From owner-freebsd-questions@FreeBSD.ORG Tue Jan 31 10:42:21 2012 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 72110106564A for ; Tue, 31 Jan 2012 10:42:21 +0000 (UTC) (envelope-from m.seaman@infracaninophile.co.uk) Received: from smtp.infracaninophile.co.uk (smtp6.infracaninophile.co.uk [IPv6:2001:8b0:151:1:3cd3:cd67:fafa:3d78]) by mx1.freebsd.org (Postfix) with ESMTP id C7C598FC13 for ; Tue, 31 Jan 2012 10:42:20 +0000 (UTC) Received: from seedling.black-earth.co.uk (seedling.black-earth.co.uk [IPv6:2001:8b0:151:1:fa1e:dfff:feda:c0bb]) (authenticated bits=0) by smtp.infracaninophile.co.uk (8.14.5/8.14.5) with ESMTP id q0VAgHiv018344 (version=TLSv1/SSLv3 cipher=DHE-RSA-CAMELLIA256-SHA bits=256 verify=NO) for ; Tue, 31 Jan 2012 10:42:17 GMT (envelope-from m.seaman@infracaninophile.co.uk) X-DKIM: OpenDKIM Filter v2.4.3 smtp.infracaninophile.co.uk q0VAgHiv018344 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=infracaninophile.co.uk; s=201001-infracaninophile; t=1328006537; bh=HMVc0tRlYJUIZQRmMyzj/cOY4fDugn0KDRDMUM1a/Eo=; h=Message-ID:Date:From:MIME-Version:To:Subject:References: In-Reply-To:Content-Type:Cc; b=khKzKcf2Od0bM7EXoeyUPYSNg+d9rmEZ0etgn403RlgjvIAhgKPg+U3GWZNBhVQF2 2gLoke6wXMvjbmnFEyi+Rk0o6Y4ABR0WnKmV1hwt6+34SD2qgNjmZb8dwC7Woq0OOp 7uO/5QFSrSWZZ0+M+K93/fMo2hs7CQBhPdF75LY4= Message-ID: <4F27C581.9000309@infracaninophile.co.uk> Date: Tue, 31 Jan 2012 10:42:09 +0000 From: Matthew Seaman User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.6; rv:9.0) Gecko/20111222 Thunderbird/9.0.1 MIME-Version: 1.0 To: freebsd-questions@freebsd.org References: <20120130234545.3db77a79@gumby.homeunix.com> <4EFDA3B50062AA15@> (added by postmaster@resmaa12.ono.com) In-Reply-To: <4EFDA3B50062AA15@> (added by postmaster@resmaa12.ono.com) X-Enigmail-Version: 1.3.4 OpenPGP: id=60AE908C Content-Type: multipart/signed; micalg=pgp-sha1; protocol="application/pgp-signature"; boundary="------------enig19954AF1CC72E52C35FBCC57" X-Virus-Scanned: clamav-milter 0.97.3 at lucid-nonsense.infracaninophile.co.uk X-Virus-Status: Clean X-Spam-Status: No, score=-2.7 required=5.0 tests=ALL_TRUSTED,AWL,BAYES_00, DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU autolearn=ham version=3.3.2 X-Spam-Checker-Version: SpamAssassin 3.3.2 (2011-06-06) on lucid-nonsense.infracaninophile.co.uk Subject: Re: Unable to upgrade packages on FreeBSD X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 31 Jan 2012 10:42:21 -0000 This is an OpenPGP/MIME signed message (RFC 2440 and 3156) --------------enig19954AF1CC72E52C35FBCC57 Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: quoted-printable On 31/01/2012 09:56, Eduardo Morras wrote: > Making a resume/summary of the thread; more hardware, time and people > are needed to maintain a package system up-to-date. I have a free serve= r > (amd64 freebsd8.2p6), if i built all packages with their standard > options, that's without make config, Can i upload them to the official > package ftp? Should i make my own un-official ftp package server to > allow others download them? >=20 > Perhaps it's not clear, this answer has ironic mode off, joking mode of= f > and i want to collaborate making the standard packages. While your offer is made with the best of intentions, I doubt the project would feel able take you up on it. The problem is simply one of security -- while crowd-sourcing package compilation would be a pretty sweet technical solution to much of the scaling and resource cost problems, it offers far too much opportunity for people up-to-no-good to be able to introduce trojans, spyware and so forth. Setting up your own package build system and ftp site -- well, there's nothing preventing you from doing that, but again, it's a trust thing. Unless people can believe in the provenance of the packages you provide, it's not going to be sensible for them to download from you. So it's only people that know you personally, friends, relations, workmates and people that know and trust people willing to trust you; they would be the initial audience for your new package building and distribution thing. Even if you had an enormous social circle all of whom happened to be avid FreeBSD users, I doubt that would actually provide enough demand to make the whole venture worthwhile. The best ways to contribute are (a) to make a donation via the FreeBSD Foundation and (b) take up maintainership on some ports. As ever in any project of this type, most of the work goes through smoothly and it's that minority of problem ports that eat up so much of the time. Maintained ports have fewer problems. Some of the more paranoid amongst you may be asking yourselves if, in the light of what I say above, you really can trust packages from anywhere other than the official ftp.freebsd.org server. Locations like (for example) ftp.uk.freebsd.org (which, although blessed as an official mirror site, is run by a completely different set of people.) The answer is somewhere on the 'probably -- maybe' continuum. Can you actually trust the people running the mirror site? (In the case of ftp.uk.freebsd.org, as of a day or so ago that's the UK mirror service run by the University of Kent who are clearly of unimpeachable reputation.) Implementing digital signatures on packages would go a long way to removing that uncertainty. Cheers, Matthew --=20 Dr Matthew J Seaman MA, D.Phil. 7 Priory Courtyard Flat 3 PGP: http://www.infracaninophile.co.uk/pgpkey Ramsgate JID: matthew@infracaninophile.co.uk Kent, CT11 9PW --------------enig19954AF1CC72E52C35FBCC57 Content-Type: application/pgp-signature; name="signature.asc" Content-Description: OpenPGP digital signature Content-Disposition: attachment; filename="signature.asc" -----BEGIN PGP SIGNATURE----- Version: GnuPG/MacGPG2 v2.0.16 (Darwin) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iEYEARECAAYFAk8nxYkACgkQ8Mjk52CukIw6FwCeJecQb9kUmQogpL9sl6xoiuyu c7QAoI05MRQunYZg9B/W8VpmHt5qm5vz =Fd48 -----END PGP SIGNATURE----- --------------enig19954AF1CC72E52C35FBCC57--