BSD Updates provides online security and operating system upgrades for BSD systems in binary format. No messy source patches. No waiting for system rebuilds. Just an easy to navigate web interface which securely applies the latest patches in just minutes. Read More.
BSD Binary updates
About The Author
Eugenia Loli
Ex-programmer, ex-editor in chief at OSNews.com, now a visual artist/filmmaker.
Follow me on Twitter @EugeniaLoli
What, exactly, is the difference between this service and freebsd-update (http://www.daemonology.net/freebsd-update/)?
I dunno, why don’t you find out and tel us
I’m going to guess that it’s the same thing, only this one has a pretty web interface, etc.
You’ll notice that bsdupdates.com is not particular to any one BSD. From their site:
BSDUpdates provides free binary security updates for all the latest BSD operating systems. Our easy to use interface allows you to monitor the security status of all your computers from convenient screen.
So it is available for FreeBSD, NetBSD, OpenBSD, DragonFlyBSD, et cetera.
– j
This is just what I was looking for. One of the reasons I have prefereLinux is how easy it is to update:
apt-get update; apt-get upgrade
I’ll have to check out BSD update.
Can i use this on a system that i have rebuild with my own cflags and CPUTYPE options?
Someone can tell me why there is a column named “price”…
They will ask for money for that ?
Quoting from the website:
“BSDUpdates provides free binary security updates for all the latest BSD operating systems. Our easy to use interface allows you to monitor the security status of all your computers from convenient screen.
By registering for a free account, you can:
* Patch vulnerabilities without rebuilding the system
* Apply Security Updates Automatically
* Upgrade your computer remotely
Additional services will be available on a subscription basis that allow you to:
* Track -STABLE automatically”
The last option is the only one that requires a subscription – the other ones are free.
This is another step to make *BSD more adoptable desktop wise.
Good Job keep it coming.
So it is available for FreeBSD, NetBSD, OpenBSD, DragonFlyBSD, et cetera.
Bzzzt! Per the download page (https://bsdupdates.com/download.php):
“Currently we only support FreeBSD 5.3 and higher. The other BSD operating systems will be added as soon as we are out of beta status.”
the src tree on a freebsd system is quite an advantage that needn’t be obscured with generic binary patches. i don’t see how it saves any significant time versus following the patch directions in the freebsd security announcements. i’m not a very experienced user, but the freebsd handbook is straightforward enough to gently expose a user to the organization and complexity of the system without also baffling her. i look at the RPM and DEB system for major linux distributions and thank god that there are simple ways to update these systems, because if i had to find the correct RPMs or DEBs for my particular system, i fear that i’d mess it up. if you have an up-to-date src tree on freebsd, it’s very simple to recompile the changed bits and install them. the bsd makefile system is very elegant. why would i want to rely on someone else to compile the patches when it’s so easy to do it myself?
i don’t see how it saves any significant time versus following the patch directions in the freebsd security announcements
I do not know much about how FreeBSD security announcements work, how/big small the patches are, etc., but I know how long it takes to compile Mozilla Firefox on my PIII notebook and how long it takes to install it from a binary package.
why would i want to rely on someone else to compile the patches when it’s so easy to do it myself?
Because it can take much less time to install the newer version of a package?
Try compiling sources on an older machine (even a Pentium 233 MMX would already count). There you can save a LOT of time already when you don’t need to recompile a bigger application that might need a patch.
From the looks of the site, this purely covers patches to the base system – I can’t find any mention of ports/packages whatsoever. I think I’ll stick to cvsup and manually compiling /shrug
why would i want to rely on someone else to compile the patches when it’s so easy to do it myself?
Because….
– Source code is larger than binaries (even compressed source) in most cases.
– Binaries from a vendor are QA-tested before they’re distributed to end users.
Admittedly, the BSD build scripts work pretty well, but I had a machine that was fubar’d because I did a full rebuild just as a DIMM was going bad. Had to restore from tape.
right now i am downloading Pcbsd 0.6 beta will this binary updates work also for this pcbsd or not?
post scriptum :is pcbsd stable?
For the latest security advisory for FreeBSD, the patch instructions are simple.
Get the patch from freebsd.org.
cd /usr/src
patch < /path/to/patch
make buildkernel
And that’s about as complex as a patch gets. Sometimes patches require a rebuilt kernel and sometimes they don’t.
My objections to a GPG signed binary patch with MD5 verification delivered with SSL can still be bunk. I’ve attempted to install many binary packages and I’ve often been disappointed with their failure. Who can say that a bit of malice or incompetence couldn’t enter the picture and render your system unbootable? Why go through this when it’s so freakin’ simple to just recompile from source.
Time is the reason why.
Perhaps me too. The only binaries what I’m installing on my FreeBSD boxes are the sysinstall copied ones – base system and few selected utilities (like cvsup). Further (upgrading, patching, ports etc) is compiled from source, using my preferred options, configuration, needs. To patch/upgrade slow PCs I can (although I don’t need currently) compile my own binaries on faster PC and distribute these myself.
… well I don’t run any “FreeBSD 5.3 and higher” on sparc64.
If they ever do OpenBSD on sparc, sparc64, hppa, hppa64 and alpha. And NetBSD on mipsel, mipseb and powerpc. It might be worth looking at.
this will theoretically work for pcBSD as it is based on freebsd. and pcBSD 0.6 is stable. version 0.7 will be based on freeBSD 5.4 and is right now in beta testing.
cheerZ
http://www.pcbsd.de.vu
http://www.pcbsd-forums.de.vu
I see this binary update going in the same direction as redhat did years ago. It is not a bad thing to provide this type of services, but I don’t see a real market for binary updates in FreeBSD. Yes, I know, they are for free now (just NOW), but they have plans to charge for the service. As an individual no one is going to pay, and the sys admins running FreeBSD in a production environment are not going to break many customizations and optimizations (recompile, CPUTYPE, CFLAGS, etc, etc) for applying binary updates where src updates works excellect.
So, as long as the service remain free, many people are going to use it but many others are going to stick anyway with the src updates (including me).
My objections to a GPG signed binary patch with MD5 verification delivered with SSL can still be bunk.
Unless you read all the patches you apply, the data you downloaded as a patch may be bunk as well. In that case, the above point is no point.
And once again (I really like when people don’t listen what I’m trying to tell them
– how long does it take to compile e.g. Mozilla Firefox? Compare that to how long it takes to install a binary package for Mozilla Firefox. _That_ is the real reason why binaries are good. Not some one-line kernel patch. (I do compile my Linux kernels myself).
And once again (I really like when people don’t listen what I’m trying to tell them
– how long does it take to compile e.g. Mozilla Firefox? Compare that to how long it takes to install a binary package for Mozilla Firefox. _That_ is the real reason why binaries are good. Not some one-line kernel patch. (I do compile my Linux kernels myself).
Perhaps you should try listening to others first.
First of all, as was mentioned, this will only cover the base system and not packages.
Secondly, binary packages, including firefox, are already available from the FreeBSD project itself.
First of all, as was mentioned, this will only cover the base system and not packages.
Secondly, binary packages, including firefox, are already available from the FreeBSD project itself.
I was talking about the merits of binary packages in general.
Answering the question
why would i want to rely on someone else to compile the patches when it’s so easy to do it myself?
Maybe I should have made that explicit.
“Track -STABLE automatically”
Excellent example of selling services with Libre Software model.
I’ve seen people complain, for instance, of Mandrake’s updates. People need to understand that you can do things by hand for yourself for free. BUT, if you want somebody else to do it for you, you might as well pay for their services.
This is an example of how it’s totally viable to make a living with Free Stofware.
This might be a dumb question, but do I need to reboot after applying these binary patches?
“This is another step to make *BSD more adoptable desktop wise. Good Job keep it coming.”
Uhh … no. You think it’s a pain gaming or visiting flash/shockwave enabled sites etc running Linux? Desktop FreeBSD makes Linux look like XP … Don’t get me wrong *BSD’s are nice stable high performace systems but not desktop ready really … unless you count OS/X 🙂
Nope. FreeBSD is as ready for the desktop as Linux is – they run exactly the same software.
The only difference, until today, has been that FreeBSD is server oriented, and not desktop oriented (btw, FreeBSD is serving more websites than *any* Linux distro. It’s always amazing how few people know this fact), and so installing some features could be not so direct as a newbie would wish. But PC-BSD (www.pcbsd.org , http://www.pcbsd-forums.de.vu) is out just to solve that, and thus to bring the stability and security of *BSD systems to the desktop, in a newbie-friendly way.
Anyway, there’s already a nice series of articles, published on http://www.ofb.biz , dedicated to running FreeBSD on the desktop. It focuses especially on the clueless user (we all have been there, once)
http://ed.asisaid.com/#fbsd
The excellent FreeBSD documentation
http://www.freebsd.org/doc/en_US.ISO8859-1/books/handbook/index.htm…
and the forums & mailing lists
http://www.bsdforums.org/forums/
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
can also be of help.
[offtopic]
I think a FreeBSD desktop with GNOME [which i prefer], KDE or XFCE does the job very well. You could do a “pkg_add -rv gnome2” to install the binaries.
You could use this [although it’s not newbie-proof
]:
http://rootxs.nl/temp/gnome-freebsd.howto.html
[/offtopic]
[ontopic]
AFAIK FreeBSD Update only works with a unmodified binaries. When people have needs for customized binairies it useless.. Also.. on a fast box it does not take to long to recompile the patched src so in my eyes it’s not really a step forward.
[/ontopic]