[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
Re: Running a sustainable source code NetBSD system
This works perfect. I don't use the pkg_comp environment, but I was able to
get this working on my test box using the stable branch.
What do you do when the next stable branch comes out? Do you just change the
branch and check it out again and run through the pkg_chk &&
Also, what do you do when it comes to upgrading the base system? It looks
like that can be done from the CD, but I've never done that before.
On Wed, Jan 13, 2010 at 1:45 PM, Louis Guillaume <louis%zabrico.com@localhost>
> On 1/12/10 6:08 PM, Stripes the Tiger Cub wrote:
>> Hi there,
>> It's been 10 years since I've run NetBSD, and I've come back to my senses
>> after arguing with MacOSX and Linux. The appeal to me that running NetBSD
>> the pkgsrc. Gentoo does not appeal to me, and I miss NetBSD's simplicity.
>> So, for those who run NetBSD systems and compile the pkgsrc instead of
>> downloading the binaries, what do you do to keep your system(s) up to
>> Do you download the latest pkgsrc weekly, or what do you do?
> I use a combination of tools for this; primarily pkg_comp, pkg_chk and
> "pkg_comp" (in pkgtools/pkg_comp) sets up a chroot-ed environment for
> building packages. This way you avoid messing with the running system on
> which you are building.
> "pkg_chk" can check which packages are installed and if they're out of date
> as well as update binary packages based on the latest ones you have built.
> It will update packages from source if you want but I don't use this
> "pkg_rolling-replace" will rebuild all out-of-date packages from source and
> is good for making sure that dependent packages are also rebuilt as
> necessary when a dependency is updated.
> So here's the procedure for NetBSD:
> o On a nightly basis, I have a script that does a "cvs update"
> on the pkgsrc tree. It's worth mentioning that I use the
> "stable" pkgsrc tags from cvs; e.g. pkgsrc-2009Q3.
> # cd /usr/pkgsrc && cvs -q update -dP
> o Periodically (usually every couple weeks) I run go into the
> pkg_comp environment and run pkg_chk to see what needs to be
> updated. If there's anything there, I run pkg_rolling-replace.
> # pkg_chk -uq
> # pkg_rolling-replace -vu
> o Once that's complete, I create a "summary file" (needed for
> using pkg_chk to install binaries to the "real" system).
> # pkg_info -aX | gzip -c > /path/to/repository/pkgsrc_summary.gz
> Now the repository
> o Update binary packages installed in the "real" systems with
> # pkg_chk -bu -P /path/to/repository
> There's a new thing called "pkgin" that updates binary packages much like
> apt-get does. It will be really nice once it's stable. My last attempt
> showed many minor bugs, but nothing major.
> I also monitor the logs from the nightly reports for any package
> vulnerabilities and try to get those fixed quickly, but the method is the
> For Linux and Mac OS X I usually do the same, except without the chroot
> environment. So I risk my installed packages in those cases. On AIX, I use a
> chroot environment but not pkg_comp. The same can be done, I'm sure, for
> Linux and OS X.
///stripes/// - bengaltigerstripes%gmail.com@localhost
Main Index |
Thread Index |