Per-jail private loopback
Kevin Oberman
rkoberman at gmail.com
Sat Dec 19 18:30:36 UTC 2015
On Fri, Dec 18, 2015 at 7:09 AM, Mark Martinec <Mark.Martinec at ijs.si> wrote:
> It would be nice to use VIMAGE, but is not in a GENERIC kernel.
> Using a custom kernel voids a comfort of using freebsd-update
> for installing patch revisions and upgrades.
>
> Mark
Not really. First, most updates don't touch the kernel. Even when they do,
you just need to re-build your custom kernel, a rather trivial exercise
when compared to maintaining a system manually. It is easy to do the actual
build on a different system and just copy it to multiple systems. It is
only required for the actual kernel, not modules.
You do have to keep a copy of the GENERIC kernel as /boot/GENERIC. The
Handbook says "Always keep a copy of the GENERIC kernel in /boot/GENERIC.
It will be helpful in diagnosing a variety of problems and in performing
version upgrades."
If freebsd-update calls for a reboot, this is when you need to replace
/boot/kernel/kernel with your custom kernel. If the kernel was not changed,
you won't be required to reboot, though I do recommend doing so to be sure
that no vulnerable code is left running.
--
Kevin Oberman, Part time kid herder and retired Network Engineer
E-mail: rkoberman at gmail.com
PGP Fingerprint: D03FB98AFA78E3B78C1694B318AB39EF1B055683
More information about the freebsd-net
mailing list