English Norwegian Bokmål
Build Your Own FreeBSD Update Server
This article describes building an internal FreeBSD Update Server. The https://svnweb.freebsd.org/base/user/cperciva/freebsd-update-build/[freebsd-update-server] is written by `{cperciva}`, Security Officer Emeritus of FreeBSD. For users that think it is convenient to update their systems against an official update server, building their own FreeBSD Update Server may help to extend its functionality by supporting manually-tweaked FreeBSD releases or by providing a local mirror that will allow faster updates for a number of machines.
This article was subsequently printed at https://people.freebsd.org/~jgh/files/fus/BSD_03_2010_EN.pdf[BSD Magazine].
Experienced users or administrators are often responsible for several machines or environments. They understand the difficult demands and challenges of maintaining such an infrastructure. Running a FreeBSD Update Server makes it easier to deploy security and software patches to selected test machines before rolling them out to production. It also means a number of systems can be updated from the local network rather than a potentially slower Internet connection. This article outlines the steps involved in creating an internal FreeBSD Update Server.
To build an internal FreeBSD Update Server some requirements should be met.
A running FreeBSD system.
At a minimum, updates require building on a FreeBSD release greater than or equal to the target release version for distribution.
A user account with at least 4 GB of available space. This will allow the creation of updates for 7.1 and 7.2, but the exact space requirements may change from version to version.
An man:ssh[1] account on a remote machine to upload distributed updates.
A web server, like link:{handbook}#network-apache[Apache], with over half of the space required for the build. For instance, test builds for 7.1 and 7.2 consume a total amount of 4 GB, and the webserver space needed to distribute these updates is 2.6 GB.
Basic knowledge of shell scripting with Bourne shell, man:sh[1].
Configuration: Installation & Setup
Download the https://svnweb.freebsd.org/base/user/cperciva/freebsd-update-build/[freebsd-update-server] software by installing package:devel/subversion[] and package:security/ca_root_nss[], and execute:
% svn co https://svn.freebsd.org/base/user/cperciva/freebsd-update-build freebsd-update-server
Update [.filename]#scripts/build.conf# appropriately. It is sourced during all build operations.
Here is the default [.filename]#build.conf#, which should be modified to suit your environment.