Date: Sun, 19 Aug 2001 20:21:54 -0500 From: Mike Meyer <mwm@mired.org> To: "Ted Mittelstaedt" <tedm@toybox.placo.com> Cc: <questions@FreeBSD.ORG> Subject: RE: IDS Message-ID: <15232.26162.667917.436954@guru.mired.org> In-Reply-To: <000501c12908$072ab0c0$1401a8c0@tedm.placo.com> References: <15230.58997.927550.888016@guru.mired.org> <000501c12908$072ab0c0$1401a8c0@tedm.placo.com>
next in thread | previous in thread | raw e-mail | index | archive | help
Ted Mittelstaedt <tedm@toybox.placo.com> types:
> >[Context lost to top posting.]
> Applicable context that was lost was included in the respose posted.
Yup. But all messages posted to this list can be found in the archives
pretty easily, so unedited copies of them are a waste. Which is
exactly what I deleted. Since you didn't think the context was
important enough to spend a few minutes editing, it's clearly not
important enough for me to bother forwarding yet again.
Personally, I'd prefer it if people just deleted messages that they
aren't going to bother editing. People who want to read the unedited
original can get it from the archives. People who don't care - which I
suspect are the majority for any given message - will be saved the
bandwidth.
> >Ted Mittelstaedt <tedm@toybox.placo.com> types:
> >> then please consider this carefully. We already have many ports in FreeBSD
> >> that
> >> have been abandonded by their maintainers and cause a lot of trouble for
> >> users.
> >We do? While I sometimes run into one that's broken, a note to the
> Yes. It's not always immediately obvious because the Project tends to prune
> them out or get them reassigned so you don't see them for long.
Um - if you they've been pruned or are taken over by someone else,
then they aren't "abandonded ports that cause a lot of trouble for
users." I don't consider that a problem - I consider it SOP for a
volunteer operation.
> For example,
> did you ever know that there was once a port of Ingres that Julian maintained?
> That got pruned a long time ago from FreeBSD 2 when they changed something in
> FreeBSD that broke it.
>
> You can argue all you want that nobody uses Ingres, but that is specious
> because since it's not available, of course practically no one would use it.
No, I'm not going to argue that. Being an ex-employee of Ingres, I
think it would be *great* if there were an Ingres port in the
tree. That nobody is interested enough to maintain it is a good
indication that nobody uses it, but that's immaterial.
You seem to be arguing that, because ports are abandoned, people
shouldn't bother submitting them. That's bogus. If someone ports
something then submits it, it will be found - and probably used - by
more people, it's liable to keep someone from duplicating the work,
and it makes it much more likely that the someone else will pick up
the port and maintain it if the original porter abandons it. Sure,
that may not happen, like it did with Ingres - but in that case, the
FreeBSD community isn't any worse off than it would have been if the
port was never committed.
> >maintainer ("make -V MAINTAINER" gets the email address) usually gets
> >it dealt with. Things that fail to build on bento tend to get pruned
> >if the maintainer doesn't deal with the problem.
> >If you've got a long list of broken ports, possibly you should notify
> >the various maintainers to see if you can get the problem fixed.
> Generally I've found that simply waiting until the next FreeBSD version and
> then trying again will take care of the problem because enough other people
> complain about it. But, sometimes the problems aren't immediately obvious.
As a developer and port maintainer, I'm *always* appreciative of
well-written bug reports. I've found other port maintainers to take
the same attitude. Even if the response is a simple "*poof*, already
fixed. just get the new version". If it's not fixed, I tend to get a
test patch before the general public, which is always nice to have.
> For another example, how about all those ports that have error messages about
> them being insecure, like uw-imap? What's that all about? I guess the
> maintainer is so unresponsive there to fixing the security bugs that the
> Project has just thrown up their hands in disgust and slapped in warning
> labels.
First, the maintainer isn't the person responsible for fixing security
bugs, the *developer* is. A responsible maintainer will mark such a
port appropriately as soon as the vulnerability becomes known. Then
they can worry about fixing it. Generally, "fixing it" means notifying
the developer, and hoping they'll fix it. In some cases - the BSD
version of netscape, for example - that's all that's possible. If the
maintainer can provide a patch, that can be added to the port and sent
to the developer, which makes it more likely that it'll be fixed in
the next version.
As for "all those ports", in the tree I checked out this morning,
there were 5673 ports. Only 38 of them are marked FORBIDDEN, and
roughly half of those are so marked for reasons unrelated to
security. That means only about 1/3rd of a percent are broken. Some of
them the developer has abandoned - same example - and probably should
be deleted.
> Now, I don't want to give the impression that the FreeBSD ports collection is
> full of bugs and trouble because it's not. All I'm trying to get across is
> that when you or anybody decide to become a maintainer of a port, you need to
> understand that by placing that software into FreeBSD, that your casting the
> "veneer of
> worthiness" on the software and that there's a lot of people who are going to
> start looking at using this for production environments as a result. If you
> are doing this on a lark, or conditionally to where you will stop doing it if
> it takes up too much time, then your just setting up traps that are going to
> harm those of us who start using your port.
That's where we disagree. While submitting a port as a lark is a bad
idea, this is a volunteer project, which means that pretty much every
port committed will only be maintained if it doesn't take up to much
time. Any making a port, is makeing their work available to others,
and doing them a service.
Anyone using free software in a production environment runs the risk
of the developer - and port maintainer for ports - deciding they have
something better to do with their time than provide pro bono
support. If they aren't willing to take that risk, they should be
paying someone for support.
> It would be better if the port
> was never done because then we would be steered into other similar packages
> who are maintained by people that _are_ committed.
Assuming they exist and will do the job well enough so that you don't
have to do the port yourself. If that's not true, you're much better
off starting with a port than starting from scratch.
BTW, this ties back to the documentation thread. The reason that it's
better to submit work to the FreeBSD project than set up your own web
site is because it is much more likely to be picked up and maintained
if the original author develops it. For the doc project, that's almost
a certainty. If a port or documentation isn't submitted to the
project, it's almost a certainty it won't be picked up by someone
else.
<mike
--
Mike Meyer <mwm@mired.org> http://www.mired.org/home/mwm/
Independent WWW/Perforce/FreeBSD/Unix consultant, email for more information.
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?15232.26162.667917.436954>