Is there any way to know if userland is patched?
--45Z9DzgjV8m4Oswq
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable
Dear folks,
I'm recently investigating large scale deployment and upgrading FreeBSD
RELEASE. It's our tradition to bump "RELEASE-pN" after a security patch
is applied, however, it seems that there is less method to determine
whether the userland is patched, which is somewhat important for large
site managements.
So is "uname -sr" the only way to differencate the patchlevel of a security
branch? I have read Colin's freebsd-update script and to my best of
knowledge this is the only way (and, on condition that we have re-compiled
the kernel and installed it, and reboot'ed). Given the nature of a security
or errata branch, we can expect that no API/ABI changes will occour and it
should be safe to do make installworld/installkernel in any order, and bump=
ing
patchlevel does not mean that a reboot must be done.
Please correct me if I was wrong, thanks.
Cheers,
--=20
Xin LI <delphij frontfree net> http://www.delphij.net/
See complete headers for GPG key and other information.
--45Z9DzgjV8m4Oswq
Content-Type: application/pgp-signature
Content-Disposition: inline
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.6 (FreeBSD)
iD8DBQFBklFP/cVsHxFZiIoRArNMAJoDQ8xvgqMxDxlw3A8UtWMF1Wrg3gCePf52
1pfxXnFZvhYmn0saK1iOh88=
=h7f6
-----END PGP SIGNATURE-----
--45Z9DzgjV8m4Oswq--
討論串 (同標題文章)
完整討論串 (本文為第 1 之 6 篇):