Patching

From Hackepedia
Revision as of 16:56, 27 January 2006 by Hawson (talk | contribs)
Jump to navigationJump to search

There are very few Operating Systems that have an adequate patching process for applications. The only two I recommend to someone who is too busy to track all of their installed applications is FreeBSD and Debian GNU/Linux. Apparently you can do this with RedHat and its offspring, but I've heard about a lot of issues with "dependancy hell."

It should be noted that "dependancy hell" is usually because the SysAdmin has installed packages from different distributions. For example, installing SuSE packages on a RedHat system is asking for trouble. Packages built for a specific RedHat version almost always work, as do packages rebuilt from .src.rpm files. (RedHat and other RPM-based systems are quite a bit nicer once you learn to rollo your own RPM .spec files)


OS Specific

Using Debian GNU/Linux it's as simple as "apt-get install update && apt-get install upgrade" and all of your installed applications will now be up to date!

With FreeBSD it's a little more complex. I've created two shell scripts which I've named update, and upgrade. You will need portsnap, portaudit and portupgrade installed to use these:

 #!/bin/sh
 # update
 /usr/local/sbin/portsnap fetch && /usr/local/sbin/portsnap update && pkg_version  -v -l < #EOF
 
 
 #!/bin/sh
 # upgrade
 portaudit -F && portaudit
 portupgrade -a
 #EOF


In Windows, use internet explorer to go to Microsoft update. Let it scan your computer and install all of the high-priority/recommended updates.

Rumour has it that OpenBSD is building a portupgrade-ish tool, and I will surely switch to them at that point, based on their security history.