freebsd-update patches custom /boot/kernel/kernel which it should not
Paul Schmehl
pschmehl_lists at tx.rr.com
Wed Jan 2 19:47:37 UTC 2013
--On January 2, 2013 8:18:38 PM +0100 andreas scherrer
<ascherrer at gmail.com> wrote:
> on 2.1.13 19:15 Paul Schmehl said the following:
>> --On January 2, 2013 6:45:50 PM +0100 andreas scherrer
>>> And from experience this is what it will do: replace /boot/kernel/kernel
>>> which is my custom kernel with a GENERIC kernel.
>>>
>>> As it seems that freebsd-update works by comparing a hash of
>>> /boot/kernel/kernel with the GENERIC kernel's hash I checked the md5 and
>>> sha1 hash of /boot/kernel/kernel and /boot/GENERIC/kernel. They differ
>>> (see [3]).
>>>
>>> So why is freebsd-update going to overwrite my custom kernel? And how
>>> can I prevent it from doing so?
>>>
>>
>> Read man (5) freebsd-update.conf. Particularly the COMPONENTS portion
>> that explains how to update world without changing kernel.
>
> Thanks for pointing this out. I might change my freebsd-update.conf to
> not update the kernel. But still I believe this to be more of a kludge
> than a solution: in my opinion the handbook suggests that a custom
> kernel should be detected and left alone. But at the same time a GENERIC
> kernel in /boot/GENERIC should be patched.
>
> http://www.freebsd.org/doc/handbook/updating-upgrading-freebsdupdate.html
> -----
That needs to be updated.
> However, freebsd-update will detect and update the GENERIC kernel in
> /boot/GENERIC (if it exists), even if it is not the current (running)
> kernel of the system.
> -----
>
> Furthermore if I remove the kernel option from the COMPONENTS in
> freebsd-update.conf I think I will not get the kernel source patches
> anymore, right? Which in turn means I have to get them via some other
> mechanism, no?
>
See UpdateIfUnmodified in the man page. You can specify a regex pattern
that prevents the kernel from being modified but still downloads the
sources.
Or you can simply pull source from svn, which I think would be my preferred
method. Once you've made the first pull, you can use svn to pull all the
kernel updates subsequent to that first pull and then buildkernel as you
normally do.
>> From the same link as above to the handbook:
> -----
> Unless the default configuration in /etc/freebsd-update.conf has been
> changed, freebsd-update will install the updated kernel sources along
> with the rest of the updates.
> -----
>
> I think something does not add up here but I can't get my head around it
> (yet?).
>
The Handbook is out of date.
--
Paul Schmehl, Senior Infosec Analyst
As if it wasn't already obvious, my opinions
are my own and not those of my employer.
*******************************************
"It is as useless to argue with those who have
renounced the use of reason as to administer
medication to the dead." Thomas Jefferson
"There are some ideas so wrong that only a very
intelligent person could believe in them." George Orwell
More information about the freebsd-questions
mailing list