FreeBSD Quickie: Patching your system

Sep 6, 01:35 am
tags: ,

Unless you run absolutely nothing on your server, from time to time something is going to need to be patched because of a vulnerability. Yes, it happens. As much as you 'my system is better than yours and never has any vulnerabilities' guys don't want to admit, these things were written by humans and we aren't perfect. I used to dread the email into my inbox from the FreeBSD Security mailing list. I knew that it meant I had a bit of work ahead of me compiling new software or other tasks that I cared not waste my time on. That's why I am happy that a utility, written by Colin Percival, exists to make my life easier. It's name is freebsd-update.

To install, simply do so through ports. It can be found at /usr/ports/security/freebsd-update/. Next, copy the default config file into place:

Bash:
cp /usr/local/etc/freebsd-update.conf.sample /usr/local/etc/freebsd-update.conf

Now, you are all set to patch your FreeBSD system. To see if any patches are out there for your system and download them if available:

Bash:
/usr/local/sbin/freebsd-update fetch

You'll see output such as:

results:
Fetching updates signature...
Fetching updates...
Fetching hash list signature...
Fetching hash list...
Examining local system...

Fetching updates...
/boot/kernel/sppp.ko...
Updates fetched

To install these updates, run: '/usr/local/sbin/freebsd-update install'

As the message said, to install the updates , run the following:

Bash:
/usr/local/sbin/freebsd-update install
results:
Backing up /boot/kernel/sppp.ko...
Installing new /boot/kernel/sppp.ko...

That's it! Patches installed and you are back to playing WoW and drinking coffee.

Permanent Link
by Matt Wade



Add your comments

Please keep your comments relevant to this blog entry: inappropriate or purely promotional comments may be removed. To add hyperlink, please follow this example: "your link text":http://your.link.url