From owner-freebsd-ports@freebsd.org  Mon Nov 26 20:24:12 2018
Return-Path: <owner-freebsd-ports@freebsd.org>
Delivered-To: freebsd-ports@mailman.ysv.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1])
 by mailman.ysv.freebsd.org (Postfix) with ESMTP id EFAD21143200
 for <freebsd-ports@mailman.ysv.freebsd.org>;
 Mon, 26 Nov 2018 20:24:11 +0000 (UTC)
 (envelope-from mwlucas@mail.michaelwlucas.com)
Received: from mailman.ysv.freebsd.org (mailman.ysv.freebsd.org
 [IPv6:2001:1900:2254:206a::50:5])
 by mx1.freebsd.org (Postfix) with ESMTP id 738D987146
 for <freebsd-ports@freebsd.org>; Mon, 26 Nov 2018 20:24:11 +0000 (UTC)
 (envelope-from mwlucas@mail.michaelwlucas.com)
Received: by mailman.ysv.freebsd.org (Postfix)
 id 35B3D11431FF; Mon, 26 Nov 2018 20:24:11 +0000 (UTC)
Delivered-To: ports@mailman.ysv.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1])
 by mailman.ysv.freebsd.org (Postfix) with ESMTP id 23DCC11431FE
 for <ports@mailman.ysv.freebsd.org>; Mon, 26 Nov 2018 20:24:11 +0000 (UTC)
 (envelope-from mwlucas@mail.michaelwlucas.com)
Received: from mail.michaelwlucas.com (mail.michaelwlucas.com
 [104.236.197.233])
 (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
 (Client did not present a certificate)
 by mx1.freebsd.org (Postfix) with ESMTPS id 78AA087145
 for <ports@freebsd.org>; Mon, 26 Nov 2018 20:24:10 +0000 (UTC)
 (envelope-from mwlucas@mail.michaelwlucas.com)
Received: from mail.michaelwlucas.com (localhost [127.0.0.1])
 by mail.michaelwlucas.com (8.15.2/8.15.2) with ESMTP id wAQKO74c095962
 for <ports@freebsd.org>; Mon, 26 Nov 2018 15:24:07 -0500 (EST)
 (envelope-from mwlucas@mail.michaelwlucas.com)
Received: (from mwlucas@localhost)
 by mail.michaelwlucas.com (8.15.2/8.15.2/Submit) id wAQKO7Il095961
 for ports@freebsd.org; Mon, 26 Nov 2018 15:24:07 -0500 (EST)
 (envelope-from mwlucas)
Date: Mon, 26 Nov 2018 15:24:07 -0500
From: "Michael W. Lucas" <mwlucas@michaelwlucas.com>
To: ports@freebsd.org
Subject: packages and base jails
Message-ID: <20181126202407.GA95942@mail.michaelwlucas.com>
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
User-Agent: Mutt/1.10.1 (2018-07-13)
X-Greylist: Sender passed SPF test, not delayed by milter-greylist-4.6.2
 (mail.michaelwlucas.com [127.0.0.1]); Mon, 26 Nov 2018 15:24:10 -0500 (EST)
X-Rspamd-Queue-Id: 738D987146
X-Spamd-Result: default: False [-5.82 / 15.00]; ARC_NA(0.00)[];
 FORGED_RECIPIENTS_FORWARDING(0.00)[]; RCVD_COUNT_FIVE(0.00)[6];
 NEURAL_HAM_MEDIUM(-1.00)[-1.000,0]; FROM_HAS_DN(0.00)[];
 FORWARDED(0.00)[ports@mailman.ysv.freebsd.org];
 FORGED_SENDER_FORWARDING(0.00)[];
 NEURAL_HAM_LONG(-1.00)[-1.000,0]; MIME_GOOD(-0.10)[text/plain];
 TO_DN_NONE(0.00)[]; DMARC_NA(0.00)[michaelwlucas.com];
 AUTH_NA(1.00)[]; RCPT_COUNT_ONE(0.00)[1];
 RCVD_IN_DNSWL_MED(-0.20)[5.0.0.0.0.5.0.0.0.0.0.0.0.0.0.0.a.6.0.2.4.5.2.2.0.0.9.1.1.0.0.2.list.dnswl.org
 : 127.0.9.2]; MX_GOOD(-0.01)[cached: mail.michaelwlucas.com];
 NEURAL_HAM_SHORT(-0.97)[-0.973,0]; R_SPF_NA(0.00)[];
 FORGED_SENDER(0.00)[mwlucas@michaelwlucas.com,mwlucas@mail.michaelwlucas.com]; 
 RCVD_NO_TLS_LAST(0.10)[]; R_DKIM_NA(0.00)[];
 IP_SCORE(-3.64)[ip: (-9.87), ipnet: 2001:1900:2254::/48(-4.70), asn:
 10310(-3.55), country: US(-0.09)]; 
 ASN(0.00)[asn:10310, ipnet:2001:1900:2254::/48, country:US];
 FROM_NEQ_ENVFROM(0.00)[mwlucas@michaelwlucas.com,mwlucas@mail.michaelwlucas.com];
 FORGED_RECIPIENTS(0.00)[ports@freebsd.org,freebsd-ports@freebsd.org]
X-Rspamd-Server: mx1.freebsd.org
X-BeenThere: freebsd-ports@freebsd.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Porting software to FreeBSD <freebsd-ports.freebsd.org>
List-Unsubscribe: <https://lists.freebsd.org/mailman/options/freebsd-ports>,
 <mailto:freebsd-ports-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-ports/>
List-Post: <mailto:freebsd-ports@freebsd.org>
List-Help: <mailto:freebsd-ports-request@freebsd.org?subject=help>
List-Subscribe: <https://lists.freebsd.org/mailman/listinfo/freebsd-ports>,
 <mailto:freebsd-ports-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Mon, 26 Nov 2018 20:24:12 -0000


Hi,

I'm writing a book on jails and am looking for BCP. I'd like to
present either "This is the approved solution and should work" or
"these are the gotchas with any of these, choose your pain."

Folks want base jails to include packages, but also want to install
additional packages--which won't happen if /usr/local is mounted
read-only in the base jail. Trawling around the Net I see a couple
options. Both involve the primary jail using a different package
repo. The overlay jail uses the standard package repo.

1) primary jail uses a repo with PREFIX=/usr/pkg or /opt. Works in my
simple use cases once I set ldconfig directories in rc.conf, but I'm
told programs like pkgconfig can go sideways.

2) base jail repo uses with PREFIX=/. Utterly violates separation of
base and pkg, but everything should find everything out of the
box. Again, seems to work in my wimpy use cases.

Is there an option that should work? Or is a matter of choosing
between horrors?

Thanks,
==ml



-- 
Michael W. Lucas 	https://mwl.io/
author of: Absolute OpenBSD, SSH Mastery, git commit murder,
Immortal Clay, PGP & GPG, Absolute FreeBSD, etc, etc, etc...