FreeBSD Release Branches
Which version of FreeBSD is right for me?
This is a constant question on the FreeBSD-Questions mailing list. It basically boils down to a stability vs features tradeoff. The decision on which branch to track effects which supfile tag you will choose. A complete list of current supfile tags is available in the handbook appendix.
The full explanation of the release engineering terms and decision making process can be found here. Something of the justification for this plan can be found here. On the other hand, the following may give you a clearer idea of how to decide which release is right for your systems.
You may want to recall that the "features vs security" tradeoff only applies to a system recompile. In other words, you aren't testing the new code in CURRENT unless you are regularly recompiling the system.
Current is exactly what it sounds like. The newest system code for the FreeBSD OS. With that said, however, chasing CURRENT for features is not recomended. The handbook describes of the reasons for people to follow current. But to summarize, current is mainly for people who have a definite interest in either coding or monitoring the future releases of FreeBSD, and certainly not for production use.
Current is a bit different as the supfile tag consists of . (A single period). An alias is provided named HEAD, and sometimes the CURRENT branch is refered to as the "Head Branch".
Somewhat counterintuitively, STABLE is not the most stable FreeBSD release. STABLE is named as a "stable development" branch in relation to the more unstable development branch: CURRENT. Stable includes all of those patches that have filtered through current and been deemed "stable" enough to deserve testing for general release.
Stable tends to be relatively bug free, while keeping up with much of the new features available in new development packages. Typically, home and desktop users can use the STABLE branch if they have an interest in newer features or think they may want to help test FreeBSD. For critical servers, substantial testing before deployment of any release, but particularly a non-Security Release, is highly recomended.
Stable will involve the newest code for a particular major version. This means that as FreeBSD code develops through 6.1, even if you installed 6.0, it will be updated to match this new code if you are tracking the 6-STABLE code branch. The stable branch cvsup tags (called 'branch tags') take a form such as RELENG_5 or RELENG_6.
If stability is the most important factor on this system, you may want to track something called the security branch. This branch only updates for security updates and major bug fixes from the code you originally installed.
These Security branches will not bump version numbers when they come out. In other words, if you install 6.0 security branch, your system source code will not be updated to 6.1 when 6.1 is released as a new security branch. If you want to update to 6.1, you will need to change the supfile tag manually. Supfile tags (called 'release tags') for the Security branch look like RELENG_5_3, RELENG_5_4 or RELENG_6_0 . (note the specifier of both the major and minor version number) If you want to run the security branch, you should probably run the most recent Security Branch listed here (unless you experiance hardware problems that can be fixed via downgrading).
Security branches are additionally described (in messages to support mailing lists, for example) by their patch level. If there have been 3 major patches to the RELENG_5_4 security branch, for example, an up-to-date 5.4 user will be running 5.4-p3 .
Fundamentally, releases are just snapshots of the RELENG_X (X-STABLE) series at a particular moment of time (with some release engineering ensuring that it is a stable/secure release). A "RELEASE" is generally the start of a new Security Branch. Release is basically another way of saying Security Branch Release RELENG_X_0, and they get cvstag's like RELENG_6_0_0_RELEASE. Install CDs usually install these images.