[Tor-BSD] FreeBSD/HardenedBSD - auto updating packages
Shawn Webb
shawn.webb at hardenedbsd.org
Sat Feb 24 14:29:45 EST 2018
On Wed, Feb 21, 2018 at 09:48:01PM -0500, Shawn Webb wrote:
> On Wed, Feb 21, 2018 at 10:37:00PM +0000, nusenu wrote:
> > > There's two ways of doing it:
> > >
> > > 1. Run `pkg update` first to update the repo metadata, then use `pkg
> > > version` (with extra arguments) to check if the tor package gets
> > > upgraded. Cache this as a boolean value. Run `pkg upgrade` and after
> > > it's finished upgrading all packages, if the cached boolean value is
> > > true, then restart tor. This can be integrated into the script that
> > > gets written by cron.
> > > 2. Write a plugin for pkg that restarts services whenever packages
> > > with enabled rc.d scripts get updated. I would prefer this route as it
> > > would be generically applied and useful outside of just tor.
> > >
> > > I can do either option. However, my time is limited and it'd take me
> > > around two weeks to getting around to doing it.
> >
> > Any update on this? Since there are some upcoming security updates,
> > this would be a perfect timing.
>
> I'll take a look Saturday morning. I'm booked full until then. Thanks
> for the reminder!
So I learned a thing: pkg(8) has a variable called HANDLE_RC_SCRIPTS
that will auto-restart any services of updated packages. A plugin
would still be needed if the admin _only_ wanted tor to be restarted.
Would you still like me to write that plugin?
Thanks,
--
Shawn Webb
Cofounder and Security Engineer
HardenedBSD
Tor-ified Signal: +1 443-546-8752
GPG Key ID: 0x6A84658F52456EEE
GPG Key Fingerprint: 2ABA B6BD EF6A F486 BE89 3D9E 6A84 658F 5245 6EEE
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 833 bytes
Desc: not available
URL: <http://lists.nycbug.org/pipermail/tor-bsd/attachments/20180224/e6a6bfd8/attachment.bin>
More information about the Tor-BSD
mailing list