# How do i fix the broken FTP structure for freebsd 7.0



## halplus (Apr 26, 2009)

```
vantline# pkg_add -r dkimproxy-1.1
Error: FTP Unable to get ftp://ftp.freebsd.org/pub/FreeBSD/ports/i386/packages-7.0-release/Latest/dkimproxy-1.1.tbz: File unavailable (e.g., file not found, no access)
pkg_add: unable to fetch 'ftp://ftp.freebsd.org/pub/FreeBSD/ports/i386/packages-7.0-release/Latest/dkimproxy-1.1.tbz' by URL
vantline#
```

ftp://ftp.freebsd.org/pub/FreeBSD/ports/i386/

```
packages  	 	10/23/2006  	12:00:00 AM
packages-5-stable 		4/4/2008 	12:00:00 AM
packages-6-stable 		4/18/2009 	6:16:00 PM
packages-6.4-release 		11/21/2008 	1:33:00 PM
packages-7-stable 		4/18/2009 	10:06:00 PM
packages-7.1-release 		12/22/2008 	11:30:00 PM
packages-7.2-release 		4/21/2009 	5:18:00 PM
packages-8-current 		4/16/2009 	2:38:00 PM
packages-current 		2/9/2008 	12:00:00 AM
packages-stable 		3/1/2008 	12:00:00 AM
```
packages-7.0-release is completely missing.

s there a way to fix this? How? What should I put in PACKAGESITE?


----------



## gilinko (Apr 26, 2009)

The 7.0 line has reached it's "EOL"(End of life) for that kind of support, so it will not be available on any freebsd mirror. As you can see the 6.0, 6.1, 6.2 and 6.3 releases have also reached their EOL in this way. 

Your option is either to upgrade to 7.1, 7-stable or 8-stable for pkg_add -r to work, or build it from ports directly. Also 7.2 and 8.0 are just around the corner...


----------



## halplus (Apr 26, 2009)

I forgot to mention that upgrade to say 7.1 is not an option for me. It would cost me real dollars and that is a big "if the company that offers the hosting services is willing to deploy such new stable version"


----------



## halplus (Apr 26, 2009)

Somewhere I saw the word archived in the FTP. Is there a way i could get to those?


----------



## gilinko (Apr 26, 2009)

I'm guessing that what you saw was "archivers", which is a part of ports that contain all the compression, packaging etc ports. Not old archives.

If upgrade isn't a possibility, then your back to compile from source using ports. However a "stable" 7.0 will become a "unsecured" one if you don't upgrade the base system when there is a advisory out.


----------



## halplus (Apr 26, 2009)

No no, somewhere I saw a text file that says "Freebsd 7.0 was moved to the archives". Yeah I know i have some security bugs, luckly they are not remotely exploitable. The yarrow thing is not that heavy, the local privileges escalation hole is only exploitable locally (and everything is heavily protected and firewalled to the bones) and the Openssl thing related to DNSSEC is ok, we are not using DNSSEC in BIND. Imagine upgrading a kernel remotely. Things are very likely to break and stay that way. I will have to wait some month until the rental period expires and rent a new server with new OS. For now the link to the archive files will do the trick for me.


----------



## gilinko (Apr 26, 2009)

I think that is more of a metaphor, and the base system of freebsd is archived(distribution cd's etc). Not the packages build for the system release etc. Those are probably just deleted to make room for a new release of packages which in this case is the 7.2.

Just because there is no remote exploits available today, doesn't mean that there won't be any in the future and then you are stuck with a system that you have to patch for. That's how botnet's are created....


----------



## ale (Apr 26, 2009)

halplus said:
			
		

> No no, somewhere I saw a text file that says "Freebsd 7.0 was moved to the archives".



ftp://ftp-archive.freebsd.org/pub/FreeBSD-Archive/old-releases/i386/7.0-RELEASE/packages/All


----------



## halplus (Apr 26, 2009)

Thanks ale, I think that sould solve temporarly my problem. Gilinko in a perfect would we probably would be perfect. Unfortunately is not. Yes i know is shocking, for me is shocking to stay with something with security problems. However i am aware of them and can take protective measures. I beleive also that 99% of break ins are due to improperly configured systems and bad passwords and not due to bugs. For instance i get ssh bruteforcers every day 24/7 to the point that those script kiddies make me sick with those lengthy security reports. Anyway I pfded them and add their ips to a black list automatically. What i have to make sure is that things that face directly the internet contain no exploitable bugs. And don't worry i'll upgrade ASAP. First i need the money to cover the cost  and I can only do that with the buggy one.


----------



## DutchDaemon (Apr 26, 2009)

halplus, press [enter] once in a while.


----------

