Contributed by pitrh on from the even-puffier-packages dept.
A short while ago an article was published on here on Undeadly, which explained how to use the ports and packages framework. While it was a good read, it focused on -current.
This article will show how to keep your -stable system up to date, without building anything yourself!Up to date packages....on -stable?
OpenBSD is continuously working on providing snapshots for all architectures and to provide the packages that go with it. Development happens in -current so this is where the interesting changes are happening that will make the next release. However, you may not always want to run -current in a production for a variety of reasons.
So you're stuck with -stable and the packages that were built for it during the release period. While this is all good and well; this means you're also missing out on security fixes and updates made to the ports and src trees.
You can checkout the latest tagged tree, like OPENBSD_5_3 and start building your own packages with the back-ported security fixes. Before you know it, you're filling the CF card of your precious Soekris box just because you wanted to have an up to date PHP package.Up to date packages...on -stable!
At M:Tier we've been building our own packages from the latest -stable tree for our servers for a while now, and I bet a lot of people have been doing that. So we figured we'd complement OpenBSD in providing up to date packages for the latest -stable releases.
In practice, this means that as soon as a security fix/update is committed to the OPENBSD_5_3 tree a package will be built from the CVS tree. This package is then being tested and pushed to our fan-out server over at Stable.MTier.org, for everyone to use!
We currently build for the two primary architectures, amd64 and i386. To make sure the package you download was actually built by us, we're digitally signing our packages.
On top of providing packages built from the ports tree, we're also continuing our pre-built binpatches with this new model. If you're looking for some more information on binpatches, have a look at this article. So this means that you can keep your base system up to date with this new service too.
And to make your life even easier, you'll get an email notification when a new package gets uploaded. So head over to Stable.MTier.org and apply those security updates!
(Comments are closed)