From owner-freebsd-ports@freebsd.org Sun Jun 25 07:39:45 2017 Return-Path: Delivered-To: freebsd-ports@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 92E71D8B83A for ; Sun, 25 Jun 2017 07:39:45 +0000 (UTC) (envelope-from michelle@sorbs.net) Received: from mailman.ysv.freebsd.org (unknown [127.0.1.3]) by mx1.freebsd.org (Postfix) with ESMTP id 7E4E427A7 for ; Sun, 25 Jun 2017 07:39:45 +0000 (UTC) (envelope-from michelle@sorbs.net) Received: by mailman.ysv.freebsd.org (Postfix) id 7A601D8B839; Sun, 25 Jun 2017 07:39:45 +0000 (UTC) Delivered-To: ports@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 7811CD8B838 for ; Sun, 25 Jun 2017 07:39:45 +0000 (UTC) (envelope-from michelle@sorbs.net) Received: from hades.sorbs.net (hades.sorbs.net [72.12.213.40]) by mx1.freebsd.org (Postfix) with ESMTP id EF68827A6 for ; Sun, 25 Jun 2017 07:39:44 +0000 (UTC) (envelope-from michelle@sorbs.net) MIME-version: 1.0 Content-transfer-encoding: 8BIT Content-type: text/plain; charset=UTF-8; format=flowed Received: from isux.com (firewall.isux.com [213.165.190.213]) by hades.sorbs.net (Oracle Communications Messaging Server 7.0.5.29.0 64bit (built Jul 9 2013)) with ESMTPSA id <0OS30048BEYVU200@hades.sorbs.net> for ports@freebsd.org; Sun, 25 Jun 2017 00:47:21 -0700 (PDT) Subject: Re: [RFC] Why FreeBSD ports should have branches by OS version To: =?UTF-8?Q?Martin_Waschb=c3=bcsch?= , ports@freebsd.org References: <20170622121856.haikphjpvr6ofxn3@ivaldir.net> <20170622141644.yadxdubynuhzygcy@ivaldir.net> <4jrnkcpurfmojfdnglqg5f97sohcuv56sv@4ax.com> <20170622211126.GA6878@lonesome.com> <594C4663.5080209@quip.cz> <6mupkc5v5oclrd721pssousokmgtqkvfao@4ax.com> <20170623125424.GA10691@gmail.com> <76e3845a-d05c-7c1a-b548-31381252fe45@sorbs.net> <4B124329-E0E7-4A49-9A6D-A4E2251C2AAE@waschbuesch.de> From: Michelle Sullivan Message-id: Date: Sun, 25 Jun 2017 09:39:12 +0200 User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.11; rv:49.0) Gecko/20100101 Firefox/49.0 SeaMonkey/2.46 In-reply-to: <4B124329-E0E7-4A49-9A6D-A4E2251C2AAE@waschbuesch.de> X-BeenThere: freebsd-ports@freebsd.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: Porting software to FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 25 Jun 2017 07:39:45 -0000 Martin Waschbüsch wrote: >> Am 23.06.2017 um 23:53 schrieb Michelle Sullivan : >> >> Matt Smith wrote: >>> I use FreeBSD *precisely* because it mostly keeps up with the latest stable versions of things. I have postfix 3.2, pgsql 9.6, nginx 1.13, libressl 2.5 etc. It's usually impossible to do this with linux unless you install things directly from source. >> And me I came to FreeBSD because it was security conscious but not latest and greatest or nothing... well not strictly true, P Vixie forced me into trying it.. but I changed from Linux to FreeBSD across my entire product because of stability... which doesn't exist in the same way now (and hasn't since 2013ish).. > FWIW, personally, I never perceived statements about FreeBSD's stability to extend beyond the scope of the (complete) OS itself. There in lies a problem.. Something happened, now the OS is not as stable, as for a 'installed the CD how long before a reboot' is it, but how often do we *have* to upgrade because of a security issue.. seems like every 5 minutes now... ports (some of them) do form part of the OS... if the ports tree stops working on older versions of the OS then you *have* to upgrade. > I always regarded ports very much as a convenience. pkg even more so. I don't consider pkg at all. Ports are partly. > >>> I upgrade my ports/packages via poudriere every single day which mostly just takes 2 minutes of my time as usually that results in maybe one or two packages being updated at a time. I see this as a positive thing rather than doing one massive huge upgrade every 3 months. >> Currently have 87 servers located across 7 continents, all in production processing incoming spam at the millions per day, and serving DNS requests at a rate of over 70,000 queries per second (averaged over a week)... you can't just f**k with that. Patches have to be evaluated, tested, built and regression tested.... > > My personal conclusion is that if I need to ensure that issues (especially security fixes) are dealt with in a timely manner then I have to do the patching, testing, evaluating, etc. myself. Mostly agreed... depends on your definition of 'do the patching yourself'.. if you mean taking patches applying them yourself, then yes 100% agree, if you mean developing the patch yourself in whole or in part... no. > After all, even if all that was thoroughly done by upstream, port maintainer, etc., who’s to say my specific setup and config won’t bring issues to light their testing didn’t? 100% with you. -- Michelle Sullivan http://www.mhix.org/