FreeBSD Binary Upgrade News

If you've read my previous posts on FreeBSD binary upgrades you'll see that Colin Percival's work on this subject has been one of my favorite additions to FreeBSD during the last few years. I recommend reading the latest two posts on Colin's blog for even more good news: FreeBSD minor version upgrades and FreeBSD major version upgrades using FreeBSD update.

I plan to deploy FreeBSD 7.0 in production soon, and the native capability to upgrade the OS using binary means is incredibly welcome. I build sensors to inspect and capture traffic, not recompile themselves. Congratulations and thanks to Colin for all of his work in this area and for integrating FreeBSD update into the base OS.

On another FreeBSD note, I need to try this: Building bootable FreeBSD/i386 images.

Comments

Joe said…
The tool freebsd-update is a great tool. However freebsd-update and portsnap are still reported to not work very well behind some proxies. Whether its the fault of the pipelined http client (phttp) used by both tools or the proxy itself, is unknown.
Anonymous said…
In the past phttpget had issues with proxies which did not implement HTTP/1.1 correctly; but I recently added workarounds which appear to fix that problem.
Anonymous said…
I've noticed some of those issues in my environment, where access to the web passes through some transparent Blue Coat proxies. freebsd-update eventually completes without errors, but it must be run repeatedly. We believe it has to do with caching of metadata, as all repository-based OS updates we've tried (ubuntu/debian apt-get, fedora/redhat yum, freebsd-updates) exhibit issues.

Looking forward to changes to see what they fix. :)

Popular posts from this blog

Zeek in Action Videos

New Book! The Best of TaoSecurity Blog, Volume 4

MITRE ATT&CK Tactics Are Not Tactics