From owner-freebsd-ports@freebsd.org Fri Feb 17 10:05:26 2017 Return-Path: Delivered-To: freebsd-ports@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 3AC46CE26E2 for ; Fri, 17 Feb 2017 10:05:26 +0000 (UTC) (envelope-from crest@rlwinm.de) Received: from smtp.rlwinm.de (smtp.rlwinm.de [148.251.233.239]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id C4FF5110E for ; Fri, 17 Feb 2017 10:05:25 +0000 (UTC) (envelope-from crest@rlwinm.de) Received: from crest.local (unknown [87.253.189.132]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.rlwinm.de (Postfix) with ESMTPSA id BCDC1F93A for ; Fri, 17 Feb 2017 11:05:16 +0100 (CET) Subject: Re: The future of portmaster To: freebsd-ports@freebsd.org References: <945f6d92-6834-7e2c-18c4-0a17e2c04122@columbus.rr.com> <44shneot7h.fsf@lowell-desk.lan> <079d97d0-8dc7-8dcd-460e-86644f12b900@columbus.rr.com> <1244d826-e4ae-97a9-6033-8a1c79c2da9e@m5p.com> <7d0525ee-980e-a63a-f90f-974a7e1022cf@columbus.rr.com> <9ffa861978cdb1a06a69d7b9af525ad5@ultimatedns.net> <8cdf045f-a333-0fcf-c1ab-2fea2114e384@abinet.ru> <20170217092516.2b4ba57d@freedom.alkumuna.eu> From: Jan Bramkamp Message-ID: Date: Fri, 17 Feb 2017 11:05:16 +0100 User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.12; rv:45.0) Gecko/20100101 Thunderbird/45.7.1 MIME-Version: 1.0 In-Reply-To: <20170217092516.2b4ba57d@freedom.alkumuna.eu> Content-Type: text/plain; charset=utf-8; format=flowed Content-Transfer-Encoding: 8bit X-BeenThere: freebsd-ports@freebsd.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: Porting software to FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 17 Feb 2017 10:05:26 -0000 On 17/02/2017 09:25, Matthieu Volat wrote: > On Fri, 17 Feb 2017 10:37:16 +0300 > abi wrote: > >> 17.02.2017 00:22, Chris H пишет: >>> On Thu, 16 Feb 2017 15:48:57 -0500 Baho Utot wrote >>> >>>> On 02/16/17 15:40, George Mitchell wrote: >>>>> On 02/16/17 15:33, Baho Utot wrote: >>>>>> >>>>>> On 02/16/17 14:01, Lowell Gilbert wrote: >>>>>>> Baho Utot writes: >>>>>>> >>>>>>>> On 02/16/17 06:08, Luca Pizzamiglio wrote: >>>>>>>>> I'm looking for constructive critics, feedbacks, anything that can >>>>>>>>> help me to make portmaster an actively maintained and used tool. >>>>>>>> If you can have it build in a clean chroot or jail then you'll get my >>>>>>>> attention >>>>>>> What kind of special support? >>>>>>> >>>>>>> I use it with a chroot that mounts /usr/ports (and src) read-only, and >>>>>>> aside from the initial base system install, it took about fifteen >>>>>>> minutes to set up. >>>>>>> >>>>>> Using chroot or jails to build each individual package >>>>>> [...] >>>>> While I understand the interest in chroot/jails as an optional >>>>> feature, I hope it doesn't become required. The current non-use >>>>> of chroot/jails is, for me, a feature -- not a bug. -- George >>>>> >>>>> >>>> Having built and packaged linux from scratch using the rpm package >>>> manager, I came to find that if one is building packages to be used on >>>> multiple machines, one needs to build each package in a chroot >>>> environment or the package could inherit things from the parent not >>>> found in the target machine. Here by making the package unusable. >>> Hello. You shouldn't have any difficulty accomplishing your goal >>> by simply setting up a jail, and using portmaster within that jail(8). >>> portmaster really doesn't care where it's run. So long as it has >>> everything it needs to accomplish it's job(s). :-) >>> >> From my point of view, jails are overkill. Chroot should be enough and >> it would be nice if portmaster starts building in clean environment. > > Just dropping privileges to a dedicated user for building would be a big step, but that's more a port feature (openbsd's ports do that, if I'm not wrong). Yes dropping privileges would be a good *additional* step. The purpose of the jail/chroot isn't just for security. The real goal is to provide a reproducible, clean build environment. Lots of broken configure scripts out there include a lot of autodetection magic. And suddenly your binaries are link against additional libraries which are unknown to pkg. This becomes even funnier if your application uses fork+exec per connection. Suddenly you're left with a bound socket but each connection dies because the worker fails to link at runtime. This was the straw that broke the camels back for me. An other problem with portmaster is that it creates inconsistent during the upgrade by design. Of course pkg upgrade isn't atomic either but the time window is on the order of a few seconds instead of minutes to hours and is far less likely fail halfway through.