docs/139095: new article on creating an internal FreeBSD Update Server

Jason jhelfman at e-e.com
Thu Oct 15 19:10:02 UTC 2009


The following reply was made to PR docs/139095; it has been noted by GNATS.

From: Jason <jhelfman at e-e.com>
To: bug-followup at FreeBSD.org, jhelfman at e-e.com
Cc:  
Subject: Re: docs/139095: new article on creating an internal FreeBSD
 Update Server
Date: Thu, 15 Oct 2009 11:19:26 -0700

 --VS++wcV0S1rZb1Fb
 Content-Type: text/plain; charset=us-ascii; format=flowed
 Content-Disposition: inline
 
 Submitting a patch to my original PR.
 
 --VS++wcV0S1rZb1Fb
 Content-Type: text/plain; charset=us-ascii
 Content-Disposition: attachment; filename=patch
 
 *** article.sgml.orig	Thu Oct 15 10:48:39 2009
 --- article.sgml	Thu Oct 15 11:07:31 2009
 ***************
 *** 1,5 ****
 --- 1,6 ----
 + <!DOCTYPE article PUBLIC "-//FreeBSD//DTD DocBook V4.1-Based Extension//EN" [
   <!ENTITY % articles.ent PUBLIC "-//FreeBSD//ENTITIES DocBook FreeBSD Articles Entity Set//EN">
   %articles.ent;
   <!ENTITY fbus.ap "<application>FreeBSD Update Server</application>">
   ]>
   
 ***************
 *** 62,72 ****
         <listitem>
           <para>An ssh account on a remote machine to upload the distributed updates, &man.ssh.1;.</para>
         </listitem>
   
         <listitem>
 !         <para>A web server, with over half of the the space required for the build.
             For instance, my builds total 4G, and the webserver space needed to 
             distribute updates is 2.6G.
             </para>
         </listitem>
   
 --- 63,73 ----
         <listitem>
           <para>An ssh account on a remote machine to upload the distributed updates, &man.ssh.1;.</para>
         </listitem>
   
         <listitem>
 !         <para>An <ulink url="http://www.freebsd.org/doc/en_US.ISO8859-1/books/handbook/network-apache.html">Apache</ulink> web server, with over half of the the space required for the build.
             For instance, my builds total 4G, and the webserver space needed to 
             distribute updates is 2.6G.
             </para>
         </listitem>
   
 ***************
 *** 78,88 ****
       </itemizedlist>
   
     <sect1 id="Configuration">
       <title>Configuration: Installation & Setup</title>
   
 !     <para>Download the <ulink url="http://www.freebsd.org/cgi/cvsweb.cgi/projects/freebsd-update-server/">freebsd-update-server software</ulink>. There is a tarball that can be downloaded, or you can csup projects-all, &man.csup.1;.</para>
   
       <para>Update
         <filename>scripts/build.conf</filename> appropriately for your
         environment. It is sourced during build and push operations.</para>
   
 --- 79,89 ----
       </itemizedlist>
   
     <sect1 id="Configuration">
       <title>Configuration: Installation & Setup</title>
   
 !     <para>Download the <ulink url="http://www.freebsd.org/cgi/cvsweb.cgi/projects/freebsd-update-server/">freebsd-update-server</ulink> software. There is a tarball that can be downloaded, or you can csup projects-all, &man.csup.1;.</para>
   
       <para>Update
         <filename>scripts/build.conf</filename> appropriately for your
         environment. It is sourced during build and push operations.</para>
   
 ***************
 *** 173,184 ****
   cc -O2 -fno-strict-aliasing -pipe   unstamp.c  -o unstamp
   install findstamps ../bin
   install unstamp ../bin
   rm -f findstamps unstamp
   Generating RSA private key, 4096 bit long modulus
 ! ...............................................................................++
 ! ..................++
   e is 65537 (0x10001)
   
   Public key fingerprint:
   27ef53e48dc869eea6c3136091cc6ab8589f967559824779e855d58a2294de9e
   
 --- 174,185 ----
   cc -O2 -fno-strict-aliasing -pipe   unstamp.c  -o unstamp
   install findstamps ../bin
   install unstamp ../bin
   rm -f findstamps unstamp
   Generating RSA private key, 4096 bit long modulus
 ! ................................................................................++
 ! ...................++
   e is 65537 (0x10001)
   
   Public key fingerprint:
   27ef53e48dc869eea6c3136091cc6ab8589f967559824779e855d58a2294de9e
   
 ***************
 *** 1188,1198 ****
   
       <note>
        <para>Updates for the current release of the &os; system you are updating, and what you want to upgrade to need to be built in order for your internal &os; Update Server to properly work.  This is necessary for merging of files between the releases.</para>
       </note>
   
 !     <para>You are not ready to test the updates you've uploaded.</para>
   
        <para>Update client's <keycap>KeyPrint</keycap> and <keycap>ServerName</keycap> in <filename>/etc/freebsd-update.conf</filename>, and perform updates as instructed in the <ulink url="http://www.freebsd.org/doc/en/books/handbook/updating-freebsdupdate.html"> &os; Update </ulink> instructions in the handbook. 
          
     <sect1 id="patch">
       <title>Building a Patch</title>
 --- 1189,1199 ----
   
       <note>
        <para>Updates for the current release of the &os; system you are updating, and what you want to upgrade to need to be built in order for your internal &os; Update Server to properly work.  This is necessary for merging of files between the releases.</para>
       </note>
   
 !     <para>You are now ready to test the updates you've uploaded.</para>
   
        <para>Update client's <keycap>KeyPrint</keycap> and <keycap>ServerName</keycap> in <filename>/etc/freebsd-update.conf</filename>, and perform updates as instructed in the <ulink url="http://www.freebsd.org/doc/en/books/handbook/updating-freebsdupdate.html"> &os; Update </ulink> instructions in the handbook. 
          
     <sect1 id="patch">
       <title>Building a Patch</title>
 ***************
 *** 1983,1997 ****
         <listitem>
           <para>Add <command>make -j <replaceable>NUMBER</replaceable> </command> to <filename>scripts/build.subr</filename> to speed up your processing. I have found that adding flags to anything other than <command>make buildworld</command> and <command>make obj</command> can be unreliable.</para>
         </listitem>
   
         <listitem>
 !         <para>Create a firewall rule to block outgoing RST packets. Due to a bug noted <ulink url="http://unix.derkeiler.com/Mailing-Lists/FreeBSD/stable/2009-04/msg00365.html"> in this posting </ulink> by the the author of freebsd-update-server, you will have many many time-outs and fail to update a system without many pains along the way. I have found that the bug still exists in my adventures with this software.</para>
         </listitem> 
   
         <listitem>
 !         <para>I haven't experimented with this just yet, however if you create an SRV record for your update server, and put others behind it with variable weights, that would be the equivalent of creating mirrors.</para>
         </listitem>
   
         <listitem>
           <para>Please read the source documentation, as well, as I have not experimented with all features of the software.</para>
         </listitem>
 --- 1984,2001 ----
         <listitem>
           <para>Add <command>make -j <replaceable>NUMBER</replaceable> </command> to <filename>scripts/build.subr</filename> to speed up your processing. I have found that adding flags to anything other than <command>make buildworld</command> and <command>make obj</command> can be unreliable.</para>
         </listitem>
   
         <listitem>
 !         <para>Create a firewall rule to block outgoing RST packets. Due to a bug noted <ulink url="http://unix.derkeiler.com/Mailing-Lists/FreeBSD/stable/2009-04/msg00365.html"> in this posting </ulink> by the author of freebsd-update-server, you will have many time-outs and fail to update a system.</para>
         </listitem> 
   
         <listitem>
 !         <para>If you create an appropriate <ulink url="http://www.freebsd.org/doc/en/books/handbook/network-dns.html">DNS</ulink> server SRV record for your update server, and put others behind it with variable weights, that would be the equivalent of creating mirrors.</para>
 !         <screen> _http._tcp.update.myserver.com.                  IN SRV   0 2 80   host1.myserver.com.
 !                                                      SRV   0 1 80   host2.myserver.com.
 !                                                      SRV   0 0 80   host3.myserver.com.</screen>
         </listitem>
   
         <listitem>
           <para>Please read the source documentation, as well, as I have not experimented with all features of the software.</para>
         </listitem>
 
 --VS++wcV0S1rZb1Fb--



More information about the freebsd-doc mailing list