From 1b8572eaeb3a00493cae0407f31b845284b2ed57 Mon Sep 17 00:00:00 2001 From: Dru Lavigne Date: Tue, 4 Feb 2014 00:48:13 +0000 Subject: [PATCH] Edits to first section of Updating section. Improve the introduction. Update the config file entries. Sponsored by: iXsystems --- .../books/handbook/cutting-edge/chapter.xml | 87 ++++++++++--------- 1 file changed, 46 insertions(+), 41 deletions(-) diff --git a/en_US.ISO8859-1/books/handbook/cutting-edge/chapter.xml b/en_US.ISO8859-1/books/handbook/cutting-edge/chapter.xml index 5e859c534c..d9d21257e6 100644 --- a/en_US.ISO8859-1/books/handbook/cutting-edge/chapter.xml +++ b/en_US.ISO8859-1/books/handbook/cutting-edge/chapter.xml @@ -160,63 +160,68 @@ updating-upgrading - Applying security patches is an important part of - maintaining computer software, especially the operating system. - For the longest time on &os;, this process was not an easy one. - Patches had to be applied to the source code, the code rebuilt - into binaries, and then the binaries had to be - re-installed. + Applying security patches in a timely manner and + upgrading to a newer release of + an operating system are important aspects of + ongoing system administration. + &os; includes a utility + called freebsd-update which can be used to + perform both these tasks. - This is no longer the case as &os; now includes a utility - called freebsd-update. This utility - provides two separate functions. First, it allows for binary - security and errata updates to be applied to the &os; base - system without the build and install requirements. Second, the - utility supports minor and major release upgrades. + This utility supports binary + security and errata updates to &os;, + without the need to manually compile and install the patch or a + new kernel. Binary updates are available for all architectures and + releases currently supported by the security team. The list of + supported releases and their estimated end-of-life dates are listed at http://www.FreeBSD.org/security/. - - Binary updates are available for all architectures and - releases currently supported by the security team. Before - updating to a new release, its release announcement should be - reviewed as it contains important information pertinent to the + This utility also supports operating system upgrades to minor point + releases as well as upgrades to another release branch. Before + upgrading to a new release, review its release announcement + as it contains important information pertinent to the release. Release announcements are available from http://www.FreeBSD.org/releases/. - - + + If a crontab utilizing the features of &man.freebsd-update.8; exists, it must be - disabled before the following operation is started. + disabled before upgrading the operating system. + + + This section describes the configuration file used by + freebsd-update, demonstrates how to + apply a security patch and how to upgrade to a minor or major + operating system release, and discusses some of the considerations + when upgrading the operating system. The Configuration File - Some users may wish to tweak the default configuration + The default configuration file for + freebsd-update works as-is. Some users may wish to tweak the default configuration in /etc/freebsd-update.conf, allowing - better control of the process. The options are well - documented, but the following may require a bit more + better control of the process. The comments in this file explain the available options, + but the following may require a bit more explanation: # Components of the base system which should be kept updated. -Components src world kernel +Components world kernel This parameter controls which parts of &os; will be kept - up-to-date. The default is to update the source code, the - entire base system, and the kernel. Components are the same - as those available during installation. For instance, adding - world/games would allow game patches to be - applied. Using src/bin would allow the - source code in src/bin - to be updated. - - The best option is to leave this at the default as - changing it to include specific items requires the user to - list every item to be updated. This could have disastrous + up-to-date. The default is to update the + entire base system and the kernel. Individual components can + instead be specified, such as + src/base or + src/sys. However, the best option is to leave this at the default as + changing it to include specific items requires + every needed item to be listed. Over time, this could have disastrous consequences as source code and binaries may become out of sync. # Paths which start with anything matching an entry in an IgnorePaths # statement will be ignored. -IgnorePaths +IgnorePaths /boot/kernel/linker.hints To leave specified directories, such as /bin or @@ -233,7 +238,7 @@ UpdateIfUnmodified /etc/ /var/ /root/ /.cshrc /.profile This option will only update unmodified configuration files in the specified directories. Any changes made by the - user will invalidate the automatic updating of these files. + user will prevent the automatic updating of these files. There is another option, KeepModifiedMetadata, which will instruct freebsd-update to save the changes during @@ -241,14 +246,14 @@ UpdateIfUnmodified /etc/ /var/ /root/ /.cshrc /.profile # When upgrading to a new &os; release, files which match MergeChanges # will have any local changes merged into the version from the new release. -MergeChanges /etc/ /var/named/etc/ +MergeChanges /etc/ /var/named/etc/ /boot/device.hints List of directories with configuration files that freebsd-update should attempt to merge. The file merge process is a series of &man.diff.1; patches similar to &man.mergemaster.8;, but with fewer options. - Merges are either accepted, open an editor, or - freebsd-update will abort. When in doubt, + Merges are either accepted, open an editor, or cause + freebsd-update to abort. When in doubt, backup /etc and just accept the merges. See for more information about mergemaster. @@ -259,7 +264,7 @@ MergeChanges /etc/ /var/named/etc/ This directory is where all patches and temporary files are placed. In cases where the user is doing a version - upgrade, this location should have a least a gigabyte of disk + upgrade, this location should have at least a gigabyte of disk space available. # When upgrading between releases, should the list of Components be