Hello all!
After some years of other unices, I finally got a chance to have a go at
a very interesting project with openbsd (redundant hot failover ipsec
gateway + firewall). Everything works just fine up to now, but when I
tried to determine how to further manage (update, patch) the boxes, I
stumbled about some questions that neither google nor openbsd.org nor
various searchable archives could solve or I was not cabable of
understanding. Maybe somebody here more literate that me can help me out
with some pointers.
Systems were installed with 3.7 from /pub/OpenBSD/3.7/i386/floppy37.fs
and ftp set files (bsd, bsd.rd, base, etc, comp, misc, man). Then added
sys.tar.gz and src.tar.gz to /usr/src. I want to follow the -stable branch.
1) With the above install lots of software came onto my disk that I do
not want nor need (named, httpd, inetd ...). How can I get rid of those
in a consistent way, since they don't show in pkg_info?
2) I assume that the answer to the following question is "yes", but I'd
like to double-check: Is there really no way to upgrade a single
package/program to a recent version in a consistent way?
3) At the time I installed the systems, openssl.org was at version 0.98.
Openbsd 3.7 still came with openssl 0.97d. What about the various
issues/bugs that have been raised against the openssl versions since
0.97d (ASN parsing etc.)? Do I just have to wait for 3.8 to have them
fixed or have the fixes been backported and are already included in
3.7-stable? Or were they just not severe enough to be considered for
patching? I've cvs up'd and recompiled the whole system just now and
openssl remains at 0.97d.
4) Are patched binary packages released if there is a patch to the
source? If yes, do those packages carry the same version numbers as the
original one or do they have new ones?
You see: The openbsd software management concept is rather arcane to me.
Would somebody shed a little light for a lost soul? Hints? Pointers? Howtos?
Thank you
/markus
- Release/version/patch management question Markus Wernig
-
