Question about security updates.

Pratt, Benjamin E. bepratt at stcloudstate.edu
Wed Dec 3 11:20:21 PST 2003 

rottie -
 
I'm fairly new to FreeBSD as well (a converted Mandrake user) and I have
attached my little cheat sheet about working with the ports tree and
running updates.

>From what I understand, the ports tree is not installed software, it's
just a list of everything that can be installed and a location to easily
install it.  Just because you have /usr/ports/security/ssh/ in your
ports tree does not mean that it is installed.

I hope that my attached file helps.  It's just what I've compiled into
one place from my questions in different discussions and reading
http://www.freebsd.org/handbook/.

Good luck,

Ben

-----Original Message-----
From: rotten rottie [mailto:r0tt13 at hotmail.com] 
Sent: Wednesday, December 03, 2003 12:21 PM
To: freebsd-newbies at freebsd.org
Subject: Question about security updates.

I am a linux user that wants to switch to freebsd... I am a bit confused

about applying updates etc..

I installed a box for trial it was 5.1, I wanted to see if I could use
ports 
to update openssh for a test examp. After the port installed I noticed
that 
another version of openssh was installed on the system. I talked with a 
friend and he said that it was part of usr/src and I could update it by 
compiling the usr.bin version.. which was fine and worked. Here are my 
questions:

1) if there are two trees(lack of better words) why would ssh exit in
both 
the system tree and the ports tree ? Wouldnt it be better to have it in
the 
ports tree ?

2) I have used gentoo in the past and am curious if there is something 
simular to emerge -up world/system -- I would like to cvs the ports/sys
and 
then be able to see if anything need upgrading .. is this possible ?

3) Say there was a update to openssh .. which would be the proper way to

update .. sync the sys tree and then just update ssh .. or sync the tree
and 
recompile the system ? or remove the sys version and install the port 
version and update the port ?

I am very happy with freebsd .. Im still in the exploring stage .. The 
reasons for my questions is that I am a little weary of using freebsd in

production if I dont easily know when updates are avail, having to
recompile 
the system everytime I need a patch for a service.

Thanks for helping me convert,
rottie

_________________________________________________________________
Tired of slow downloads and busy signals?  Get a high-speed Internet 
connection! Comparison-shop your local high-speed providers here. 
https://broadband.msn.com

_______________________________________________
freebsd-newbies at freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-newbies
To unsubscribe, send any mail to
"freebsd-newbies-unsubscribe at freebsd.org"
-------------- next part --------------
Packages

    pkg_add packagename       Installs the package 'packagename'

    pkg_add -r packagename    Installs the package 'packagename' from a remote location

    pkg_info                  Lists and describes installed packages

    pkg_version               Tells the version of installed packages

    pkg_delete packagename    Uninstalls the package 'packagename'

Ports (requires "Ports Collection")

    1) Locate Port
        a)  http://www.freebsd.org/ports/index.html
        b)  # cd /usr/ports
            # make search name=lsof
            Port:   lsof-4.56.4
            Path:   /usr/ports/sysutils/lsof
            Info:   Lists information about open files (similar to fstat(1))
            Maint:  obrien at FreeBSD.org
            Index:  sysutils
            B-deps: 
            R-deps:
        c)  # cd /usr/ports
            # make search key=key_words

    2) Install from CD-ROM
        a)  mount the CD-ROM
        b)  # cd /usr/ports/directory/of/port
        c)  # make install clean
        
    3) Install from Internet
        a)  Same as from CD-ROM

    4) Uninstall Port
        a)  # cd /usr/ports/directory/of/port
        b)  # make deinstall

    5) Upgrade Ports
        a)  Install 'sysutils/portupgrade'
        b)  # pkgdb -F
        c)  # portupgrade -a
        
    6) Update Ports Tree
        a)  Install cvsup (or cvsup-without-gui)
        b)  # vi /usr/share/examples/cvsup/ports-supfile
                Example:
                
                    *default host=cvsup9.us.freebsd.org (cvsup9 = MN, cvsup18 = WI)
                    *default base=/usr
                    *default prefix=/usr
                    *default release=cvs tag=.
                    *default delete use-rel-suffix
                    *default compress
                    ports-all
        c)  # cp /usr/share/examples/cvsup/ports-supfile /tmp/ports-sup
        d)  # cd /tmp && cvsup -g -L 2 ports-sup
        
    7) Disallow Specific Ports
        a) # vi /usr/local/etc/pkgtools.conf
                Example:
                
                     HOLD_PKGS = [
                      'bsdpan-*',
                      'x11*/XFree86*',
                      'portupgrade',
                      'python-*',
                      ]

More information about the freebsd-newbies mailing list