From owner-freebsd-ports@FreeBSD.ORG Mon Jan 12 18:57:45 2015 Return-Path: Delivered-To: freebsd-ports@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 280A7A52 for ; Mon, 12 Jan 2015 18:57:45 +0000 (UTC) Received: from wonkity.com (wonkity.com [67.158.26.137]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client CN "wonkity.com", Issuer "wonkity.com" (not verified)) by mx1.freebsd.org (Postfix) with ESMTPS id A7097AFF for ; Mon, 12 Jan 2015 18:57:44 +0000 (UTC) Received: from wonkity.com (localhost [127.0.0.1]) by wonkity.com (8.14.9/8.14.9) with ESMTP id t0CIvRsJ092778 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-GCM-SHA384 bits=256 verify=NO); Mon, 12 Jan 2015 11:57:27 -0700 (MST) (envelope-from wblock@wonkity.com) Received: from localhost (wblock@localhost) by wonkity.com (8.14.9/8.14.9/Submit) with ESMTP id t0CIvQPL092775; Mon, 12 Jan 2015 11:57:26 -0700 (MST) (envelope-from wblock@wonkity.com) Date: Mon, 12 Jan 2015 11:57:26 -0700 (MST) From: Warren Block To: Chris H Subject: Re: BIND REPLACE_BASE option In-Reply-To: <9132c8812ccd3906dd487830a912d00c@ultimatedns.net> Message-ID: References: <20150111235449.A14AEF52@hub.freebsd.org> <20150112040129.GA16097@lonesome.com> <20150112122652.GA9472@lonesome.com> <54B3BE2C.6030207@sorbs.net> <20150112123241.GB9472@lonesome.com> <54B3C28C.10605@sorbs.net> <20150112130804.GD44537@home.opsec.eu> , <9132c8812ccd3906dd487830a912d00c@ultimatedns.net> User-Agent: Alpine 2.11 (BSF 23 2013-08-11) MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII; format=flowed X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-4.4.3 (wonkity.com [127.0.0.1]); Mon, 12 Jan 2015 11:57:27 -0700 (MST) Cc: Royce Williams , Deb Goodkin , ports X-BeenThere: freebsd-ports@freebsd.org X-Mailman-Version: 2.1.18-1 Precedence: list List-Id: Porting software to FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 12 Jan 2015 18:57:45 -0000 On Mon, 12 Jan 2015, Chris H wrote: > Here is where we will clash; I've been riding *BSD for over 20yrs. > It's *biggest* asset has been in it's flexibility -- it wasn't another > Linux "dist", that required me to essentially become a "clone" of > every other Linux install. The Ports system, and /src allowed one to > tailor my build/install to meet *my* needs. I wasn't required, in fact > I was *encouraged*, to have a unique system. Frankly the new pkg(8) > *requirement* was a complete 180 on this philosophy. Huh? It is the same as the old package system, required if you want to use ports or packages. The difference is that pkg is not in base, so it can be easily upgraded without doing an OS upgrade. Ports continue to work as they did with the old package system, only package operations are faster and more reliable. My main complaint with pkg is the persistent misunderstanding that binary packages are a direct replacement for ports. http://www.wonkity.com/~wblock/docs/html/pkg.html As for the original topic, BIND in base had the same upgrade problems as the old package system. The port overwriting the base was a convenient but nasty hack. Not even that convenient, because all that changes with the port is the config files are in /usr/local/etc rather than /etc. A chroot adds little security or isolation, and if you want that it should be in a jail or other type of VM anyway. https://www.freebsd.org/doc/en_US.ISO8859-1/books/handbook/jails-ezjail.html#jails-ezjail-example-bind