From owner-freebsd-ports@FreeBSD.ORG Mon Apr 8 17:23:54 2013 Return-Path: Delivered-To: freebsd-ports@freebsd.org Received: from mx1.freebsd.org (mx1.FreeBSD.org [8.8.178.115]) by hub.freebsd.org (Postfix) with ESMTP id B6586770 for ; Mon, 8 Apr 2013 17:23:54 +0000 (UTC) (envelope-from florent@peterschmitt.fr) Received: from peterschmitt.fr (peterschmitt.fr [5.135.177.31]) by mx1.freebsd.org (Postfix) with ESMTP id 5E9C5C12 for ; Mon, 8 Apr 2013 17:23:53 +0000 (UTC) Received: from [192.168.0.23] (4ab54-4-88-163-248-31.fbx.proxad.net [88.163.248.31]) by peterschmitt.fr (Postfix) with ESMTPSA id 5A84E4AB4A1; Mon, 8 Apr 2013 19:23:47 +0200 (CEST) Message-ID: <1365441764.4112.1.camel@localhost> Subject: Re: Growing list of required(ish) ports From: Florent Peterschmitt To: Daniel Nebdal Date: Mon, 08 Apr 2013 19:22:44 +0200 In-Reply-To: References: <51622F44.3050604@FreeBSD.org> Content-Type: multipart/signed; micalg="pgp-sha1"; protocol="application/pgp-signature"; boundary="=-9eUIF36T6vEyqOp8ipFn" X-Mailer: Evolution 3.6.4 Mime-Version: 1.0 Cc: FreeBSD Mailing List X-BeenThere: freebsd-ports@freebsd.org X-Mailman-Version: 2.1.14 Precedence: list List-Id: Porting software to FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 08 Apr 2013 17:23:54 -0000 --=-9eUIF36T6vEyqOp8ipFn Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable Le lundi 08 avril 2013 =C3=A0 17:40 +0200, Daniel Nebdal a =C3=A9crit : > On Mon, Apr 8, 2013 at 5:26 PM, Freddie Cash wrote: > > Note: I may have messed up the quoting/attribution by snipping things. > > > > On Sun, Apr 7, 2013 at 10:11 PM, Kevin Oberman wr= ote: > > > >> On Sun, Apr 7, 2013 at 8:34 PM, Kimmo Paasiala wr= ote: > >> > >> > > On the other hand, there are a number of things that I think shoul= d be > >> > > pulled out of base. Some already have ports, and others would nee= d > >> > > ports created. Examples of things to pull out of base are OpenSSL= , > >> > > Heimdal, OpenSSH, PF, ntpd, ipfilter, bind, sendmail, and others. > >> > > Code that is typically way behind the upstream project basically. > >> > > > >> > > >> > I think Bryan already explained the reasons why pkg should not be in > >> > base, it's an external tool that is not strictly required to get a b= are > >> > bones FreeBSD system up and running. Including it in base you create > >> > yet another maintainance burden and would slow down the development = of > >> > the ports/packages management tools. > >> > >> What people seem to miss is that putting tools into the base system > >> strangles the tools. Look at the difficulty we have seen in updating > >> openssl. perl was removed from base for exactly that reason. Once some= thing > >> is in base, it usually can only be updated on major releases and even= then > >> it can be very complicated. That is a problem for any dynamically chan= ging > >> tool. > >> > >> I would love to see BIND removed from base, but most of the things yo= u > >> listed really are hard to remove. I know that I don't want to try brin= ging > >> up a new install of FreeBSD on a remote system without OpenSSH and tha= t > >> pulls in openssl. In the case of many tools, it really turns into a > >> bikeshed. But i can see no reason to add any of the new packaging tool= s > >> simply because it is critical that updates be possible far more often= than > >> is possible for the base system. > >> > >> Moving OpenSSH, OpenSSL, etc into the ports tree, but making the pkgs > > available on the installation media, and having a final hook at the end= to > > install "required" pkgs, would solve that. There's already a "do you w= ant > > to enable OpenSSH daemon" question in the installed, so adding "pkg add > > /path/to/openssh-x.y.z.txz" wouldn't be hard. > > > > Same for bind, sendmail, kerberos, etc. For instance, just add a "daem= on > > selection screen" for each bit removed from base, to select which ones = you > > want installed as part of the OS install. > > > > The hard part comes in finding stub/clients for each item moved to a pk= g, > > such that a desktop-oriented install is not hampered (ie, SSH client is > > usable, DNS lookups can be done, local mail can be generated/delivered, > > etc). > > > > The really hard part is coming up with a migration path for those who > > upgrade via source builds. > > -- > > Freddie Cash > > fjwcash@gmail.com >=20 >=20 > There's also the issue that OpenSSH is used for remote administration > - being able to do destructive things with pkg without worrying about > continued SSH-access is rather relaxing. With danger of entering > bikeshed territory, it's one of the things that makes FreeBSD more > relaxing than the Linuxes: You can blast every installed package and > still be fine - and a working sshd is a part of "fine" for me, since > it's kind of a requirement for doing anything else. >=20 > Admittedly, my personal worst-case scenario is "drag a monitor and > keyboard to the other side of the room", so I will probably survive > either way. :) >=20 > -- > Daniel Nebdal Yep, OpenSSH is tiny enought to keep it in base system. It would be a big loss not to have it by default, securely installed in the base system. > _______________________________________________ > freebsd-ports@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-ports > To unsubscribe, send any mail to "freebsd-ports-unsubscribe@freebsd.org" --=20 Florent Peterschmitt +33 (0)6 64 33 97 92 florent@peterschmitt.fr --=-9eUIF36T6vEyqOp8ipFn Content-Type: application/pgp-signature; name="signature.asc" Content-Description: This is a digitally signed message part Content-Transfer-Encoding: 7bit -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.19 (GNU/Linux) iQEcBAABAgAGBQJRYvzpAAoJEMtO2Sol0IImvzwH/Amrou3KAQjLbfa1Y7Hm/Nyp mTr35UmhTvZWZxCvXYndT85gzr3iENEWT91Qqc0I4jud+6r9TYm0ztl6C1acHU1R JHWxmsvaha7QGJmQRgpphLVYCyDGCaLkWLipSiVqHWWa/z6jwTES+/pQUFHAYYq2 7G+N0MNhaI0gKtxycqZvqffvDumanW6rkZ2EkRg1MUvlw48QonvEf3awmwH1uxbn rCgRPg4RiSYBulu2rH6brtIMNoOghk68qZPNosAbPE7OwtyV3mUETQbrgEc7K8C5 7XF3QIo4ulOhXzBrr64JLE8PEPRAG1GezW2fS9KiKAGALTaQRGEtqLlm9ZtskdY= =kxW0 -----END PGP SIGNATURE----- --=-9eUIF36T6vEyqOp8ipFn--