From owner-freebsd-ports@freebsd.org Fri Dec 11 15:55:28 2015 Return-Path: Delivered-To: freebsd-ports@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 399329D8B54 for ; Fri, 11 Dec 2015 15:55:28 +0000 (UTC) (envelope-from mmatalka@gmail.com) Received: from mail-wm0-x235.google.com (mail-wm0-x235.google.com [IPv6:2a00:1450:400c:c09::235]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (Client CN "smtp.gmail.com", Issuer "Google Internet Authority G2" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id CD4C01A4F for ; Fri, 11 Dec 2015 15:55:27 +0000 (UTC) (envelope-from mmatalka@gmail.com) Received: by mail-wm0-x235.google.com with SMTP id c201so80317219wme.0 for ; Fri, 11 Dec 2015 07:55:27 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=from:to:cc:subject:references:date:in-reply-to:message-id :user-agent:mime-version:content-type; bh=5TvEXCzPb+8apL9LTi/Xq0Fji8vxBvvKx+Y+xP+TPHQ=; b=lw/z1es7OzMDUrcQHZknhG0bOzIp8MdNpISjSJbeWUv0x1l6z7jiOdN4BhVFLHNsHc VxWluFBEXsumiU5j4LvN053Ncht3MF6LXeYeHnnzxg4wEoSlEFYssBs/kaGjz1Rko4AS N0vsiSXhpXYnCl2/lNlvDCf3865E34xea4EsdT9MKkOxLCSJj/NdEnssx4VkIS5YqCRp jSeEqbVwMBJgXZNEBzUtFDwtDO5IXMQZVxkZ+jFJnoO9cveCV2U2F4jV/rY2wpaYZ/Ma UU1Aqgj+IhI93yk2/ClIPbC5e7psb46NcbQdWPdRGuHwNOh+Igdx3x6ztuuxakdoJpVZ JsVg== X-Received: by 10.28.136.149 with SMTP id k143mr6618908wmd.57.1449849325611; Fri, 11 Dec 2015 07:55:25 -0800 (PST) Received: from localhost (li195-236.members.linode.com. [178.79.139.236]) by smtp.gmail.com with ESMTPSA id h5sm17514883wjz.21.2015.12.11.07.55.23 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Fri, 11 Dec 2015 07:55:24 -0800 (PST) From: Malcolm Matalka To: Piotr Florczyk Cc: freebsd-ports@freebsd.org Subject: Re: poudriere, Go and networking References: <374B9F2C-11B4-44F6-9FF6-E4687ECF9CB2@gemius.com> <20151211143601.GI35480@home.opsec.eu> <566AE71B.3080201@gemius.com> Date: Fri, 11 Dec 2015 15:55:22 +0000 In-Reply-To: <566AE71B.3080201@gemius.com> (Piotr Florczyk's message of "Fri, 11 Dec 2015 16:09:15 +0100") Message-ID: <86mvthrndh.fsf@gmail.com> User-Agent: Gnus/5.13 (Gnus v5.13) Emacs/24.5 (berkeley-unix) MIME-Version: 1.0 Content-Type: text/plain X-BeenThere: freebsd-ports@freebsd.org X-Mailman-Version: 2.1.20 Precedence: list List-Id: Porting software to FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 11 Dec 2015 15:55:28 -0000 Piotr Florczyk writes: > W dniu 11.12.2015 o 15:36, Kurt Jaeger pisze: >> Hi! >> >>> Recently I had to package couple of programs written in Go and godep is >>> becoming the standard for dependency tracking in Go projects. >>> For example I currently had to package telegraf. Here is the thing. Poudriere >>> disables networking after fetch phase and I don't know before extract >>> phase what dependencies are inside. >> >> We recently upgraded maven, the java-world 'make and godep' and all >> the ports that need maven to build have the same problem, see: >> >> https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=188110#c37 >> >>> So here is the question: would it be possible to have networking >>> enabled during extract phase ? >>> Or maybe there is another solution (some flag in ports maybe that >>> I'm missing ?) >> >> I think we need some fancy fetch target per distfile which basically >> uses technology-dependend (maven, godep, etc) ways to trigger >> the 'fetch' during the fetch-phase. Probably some sort >> of base-fetch vrs. dep-fetch ? >> > New target might not be needed but I think this is good idea. Altough it does not solve my problem with poudriere. In my case, the soonest I > can fetch dependencies is in post-extract target. So if poudriere didn't cut off networking at this stage we wouldn't need any changes and > every one would be happy. This sounds like it would be a security hole to let a package download extra things that the FreeBSD package system does not know about and cannot validate. > Even if we come up with proper solution it will require cutting off network at some later stage than post-extract. In my opinion we might > aswell move it to that point right now. Perhaps you should make a tool which takes a go project as input and a FreeBSD package as output? > > -- > Regards, > Piotr Florczyk > _______________________________________________ > freebsd-ports@freebsd.org mailing list > https://lists.freebsd.org/mailman/listinfo/freebsd-ports > To unsubscribe, send any mail to "freebsd-ports-unsubscribe@freebsd.org"