Re: I just installed openbsd 3.4 and I think I bit off more than I can chew

["Greg Thomas" <getbsd@dslextreme.com>]

> suleyman <suleyman@comcast.net> writes:
>
>> I installed openbsd 3.4 via network install. I did not install X sets.
>> This is to become a server- web, mail, smtp, pop & webmail for maybe 20
>> users.
>> First issue is I need to apply patches. To be be blunt I dont have a
>> clue how to patch. I am looking at this url
>> http://openbsd.org/faq/faq10.html#Patches
>> I have installed wget on the server but used lynx to download 3.4.tar.gz
>> (all patches for system to date, I think)
>
> OpenBSD doesn't deal with binary patches.  They are source patches.
> That way one patch handles all platforms.
>
> Forgetting about tracking -current, there are two ways to maintain
> a 3.4 system updated for security issues:
>
> In the first way, you install the OpenBSD 3.4 source code and then
> download and apply patches to it.  Each patch has detailed
> instructions on how to patch, build, and install.  It's generally not
> necessary to rebuild the whole system to apply one patch.  Nor is it
> necessary to apply those patches which are against services which you
> don't use, like X.  This is what I do.  I keep a list of the patch
> numbers I've applied.
>
> The second way is to track the 3.4 source tree, which is done by CVS.
> Update to the OPENBSD_3_4 tag, which is the head of that branch.  You
> then build kernel / build world as others (and the docs) describe.  No
> patches involved.  IMHO this is more work, and you'll be rebuilding
> the whole system every few weeks.

Third way, track -stable via CVS and only build what is mentioned in the
errata and/or anything that has been updated.

Greg