From owner-freebsd-current@freebsd.org Tue Apr 19 18:22:20 2016 Return-Path: Delivered-To: freebsd-current@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id B7178B15D44; Tue, 19 Apr 2016 18:22:20 +0000 (UTC) (envelope-from nwhitehorn@freebsd.org) Received: from d.mail.sonic.net (d.mail.sonic.net [64.142.111.50]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 8363F18E5; Tue, 19 Apr 2016 18:22:20 +0000 (UTC) (envelope-from nwhitehorn@freebsd.org) Received: from zeppelin.tachypleus.net (75-101-50-44.static.sonic.net [75.101.50.44]) (authenticated bits=0) by d.mail.sonic.net (8.15.1/8.15.1) with ESMTPSA id u3JIMI8I028398 (version=TLSv1.2 cipher=DHE-RSA-AES128-SHA bits=128 verify=NOT); Tue, 19 Apr 2016 11:22:18 -0700 Subject: Re: [CFT] packaging the base system with pkg(8) To: Roger Marquis , Lev Serebryakov References: <20160302235429.GD75641@FreeBSD.org> <57152CE5.5050500@FreeBSD.org> <9D4B9C8B-41D7-42BC-B436-D23EFFF60261@ixsystems.com> <20160418191425.GW1554@FreeBSD.org> <571533B8.6090109@freebsd.org> <20160418194010.GX1554@FreeBSD.org> <57153E80.4080800@FreeBSD.org> <571551AB.4070203@freebsd.org> <5715772A.3070306@freebsd.org> <571588BB.2070803@orthanc.ca> <201604190201.u3J216NQ054020@orthanc.ca> <5715968B.303@orthanc.ca> <5715A338.5060009@freebsd.org> <57165C91.7070005@freebsd.org> <57166870.5060104@FreeBSD.org> <201604191755.u3JHtbfS020358@l.mx.sonic.net> Cc: Alfred Perlstein , Lyndon Nerenberg , freebsd-pkgbase@FreeBSD.org, freebsd-current@FreeBSD.org From: Nathan Whitehorn Message-ID: <5716775A.2000401@freebsd.org> Date: Tue, 19 Apr 2016 11:22:18 -0700 User-Agent: Mozilla/5.0 (X11; FreeBSD amd64; rv:38.0) Gecko/20100101 Thunderbird/38.7.0 MIME-Version: 1.0 In-Reply-To: <201604191755.u3JHtbfS020358@l.mx.sonic.net> Content-Type: text/plain; charset=windows-1252; format=flowed Content-Transfer-Encoding: 7bit X-Sonic-CAuth: UmFuZG9tSVYb77rFijGcMFXLAI+hHr6N7qHqYcFivMuSyN4WCgkVzgrujANTWZaFhJgSJKcDhWso/dXR6LcW1HjVSHR5KJeRfEtYL8OuYak= X-Sonic-ID: C;UAwxplsG5hGLLreqjlfmnQ== M;hlFvplsG5hGLLreqjlfmnQ== X-Spam-Flag: No X-Sonic-Spam-Details: 0.0/5.0 by cerberusd X-BeenThere: freebsd-current@freebsd.org X-Mailman-Version: 2.1.21 Precedence: list List-Id: Discussions about the use of FreeBSD-current List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 19 Apr 2016 18:22:20 -0000 On 04/19/16 10:55, Roger Marquis wrote: >> Please, consider ops and admins, who must support old installations, >> often made by other, not-reachable, people, and stuff like this, > > Ops and admins such as myself are exactly the ones who will benefit most > from base packages. Being able run to: 1) 'pkg audit' and see that base > ssl has a vulnerability, 2) 'pkg install -f' to update 3) only those > specific parts of base that need to be updated is far simpler (KIS) and > faster than what we go through now. More than a few formerly bsd shops > have migrated to linux simply to avoid regular iterations of cd > /usr/src; svn up; make cleanworld; make buildworld installworld ... > > The use cases for granular base packages are more numerous than even > these obvious ones. The downside OTOH, seems to consist of not much > more than the size of the package list. If I missed other issues please > do clarify. Will base packages be improved, sure, but they're already > more useful and bugfree than pkgng when it was mandated. > > In any case, if I'm not mistaken base packages are entirely optional. > > Roger Marquis > Thanks, Roger. That seems perfectly reasonable. I'm not sure that goal is really met by having 800 packages, though, or at least I see no particular gain relative to a handful (where things like OpenSSL or sendmail would be discrete things). (Almost) every single individual library in the base system is right now its own single-file package, which is what I am objecting to. The upside of that seems pretty dubious and the downside is that it is much easier to accidentally put the system into an inconsistent state. Is there a reason you want to have such very fine discretization? -Nathan