|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
Is there any way to know if userland is patched?
From: Xin LI (delphij
frontfree.net)
Date: Wed Nov 10 2004 - 11:35:11 CST
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Dear folks,
I'm recently investigating large scale deployment and upgrading FreeBSD
RELEASE. It's our tradition to bump "RELEASE-pN" after a security patch
is applied, however, it seems that there is less method to determine
whether the userland is patched, which is somewhat important for large
site managements.
So is "uname -sr" the only way to differencate the patchlevel of a security
branch? I have read Colin's freebsd-update script and to my best of
knowledge this is the only way (and, on condition that we have re-compiled
the kernel and installed it, and reboot'ed). Given the nature of a security
or errata branch, we can expect that no API/ABI changes will occour and it
should be safe to do make installworld/installkernel in any order, and bumping
patchlevel does not mean that a reboot must be done.
Please correct me if I was wrong, thanks.
Cheers,
--
Xin LI <delphij frontfree net> http://www.delphij.net/
See complete headers for GPG key and other information.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.6 (FreeBSD)
iD8DBQFBklFP/cVsHxFZiIoRArNMAJoDQ8xvgqMxDxlw3A8UtWMF1Wrg3gCePf52
1pfxXnFZvhYmn0saK1iOh88=
=h7f6
-----END PGP SIGNATURE-----
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]