Source string Read only

(itstool) path: sect1/para
Context English State
Experienced users or administrators are often responsible for several machines or environments. They understand the difficult demands and challenges of maintaining such an infrastructure. Running a <application>FreeBSD Update Server</application> makes it easier to deploy security and software patches to selected test machines before rolling them out to production. It also means a number of systems can be updated from the local network rather than a potentially slower Internet connection. This article outlines the steps involved in creating an internal <application>FreeBSD Update Server</application>.
To build an internal <application>FreeBSD Update Server</application> some requirements should be met.
A running FreeBSD system.
At a minimum, updates require building on a FreeBSD release greater than or equal to the target release version for distribution.
A user account with at least 4 GB of available space. This will allow the creation of updates for 7.1 and 7.2, but the exact space requirements may change from version to version.
An <citerefentry><refentrytitle>ssh</refentrytitle><manvolnum>1</manvolnum></citerefentry> account on a remote machine to upload distributed updates.
A web server, like <link xlink:href="@@URL_RELPREFIX@@/doc/en_US.ISO8859-1/books/handbook/network-apache.html">Apache</link>, with over half of the space required for the build. For instance, test builds for 7.1 and 7.2 consume a total amount of 4 GB, and the webserver space needed to distribute these updates is 2.6 GB.
Basic knowledge of shell scripting with Bourne shell, <citerefentry><refentrytitle>sh</refentrytitle><manvolnum>1</manvolnum></citerefentry>.
Configuration: Installation &amp; Setup
Download the <link xlink:href=""> freebsd-update-server</link> software by installing <package>devel/subversion</package> and <package>security/ca_root_nss</package>, and execute:
<prompt>%</prompt> <userinput>svn co freebsd-update-server</userinput>
Update <filename>scripts/build.conf</filename> appropriately. It is sourced during all build operations.
Here is the default <filename>build.conf</filename>, which should be modified to suit your environment.
# Main configuration file for FreeBSD Update builds. The
# release-specific configuration data is lower down in
# the scripts tree.

# Location from which to fetch releases
export FTP=<co xml:id="ftp-id"/>

# Host platform
export HOSTPLATFORM=`uname -m`

# Host name to use inside jails
export BUILDHOSTNAME=${HOSTPLATFORM}<co xml:id="buildhost-id"/>

# Location of SSH key
export SSHKEY=/root/.ssh/id_dsa<co xml:id="sshkey-id"/>

# SSH account into which files are uploaded<co xml:id="mstacct-id"/>

# Directory into which files are uploaded<co xml:id="mstdir-id"/>
Parameters for consideration would be:
This is the location where ISO images are downloaded from (by the <function>fetchiso()</function> subroutine of <filename>scripts/build.subr</filename>). The location configured is not limited to FTP URIs. Any URI scheme supported by standard <citerefentry><refentrytitle>fetch</refentrytitle><manvolnum>1</manvolnum></citerefentry> utility should work fine.
Customizations to the <function>fetchiso()</function> code can be installed by copying the default <filename>build.subr</filename> script to the release and architecture-specific area at <filename>scripts/RELEASE/ARCHITECTURE/build.subr</filename> and applying local changes.
The name of the build host. This information will be displayed on updated systems when issuing:
<prompt>%</prompt> <userinput>uname -v</userinput>
The <application>SSH</application> key for uploading files to the update server. A key pair can be created by typing <command>ssh-keygen -t dsa</command>. This parameter is optional; standard password authentication will be used as a fallback authentication method when <literal>SSHKEY</literal> is not defined.
The <citerefentry><refentrytitle>ssh-keygen</refentrytitle><manvolnum>1</manvolnum></citerefentry> manual page has more detailed information about <application>SSH</application> and the appropriate steps for creating and using one.
Account for uploading files to the update server.
Directory on the update server where files are uploaded to.
The default <filename>build.conf</filename> shipped with the <application>freebsd-update-server</application> sources is suitable for building i386 releases of FreeBSD. As an example of building an update server for other architectures, the following steps outline the configuration changes needed for amd64:
Create a build environment for amd64:
<prompt>%</prompt> <userinput>mkdir -p /usr/local/freebsd-update-server/scripts/7.2-RELEASE/amd64</userinput>
Install a <filename>build.conf</filename> in the newly created build directory. The build configuration options for FreeBSD 7.2-RELEASE on amd64 should be similar to:
# SHA256 hash of RELEASE disc1.iso image.
export RELH=1ea1f6f652d7c5f5eab7ef9f8edbed50cb664b08ed761850f95f48e86cc71ef5<co xml:id="sha256-id"/>

# Components of the world, source, and kernels
export WORLDPARTS="base catpages dict doc games info manpages proflibs lib32"
export SOURCEPARTS="base bin contrib crypto etc games gnu include krb5 \
lib libexec release rescue sbin secure share sys tools \
ubin usbin cddl"
export KERNELPARTS="generic"

# EOL date
export EOL=1275289200<co xml:id="eol-id"/>
The <citerefentry><refentrytitle>sha256</refentrytitle><manvolnum>1</manvolnum></citerefentry> hash key for the desired release, is published within the respective <link xlink:href="@@URL_RELPREFIX@@/releases/">release announcement</link>.
To generate the "End of Life" number for <filename>build.conf</filename>, refer to the "Estimated EOL" posted on the <link xlink:href="@@URL_RELPREFIX@@/security/security.html">FreeBSD Security Website</link>. The value of <literal>EOL</literal> can be derived from the date listed on the web site, using the <citerefentry><refentrytitle>date</refentrytitle><manvolnum>1</manvolnum></citerefentry> utility, for example:


No matching activity found.

Browse all component changes


English English
No related strings found in the glossary.

Source information

Source string comment
(itstool) path: sect1/para
Source string location
String age
a year ago
Source string age
a year ago
Translation file
articles/freebsd-update-server.pot, string 30