LinuxQuestions.org
Download your favorite Linux distribution at LQ ISO.
Go Back   LinuxQuestions.org > Forums > Other *NIX Forums > *BSD
User Name
Password
*BSD This forum is for the discussion of all BSD variants.
FreeBSD, OpenBSD, NetBSD, etc.

Notices


Reply
  Search this Thread
Old 11-22-2004, 09:48 PM   #1
Gsee
Member
 
Registered: Mar 2004
Location: Australia
Distribution: FreeBSD, OpenBSD, Gentoo, Debian
Posts: 153

Rep: Reputation: 30
Keeping OpenBSD up to date


G'day folks,

I currently have two boxes running OpenBSD 3.6 - one is a router and the other is a DNS cache. I've been using FreeBSD for a little while now and have become accustomed to the FreeBSD

CVSup
cd /usr/src
make buildworld
make buildkernel
make installkernel
reboot
mergemaster -p
make installworld
mergemaster
reboot

scenairo. From what I believe (and please tell me if I'm wrong) is that by running this on FreeBSD I am keeping my box up to date quite acceptably. What I would like to know is what do I need to do for my OpenBSD boxes for the same effect? I don't think either machine has enough space to download the entire src tree. I tried looking at how to run CVSup with OpenBSD but I couldn't really see it working the same way - at least not from what I saw.

If anyone could give me the outline of the steps I need to run on these two boxes to keep them securely up to date it would be greatly appreciated. Furthermore, if it's not too difficult, what the options are for the downloads going to my FreeBSD fileserver so that I'm only downloading the files once rather than once for each machine.

Thanks in advance.
Gsee
 
Old 11-24-2004, 01:32 PM   #2
chort
Senior Member
 
Registered: Jul 2003
Location: Silicon Valley, USA
Distribution: OpenBSD 4.6, OS X 10.6.2, CentOS 4 & 5
Posts: 3,660

Rep: Reputation: 69
$ man release

That gives you step-by-step instructions for rebuilding the system similar to what you described for FreeBSD. You'll also find these very helpful:
the upgrade mini-FAQ
using CVSup (with OpenBSD)
using anonymous CVS

Pay careful attention to which branch you're checking out of cvs. If you leave the tag off, you'll get what's know as -current. This is absolutely the latest software put in main tree. This means there's a potential that there are problems that haven't been discovered yet, and you might be the first person to discover them! In fairness, the main tree is really stable compared to other free OSs. Most of the testing code goes in special snapshots or is only used by developers and doesn't go into the main tree without a high level of confidence.

If you just want security updates, then you want to check out the patch branch, i.e. OPENBSD_3_6. This always remains constant as OPENBSD_<major>_<minor> and will always check out the patch tree for that branch.

So back to the limited space issue, with more than one machine you can benefit from a great feature of OpenBSD, which is the ability to build releases for machines of the same architecture. If you look at the man page for release(8), you'll see that it has instructions for building the sets that are used to install OpenBSD. This means that you can build the updated OS on one machine (which automatically installs it on that machine), then do a release build (on the same machine) that will let you upgrade your second box too! You can make the files available via HTTP, FTP, or NFS (depending on which services you have running) so you don't even have to burn a CD (just copy the bsd.rd to the other box and reboot with it).

If you don't have enough space on either of the OpenBSD boxes (around 1.5 GB for the /usr/src and /usr/obj I think), you could export a partition from your FreeBSD box via NFS and check out the source there. You would have to do the build operation on the OpenBSD box, but it could use the storage remotely.
 
Old 11-25-2004, 07:53 AM   #3
Gsee
Member
 
Registered: Mar 2004
Location: Australia
Distribution: FreeBSD, OpenBSD, Gentoo, Debian
Posts: 153

Original Poster
Rep: Reputation: 30
So which parts of that do I need to follow for just the security patches? And how much local storage will that require?

You quoted 1.5 GB for the /usr/src and /usr/obj but is that for the entire ports tree? I'm just a little confused how much I need for JUST the security patches. I don't necessarily need cutting edge ports etc, just secure - if that's possible.

On my router for example I currently have:

$ df -lh
Filesystem Size Used Avail Capacity Mounted on
/dev/wd0a 147M 22.4M 117M 16% /
/dev/wd0h 1009M 14.0K 959M 0% /home
/dev/wd0d 118M 2.0K 112M 0% /tmp
/dev/wd0g 305M 304M -15.2M 105% /usr
/dev/wd0e 98.3M 8.0M 85.4M 9% /var

How I managed to get to -15.2M on the /usr partition I have no idea.

Thanks again Chort.

Gsee

Last edited by Gsee; 11-25-2004 at 07:54 AM.
 
Old 11-28-2004, 12:25 AM   #4
Gsee
Member
 
Registered: Mar 2004
Location: Australia
Distribution: FreeBSD, OpenBSD, Gentoo, Debian
Posts: 153

Original Poster
Rep: Reputation: 30
Well, as per my expectations, there is not enough disk space on either of the OpenBSD machines for the full source tree. What steps would I need to do if I ONLY want the security updates etc?

Thanks again.

Gsee

P.S. Of course an alternate option would be to put the files in the /home partition. OR better still resize the home partition and increase the /usr partition. If anyone feels brave enough to talk me through that, that would be great. I still would be pushing it to make 1.5 Gb however.

Gsee

Last edited by Gsee; 11-28-2004 at 12:33 AM.
 
Old 12-01-2004, 02:43 AM   #5
chort
Senior Member
 
Registered: Jul 2003
Location: Silicon Valley, USA
Distribution: OpenBSD 4.6, OS X 10.6.2, CentOS 4 & 5
Posts: 3,660

Rep: Reputation: 69
Well you should really have the full src tree to build security patches. I suppose you could try only checking out the portion of the tree that each patch affects, but that would be rather tedious. /usr/src is only for building the OS, the ports tree is completely separate in /usr/ports. /usr/obj is where the object files are created when building the OS.
 
Old 12-02-2004, 06:02 PM   #6
Gsee
Member
 
Registered: Mar 2004
Location: Australia
Distribution: FreeBSD, OpenBSD, Gentoo, Debian
Posts: 153

Original Poster
Rep: Reputation: 30
So... hypothetically speaking. If you had two systems:

OpenBSD 3.6 - DNS Cacher

Filesystem Size Used Avail Capacity Mounted on
/dev/wd0a 147M 27.8M 112M 20% /
/dev/wd0h 603M 224K 573M 0% /home
/dev/wd0d 118M 2.0K 112M 0% /tmp
/dev/wd0g 589M 169M 390M 30% /usr
/dev/wd0e 78.9M 8.1M 66.8M 11% /var

And

OpenBSD 3.6 - Router

Filesystem Size Used Avail Capacity Mounted on
/dev/wd0a 147M 22.4M 117M 16% /
/dev/wd0h 1009M 14.0K 959M 0% /home
/dev/wd0d 118M 2.0K 112M 0% /tmp
/dev/wd0g 305M 176M 113M 61% /usr
/dev/wd0e 98.3M 8.2M 85.2M 9% /var

What would you do about keeping these systems up to date with their security patches? I suppose I _do_ have the FreeBSD fileserver, but setting things up that way sounds messy.

Looking at the router having a 1Gig /home partition of which 14K is being used is there any easy methods to either resize this partition and increase the /usr partition or can I do the updating in the /home directory?

What do you guys feel is the best way for me to approach this?

Gsee

Last edited by Gsee; 12-02-2004 at 06:04 PM.
 
Old 12-03-2004, 11:58 AM   #7
chort
Senior Member
 
Registered: Jul 2003
Location: Silicon Valley, USA
Distribution: OpenBSD 4.6, OS X 10.6.2, CentOS 4 & 5
Posts: 3,660

Rep: Reputation: 69
Neither of those boxes really have the space to check out the full source tree and do a build. I'd look at the NFS possibilities. I haven't had any luck in the past resizing partions, so I couldn't help you there. You don't have enough space to make it worth it any way.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
Start Date + Time Duration = End Date/Time calculator? ToBe Linux - General 3 09-26-2005 10:17 AM
OpenBSD - Where can i get OpenBSD 3.7 ISO CD -- Please help me b:z Linux - Software 1 04-07-2005 08:46 AM
Keeping OpenBSD Updated mijenks *BSD 5 01-20-2005 11:55 PM
localtime / date question with openBSD lazlow69 *BSD 6 12-14-2004 07:50 PM
lastlog date does not match system date? jcmj Linux - Networking 6 10-22-2002 12:09 PM

LinuxQuestions.org > Forums > Other *NIX Forums > *BSD

All times are GMT -5. The time now is 04:33 AM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration