puflogh300X74.gif

Polarwave's OpenBSD
Tips and Tricks for Newbies

| Patching OpenBSD |

| Home | Tips and Tricks | Links | News Feeds | Fun | Contact | Blog (Opens in New Page) |

Applying Patches

When a vulnerabiltiy is found in the OpenBSD base system the developers will issue
what is known as a patch. This also happens with third-party programs and, from
time to time, someone will come up with a patch or "diff" on their own. That's what
prompted me to put this short write up together. netstat(1) in OpenBSD 4.3 was
behaving differently than in previous versions. There's a thread concerning the issue
at netstat -l in 4.3 shows lo0 too, and a link to a patch at nestat if.c 1.57 patch.

Before going any further, I should say the place to start on patching is first reading
the patch(1) man page and reading the OpenBSD FAQ dealing with applying
patches at Applying patches in OpenBSD. The OpenBSD documentation is excellent!
Sometimes, though, it can be a bit intimidating and hard to understand to someone
new to the operating system. That's why I'm writing this, as I ran into something I
hadn't seen before when applying standard patches issued by the developers.

I downloaded the patch mentioned above, did a cd /usr/src and ran the command:

patch -p0 < /path/to/if.c.patch
In retrospect, I'm sorry I didn't use the script(1) command to save the output of
what was going on while I was attempting to apply the patch. Normally, after
running the patch(1) command, the first part of the message coming up will look
like this:
Hmm...  Looks like a unified diff to me...
The text leading up to this was:
That'll be followed by a message saying what bug or vulnerability is being fixed with
any instructions to run after applying the patch. After the patch is applied, you'll see
something like
Patching file path/to/whatever.c using Plan A...
Hunk #1 succeeded at 410.
done
This time, however, I was asked what I wanted to patch. I messed it up the first time
around and then cancelled which left a file named if.c.rej in /usr/src. Second time
around, I answered the question with the full path to what I wanted to patch. i.e.,
/usr/src/usr.bin/netstat/if.c
This time the patch succeeded. Then all I had to do was change directory to the path
above where if.c was and do
make && make install
Now when I run the command netstat -I xl0 all I get is the info related to xl0 which
is the device driver for my particular network card. So, the patch worked. I would be
remiss at this point if I didn't say before making any changes to the operating system,
you definitely should have a good recent backup. ALWAYS BACKUP! You'll see that
on the mailing lists a lot. One of the first questions often seen in the replies is:

"You do have a backup, right?"

I hope this takes a little mystery out of patching for folks new to it. There's a good
write up too, on patching, at

ONLamp.com -- Patching OpenBSD

written by Jacek Artymiak, author of Building Firewalls with OpenBSD and PF, 3nd ed.

Cheers!

Back to Tips and Tricks
Home
Delicious Bookmark this on Delicious

No affiliation between this site and the OpenBSD project exists or is implied.

valid-html401.png