Source string Read only

(itstool) path: sect1/screen
134/1340
Context English State
This article describes building an internal <application>FreeBSD Update Server</application>. The <link xlink:href="https://svnweb.freebsd.org/base/user/cperciva/freebsd-update-build/">freebsd-update-server</link> is written by Colin Percival <email>cperciva@FreeBSD.org</email>, Security Officer Emeritus of FreeBSD. For users that think it is convenient to update their systems against an official update server, building their own <application>FreeBSD Update Server</application> may help to extend its functionality by supporting manually-tweaked FreeBSD releases or by providing a local mirror that will allow faster updates for a number of machines.
Acknowledgments
This article was subsequently printed at <link xlink:href="https://people.freebsd.org/~jgh/files/fus/BSD_03_2010_EN.pdf">BSD Magazine</link>.
Introduction
Experienced users or administrators are often responsible for several machines or environments. They understand the difficult demands and challenges of maintaining such an infrastructure. Running a <application>FreeBSD Update Server</application> makes it easier to deploy security and software patches to selected test machines before rolling them out to production. It also means a number of systems can be updated from the local network rather than a potentially slower Internet connection. This article outlines the steps involved in creating an internal <application>FreeBSD Update Server</application>.
Prerequisites
To build an internal <application>FreeBSD Update Server</application> some requirements should be met.
A running FreeBSD system.
At a minimum, updates require building on a FreeBSD release greater than or equal to the target release version for distribution.
A user account with at least 4 GB of available space. This will allow the creation of updates for 7.1 and 7.2, but the exact space requirements may change from version to version.
An <citerefentry><refentrytitle>ssh</refentrytitle><manvolnum>1</manvolnum></citerefentry> account on a remote machine to upload distributed updates.
A web server, like <link xlink:href="@@URL_RELPREFIX@@/doc/en_US.ISO8859-1/books/handbook/network-apache.html">Apache</link>, with over half of the space required for the build. For instance, test builds for 7.1 and 7.2 consume a total amount of 4 GB, and the webserver space needed to distribute these updates is 2.6 GB.
Basic knowledge of shell scripting with Bourne shell, <citerefentry><refentrytitle>sh</refentrytitle><manvolnum>1</manvolnum></citerefentry>.
Configuration: Installation &amp; Setup
Download the <link xlink:href="https://svnweb.freebsd.org/base/user/cperciva/freebsd-update-build/"> freebsd-update-server</link> software by installing <package>devel/subversion</package> and <package>security/ca_root_nss</package>, and execute:
<prompt>%</prompt> <userinput>svn co https://svn.freebsd.org/base/user/cperciva/freebsd-update-build freebsd-update-server</userinput>
Update <filename>scripts/build.conf</filename> appropriately. It is sourced during all build operations.
Here is the default <filename>build.conf</filename>, which should be modified to suit your environment.
# Main configuration file for FreeBSD Update builds. The
# release-specific configuration data is lower down in
# the scripts tree.

# Location from which to fetch releases
export FTP=ftp://ftp2.freebsd.org/pub/FreeBSD/releases<co xml:id="ftp-id"/>

# Host platform
export HOSTPLATFORM=`uname -m`

# Host name to use inside jails
export BUILDHOSTNAME=${HOSTPLATFORM}-builder.daemonology.net<co xml:id="buildhost-id"/>

# Location of SSH key
export SSHKEY=/root/.ssh/id_dsa<co xml:id="sshkey-id"/>

# SSH account into which files are uploaded
MASTERACCT=builder@wadham.daemonology.net<co xml:id="mstacct-id"/>

# Directory into which files are uploaded
MASTERDIR=update-master.freebsd.org<co xml:id="mstdir-id"/>
Parameters for consideration would be:
This is the location where ISO images are downloaded from (by the <function>fetchiso()</function> subroutine of <filename>scripts/build.subr</filename>). The location configured is not limited to FTP URIs. Any URI scheme supported by standard <citerefentry><refentrytitle>fetch</refentrytitle><manvolnum>1</manvolnum></citerefentry> utility should work fine.
Customizations to the <function>fetchiso()</function> code can be installed by copying the default <filename>build.subr</filename> script to the release and architecture-specific area at <filename>scripts/RELEASE/ARCHITECTURE/build.subr</filename> and applying local changes.
The name of the build host. This information will be displayed on updated systems when issuing:
<prompt>%</prompt> <userinput>uname -v</userinput>
The <application>SSH</application> key for uploading files to the update server. A key pair can be created by typing <command>ssh-keygen -t dsa</command>. This parameter is optional; standard password authentication will be used as a fallback authentication method when <literal>SSHKEY</literal> is not defined.
The <citerefentry><refentrytitle>ssh-keygen</refentrytitle><manvolnum>1</manvolnum></citerefentry> manual page has more detailed information about <application>SSH</application> and the appropriate steps for creating and using one.
Account for uploading files to the update server.
Directory on the update server where files are uploaded to.
The default <filename>build.conf</filename> shipped with the <application>freebsd-update-server</application> sources is suitable for building i386 releases of FreeBSD. As an example of building an update server for other architectures, the following steps outline the configuration changes needed for amd64:
Create a build environment for amd64:
<prompt>%</prompt> <userinput>mkdir -p /usr/local/freebsd-update-server/scripts/7.2-RELEASE/amd64</userinput>

Loading…

No matching activity found.

Browse all component changes

Things to check

Multiple failing checks

The translations in several languages have failing checks

Reset

Glossary

English English
No related strings found in the glossary.

Source information

Source string comment
(itstool) path: sect1/screen
Flags
no-wrap, read-only
Source string location
article.translate.xml:143
String age
a year ago
Source string age
a year ago
Translation file
articles/freebsd-update-server.pot, string 26