Re: update from 7.0 to 7.2?
Le 29/06/2009 à 15:20:59-0400, Lowell Gilbert a écrit Brad Mettee bmet...@pchotshots.com writes: If a system is stable and ports are up to date, serving mail web pages as needed, is there any reason to update from this: FreeBSD ns1.pchotshots.com 7.0-RELEASE FreeBSD 7.0-RELEASE #0: Sun Feb 24 10:35:36 UTC 2008 r...@driscoll.cse.buffalo.edu:/usr/obj/usr/src/sys/GENERIC amd64 To something newer? (like 7.2 stable) Would there be any noticeable benefit from an update? At *least* make sure you get the security updates... Other reason to make time to time a update is to simplify you life when your old version don't work after N years. Someday you may have (for example) postfix don't work anymore on you old version. So when you don't have the choice, the update may very hard to make. Regards. -- Albert SHIH SIO batiment 15 Observatoire de Paris Meudon 5 Place Jules Janssen 92195 Meudon Cedex Heure local/Local time: Mar 30 jui 2009 14:50:02 CEST ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: update from 7.0 to 7.2?
Brad Mettee bmet...@pchotshots.com writes: If a system is stable and ports are up to date, serving mail web pages as needed, is there any reason to update from this: FreeBSD ns1.pchotshots.com 7.0-RELEASE FreeBSD 7.0-RELEASE #0: Sun Feb 24 10:35:36 UTC 2008 r...@driscoll.cse.buffalo.edu:/usr/obj/usr/src/sys/GENERIC amd64 To something newer? (like 7.2 stable) Would there be any noticeable benefit from an update? At *least* make sure you get the security updates... Other reason to make time to time a update is to simplify you life when your old version don't work after N years. Someday you may have (for example) postfix don't work anymore on you old version. So when you don't have the choice, the update may very hard to make. Another reason to consider, at some date, 7.0 will not be amintained anymore. At that time you may be facing difficulties to upgrade to the latest legacy release: upgrades are better tested when done in sequence: 7.0 to 7.1, 7.1 to 7.2, etc. 7.x to 8.y. 7.0 to 8.y may work, or may not. So you better not stay too far behind. Bests, Olivier ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
update from 7.0 to 7.2?
If a system is stable and ports are up to date, serving mail web pages as needed, is there any reason to update from this: FreeBSD ns1.pchotshots.com 7.0-RELEASE FreeBSD 7.0-RELEASE #0: Sun Feb 24 10:35:36 UTC 2008 r...@driscoll.cse.buffalo.edu:/usr/obj/usr/src/sys/GENERIC amd64 To something newer? (like 7.2 stable) Would there be any noticeable benefit from an update? Thanks Brad Mettee PC HotShots, Inc. Baltimore, MD (410) 426-7617 - Let us bring out the *Power* of your PCs. - - Custom Business Software Solutions since 1991 - visit http://www.pchotshots.com for information about our company. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: update from 7.0 to 7.2?
On Mon, 29 Jun 2009 14:05:29 -0400 Brad Mettee bmet...@pchotshots.com wrote: If a system is stable and ports are up to date, serving mail web pages as needed, is there any reason to update from this: FreeBSD ns1.pchotshots.com 7.0-RELEASE FreeBSD 7.0-RELEASE #0: Sun Feb 24 10:35:36 UTC 2008 r...@driscoll.cse.buffalo.edu:/usr/obj/usr/src/sys/GENERIC amd64 To something newer? (like 7.2 stable) Would there be any noticeable benefit from an update? You mean other than using a supported system with bug and security fixes? Andreas -- GnuPG key : 0x2A573565|http://www.gnupg.org/howtos/de/ Fingerprint: 925D 2089 0BF9 8DE5 9166 33BB F0FD CD37 2A57 3565 pgp594kTq58ty.pgp Description: PGP signature
Re: update from 7.0 to 7.2?
On Mon, Jun 29, 2009 at 2:05 PM, Brad Mettee bmet...@pchotshots.com wrote: If a system is stable and ports are up to date, serving mail web pages as needed, is there any reason to update from this: FreeBSD ns1.pchotshots.com 7.0-RELEASE FreeBSD 7.0-RELEASE #0: Sun Feb 24 10:35:36 UTC 2008 r...@driscoll.cse.buffalo.edu:/usr/obj/usr/src/sys/GENERIC amd64 To something newer? (like 7.2 stable) Would there be any noticeable benefit from an update? Thanks Brad Mettee PC HotShots, Inc. Baltimore, MD (410) 426-7617 There's always the if it ain't broke, don't fix it belief. If you're using ZFS, 7.2-STABLE has the latest ZFS update; comparitavely, 7.1-RELEASE has a longer time until end-of-life. You could also check out the release notes to see if any of the updates are something worth upgrading for, respective to your needs/setup. Regards, Earl ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: update from 7.0 to 7.2?
On Mon, Jun 29, 2009 at 02:05:29PM -0400, Brad Mettee wrote: If a system is stable and ports are up to date, serving mail web pages as needed, is there any reason to update from this: FreeBSD ns1.pchotshots.com 7.0-RELEASE FreeBSD 7.0-RELEASE #0: Sun Feb 24 10:35:36 UTC 2008 r...@driscoll.cse.buffalo.edu:/usr/obj/usr/src/sys/GENERIC amd64 To something newer? (like 7.2 stable) Would there be any noticeable benefit from an update? It depends. There are vulnerabilities in kernel and userland fixed between 7.0-RELEASE and 7.2-RELEASE-p2. See http://security.freebsd.org/advisories.html If any of these vulneratbilities affect your system you should see if there are workarounds mentioned. If not it would be best to upgrade. If you subscribe tot the freebsd-announce mailing-list, you'll be warned when a vulnerability is found. You can then judge if it is wise to apply the fix. In general, I would follow the minor version branch (RELENG_7_X, 7.2-RELEASE-pX) to pick up fixes for vulnerabilities. Roland -- R.F.Smith http://www.xs4all.nl/~rsmith/ [plain text _non-HTML_ PGP/GnuPG encrypted/signed email much appreciated] pgp: 1A2B 477F 9970 BA3C 2914 B7CE 1277 EFB0 C321 A725 (KeyID: C321A725) pgps3uDKJMg8w.pgp Description: PGP signature
Re: update from 7.0 to 7.2?
Brad Mettee bmet...@pchotshots.com writes: If a system is stable and ports are up to date, serving mail web pages as needed, is there any reason to update from this: FreeBSD ns1.pchotshots.com 7.0-RELEASE FreeBSD 7.0-RELEASE #0: Sun Feb 24 10:35:36 UTC 2008 r...@driscoll.cse.buffalo.edu:/usr/obj/usr/src/sys/GENERIC amd64 To something newer? (like 7.2 stable) Would there be any noticeable benefit from an update? At *least* make sure you get the security updates... -- Lowell Gilbert, embedded/networking software engineer, Boston area http://be-well.ilk.org/~lowell/ ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: update from 7.0 to 7.2?
At 03:20 PM 6/29/2009, you wrote: Brad Mettee bmet...@pchotshots.com writes: If a system is stable and ports are up to date, serving mail web pages as needed, is there any reason to update from this: FreeBSD ns1.pchotshots.com 7.0-RELEASE FreeBSD 7.0-RELEASE #0: Sun Feb 24 10:35:36 UTC 2008 r...@driscoll.cse.buffalo.edu:/usr/obj/usr/src/sys/GENERIC amd64 To something newer? (like 7.2 stable) Would there be any noticeable benefit from an update? At *least* make sure you get the security updates... -- Lowell Gilbert, embedded/networking software engineer, Boston area Ok, looks like I have some reading to do. Thanks everyone. Brad Mettee PC HotShots, Inc. Baltimore, MD (410) 426-7617 - Let us bring out the *Power* of your PCs. - - Custom Business Software Solutions since 1991 - visit http://www.pchotshots.com for information about our company. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: update from 7.0 to 7.2?
Hi, my general concept is not to stick with the releases but to keep the kernel on the current development like using RELENG_7 for CVS. You will notice that HAL and DBUS changed. I noticed because of this real speed improvements on a slower machine. Anyway, if this server runs mail and web pages, it is public available and so prone to attacks. So, make sure that you have the security updates installed. Erich On 30 June 2009 am 02:05:29 Brad Mettee wrote: If a system is stable and ports are up to date, serving mail web pages as needed, is there any reason to update from this: FreeBSD ns1.pchotshots.com 7.0-RELEASE FreeBSD 7.0-RELEASE #0: Sun Feb 24 10:35:36 UTC 2008 r...@driscoll.cse.buffalo.edu:/usr/obj/usr/src/sys/GENERIC amd64 To something newer? (like 7.2 stable) Would there be any noticeable benefit from an update? Thanks Brad Mettee PC HotShots, Inc. Baltimore, MD (410) 426-7617 - Let us bring out the *Power* of your PCs. - - Custom Business Software Solutions since 1991 - visit http://www.pchotshots.com for information about our company. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
freebsd-update from 7.0 to 7.2
Hello, I've got an older machine running 7.0. I ran freebsd-update upgrade on it to update it to 7.2, aftetr two reboots i'm still seeing 7.0 in the uname -r output. I did not get any errors during the download or installation of patches. Is this a recommended upgrade path? Thanks. Dave. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: freebsd-update from 7.0 to 7.2
Dave wrote: Hello, I've got an older machine running 7.0. I ran freebsd-update upgrade on it to update it to 7.2, aftetr two reboots i'm still seeing 7.0 in the uname -r output. I did not get any errors during the download or installation of patches. The syntax for upgrading to a next version is slightly more involved, please read Handbook's section 24.2.3: http://www.freebsd.org/doc/en/books/handbook/updating-upgrading-freebsdupdate.html#FREEBSDUPDATE-UPGRADE Is this a recommended upgrade path? Thanks. Dave. Yes ;) ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
How to update from 7.0-stable-200805 to 7.0-stable-200807 ?
I use 7.0-STABLE-200805. I want to update it to 7.0-STABLE-200807. How do I update for the last updates clearly ? is there a way to update without reboot the machine or with only one reboot ? ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: How to update from 7.0-stable-200805 to 7.0-stable-200807 ?
Yavuz Maslak wrote: I use 7.0-STABLE-200805. I want to update it to 7.0-STABLE-200807. How do I update for the last updates clearly ? is there a way to update without reboot the machine or with only one reboot ? Use csup to synchronize your source: - Copy the file /usr/share/examples/cvsup/stable-supfile to your home dir (run commands as root or with sudo) - Edit and change default host to a mirror near you ( http://www.freebsd.org/doc/en_US.ISO8859-1/books/handbook/cvsup.html#HANDBOOK-MIRRORS-CHAPTER-SGML-CENTRAL-CVSUP ) - csup -g -L2 stable-supfile - Follow these instructions to rebuild your system: http://www.freebsd.org/doc/en_US.ISO8859-1/books/handbook/makeworld.html You will need to reboot twice, once after you install the kernel and a second time when you install world, after the final mergemaster step. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
dns update for 7.0
I just joined the list (but did search the archive), so I apologize in advance if this was already answered and I missed it. What's the process to update the base bind in freebsd for the new cacheing poisoning vuln that seems to be all the rage lately? I'm running freebsd 7.0-RELEASE-p2 and I am using the included base bind 9.4.2 as resolver for my network. Will there be an update through freebsd-update to upgrade to bind 9.4.2-p1, or is there some other process I need to followcompile source and replace?. Thanks, -- Joshua Frugé [EMAIL PROTECTED] ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: dns update for 7.0
Joshua Frugé wrote: I just joined the list (but did search the archive), so I apologize in advance if this was already answered and I missed it. What's the process to update the base bind in freebsd for the new cacheing poisoning vuln that seems to be all the rage lately? I'm running freebsd 7.0-RELEASE-p2 and I am using the included base bind 9.4.2 as resolver for my network. Will there be an update through freebsd-update to upgrade to bind 9.4.2-p1, or is there some other process I need to followcompile source and replace?. I recommend you install one or other of the bind ports: dns/bin9 dns/bind94 dns/bind95 All of these were updated last night to include the UDP port randomization stuff in the latest security patch. (There's not much point in installing dns/bind9 though, as that's a downgrade to bind9.3 from the system supplied bind-9.4.2) You don't need to overwrite the base system bind -- the vulnerability works on the cache of a running instance of named when configured as a recursive resolver. So as long as you start up the patched daemon, everything should be fine. To start up the version of bind you just installed from ports, add named_enable=YES named_program=/usr/local/sbin/named named_flags=-c /etc/namedb/named.conf to /etc/rc.conf and then run: /etc/rc.d/named restart and check your system logs for a line saying something like: starting BIND 9.X.Y-P1 -c /etc/namedb/named.conf -t /var/named -u bind where the 'P1' bit shows you're running the patched version. There may well be a security notice and a patch for the base system generated in the next few days: the security team is looking into the matter and will respond in due course. D-day for having everything properly patched is the presentation Dan Kaminsky is doing at the Blackhats conference on August 6th (or possibly August 7th) The patches ISC have produced will have an adverse effect if you're answering something in excess of 10,000 DNS queries a second, which is rather more than most people would get to deal with, but are otherwise innocuous. http://www.isc.org/index.pl?/sw/bind/bind-security.php To test if a recursive nameserver is potentially vulnerable, grab the perl script from this site: http://michael.toren.net/code/noclicky/ Cheers, Matthew -- Dr Matthew J Seaman MA, D.Phil. 7 Priory Courtyard Flat 3 PGP: http://www.infracaninophile.co.uk/pgpkey Ramsgate Kent, CT11 9PW signature.asc Description: OpenPGP digital signature
Re: dns update for 7.0
--On Thursday, July 10, 2008 11:05:11 -0500 Joshua Frugé [EMAIL PROTECTED] wrote: I just joined the list (but did search the archive), so I apologize in advance if this was already answered and I missed it. What's the process to update the base bind in freebsd for the new cacheing poisoning vuln that seems to be all the rage lately? I'm running freebsd 7.0-RELEASE-p2 and I am using the included base bind 9.4.2 as resolver for my network. Will there be an update through freebsd-update to upgrade to bind 9.4.2-p1, or is there some other process I need to followcompile source and replace?. Base bind is updated by freebsd-update *assuming* you are using the base bind and not the port bind *and* assuming you haven't altered any of the binaries by patching them manually. You can, of course, use the tried and true make buildworld process to update it as well *when* the patches are released. -- Paul Schmehl As if it wasn't already obvious, my opinions are my own and not those of my employer. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
update to 7.0
if i will update to freebsd 7.0 server running many jails, can jails run having 6.2p7 binaries unchanged? ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
