On Mon, Jun 1, 2015 at 4:10 PM, Slawa Olhovchenkov <slw at zxy.spb.ru>
wrote:> I have some set of FreeBSD servers in public internet and continue to
> find optimal way for track -stable branch.
>
> Handbook give next metods:
>
> 1. Tracking -security branch by freebsd-update.
> I want -stable, -security don't have wanted features.
>
> 2. svn & rebuilding world localy. To long and wery badly automated,
> bad version synchronisation between servers.
>
> 3. svn & rebuilding world on build server, install localy by NFS.
> Servers in public internet, I am to be afraid exposing NFS to
> public internet. Also, need to have localy /etc/{make,src}.conf in
> sync with build server. Also badly automated.
>
> 4. Build private freebsd-update-server and build (simularity to
> security btanch) updates for -stable.
> Need essentially dedicated server -- during build system time
> changed and this is may be raise side effects.
> freebsd-update work wery long time (hours) and accumulate a lot of
> garbage:
>
> # du -ms /var/db/freebsd-update/
> 2010 /var/db/freebsd-update/
>
> freebsd-update-server/freebsd-update too bugly and debuggint is not
> easy.
> config mergering working worse mergemaster.
> Don't allow to repair damaged files (freebsd-update IDS detect
> changes but don't repair this).
>
> 5. nanobsd.
> Don't automatic save /etc and etc.
> pkg updated throw system image update and reboot. Unaccpetable.
>
>
> Something else?
When I had to something like this I went with option 3. It's not
completely automated as you say because of /etc/(make|src).conf but
there are no better options at the moment because /usr/obj is not
"self contained" because its contents and interpretation depends on
auxillary files, the /etc/make.conf and /etc/src.conf files.
-Kimmo