From owner-freebsd-ports@freebsd.org  Sat Feb  6 16:34:53 2021
Return-Path: <owner-freebsd-ports@freebsd.org>
Delivered-To: freebsd-ports@mailman.nyi.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1])
 by mailman.nyi.freebsd.org (Postfix) with ESMTP id 4412D52E419
 for <freebsd-ports@mailman.nyi.freebsd.org>;
 Sat,  6 Feb 2021 16:34:53 +0000 (UTC)
 (envelope-from fbsd@www.zefox.net)
Received: from www.zefox.net (www.zefox.net [50.1.20.27])
 (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256
 client-signature RSA-PSS (2048 bits) client-digest SHA256)
 (Client CN "www.zefox.com", Issuer "www.zefox.com" (not verified))
 by mx1.freebsd.org (Postfix) with ESMTPS id 4DXyYm2rzvz4p48
 for <freebsd-ports@freebsd.org>; Sat,  6 Feb 2021 16:34:52 +0000 (UTC)
 (envelope-from fbsd@www.zefox.net)
Received: from www.zefox.net (localhost [127.0.0.1])
 by www.zefox.net (8.16.1/8.15.2) with ESMTPS id 116GYoFn017756
 (version=TLSv1.3 cipher=TLS_AES_256_GCM_SHA384 bits=256 verify=NO)
 for <freebsd-ports@freebsd.org>; Sat, 6 Feb 2021 08:34:50 -0800 (PST)
 (envelope-from fbsd@www.zefox.net)
Received: (from fbsd@localhost)
 by www.zefox.net (8.16.1/8.15.2/Submit) id 116GYo2i017755
 for freebsd-ports@freebsd.org; Sat, 6 Feb 2021 08:34:50 -0800 (PST)
 (envelope-from fbsd)
Date: Sat, 6 Feb 2021 08:34:49 -0800
From: bob prohaska <fbsd@www.zefox.net>
To: freebsd-ports@freebsd.org
Subject: Re: Bind9 security upgrade
Message-ID: <20210206163449.GB13068@www.zefox.net>
References: <20210206011026.GA11620@www.zefox.net>
 <2424596.iFQSR7Lh2p@no.place.like.home>
 <20210206065658.GA13068@www.zefox.net>
 <1925345.j8ZaMiGSpO@no.place.like.home>
 <2bd9e5ee-12cc-f312-cd9-32f2d8ca2174@prime.gushi.org>
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
In-Reply-To: <2bd9e5ee-12cc-f312-cd9-32f2d8ca2174@prime.gushi.org>
X-Rspamd-Queue-Id: 4DXyYm2rzvz4p48
X-Spamd-Bar: /
Authentication-Results: mx1.freebsd.org; dkim=none; dmarc=none;
 spf=none (mx1.freebsd.org: domain of fbsd@www.zefox.net has no SPF policy when
 checking 50.1.20.27) smtp.mailfrom=fbsd@www.zefox.net
X-Spamd-Result: default: False [-0.92 / 15.00]; RCVD_TLS_ALL(0.00)[];
 ARC_NA(0.00)[]; WWW_DOT_DOMAIN(0.50)[];
 MID_RHS_MATCH_FROM(0.00)[]; FROM_HAS_DN(0.00)[];
 RBL_DBL_DONT_QUERY_IPS(0.00)[50.1.20.27:from];
 TO_MATCH_ENVRCPT_ALL(0.00)[]; NEURAL_HAM_LONG(-1.00)[-1.000];
 MIME_GOOD(-0.10)[text/plain];
 PREVIOUSLY_DELIVERED(0.00)[freebsd-ports@freebsd.org];
 TO_DN_NONE(0.00)[]; AUTH_NA(1.00)[]; RCPT_COUNT_ONE(0.00)[1];
 SPAMHAUS_ZRD(0.00)[50.1.20.27:from:127.0.2.255];
 DMARC_NA(0.00)[zefox.net]; NEURAL_HAM_SHORT(-0.82)[-0.823];
 NEURAL_HAM_MEDIUM(-1.00)[-1.000];
 R_SPF_NA(0.00)[no SPF record]; FROM_EQ_ENVFROM(0.00)[];
 R_DKIM_NA(0.00)[]; MIME_TRACE(0.00)[0:+];
 ASN(0.00)[asn:7065, ipnet:50.1.16.0/20, country:US];
 RCVD_COUNT_TWO(0.00)[2]; MAILMAN_DEST(0.00)[freebsd-ports];
 MID_RHS_WWW(0.50)[]
X-BeenThere: freebsd-ports@freebsd.org
X-Mailman-Version: 2.1.34
Precedence: list
List-Id: Porting software to FreeBSD <freebsd-ports.freebsd.org>
List-Unsubscribe: <https://lists.freebsd.org/mailman/options/freebsd-ports>,
 <mailto:freebsd-ports-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-ports/>
List-Post: <mailto:freebsd-ports@freebsd.org>
List-Help: <mailto:freebsd-ports-request@freebsd.org?subject=help>
List-Subscribe: <https://lists.freebsd.org/mailman/listinfo/freebsd-ports>,
 <mailto:freebsd-ports-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Sat, 06 Feb 2021 16:34:53 -0000

On Fri, Feb 05, 2021 at 11:44:27PM -0800, Dan Mahoney (Gushi) wrote:
> On Sat, 6 Feb 2021, Greg Rivers via freebsd-ports wrote:
> 
> > On Saturday, 6 February 2021 00:56:58 CST bob prohaska wrote:
> > > On Fri, Feb 05, 2021 at 10:00:36PM -0600, Greg Rivers via freebsd-ports wrote:
> > > > > 
> > > > I think that means >= 9.16.3. But 9.16.3 is pretty old by now, and many other bugs have since been fixed. You definitely want to track the current stable release, which is 9.16.11 at present.
> > > > 
> > > 
> > > Unfortunately make for bind9.16.11 stops with
> > > exec: /usr/local/bin/autoreconf-2.69: not found
> > > 
> > > The same error has been presented by at least one other port.
> > > There does exist a /usr/local/bin/autoreconf but it's a link
> > > to nowhere. There does exist /usr/ports/devel/autoconf, but
> > > that stops make with
> > > configure: error: Perl 5.006 or better is required
> > > 
> > > 
> > > If somebody knows a fix or workaround please post!
> > > 
> > It builds successfully in poudriere, which starts with a clean environment and builds/installs compile time dependencies as required. I'd suggest giving poudriere a try, or install from the latest FreeBSD pkg repo if the default options suit you. That works well for me anyway.
> 
I'm trying to get by using a simple "make -DBATCH" in the ports tree.
This is on a Raspberry Pi 2 and it worked perfectly and quickly last
spring when I first set the machine up. My latest experiements are on
a Pi 3, where I'm running into trouble. The machines are headless servers
with serial consoles.

> Yeah, some part of this suggests you haven't cleanly updated your full ports
> tree.

Not sure what's meant by "cleanly". It hasn't been replaced lately.

Right now it's at 
root@pelorus:/usr/ports/devel/autoconf # svnlite info /usr/ports
Path: /usr/ports
Working Copy Root Path: /usr/ports
URL: svn://svn.freebsd.org/ports/head
Relative URL: ^/head
Repository Root: svn://svn.freebsd.org/ports
Repository UUID: 35697150-7ecd-e111-bb59-0022644237b5
Revision: 564181
Node Kind: directory
Schedule: normal
Last Changed Author: fluffy
Last Changed Rev: 564180
Last Changed Date: 2021-02-05 18:13:47 -0800 (Fri, 05 Feb 2021)

> 
> How did you originally install bind916?
>

Simple make -DBATCH, nothing fancy. Worked fine last spring. 

> Is your OS current enough to handle a current ports tree?  (uname -a
> please?)
>
FreeBSD pelorus.zefox.org 13.0-ALPHA3 FreeBSD 13.0-ALPHA3 #2 stable/13-c256281-gc415d0df47f: Fri Feb  5 08:09:12 PST 2021     bob@pelorus.zefox.org:/usr/obj/usr/freebsd-src/arm64.aarch64/sys/GENERIC-MMCCAM  arm64
 
> If so, "pkg install bind916"
> 

Not following you here; did you mean "if not so"?

> or
> 
> portsnap fetch update; cd /usr/ports/dns/bind916; make
> 

I'm not familiar with portsnap, if it handles dependencies
better it might be worth a try. After getting frustrated with
make I tried portmaster and found it different than make but
not really better. AFAIK the key is the individual makefiles,
if they don't correctly track dependencies a "wrapper" script
can't help. On a Pi2 or Pi3 overhead is a real concern. 

Until very recently text-based software compiled from ports
relatively easily. I was surprised and a little horrified to
see cairo getting involved for things with no graphics at all.
 
Thanks for reading!

bob prohaska