Skip site navigation (1)Skip section navigation (2)
Date:      Mon, 27 Aug 2012 10:51:49 +1000
From:      Peter Jeremy <peter@rulingia.com>
To:        Doug Barton <dougb@freebsd.org>
Cc:        ports@freebsd.org, current@freebsd.org
Subject:   Re: pkgng suggestion: renaming /usr/sbin/pkg to /usr/sbin/pkg-bootstrap
Message-ID:  <20120827005149.GD27130@aspire.rulingia.com>
In-Reply-To: <503A78AD.6010402@FreeBSD.org>
References:  <20120824081543.GB2998@ithaqua.etoilebsd.net> <50380269.6020003@FreeBSD.org> <20120825000148.GF37867@ithaqua.etoilebsd.net> <50396113.3080607@cyberleo.net> <20120826122649.GA8995@stack.nl> <20120826125846.GD37534@ithaqua.etoilebsd.net> <503A6D4B.9070606@FreeBSD.org> <20120826185810.GB42842@ithaqua.etoilebsd.net> <1346008112.1140.76.camel@revolution.hippie.lan> <503A78AD.6010402@FreeBSD.org>

next in thread | previous in thread | raw e-mail | index | archive | help

--76DTJ5CE0DCVQemd
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable

On 2012-Aug-26 12:27:41 -0700, Doug Barton <dougb@freebsd.org> wrote:
>On 08/26/2012 12:08, Ian Lepore wrote:
>> Maybe it could rename itself to /usr/local/sbin/pkg-bootstrap as part of
>> replacing itself, so that you could re-bootstrap your way out of a
>> problem later.
>
>That's certainly creative thinking, but I'm still queasy about 2
>commands with the same name that do 2 different things. And having it
>rename itself adds to the confusion down the road.

I also like the idea of a pkg-bootstrap command.  Possibly a symlink
=66rom pkg to pkg-bootstrap, that gets removed as part of the bootstrap
process, would help - but it should just tell you how to run
pkg-bootstrap.  I don't like the idea of pkg{-bootstrap} autonomously
installing something I didn't ask for.  And I don't like the idea that
all pkg commands get bounced through a /usr/sbin/pkg once it has been
bootstrapped.

>Having a simple pkg bootstrapping tool in the base is a good idea. But
>the functionality needs to be extremely limited so that we don't
>increase the security exposure; and so that we don't end up in a
>situation where a bug fix for something in the base limits our ability
>to innovate with pkg in the ports tree.

Agreed.  BTW, one thing that needs to be considered is how to recover
=66rom the embedded public key needing to be invalidated (eg due to the
private key being exposed).

--=20
Peter Jeremy

--76DTJ5CE0DCVQemd
Content-Type: application/pgp-signature

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.19 (FreeBSD)

iEYEARECAAYFAlA6xKUACgkQ/opHv/APuIe+GwCgvjqFVCjtsNd0pcR4XGZWRKWI
qwIAnjIQpXEkuEl4Tekh3767ChPyTybQ
=tcjQ
-----END PGP SIGNATURE-----

--76DTJ5CE0DCVQemd--



Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20120827005149.GD27130>