RE: Question about security updates.
From: rotten rottie (r0tt13_at_hotmail.com)
To: bepratt@STCLOUDSTATE.EDU, firstname.lastname@example.org Date: Wed, 03 Dec 2003 19:42:30 +0000
here is a better example:
As you can see there is no port/package installed called openssh/ssh ....
cvsup-without-gui-16.1f General network file distribution system op
expat-1.95.5 XML 1.0 parser written in C
ezm3-1.0 Easier, more portable Modula-3 distribution for
gettext-0.11.5_1 GNU gettext package
gmake-3.80 GNU version of 'make' utility
libiconv-1.8_2 A character set conversion library
libtool-1.3.4_4 Generic shared library support script
But ssh is installed by default during a stand/min install ....
vanapps01# whereis sshd
sshd: /usr/sbin/sshd /usr/share/man/man8/sshd.8.gz
If you cvsup the src you can build a new one by going in openssh dir and
typing make sshd ....
vanapps01# ls -la
drwxr-xr-x 6 root wheel 512 Dec 2 20:48 .
drwxr-xr-x 20 root wheel 512 Dec 2 21:22 ..
-rw-r--r-- 1 root wheel 520 Feb 9 2001 README
drwxr-xr-x 14 root wheel 1024 Dec 2 20:45 heimdal
drwxr-xr-x 5 root wheel 5120 Dec 2 20:46 openssh
drwxr-xr-x 15 root wheel 1024 Dec 2 20:48 openssl
drwxr-xr-x 6 root wheel 512 Dec 2 20:48 telnet
My questions pertain to this example .. ie if ssh had a bug which do you
update ?? src/or ports ?? which is proper ?? Do I not install ssh at install
time so I can install a port of ssh ?? or is there an easy way and I am
making it complex ?
Thanks for you help so far ..
>From: "Pratt, Benjamin E." <bepratt@STCLOUDSTATE.EDU>
>To: rotten rottie <r0tt13@HOTMAIL.COM>, email@example.com
>Subject: RE: Question about security updates.
>Date: Wed, 03 Dec 2003 13:20:04 -0600
>Received: from tigger.stcloudstate.edu ([22.214.171.124]) by
>mc12-f36.hotmail.com with Microsoft SMTPSVC(5.0.2195.6713); Wed, 3 Dec 2003
>Received: from exchange7.stcloudstate.edu ("port 29322"@[126.96.36.199]) by
>TIGGER.STCLOUDSTATE.EDU (PMDF V6.2 #30669) with ESMTP id
><01L3RECGTPQ600FFI5@TIGGER.STCLOUDSTATE.EDU> for r0tt13@HOTMAIL.COM; Wed,
>03 Dec 2003 13:25:38 -0600 (CST)
>Received: from exchange.campus.stcloudstate.edu ([188.8.131.52]) by
>exchange7.stcloudstate.edu with Microsoft SMTPSVC(5.0.2195.6713); Wed, 03
>Dec 2003 13:20:04 -0600
>X-MIMEOLE: Produced By Microsoft Exchange V6.0.6375.0
>Thread-Topic: Question about security updates.
>X-OriginalArrivalTime: 03 Dec 2003 19:20:04.0483 (UTC)
>I'm fairly new to FreeBSD as well (a converted Mandrake user) and I have
>attached my little cheat sheet about working with the ports tree and
>From what I understand, the ports tree is not installed software, it's
>just a list of everything that can be installed and a location to easily
>install it. Just because you have /usr/ports/security/ssh/ in your
>ports tree does not mean that it is installed.
>I hope that my attached file helps. It's just what I've compiled into
>one place from my questions in different discussions and reading
>From: rotten rottie [mailto:firstname.lastname@example.org]
>Sent: Wednesday, December 03, 2003 12:21 PM
>Subject: Question about security updates.
>I am a linux user that wants to switch to freebsd... I am a bit confused
>about applying updates etc..
>I installed a box for trial it was 5.1, I wanted to see if I could use
>to update openssh for a test examp. After the port installed I noticed
>another version of openssh was installed on the system. I talked with a
>friend and he said that it was part of usr/src and I could update it by
>compiling the usr.bin version.. which was fine and worked. Here are my
>1) if there are two trees(lack of better words) why would ssh exit in
>the system tree and the ports tree ? Wouldnt it be better to have it in
>ports tree ?
>2) I have used gentoo in the past and am curious if there is something
>simular to emerge -up world/system -- I would like to cvs the ports/sys
>then be able to see if anything need upgrading .. is this possible ?
>3) Say there was a update to openssh .. which would be the proper way to
>update .. sync the sys tree and then just update ssh .. or sync the tree
>recompile the system ? or remove the sys version and install the port
>version and update the port ?
>I am very happy with freebsd .. Im still in the exploring stage .. The
>reasons for my questions is that I am a little weary of using freebsd in
>production if I dont easily know when updates are avail, having to
>the system everytime I need a patch for a service.
>Thanks for helping me convert,
>Tired of slow downloads and busy signals? Get a high-speed Internet
>connection! Comparison-shop your local high-speed providers here.
>email@example.com mailing list
>To unsubscribe, send any mail to
><< BSD_Software.txt >>
Our best dial-up offer is back. Get MSN Dial-up Internet Service for 6
months @ $9.95/month now! http://join.msn.com/?page=dept/dialup
firstname.lastname@example.org mailing list
To unsubscribe, send any mail to "email@example.com"