[BUGS] question on up keeping of a production server

Brad Rushworth brad at bravo.net.au
Thu Jun 5 20:18:53 EST 2008 

Well...

I use freebsd-update and it is great, so easy compared to compiling from 
source (distinctly the *old* way)...

With freebsd-update you can easily keep your system patched with 
security updates, whereas compiling destroys system performance for many 
hours while it compiles.

That said, I use FreeBSD for internal company systems and performance is 
not a big issue. Security, reliability and up-time are what is 
important, and freebsd-update makes it easy.

Brad


Jerahmy Pocott wrote on 5/06/2008 7:24 PM:
> On 05/06/2008, at 6:58 PM, goku - wrote:
> 
>> nteresting... so you don't recommend using the freebsd-update. so if  
>> there is any minor or major security fixes, you would recommend just  
>> to cvsup then do a make build world and make install world.  or  
>> would you just update the patches one at a time.
> 
> It's not anything really negative against using the binary update it's  
> just that I prefer to compile the system with MY settings. The binary  
> updates are compiled with conservative settings to promote  
> compatibility above performance, the main benefit to that is it has  
> been tested and known to work and downloading a compiled binary is  
> generally faster than compiling from the sources yourself. Using the  
> make system with sources from the cvs allows you to compile for the  
> best performance on your hardware, but that opens up the possibility  
> of doing something that will cause your system to be unstable or not  
> work at all (for example compiling the kernel with -O3 is a bad idea,  
> personally I compile the kernel with just -O and the rest of the  
> system with -O2) and depending on the processing power of the system  
> can take quite a long time to complete. That said, if you're running a  
> critical production server, you should really have a backup system  
> that you would test any updates etc on first, so you would know if it  
> worked and you wouldn't be using the resources of the actual server to  
> do the compile..
> 
> Generally I would run csup a couple of times (to make sure the sources  
> are stable), then make the buildworld and possibly kernel targets,  
> drop to single user, installworld, mergemaster, reboot. Which results  
> in less than 30sec of down time.
> _______________________________________________
> BUGS mailing list
> BUGS at bugs.au.freebsd.org
> http://mailman.barnet.com.au/mailman/listinfo/bugs

More information about the BUGS mailing list