Subject: Re: Clarify Patch Application Method Please ?
To: Nick Boyce <nick@glimmer.demon.co.uk>
From: David Brownlee <abs@netbsd.org>
List: netbsd-help
Date: 09/28/2000 19:15:14
On Thu, 28 Sep 2000, Nick Boyce wrote:
> > It may be that its stripped when being installed - try 'strip
> > ftpd'.
>
> That seems to be it - I ran 'strip ftpd' and got a binary of exactly
> the same size as the release version.
>
Glad that has been cleared up :)
> > > Also, how should I install the new binary ? Using "make install", or
> > > do I just copy the binary to /usr/libexec and make sure it's
> > > permissions are set the same as the original ?
> > >
> > 'make install' should do the right thing.
>
> Thanks (noting the comment from Manuel Bouyer that I would also need
> to extract src/libexec/Makefile.inc from the tarball in order for
> 'make install' to work).
>
Ahem - I always tend to have the whole tree unpacked :)
> I'd be happy to - I'm already building a document - where should I
> send it for review ? And what format - plain text, or HTML in the
> style of a www.netbsd.org webpage ?
>
Ideally would be in nroff -mdoc :) Otherwise HTML would be
fine, to www@netbsd.org
> One final issue - problem even: I note that the patch doesn't change
> the daemon's version string - it hasn't changed from
>
> 220 rccnx4 FTP server (Version: 7.1.0) ready.
>
> So how are we to tell that the patch is in ?
> (You know - my successor, after I've gone, and nobody can find the
> system documentation ;-). Satan-style vulnerability scanners wouldn't
> know what to think either (which might be a good thing :-).
>
> I wondered whether I should post this query to the tech-security list,
> but I note that that doesn't seem to be an active list (last posting
> in Dec 1999 !?), and I also guess the NetBSD project likes things the
> way they are on this point. What's the score here ?
>
Thats definitely worth asking on tech-security. I can assure you
its still active - where did you see the old archive?
> I realise a simple version number increment doesn't really cover it
> (some people might not apply every patch), but maybe a "patch-present"
> bitmap, displayed as a hex string ...
A version increment is probably good enough - we don't tend to
have so many patches for a given program that people should be
picking and choosing, and if they do, they can pick their own
version :)
David/absolute
-- www.netbsd.org: A pmap for every occasion --