netbsd-users: Re: Keeping 1.6.1 up to date.

Subject: Re: Keeping 1.6.1 up to date.
To: Louis Guillaume <lguillaume@berklee.edu>
From: Oliver Egginger <oliver.egginger@dvz.fh-giessen.de>
List: netbsd-users
Date: 11/20/2003 17:35:27

> Would it not be reasonably simple (or at least a good idea) to post a 
> binary patch associated with each Security Advisory? Or cumulative 
> patches to fix several?

But you would have to do this for every platform, and NetBSD supports
many platforms. I think it would be better to write a script, which load
and translate the sources automatically and report errors to a specified
address. Maybe someone already did it.

- oliver

Am Don, 2003-11-20 um 17.20 schrieb Louis Guillaume:
> I was hoping for a scheme involving binary patches. Remember, I'm trying 
> to sell a RedHat up2date user on NetBSD.
> 
> He's probably not ready to hear, "you need to maintain a source 
> repository for the netbsd-1.6 branch." I worry it may scare him off.
> 
> Would it not be reasonably simple (or at least a good idea) to post a 
> binary patch associated with each Security Advisory? Or cumulative 
> patches to fix several?
> 
> Then we can have a tool similar to pkg-audit which will check for 
> patches periodically, optionally updating the system.
> 
> A tool like this would certainly make NetBSD more attractive to the 
> Systems Administrator who doesn't have time for, or care about building 
> from source.
> 
> I'd be happy to help work on this too if anyone's interested. Thanks
> 
> Louis
> 
> 
> 
> >>What is the expected maintenance scheme for a NetBSD release in a
> >>production environment?
> > 
> > 
> > Please correct me if I didn't understand you correctly. But the normal
> > ways of maintaining NetBSD releases are:
> > 
> > * Following the netbsd-1-6 branch (with the -rnetbsd-1-6 CVS parameter),
> > just like you can follow current. The netbsd-1-6 branch includes security
> > updates and important fixes.
> > * Apply the patches as explained in the security updates.
> > 
> > Tracking netbsd-1-6 is a bit more ideal, because it includes other fixes.
> > For packages you can use the normat approach (e.g. using
> > download-vurnerability-list and audit-packages).
> > 
> > With kind regards,
> > Daniel de Kok
> > 
-- 
Oliver Egginger <oliver.egginger@dvz.fh-giessen.de>
Fachhochschule Giessen-Friedberg