From owner-freebsd-pkgbase@freebsd.org Tue Apr 30 00:26:33 2019 Return-Path: Delivered-To: freebsd-pkgbase@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id D3AC415A1D1A for ; Tue, 30 Apr 2019 00:26:32 +0000 (UTC) (envelope-from cy.schubert@cschubert.com) Received: from smtp-out-no.shaw.ca (smtp-out-no.shaw.ca [64.59.134.9]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client CN "Client", Issuer "CA" (not verified)) by mx1.freebsd.org (Postfix) with ESMTPS id B218084121 for ; Tue, 30 Apr 2019 00:26:31 +0000 (UTC) (envelope-from cy.schubert@cschubert.com) Received: from spqr.komquats.com ([70.67.125.17]) by shaw.ca with ESMTPA id LGbFhxYjvldkPLGbGhiWGQ; Mon, 29 Apr 2019 18:26:23 -0600 X-Authority-Analysis: v=2.3 cv=Ko4zJleN c=1 sm=1 tr=0 a=VFtTW3WuZNDh6VkGe7fA3g==:117 a=VFtTW3WuZNDh6VkGe7fA3g==:17 a=jpOVt7BSZ2e4Z31A5e1TngXxSK0=:19 a=IkcTkHD0fZMA:10 a=xqWC_Br6kY4A:10 a=oexKYjalfGEA:10 a=YxBL1-UpAAAA:8 a=6I5d2MoRAAAA:8 a=3LaEKezUNkZjOIBfRCoA:9 a=QEXdDO2ut3YA:10 a=Ia-lj3WSrqcvXOmTRaiG:22 a=IjZwj45LgO3ly-622nXo:22 Received: from [IPv6:2605:8d80:404:ff9d:5abb:f73e:6d61:bb09] (unknown [72.143.221.27]) by spqr.komquats.com (Postfix) with ESMTPSA id B49633AD; Mon, 29 Apr 2019 17:26:20 -0700 (PDT) Date: Mon, 29 Apr 2019 17:25:54 -0700 User-Agent: K-9 Mail for Android In-Reply-To: <23751.25464.908633.101215@khavrinen.csail.mit.edu> References: <201904291441.x3TEfMid072751@gndrsh.dnsmgr.net> <201904291931.x3TJV73d079802@slippy.cwsent.com> <23751.25464.908633.101215@khavrinen.csail.mit.edu> MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: quoted-printable Subject: Re: CFT: FreeBSD Package Base To: Garrett Wollman CC: freebsd-pkgbase@freebsd.org From: Cy Schubert Message-ID: <8B10CAFD-88A1-4DAD-92C2-93F5DE4B3402@cschubert.com> X-CMAE-Envelope: MS4wfN2Pxp0sPJ25lJaD0Fg/Lpk0ZIO9XBJbgUR+SgmnC7DXC8leQM9vpJbqWLG1s6c6U3qp8sJ9NYe6t8PptFJ06uBGBD1qQwdnur6VK4iMVry73cBFGLC0 U9v8jJhHY/FDGTJ1t0W1IsvnhFrXOen3zrya6V3glPyRr0HhSEtp52Ro3uvj5OSjYo6iOMD43UzMY63ITfVzDuwdDbEXILV0+JCpyVKsLlyj4y1hYuUwljV7 X-Rspamd-Queue-Id: B218084121 X-Spamd-Bar: ----- Authentication-Results: mx1.freebsd.org X-Spamd-Result: default: False [-5.65 / 15.00]; ARC_NA(0.00)[]; RCVD_VIA_SMTP_AUTH(0.00)[]; NEURAL_HAM_MEDIUM(-1.00)[-1.000,0]; FROM_HAS_DN(0.00)[]; TO_DN_SOME(0.00)[]; IP_SCORE(-2.49)[ip: (-6.68), ipnet: 64.59.128.0/20(-3.21), asn: 6327(-2.45), country: CA(-0.09)]; MIME_GOOD(-0.10)[text/plain]; RCVD_TLS_LAST(0.00)[]; NEURAL_HAM_LONG(-1.00)[-1.000,0]; RCVD_COUNT_THREE(0.00)[3]; TO_MATCH_ENVRCPT_SOME(0.00)[]; MX_GOOD(-0.01)[cached: spqr.komquats.com]; RCPT_COUNT_TWO(0.00)[2]; NEURAL_HAM_SHORT(-0.96)[-0.955,0]; R_SPF_NA(0.00)[]; FROM_EQ_ENVFROM(0.00)[]; RCVD_IN_DNSWL_LOW(-0.10)[9.134.59.64.list.dnswl.org : 127.0.5.1]; R_DKIM_NA(0.00)[]; ASN(0.00)[asn:6327, ipnet:64.59.128.0/20, country:CA]; MIME_TRACE(0.00)[0:+]; MID_RHS_MATCH_FROM(0.00)[]; RECEIVED_SPAMHAUS_PBL(0.00)[17.125.67.70.zen.spamhaus.org : 127.0.0.11] X-BeenThere: freebsd-pkgbase@freebsd.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: "Packaging the FreeBSD base system." List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 30 Apr 2019 00:26:33 -0000 On April 29, 2019 1:50:00 PM PDT, Garrett Wollman wrote: >< said: > >> The discussion about granularity begs the question, why pkgbase in >the=20 >> first place? My impression was that it allowed people to select which > >> components they wanted to either create a lean installation or mix >and=20 >> match base packages and ports (possibly with flavours to install in=20 >> /usr rather than $LOCALBASE) such that maybe person A wanted a stock=20 >> install while person B wanted to replace, picking a random example, >BSD=20 >> tar with GNU tar=2E Isn't that the real advantage of pkgbase? > >No=2E The "real" advantage of pkgbase is that it allows the distributor >of a customized version of the operating system to support binary-only >updates, without all the (non-trivial) infrastructure of running a >custom FreeBSD-update builder and distribution server=2E > >Consider my position: I have about 30 servers (and another ~10 jails) >that all run the same local build of FreeBSD=2E Right now, the only >reliable way to update them is to NFS-mount /usr/src and /usr/obj from >my build server, and run a (slow) "make installworld"=2E It would >literally save me hours out of every upgrade (or base-system security >fix) to be able to install compressed binary packages downloaded over >http, and I'd have better security because binary packages are >signed=2E > >For my use case, I don't much care what the granularity is, so long as >I can safely upgrade (or update) the kernel independently of the >userland and independently of third-party packages -- just two >packages (kernel and userland) would suffice, although I'd probably >prefer the runtime libraries to be in a separate package just for >safety=2E > >I'm not distributing packages to third parties, I just want to be able >to install and upgrade my packages on my fleet of servers and jails >quickly and safely=2E This is not the entirety of the use cases the >project as a whole needs to support, but it's a major *end-user* use >case=2E (And I've said as much in various surveys=2E) > >-GAWollman An anaconda-like installer for freebsd could do that=2E Also a perfect job= for cfengine or ansible=2E Deploy and use a playbook to enforce policy=2E You don't need to break up base into packages (not arguing against packagi= ng) to gain the benefits of configuration management=2E As for updating, freebsd-update is mostly there to accomplish your require= ment without pkgbase=2E Which begs the question, if we're simply replacing= freebsd-update and it does most of what we want why the extra effort? Unle= ss we want to solve more than just this problem? Which BTW I think we do=2E I've seen pkgbase as a building block to build an anaconda-like installer = complete with scripting language=2E The ability to pick and choose packages= as many Linux distros do is one part of it=2E --=20 Pardon the typos and autocorrect, small keyboard in use=2E Cheers, Cy Schubert FreeBSD UNIX: Web: http://www=2EFreeBSD=2Eorg The need of the many outweighs the greed of the few=2E