I track and keep up to date with FreeBSD-stable. I don't want cutting-edge. I want solid and reliable so I can spend my time on more important things like my friends, working on projects, or reading a good book. The process described here allows me to stay fairly up to date with the latest stable system but without a weekly system rebuild or other such hassles. The important thing is to get a system that works well, and then keep your ports up to date (at least the security patches).
Keep /usr/src up to date via cvsup. You only need to do this once in a while, or when security patches come out. Remember one all-important fact:
If it ain't broke, don't fix it.
Knowing this, most of your updates will be from the ports, and we will use the portupgrade port to keep this up to date.
If you aren't up on cvsup, I suggest the following recipe:
Now you are synced to the latest versions of all files in src-stable and the ports. This is a good thing.
Next we want to get the portupgrade package installed and smooth:
The last step is a bitch. If you have an old system with lots of ports installed, then you are in for some work. This step is going to require you to get everything reattached to what pkgdb thinks it should be. For example, portA-1.0.5 states that it requires portB-1.0.3, but you have version 1.0.7 installed. It will ask you to pick an installed port and most likely will guess the right one. In some cases it won't. Skip them.
In some cases, it won't find a match because there isn't one. It most likely needs to be deleted and have the latest version installed.
Do what you have to do and get it to the point that pkgdb doesn't say anything when run as above. Once this happens, it will be able to keep things running smoothly for you.
First, I must emphasize the first rule of the sysadmin:
If it ain't broke, don't fix it.
Second, get subscribed to the freebsd-security-notifications and only deal with updating your system if something comes up here.
Third, if you get this far, then do the following:
If you are trusting, the following will upgrade everything that needs upgrading. It's not bad, but might suprise you here and there:
If you are more wary like me:
This will ask you if you want to upgrade before each package. I have slowly been moving over to the non-interactive version. There are packages that I don't want to upgrade automatically ever, like my mail server qmail, and I have listed them in /usr/local/etc/pkgtools.conf in a virable called HOLD_PKGS.
At some point I'll get trusting enough that I'll run 'portupgrade -a' from a cronjob once a week.
This is specific to FreeBSD, but probably has analogs on the other BSDs.
TODO: I will be releasing the scripts via Download soon.
None that I use yet, but if I did it would look like:
# Up-to-date: sync up files every monday after the backups 0 6 * * 1 /usr/local/bin/cvsup -g /root/cvsup/ports-supfile; /usr/local/sbin/portsdb -uU; /usr/local/sbin/portsupgrade -a 0 6 * * 1 /usr/local/bin/cvsup -g /root/cvsup/stable-supfile