From owner-freebsd-stable@FreeBSD.ORG Thu Nov 3 10:15:40 2005 Return-Path: X-Original-To: freebsd-stable@freebsd.org Delivered-To: freebsd-stable@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 45B0016A41F for ; Thu, 3 Nov 2005 10:15:40 +0000 (GMT) (envelope-from ru@ip.net.ua) Received: from tigra.ip.net.ua (tigra.ip.net.ua [82.193.96.10]) by mx1.FreeBSD.org (Postfix) with ESMTP id A961343D48 for ; Thu, 3 Nov 2005 10:15:37 +0000 (GMT) (envelope-from ru@ip.net.ua) Received: from localhost (rocky.ip.net.ua [82.193.96.2]) by tigra.ip.net.ua (8.12.11/8.12.11) with ESMTP id jA3AFZEU007076; Thu, 3 Nov 2005 12:15:35 +0200 (EET) (envelope-from ru@ip.net.ua) Received: from tigra.ip.net.ua ([82.193.96.10]) by localhost (rocky.ipnet [82.193.96.2]) (amavisd-new, port 10024) with LMTP id 20145-02-4; Thu, 3 Nov 2005 12:15:32 +0200 (EET) Received: from heffalump.ip.net.ua (heffalump.ip.net.ua [82.193.96.213]) by tigra.ip.net.ua (8.12.11/8.12.11) with ESMTP id jA3AEI6x007005 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO); Thu, 3 Nov 2005 12:14:18 +0200 (EET) (envelope-from ru@ip.net.ua) Received: (from ru@localhost) by heffalump.ip.net.ua (8.13.4/8.13.4) id jA3AENP0078304; Thu, 3 Nov 2005 12:14:23 +0200 (EET) (envelope-from ru) Date: Thu, 3 Nov 2005 12:14:23 +0200 From: Ruslan Ermilov To: "Patrick M. Hausen" Message-ID: <20051103101423.GJ63539@ip.net.ua> References: <200511030938.jA39cOxP028318@hugo10.ka.punkt.de> Mime-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha1; protocol="application/pgp-signature"; boundary="huG+SbfbdD6eblZQ" Content-Disposition: inline In-Reply-To: <200511030938.jA39cOxP028318@hugo10.ka.punkt.de> User-Agent: Mutt/1.5.9i X-Virus-Scanned: by amavisd-new at ip.net.ua Cc: freebsd-stable@freebsd.org Subject: Re: COMPAT* switches in /etc/make.conf X-BeenThere: freebsd-stable@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Production branch of FreeBSD source code List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 03 Nov 2005 10:15:40 -0000 --huG+SbfbdD6eblZQ Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable Hi Patrick, On Thu, Nov 03, 2005 at 10:38:24AM +0100, Patrick M. Hausen wrote: > I have relied on the COMPAT* switches in /etc/make.conf for > years to allow binary software like some of the stuff we > distribute to work out of the box on 5.X servers. >=20 > Now, while setting up our first RELENG_6 system I found > that they are actually no ops? >=20 Yes. > OK, I searched a little bit. There are ports for the libraries > now. And there's an entry in the CVS repository: >=20 > http://www.freebsd.org/cgi/cvsweb.cgi/src/share/examples/etc/make.conf >=20 > Fri Oct 15 08:51:11 2004 UTC (12 months, 2 weeks ago) by ru > Overdue removal of COMPAT* knobs. >=20 >=20 > OK ... overdue due to what? >=20 Due to actual code being removed earlier: : revision 1.25 : date: 2004/10/02 05:48:06; author: obrien; state: dead; lines: +1 -1 : Finish the de-orbital burn of our previous FreeBSD version compat libs : living in usr/src. We need to use them from ports to record dependencies. :=20 : Discussed with: re(scottl) > There's no mention of such a serious > change in UPDATING or anywhere I could find on the system. Seems > like I've been copying around no ops for about a year ... >=20 > Whas there a HEADS UP mail on -stable that I simply missed? >=20 I don't know. > In the same line: why are the libraries delivered as uuencoded > binaries? >=20 They are not any longer (at least in a distfile for compat5x). At the time they were part of CVS, we had to uuencode them (they are binary files, and uuencode converts them to text format, and we didn't want to rely on CVS's -kb). > Don't they change anymore? What if there is a serious > security flaw in lib_something? Shouldn't the library in question > be fixed, then? >=20 They get rebuilt occasionally. For example, : revision 1.2 : date: 2005/10/25 12:34:10; author: lesi; state: Exp; lines: +8 -8 : Upgrade to 5.4-RELEASE-p8 libraries for potential SSL 2.0 rollback : vulnerability. : While here, add a note about libc.so.5 tweak for localedata. :=20 : Reminded by: delphij : Security: FreeBSD-SA-05:21.openssl > Is it not possible to compile a 4.x (3.x, ...) > library from source on a 5.x (6.x, ...) system? >=20 No, the infrastructure for this is missing, and downgrades aren't officially supported. P.S. Thanks again for the poster from the Queens Hotel doors. ;) Cheers, --=20 Ruslan Ermilov ru@FreeBSD.org FreeBSD committer --huG+SbfbdD6eblZQ Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.2 (FreeBSD) iD8DBQFDaeL+qRfpzJluFF4RArRHAJ9GUiZ3Ucytq86M2MBiyQLTy6Px+wCfae8I 11ji1BsSmf35ggaf6dN5s3Q= =MwLi -----END PGP SIGNATURE----- --huG+SbfbdD6eblZQ--