RE: Question about security updates.

From: rotten rottie (r0tt13_at_hotmail.com)
Date: 12/03/03

  • Next message: clayton rollins: "RE: Question about security updates." 
    To: bepratt@STCLOUDSTATE.EDU, freebsd-newbies@freebsd.org
Date: Wed, 03 Dec 2003 19:42:30 +0000

    here is a better example:

    As you can see there is no port/package installed called openssh/ssh ....

    vanapps01# pkg_info
    cvsup-without-gui-16.1f General network file distribution system op
    VS
    expat-1.95.5 XML 1.0 parser written in C
    ezm3-1.0 Easier, more portable Modula-3 distribution for
    gettext-0.11.5_1 GNU gettext package
    gmake-3.80 GNU version of 'make' utility
    libiconv-1.8_2 A character set conversion library
    libtool-1.3.4_4 Generic shared library support script

    But ssh is installed by default during a stand/min install ....

    vanapps01# whereis sshd
    sshd: /usr/sbin/sshd /usr/share/man/man8/sshd.8.gz
    /usr/src/secure/usr.sbin/ssh

    If you cvsup the src you can build a new one by going in openssh dir and
    typing make sshd ....

    vanapps01# pwd
    /usr/src/crypto

    vanapps01# ls -la
    total 18
    drwxr-xr-x 6 root wheel 512 Dec 2 20:48 .
    drwxr-xr-x 20 root wheel 512 Dec 2 21:22 ..
    -rw-r--r-- 1 root wheel 520 Feb 9 2001 README
    drwxr-xr-x 14 root wheel 1024 Dec 2 20:45 heimdal
    drwxr-xr-x 5 root wheel 5120 Dec 2 20:46 openssh
    drwxr-xr-x 15 root wheel 1024 Dec 2 20:48 openssl
    drwxr-xr-x 6 root wheel 512 Dec 2 20:48 telnet

    My questions pertain to this example .. ie if ssh had a bug which do you
    update ?? src/or ports ?? which is proper ?? Do I not install ssh at install
    time so I can install a port of ssh ?? or is there an easy way and I am
    making it complex ?

    Thanks for you help so far ..

    >From: "Pratt, Benjamin E." <bepratt@STCLOUDSTATE.EDU>
    >To: rotten rottie <r0tt13@HOTMAIL.COM>, freebsd-newbies@freebsd.org
    >Subject: RE: Question about security updates.
    >Date: Wed, 03 Dec 2003 13:20:04 -0600
    >MIME-Version: 1.0
    >Received: from tigger.stcloudstate.edu ([199.17.25.5]) by
    >mc12-f36.hotmail.com with Microsoft SMTPSVC(5.0.2195.6713); Wed, 3 Dec 2003
    >11:20:06 -0800
    >Received: from exchange7.stcloudstate.edu ("port 29322"@[199.17.25.221]) by
    >TIGGER.STCLOUDSTATE.EDU (PMDF V6.2 #30669) with ESMTP id
    ><01L3RECGTPQ600FFI5@TIGGER.STCLOUDSTATE.EDU> for r0tt13@HOTMAIL.COM; Wed,
    >03 Dec 2003 13:25:38 -0600 (CST)
    >Received: from exchange.campus.stcloudstate.edu ([199.17.25.200]) by
    >exchange7.stcloudstate.edu with Microsoft SMTPSVC(5.0.2195.6713); Wed, 03
    >Dec 2003 13:20:04 -0600
    >X-Message-Info: JGTYoYF78jHY9kzcWthfX8tUHvk/DNkI
    >Return-path: <bepratt@STCLOUDSTATE.EDU>
    >Message-id:
    ><4F752E686C8E04449DCB9FA7C3BD967471822D@EXCHANGE.campus.stcloudstate.edu>
    >X-MIMEOLE: Produced By Microsoft Exchange V6.0.6375.0
    >Thread-Topic: Question about security updates.
    >Thread-Index: AcO5ymD5t417PDTMSGerGCUMaSPvvwAB0DsA
    >content-class: urn:content-classes:message
    >X-MS-Has-Attach: yes
    >X-MS-TNEF-Correlator:
    >X-OriginalArrivalTime: 03 Dec 2003 19:20:04.0483 (UTC)
    >FILETIME=[74787D30:01C3B9D2]
    >
    >rottie -
    >
    >I'm fairly new to FreeBSD as well (a converted Mandrake user) and I have
    >attached my little cheat sheet about working with the ports tree and
    >running updates.
    >
    >From what I understand, the ports tree is not installed software, it's
    >just a list of everything that can be installed and a location to easily
    >install it. Just because you have /usr/ports/security/ssh/ in your
    >ports tree does not mean that it is installed.
    >
    >I hope that my attached file helps. It's just what I've compiled into
    >one place from my questions in different discussions and reading
    >http://www.freebsd.org/handbook/.
    >
    >Good luck,
    >
    >Ben
    >
    >-----Original Message-----
    >From: rotten rottie [mailto:r0tt13@hotmail.com]
    >Sent: Wednesday, December 03, 2003 12:21 PM
    >To: freebsd-newbies@freebsd.org
    >Subject: Question about security updates.
    >
    >I am a linux user that wants to switch to freebsd... I am a bit confused
    >
    >about applying updates etc..
    >
    >I installed a box for trial it was 5.1, I wanted to see if I could use
    >ports
    >to update openssh for a test examp. After the port installed I noticed
    >that
    >another version of openssh was installed on the system. I talked with a
    >friend and he said that it was part of usr/src and I could update it by
    >compiling the usr.bin version.. which was fine and worked. Here are my
    >questions:
    >
    >1) if there are two trees(lack of better words) why would ssh exit in
    >both
    >the system tree and the ports tree ? Wouldnt it be better to have it in
    >the
    >ports tree ?
    >
    >2) I have used gentoo in the past and am curious if there is something
    >simular to emerge -up world/system -- I would like to cvs the ports/sys
    >and
    >then be able to see if anything need upgrading .. is this possible ?
    >
    >3) Say there was a update to openssh .. which would be the proper way to
    >
    >update .. sync the sys tree and then just update ssh .. or sync the tree
    >and
    >recompile the system ? or remove the sys version and install the port
    >version and update the port ?
    >
    >I am very happy with freebsd .. Im still in the exploring stage .. The
    >reasons for my questions is that I am a little weary of using freebsd in
    >
    >production if I dont easily know when updates are avail, having to
    >recompile
    >the system everytime I need a patch for a service.
    >
    >Thanks for helping me convert,
    >rottie
    >
    >_________________________________________________________________
    >Tired of slow downloads and busy signals? Get a high-speed Internet
    >connection! Comparison-shop your local high-speed providers here.
    >https://broadband.msn.com
    >
    >_______________________________________________
    >freebsd-newbies@freebsd.org mailing list
    >http://lists.freebsd.org/mailman/listinfo/freebsd-newbies
    >To unsubscribe, send any mail to
    >"freebsd-newbies-unsubscribe@freebsd.org"
    ><< BSD_Software.txt >>

    _________________________________________________________________
    Our best dial-up offer is back. Get MSN Dial-up Internet Service for 6
    months @ $9.95/month now! http://join.msn.com/?page=dept/dialup

    _______________________________________________
    freebsd-newbies@freebsd.org mailing list
    http://lists.freebsd.org/mailman/listinfo/freebsd-newbies
    To unsubscribe, send any mail to "freebsd-newbies-unsubscribe@freebsd.org"

  • Next message: clayton rollins: "RE: Question about security updates."

    Relevant Pages

    • Re: new package system proposal
      ... If I could install, let's say, FreeBSD 7.1 on that system, use ... No because the packages are built on a rolling ports tree. ... the precompiled packages are somewhat -STABLE every time. ... snapshot and choosing only to upgrade certain ports. ...
      (freebsd-questions)
    • Re: Is FreeBSD ready for desktop (Mozilla Flash)
      ... > which wasn't found at Adobe, then it wasn't found at ftp.freebsd.whatever, ... I am running a fresh install - no portupgrades, ... since you did not update the ports tree. ...
      (comp.unix.bsd.freebsd.misc)
    • RE: swap_pager: out of swap space --> doxygen installation fails
      ... > I suspect that you have assigned too little swap space. ... I would recommend first CVSup the main source tree (however it is not ... even the ports tree is completely empty!? ... > I then tried to install doxygen as package via sysinstall. ...
      (freebsd-questions)
    • Re: nubie question - Ports - Ruby 1.8.4
      ... # portsnap extract ... So I skipped extract. ... The ports tree installed by the CD was made at the same time the release ... By contrast, as explained above, sysinstall will install the ...
      (freebsd-questions)
    • Re: nubie question - Ports - Ruby 1.8.4
      ... > # portsnap extract ... During sysinstall it had asked me if I wanted the ports collection ... The ports tree installed by the CD was made at the same time the release ... By contrast, as explained above, sysinstall will install the ...
      (freebsd-questions)