Contributed by jose on from the assisted-administration dept.
" OAPS I saw this listed while perusing Freshmeat . Every so oftem I see someone on the misc@ list asking about something like this. There are other options similar to this so this is just another to add to that list I guess."This kind of reminds of the binary patches project , but the automation is killer. Anyone have a spin with this?
(Comments are closed)
By Noob () on
End result is that I had to use a shell script to build a complete release "man release" everytime there is a change in the stable branch. I then roll out the changes copying the packages base32.tgz etc.. with scp and then tar xvfzp them in place.
I doubt I would trust someone other than the OpenBSD team with building my binary releases.
It doesn't take that long to build a complete release. With the script I can usually get everything built including X on a 500Mhz PIII system in around 8 hours.
This method seems to work best for me anyways.
The down side is that it would be nice to have the system compiled on the hardware used for apparent optimization reasons, but I don't like having my 486 firewalls systems spending days compiling stuff.
By devzero () on
By Chris Hedemark () chrisATyonderwayDOTcom on ftp://ftp.trilug.org/pub/OpenBSD/3.2/i386/stable
I asked Theo about getting this made "official" and with his normal level of tact I was declined. So if you trust me, feel free to use it. If you don't trust me, don't bother bitching about it.
Comments
By Anonymous Coward () on
this works betta
ftp://ftp.trilug.org/OpenBSD/3.2/i386/stable
By JC () on
(Btw, anyone using one of these? Working well?)
JC
Comments
By KH () on
i have been using tepatche for a while, works fine for me
regards
By KH () on
i have been using tepatche (http://www.deadly.org/article.php3?sid=20020627195351) for a while, works fine for me
regards
By Gunnar Wolf () gwolf@gwolf.cx on http://www.gwolf.cx
OAPS is more a collection of smaller tools that can be used to keep OBSD up to date, but can be used for many other things.
OAPS seems much more extensible, Tepatche seems simpler to run if you only want basic OBSD patching functionality - and agree to do it every now and then by hand, when Tepatche tells you it does not understand a specific patch.
By Anonymous Coward () on
I made my own little script to get this task accomplished, but it could definitely be more streamlined, as several of the steps require no input or intervention from my end to get the job done (so why not package them together)
How about a tutorial on making your own release and then using that to update an existing system?
Also, what about a way to script the install so all you have to do is pop a floppy in, and it will automatically partition and install your system. I rebuid my test machines fairly frequently and would love a way to automate this.
Comments
By Sam () on
Then maybe you shouldn't be doing it that way.
Comments
By Anonymous Coward () on
why the hell isn't it in the DOCUMENTATION? this shouldn't be an exercise in my researching skills to get something done, and I shouldn't have to me an active member of the development team/mailing lists to get something done.
Comments
By Anonymous Coward () on
http://www.openbsd.org/faq/upgrade-minifaq.html
By Anonymous Coward () on
http://www.google.com/custom?q=automate+install+OpenBSD&hl=en&lr=&ie=UTF-8&cof=GL:1%3BBGC:%23ffffff%3BT:%23000000%3BLC:%23125080%3BVLC:%23125080%3BALC:%23125080%3BGALT:%23125080%3BGFNT:%23000000%3BGIMP:%23125080%3BAH:center%3B&domains=archives.neohapsis.com&sitesearch=archives.neohapsis.com&start=0&sa=N
By Ben Goren () ben@trumpetpower.com on http://www.trumpetpower.com/
Well, the problem is that /etc and /var is where you're supposed to make all your changes. Supose there's a change to /etc/rc.sysctl, and you've customized it to your liking. How to deal with that is, frankly, your problem.
Granted, it might not be a bad idea for the man page to mention diff and mergemaster. The best idea is probably to use mtree (8) before doing the upgrade to find out what you've changed from the stock system, and then using cvs (1) to find out the changes between the old and new stock systems.
Having said that, if you're tracking -STABLE, you don't need to worry about /etc and /var unless /errata.html tells you you need to.
Cheers,
b&
Comments
By Anonymous Coward () on
I set up my test machine to be a stock install with absolutely no customization changes, so I think based upon your post that I don't have to worry much about etc and var because I never made any changes to the default install. So essentially unless errata tells me i need to worry about a config file change in one of those directories then i'm good to go.
This way I can install the release version, apply all patches myself and then repackage it and upgrade my release level production servers that way (without having to compile on them at all or have much downtime)
By Anonymous Coward () on
Just patch the system yourself. Don't be a lazy halfwit - it's really not a great time expendature.
Comments
By Dom De Vitto. () on
You should binary edit the updatede executables from the patch code, it's easy to spot and find the code if you know what you're doing. If you don't know x86 and how to use GDB, well you must just be soooo dumb!
Hello? Why should patching a box require any kn owledge - with MS auto-update you just get asked to trust MS that you need the patches. just like 99.99% of obsd users trust Theo not to ship/commit crap code.
Why isn't patching TOTALLY automatic???
Excepting external forces - like not being able to reboot to run the patched kernel, because the system is used 24x7 - there are no complelling reason not to.
Comments
By Mike Stem Cell () on http://www.nedyah.org/feedback.asp
Comments
By Michael van der Westhuizen () on
By Anonymous Coward () on
Where are the patches for Apache???
Others...?
Sure thing, commit changes to the stable branch which correct security issues, but DO NOT make patches - no this OS should look secure and hence very few patches.
THIS SUX!
Comments
By Anonymous Coward () on
Comments
By tedu () on
By Anonymous Coward () on
OpenBSD and security, he don't think so
No update to Apache 1.3.27.
"Only one remote hole in the default install, in nearly 6 years!" is NOT true!
Comments
By Anonymous Coward () on
The previous apache bug (chuck encoding) was not counted either.
By Anonymous Coward () on