Upgrading FreeBSD

From: Colin Percival (colin.percival@wadham.ox.ac.uk)
Subject: FreeBSD 5.2 -> 5.2.1 upgrade
This is the only article in this thread
View: Original Format
Newsgroups: mpc.lists.freebsd.security, muc.lists.freebsd.security
Date: 2004-02-25 20:05:13 PST

In order to provide an easy update path for i386 systems from
FreeBSD 5.2 to FreeBSD 5.2.1, FreeBSD Update will now update
systems running FreeBSD 5.2-RELEASE to 5.2.1-RELEASE.  To take
advantage of these updates, install and run FreeBSD Update, and
reboot into the new kernel:

# cd /usr/ports/security/freebsd-update && make install clean
# cp /usr/local/etc/freebsd-update.conf.sample 
/usr/local/etc/freebsd-update.conf
# /usr/local/sbin/freebsd-update fetch
# /usr/local/sbin/freebsd-update install
# shutdown -r now

   If you have recompiled any files locally, FreeBSD Update may
not be able to update them automatically (it will complain).
With the latest version of FreeBSD Update (version 1.5), you
can use one of the following commands:
# /usr/local/sbin/freebsd-update --branch crypto fetch
or
# /usr/local/sbin/freebsd-update --branch nocrypto fetch
depending upon whether you installed the "crypto" distribution,
to force files to be updated.  (If you're not sure if you
installed the "crypto" distribution, you almost certainly did).

   FreeBSD Update will update a 5.2-RELEASE system to the exact
binaries distributed with 5.2.1-RELEASE, with the following
exceptions:

1. Files under the following directories will not be updated:

   /usr/ports
   /usr/share/doc
   /usr/share/man/cat*
   /usr/src

The ports and src trees can be updated using cvsup; the files
in /usr/share/man/cat* are rebuilt from (updated) man pages
automatically.

2. FreeBSD binaries include, in their headers, the value of
__FreeBSD_version on the machine where they were compiled.
This value was bumped from 502000 to 502010 as part of the
release engineering process; binaries for which this is the
ONLY change will not be updated.

   As always, this is something I'm providing personally; it is
in no way endorsed by the Security Officer, Release Engineering
team, or the project as a whole.

Colin Percival