate - doubt

[Zlatozar Zhelyazkov]

Here are some useful links. Read carefully!!

http://www.taosecurity.com/keeping_freebsd_applications_up-to-date.html
http://www.taosecurity.com/keeping_freebsd_up-to-date.html


On Wed, 2 Feb 2005 06:49:06 -0800 (PST), saravanan ganapathy
<[EMAIL PROTECTED]> wrote:
> 
> --- Karol Kwiatkowski <[EMAIL PROTECTED]>
> wrote:
> 
> > saravanan ganapathy wrote:
> >  > I have done the above steps to update my system
> > and
> > > when I run 'portversion -v | grep -v "=" ', I am
> > > gettin g the perl package only.
> > >
> > > freebsd# portversion -v | grep -v "="
> > > perl-5.8.5  <  needs updating (port has
> > 5.8.6_1)
> > >
> > > freebsd# portupgrade perl
> > > --->  Upgrading 'perl-5.8.5' to 'perl-5.8.6_1'
> > > (lang/perl5.8)
> > > --->  Building '/usr/ports/lang/perl5.8'
> > > ===>  Cleaning for perl-5.8.6_1
> > > ===>  perl-5.8.6_1 has known vulnerabilities:
> > > => perl -- File::Path insecure file/directory
> > > permissions.
> > >Reference:
> > >
> >
> 
> > > => Please update your ports tree and try again.
> > > *** Error code 1
> > >
> > > Stop in /usr/ports/lang/perl5.8.
> > > ** Command failed [exit code 1]: /usr/bin/script
> > -qa
> > > /tmp/portupgrade5864.0 make
> > > ** Fix the problem and try again.
> > > ** Listing the failed packages (*:skipped /
> > !:failed)
> > > ! lang/perl5.8 (perl-5.8.5) (unknown
> > build
> > > error)
> > > --->  Packages processed: 0 done, 0 ignored, 0
> > skipped
> > > and 1 failed
> > >
> > > How to solve this problem?
> >
> > Portaudit thinks perl-5.8.6_1 is not safe. It even
> > tells you where to
> > find more information:
> >
> > >
> >
> http://www.FreeBSD.org/ports/portaudit/c418d472-6bd1-11d9-93ca-000a95bc6fae.html
> >
> > If you look there it says:
> >
> > > Affects:
> > >
> > > * perl >=0 <5.6.2
> > > * perl >=5.8.0 <5.8.6
> >
> > Clearly, perl-5.8.6_1 is *not* affected. This leads
> > us to conclusion
> > that your portadit's database is outdated. To fetch
> > new databse simply
> > run:
> >
> > # portaudit -F
> >
> 
> The problem has been solved by updating the portaudit
> database.
> 
> What is the recommended period to update the ports?
> 
> Is there any announcements for any port update? So
> that I can manually update the ports.
> 
> Is portupgrade contains the security patches also?
> 
> Pls guide me
> 
> Sarav
> 
> 
> __
> Do you Yahoo!?
> Yahoo! Mail - Helps protect you from nasty viruses.
> http://promotions.yahoo.com/new_mail
> ___
> freebsd-questions@freebsd.org mailing list
> http://lists.freebsd.org/mailman/listinfo/freebsd-questions
> To unsubscribe, send any mail to "[EMAIL PROTECTED]"
>
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

Re: keeping freebsd uptodate - doubt

[saravanan ganapathy]

--- Karol Kwiatkowski <[EMAIL PROTECTED]>
wrote:

> saravanan ganapathy wrote:
>  > I have done the above steps to update my system
> and
> > when I run 'portversion -v | grep -v "=" ', I am
> > gettin g the perl package only.
> > 
> > freebsd# portversion -v | grep -v "="
> > perl-5.8.5  <  needs updating (port has
> 5.8.6_1)
> > 
> > freebsd# portupgrade perl
> > --->  Upgrading 'perl-5.8.5' to 'perl-5.8.6_1'
> > (lang/perl5.8)
> > --->  Building '/usr/ports/lang/perl5.8'
> > ===>  Cleaning for perl-5.8.6_1
> > ===>  perl-5.8.6_1 has known vulnerabilities:
> > => perl -- File::Path insecure file/directory
> > permissions.
> >Reference:
> >
>

> > => Please update your ports tree and try again.
> > *** Error code 1
> > 
> > Stop in /usr/ports/lang/perl5.8.
> > ** Command failed [exit code 1]: /usr/bin/script
> -qa
> > /tmp/portupgrade5864.0 make
> > ** Fix the problem and try again.
> > ** Listing the failed packages (*:skipped /
> !:failed)
> > ! lang/perl5.8 (perl-5.8.5) (unknown
> build
> > error)
> > --->  Packages processed: 0 done, 0 ignored, 0
> skipped
> > and 1 failed
> > 
> > How to solve this problem?
> 
> Portaudit thinks perl-5.8.6_1 is not safe. It even
> tells you where to
> find more information:
> 
> >
>
http://www.FreeBSD.org/ports/portaudit/c418d472-6bd1-11d9-93ca-000a95bc6fae.html
> 
> If you look there it says:
> 
> > Affects:
> > 
> > * perl >=0 <5.6.2
> > * perl >=5.8.0 <5.8.6
> 
> Clearly, perl-5.8.6_1 is *not* affected. This leads
> us to conclusion
> that your portadit's database is outdated. To fetch
> new databse simply
> run:
> 
> # portaudit -F
> 

The problem has been solved by updating the portaudit
database.

What is the recommended period to update the ports?

Is there any announcements for any port update? So
that I can manually update the ports.

Is portupgrade contains the security patches also?

Pls guide me

Sarav








__ 
Do you Yahoo!? 
Yahoo! Mail - Helps protect you from nasty viruses. 
http://promotions.yahoo.com/new_mail
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

Re: keeping freebsd uptodate - doubt

[Oliver Leitner]

On Wednesday 02 February 2005 15:11, saravanan ganapathy wrote:
> --- Oliver Leitner <[EMAIL PROTECTED]> wrote:
> > On Wednesday 02 February 2005 14:19, saravanan
> >
> > ganapathy wrote:
> > > Hai ,
> > >
> > > I have installed 5.3 release and want to keep my
> > > system uptodate with the security patches.
> > >
> > > Based on many guides, I have arranged as a doc.
> >
> > Pls
> >
> > > confirm me whether my steps are ok
> > >
> > > 1) Install portupgrade
> > > 2) Sync ports
> > >
> > >  Ports-supfile contains as
> > >
> > > *default host=cvsup10.us.freebsd.org
> > > *default base=/var/db
> > > *default prefix=/usr
> > > *default release=cvs tag=.
> > > *default delete use-rel-suffix
> > > ports-all
> > >
> > > ( or should I change tag=RELENG_5_3 )
> > >
> > >   cvsup -g -L 2 /root/ports-supfile
> > >
> > > 3) portsdb -Uu
> > > 4) portversion -v
> > > 5) portupgrade -arR  { to upgrade from all the
> >
> > lower
> >
> > > versions of applications )
> >
> > id add the following things:
> >
> > 1. install portaudit.
> > 2. portupgrade portdir/portname (e.g. portupgrade
> > lang/perl5)
> > 3. if portupgrade portdir/portname doesnt do, use
> > the -f flag.
> > 4. install freebsd-update from the security ports
> > dir.
> > 5. freebsd-update fetch
> > 6. freebsd-update install
> > 7. in case freebsd-update did find new kernel
> > modules, you might eventually
> > want to reboot the machine
>
> what freebsd-update fetch & install will do?
>
> Sarav

freebsd-update keeps the non-ports part of freebsd up to date.
>
>
> __
> Do You Yahoo!?
> Tired of spam?  Yahoo! Mail has the best spam protection around
> http://mail.yahoo.com
> ___
> freebsd-questions@freebsd.org mailing list
> http://lists.freebsd.org/mailman/listinfo/freebsd-questions
> To unsubscribe, send any mail to
> "[EMAIL PROTECTED]"

-- 
By reading this mail you agree to the following:

using or giving out the email address and any 
other info of the author of this email is strictly forbidden.
By acting against this agreement the author of this mail 
will take possible legal actions against the abuse.
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

Re: keeping freebsd uptodate - doubt

[Chris Hodgins]

[snip]

4) portversion -v

'portversion -v | grep -v "=" ' is what I use.
You shouldn't require the grep...you can do this instead:
# portversion -vl"<"
[snip]
Chris
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

Re: keeping freebsd uptodate - doubt

[saravanan ganapathy]

--- Oliver Leitner <[EMAIL PROTECTED]> wrote:

> On Wednesday 02 February 2005 14:19, saravanan
> ganapathy wrote:
> > Hai ,
> >
> > I have installed 5.3 release and want to keep my
> > system uptodate with the security patches.
> >
> > Based on many guides, I have arranged as a doc.
> Pls
> > confirm me whether my steps are ok
> >
> > 1) Install portupgrade
> > 2) Sync ports
> >
> >  Ports-supfile contains as
> >
> > *default host=cvsup10.us.freebsd.org
> > *default base=/var/db
> > *default prefix=/usr
> > *default release=cvs tag=.
> > *default delete use-rel-suffix
> > ports-all
> >
> > ( or should I change tag=RELENG_5_3 )
> >
> >   cvsup -g -L 2 /root/ports-supfile
> >
> > 3) portsdb -Uu
> > 4) portversion -v
> > 5) portupgrade -arR  { to upgrade from all the
> lower
> > versions of applications )
> 
> id add the following things:
> 
> 1. install portaudit.
> 2. portupgrade portdir/portname (e.g. portupgrade
> lang/perl5)
> 3. if portupgrade portdir/portname doesnt do, use
> the -f flag.
> 4. install freebsd-update from the security ports
> dir.
> 5. freebsd-update fetch
> 6. freebsd-update install
> 7. in case freebsd-update did find new kernel
> modules, you might eventually 
> want to reboot the machine

what freebsd-update fetch & install will do?

Sarav


__
Do You Yahoo!?
Tired of spam?  Yahoo! Mail has the best spam protection around 
http://mail.yahoo.com 
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

Re: keeping freebsd uptodate - doubt

[Karol Kwiatkowski]

saravanan ganapathy wrote:
 > I have done the above steps to update my system and
> when I run 'portversion -v | grep -v "=" ', I am
> gettin g the perl package only.
> 
> freebsd# portversion -v | grep -v "="
> perl-5.8.5  <  needs updating (port has 5.8.6_1)
> 
> freebsd# portupgrade perl
> --->  Upgrading 'perl-5.8.5' to 'perl-5.8.6_1'
> (lang/perl5.8)
> --->  Building '/usr/ports/lang/perl5.8'
> ===>  Cleaning for perl-5.8.6_1
> ===>  perl-5.8.6_1 has known vulnerabilities:
> => perl -- File::Path insecure file/directory
> permissions.
>Reference:
> 
> => Please update your ports tree and try again.
> *** Error code 1
> 
> Stop in /usr/ports/lang/perl5.8.
> ** Command failed [exit code 1]: /usr/bin/script -qa
> /tmp/portupgrade5864.0 make
> ** Fix the problem and try again.
> ** Listing the failed packages (*:skipped / !:failed)
> ! lang/perl5.8 (perl-5.8.5) (unknown build
> error)
> --->  Packages processed: 0 done, 0 ignored, 0 skipped
> and 1 failed
> 
> How to solve this problem?

Portaudit thinks perl-5.8.6_1 is not safe. It even tells you where to
find more information:

> http://www.FreeBSD.org/ports/portaudit/c418d472-6bd1-11d9-93ca-000a95bc6fae.html

If you look there it says:

> Affects:
> 
> * perl >=0 <5.6.2
> * perl >=5.8.0 <5.8.6

Clearly, perl-5.8.6_1 is *not* affected. This leads us to conclusion
that your portadit's database is outdated. To fetch new databse simply
run:

# portaudit -F


oh, btw. I forgot to include in previous post: before upgrading ports
always read /usr/ports/UPDATING. It can save you some headaches ;)


Cheers,

Karol


-- 
Karol Kwiatkowski  
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

Re: keeping freebsd uptodate - doubt

[Oliver Leitner]

On Wednesday 02 February 2005 14:57, saravanan ganapathy wrote:
> --- Karol Kwiatkowski <[EMAIL PROTECTED]>
>
> wrote:
> > saravanan ganapathy wrote:
> > > Hai ,
> > >
> > > I have installed 5.3 release and want to keep my
> > > system uptodate with the security patches.
> > >
> > > Based on many guides, I have arranged as a doc.
> >
> > Pls
> >
> > > confirm me whether my steps are ok
> > >
> > > 1) Install portupgrade
> > > 2) Sync ports
> > >
> > >  Ports-supfile contains as
> > >
> > > *default host=cvsup10.us.freebsd.org
> > > *default base=/var/db
> > > *default prefix=/usr
> > > *default release=cvs tag=.
> > > *default delete use-rel-suffix
> > > ports-all
> >
> > OK
> >
> > > ( or should I change tag=RELENG_5_3 )
> >
> > No, "tag=." is exactly what is needed for updating
> > ports.
> >
> > >   cvsup -g -L 2 /root/ports-supfile
> >
> > OK
> >
> > > 3) portsdb -Uu
> > >
> > >From 'man portsdb':
> > >  -U
> > >  --updateindex  Update or create the ports
> >
> > index file called INDEX.
> >
> > from 'man ports':
> > > fetchindex   Fetch the INDEX file from the
> >
> > FreeBSD cluster.
> >
> >
> > Generating INDEX with 'portsdb -U' can take a while.
> > Alternatively,
> > you could run 'cd /usr/ports && make fetchindex'
> > which will download
> > that file for you.
> >
> > so point 3) could be like:
> >
> > 3-a) cd /usr/ports
> > 3-b) make fetchindex
> > 3-c) portsdb -u
> >
> > This is *much* faster but, of course, there's
> > nothing wrong with
> > 'portsdb -Uu'.
> >
> > > 4) portversion -v
> >
> > 'portversion -v | grep -v "=" ' is what I use.
> >
> > > Any other steps to do?
> >
> > Above procedure updates (only) your ports tree and
> > installed ports.
> > Subscribe to freebsd-announce and keep your system
> > up-to-date.
> >
> > > What 'make fetchindex' will do?
> >
> > See above (point 3).
>
> Thx for ur responses
>
> I have done the above steps to update my system and
> when I run 'portversion -v | grep -v "=" ', I am
> gettin g the perl package only.
>
> freebsd# portversion -v | grep -v "="
> perl-5.8.5  <  needs updating (port has 5.8.6_1)
>
> freebsd# portupgrade perl
> --->  Upgrading 'perl-5.8.5' to 'perl-5.8.6_1'
> (lang/perl5.8)
> --->  Building '/usr/ports/lang/perl5.8'
> ===>  Cleaning for perl-5.8.6_1
> ===>  perl-5.8.6_1 has known vulnerabilities:
> => perl -- File::Path insecure file/directory
> permissions.
>Reference:
> e.html> => Please update your ports tree and try again.
> *** Error code 1
>
> Stop in /usr/ports/lang/perl5.8.
> ** Command failed [exit code 1]: /usr/bin/script -qa
> /tmp/portupgrade5864.0 make
> ** Fix the problem and try again.
> ** Listing the failed packages (*:skipped / !:failed)
> ! lang/perl5.8 (perl-5.8.5) (unknown build
> error)
> --->  Packages processed: 0 done, 0 ignored, 0 skipped
> and 1 failed
>
> How to solve this problem?

portupgrade -f portname...
>
> Sarav
>
>
>
> __
> Do you Yahoo!?
> Yahoo! Mail - now with 250MB free storage. Learn more.
> http://info.mail.yahoo.com/mail_250
> ___
> freebsd-questions@freebsd.org mailing list
> http://lists.freebsd.org/mailman/listinfo/freebsd-questions
> To unsubscribe, send any mail to
> "[EMAIL PROTECTED]"

-- 
By reading this mail you agree to the following:

using or giving out the email address and any 
other info of the author of this email is strictly forbidden.
By acting against this agreement the author of this mail 
will take possible legal actions against the abuse.
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

Re: keeping freebsd uptodate - doubt

[saravanan ganapathy]

--- Karol Kwiatkowski <[EMAIL PROTECTED]>
wrote:

> saravanan ganapathy wrote:
> > Hai ,
> > 
> > I have installed 5.3 release and want to keep my
> > system uptodate with the security patches. 
> > 
> > Based on many guides, I have arranged as a doc.
> Pls
> > confirm me whether my steps are ok
> > 
> > 1) Install portupgrade
> > 2) Sync ports 
> > 
> >  Ports-supfile contains as 
> > 
> > *default host=cvsup10.us.freebsd.org
> > *default base=/var/db
> > *default prefix=/usr
> > *default release=cvs tag=.
> > *default delete use-rel-suffix
> > ports-all
> 
> OK
> 
> > ( or should I change tag=RELENG_5_3 )
> 
> No, "tag=." is exactly what is needed for updating
> ports.
> 
> >   cvsup -g -L 2 /root/ports-supfile
> 
> OK
> 
> > 3) portsdb -Uu
> 
> >From 'man portsdb':
> >  -U
> >  --updateindex  Update or create the ports
> index file called INDEX.
> 
> from 'man ports':
> > fetchindex   Fetch the INDEX file from the
> FreeBSD cluster.
> 
> 
> Generating INDEX with 'portsdb -U' can take a while.
> Alternatively,
> you could run 'cd /usr/ports && make fetchindex'
> which will download
> that file for you.
> 
> so point 3) could be like:
> 
> 3-a) cd /usr/ports
> 3-b) make fetchindex
> 3-c) portsdb -u
> 
> This is *much* faster but, of course, there's
> nothing wrong with
> 'portsdb -Uu'.
> 
> > 4) portversion -v
> 
> 'portversion -v | grep -v "=" ' is what I use.
> 
> 
> > Any other steps to do?
> 
> Above procedure updates (only) your ports tree and
> installed ports.
> Subscribe to freebsd-announce and keep your system
> up-to-date.
> 
> 
> > What 'make fetchindex' will do?
> 
> See above (point 3).
> 

Thx for ur responses

I have done the above steps to update my system and
when I run 'portversion -v | grep -v "=" ', I am
gettin g the perl package only.

freebsd# portversion -v | grep -v "="
perl-5.8.5  <  needs updating (port has 5.8.6_1)

freebsd# portupgrade perl
--->  Upgrading 'perl-5.8.5' to 'perl-5.8.6_1'
(lang/perl5.8)
--->  Building '/usr/ports/lang/perl5.8'
===>  Cleaning for perl-5.8.6_1
===>  perl-5.8.6_1 has known vulnerabilities:
=> perl -- File::Path insecure file/directory
permissions.
   Reference:

=> Please update your ports tree and try again.
*** Error code 1

Stop in /usr/ports/lang/perl5.8.
** Command failed [exit code 1]: /usr/bin/script -qa
/tmp/portupgrade5864.0 make
** Fix the problem and try again.
** Listing the failed packages (*:skipped / !:failed)
! lang/perl5.8 (perl-5.8.5) (unknown build
error)
--->  Packages processed: 0 done, 0 ignored, 0 skipped
and 1 failed

How to solve this problem?

Sarav 



__ 
Do you Yahoo!? 
Yahoo! Mail - now with 250MB free storage. Learn more.
http://info.mail.yahoo.com/mail_250
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

Re: keeping freebsd uptodate - doubt

[Karol Kwiatkowski]

saravanan ganapathy wrote:
> Hai ,
> 
> I have installed 5.3 release and want to keep my
> system uptodate with the security patches. 
> 
> Based on many guides, I have arranged as a doc. Pls
> confirm me whether my steps are ok
> 
> 1) Install portupgrade
> 2) Sync ports 
> 
>  Ports-supfile contains as 
> 
> *default host=cvsup10.us.freebsd.org
> *default base=/var/db
> *default prefix=/usr
> *default release=cvs tag=.
> *default delete use-rel-suffix
> ports-all

OK

> ( or should I change tag=RELENG_5_3 )

No, "tag=." is exactly what is needed for updating ports.

>   cvsup -g -L 2 /root/ports-supfile

OK

> 3) portsdb -Uu

>From 'man portsdb':
>  -U
>  --updateindex  Update or create the ports index file called INDEX.

from 'man ports':
> fetchindex   Fetch the INDEX file from the FreeBSD cluster.


Generating INDEX with 'portsdb -U' can take a while. Alternatively,
you could run 'cd /usr/ports && make fetchindex' which will download
that file for you.

so point 3) could be like:

3-a) cd /usr/ports
3-b) make fetchindex
3-c) portsdb -u

This is *much* faster but, of course, there's nothing wrong with
'portsdb -Uu'.

> 4) portversion -v

'portversion -v | grep -v "=" ' is what I use.


> Any other steps to do?

Above procedure updates (only) your ports tree and installed ports.
Subscribe to freebsd-announce and keep your system up-to-date.


> What 'make fetchindex' will do?

See above (point 3).


Regards,

Karol

-- 
Karol Kwiatkowski  
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

Re: keeping freebsd uptodate - doubt

[Oliver Leitner]

to add something...

pkg_version -v > pkgversions.txt

then you might check the generated textfile for current packages which are 
outdated, and need to be upgraded...

On Wednesday 02 February 2005 14:25, Oliver Leitner wrote:
> On Wednesday 02 February 2005 14:19, saravanan ganapathy wrote:
> > Hai ,
> >
> > I have installed 5.3 release and want to keep my
> > system uptodate with the security patches.
> >
> > Based on many guides, I have arranged as a doc. Pls
> > confirm me whether my steps are ok
> >
> > 1) Install portupgrade
> > 2) Sync ports
> >
> >  Ports-supfile contains as
> >
> > *default host=cvsup10.us.freebsd.org
> > *default base=/var/db
> > *default prefix=/usr
> > *default release=cvs tag=.
> > *default delete use-rel-suffix
> > ports-all
> >
> > ( or should I change tag=RELENG_5_3 )
> >
> >   cvsup -g -L 2 /root/ports-supfile
> >
> > 3) portsdb -Uu
> > 4) portversion -v
> > 5) portupgrade -arR  { to upgrade from all the lower
> > versions of applications )
>
> id add the following things:
>
> 1. install portaudit.
> 2. portupgrade portdir/portname (e.g. portupgrade lang/perl5)
> 3. if portupgrade portdir/portname doesnt do, use the -f flag.
> 4. install freebsd-update from the security ports dir.
> 5. freebsd-update fetch
> 6. freebsd-update install
> 7. in case freebsd-update did find new kernel modules, you might eventually
> want to reboot the machine.
>
> > Any other steps to do?
> >
> > What 'make fetchindex' will do?
>
> make fetchindex from what i might tell does the same as portsdb -Uu
> (if i got that wrong, please forgive me... i just had my first month with
> BSD)
>
> > Pls guide me
> >
> > Sarav
> >
> >
> >
> >
> >
> >
> >
> >
> >
> >
> >
> > __
> > Do you Yahoo!?
> > Yahoo! Mail - Find what you need with new enhanced search.
> > http://info.mail.yahoo.com/mail_250
> > ___
> > freebsd-questions@freebsd.org mailing list
> > http://lists.freebsd.org/mailman/listinfo/freebsd-questions
> > To unsubscribe, send any mail to
> > "[EMAIL PROTECTED]"
>
> Greetings
> Oliver Leitner
> Technical Staff
> http://www.shells.at

-- 
By reading this mail you agree to the following:

using or giving out the email address and any 
other info of the author of this email is strictly forbidden.
By acting against this agreement the author of this mail 
will take possible legal actions against the abuse.
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

Re: keeping freebsd uptodate - doubt

[Oliver Leitner]

On Wednesday 02 February 2005 14:19, saravanan ganapathy wrote:
> Hai ,
>
> I have installed 5.3 release and want to keep my
> system uptodate with the security patches.
>
> Based on many guides, I have arranged as a doc. Pls
> confirm me whether my steps are ok
>
> 1) Install portupgrade
> 2) Sync ports
>
>  Ports-supfile contains as
>
> *default host=cvsup10.us.freebsd.org
> *default base=/var/db
> *default prefix=/usr
> *default release=cvs tag=.
> *default delete use-rel-suffix
> ports-all
>
> ( or should I change tag=RELENG_5_3 )
>
>   cvsup -g -L 2 /root/ports-supfile
>
> 3) portsdb -Uu
> 4) portversion -v
> 5) portupgrade -arR  { to upgrade from all the lower
> versions of applications )

id add the following things:

1. install portaudit.
2. portupgrade portdir/portname (e.g. portupgrade lang/perl5)
3. if portupgrade portdir/portname doesnt do, use the -f flag.
4. install freebsd-update from the security ports dir.
5. freebsd-update fetch
6. freebsd-update install
7. in case freebsd-update did find new kernel modules, you might eventually 
want to reboot the machine.
>
> Any other steps to do?
>
> What 'make fetchindex' will do?
>

make fetchindex from what i might tell does the same as portsdb -Uu
(if i got that wrong, please forgive me... i just had my first month with BSD)

> Pls guide me
>
> Sarav
>
>
>
>
>
>
>
>
>
>
>
> __
> Do you Yahoo!?
> Yahoo! Mail - Find what you need with new enhanced search.
> http://info.mail.yahoo.com/mail_250
> ___
> freebsd-questions@freebsd.org mailing list
> http://lists.freebsd.org/mailman/listinfo/freebsd-questions
> To unsubscribe, send any mail to
> "[EMAIL PROTECTED]"

Greetings
Oliver Leitner
Technical Staff
http://www.shells.at
-- 
By reading this mail you agree to the following:

using or giving out the email address and any 
other info of the author of this email is strictly forbidden.
By acting against this agreement the author of this mail 
will take possible legal actions against the abuse.
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

Re: keeping freebsd uptodate - doubt

[martin hudec]

Hello,

On Wed, Feb 02, 2005 at 05:19:36AM -0800 or thereabouts, saravanan ganapathy 
wrote:
> 1) Install portupgrade
> 2) Sync ports 
> 
>  Ports-supfile contains as 
> 
> *default host=cvsup10.us.freebsd.org
> *default base=/var/db
> *default prefix=/usr
> *default release=cvs tag=.
> *default delete use-rel-suffix
> ports-all
> 
> ( or should I change tag=RELENG_5_3 )

  This tag (RELENG_5_3) is for system cvsup not for ports cvsup. In case
  of system cvsup tag=. means to get 6.0-CURRENT. For ports cvsup (which
  is what I presume you want) tag=. is correct.

> 3) portsdb -Uu
> 4) portversion -v
> 5) portupgrade -arR  { to upgrade from all the lower
> versions of applications )

  I would recommend you to use also -b switch in portupgrade (like
  -abrR) to preserve replaced version of software you are upgrading.


Cheers,

Martin


-- 
martin hudec


   * 421 907 303 393
   * [EMAIL PROTECTED]
   * http://www.aeternal.net

"Nothing travels faster than the speed of light with the possible 
exception of bad news, which obeys its own special laws."

   Douglas Adams, "The Hitchhiker's Guide to the Galaxy"


pgpYIYKCctZtm.pgp
Description: PGP signature