[BUGS] question on up keeping of a production server
Jerahmy Pocott
quakenet1 at optusnet.com.au
Thu Jun 5 19:24:03 EST 2008
On 05/06/2008, at 6:58 PM, goku - wrote:
> nteresting... so you don't recommend using the freebsd-update. so if
> there is any minor or major security fixes, you would recommend just
> to cvsup then do a make build world and make install world. or
> would you just update the patches one at a time.
It's not anything really negative against using the binary update it's
just that I prefer to compile the system with MY settings. The binary
updates are compiled with conservative settings to promote
compatibility above performance, the main benefit to that is it has
been tested and known to work and downloading a compiled binary is
generally faster than compiling from the sources yourself. Using the
make system with sources from the cvs allows you to compile for the
best performance on your hardware, but that opens up the possibility
of doing something that will cause your system to be unstable or not
work at all (for example compiling the kernel with -O3 is a bad idea,
personally I compile the kernel with just -O and the rest of the
system with -O2) and depending on the processing power of the system
can take quite a long time to complete. That said, if you're running a
critical production server, you should really have a backup system
that you would test any updates etc on first, so you would know if it
worked and you wouldn't be using the resources of the actual server to
do the compile..
Generally I would run csup a couple of times (to make sure the sources
are stable), then make the buildworld and possibly kernel targets,
drop to single user, installworld, mergemaster, reboot. Which results
in less than 30sec of down time.
More information about the BUGS
mailing list