Date: Wed, 30 Jul 2025 20:30:20 +0200 From: vermaden <vermaden@interia.pl> To: Shawn Webb <shawn.webb@hardenedbsd.org> Cc: "freebsd-pkgbase@freebsd.org" <freebsd-pkgbase@freebsd.org>, "freebsd-stable@freebsd.org" <freebsd-stable@freebsd.org>, "freebsd-pkg@freebsd.org" <freebsd-pkg@freebsd.org>, "freebsd-current@freebsd.org" <freebsd-current@freebsd.org>, pete@nomadlogic.org, bapt@freebsd.org, bane@pmf.uns.ac.rs, shawn.webb@hardenedbsd.org Subject: Re: PKGBASE Removes FreeBSD Base System Feature Message-ID: <fozdqxvxzylwxyvzfrmt@fobq> In-Reply-To: <na7zou5skn2rcvyoigjgnnlzaomqsx23aj7dq3epq5ds65cu4y@ukgxp5zsj7j7> References: <gblzvammhkzqxmwduyap@vpbk> <na7zou5skn2rcvyoigjgnnlzaomqsx23aj7dq3epq5ds65cu4y@ukgxp5zsj7j7>
index | next in thread | previous in thread | raw e-mail
Hi. I have only two proposals that seem sensible. (1) Keep pkg(8) for third party packages with /etc/pkg and /usr/local/etc/pkg and /var/db/pkg dirs for configuration. Use separate pkgbase(8) with /etc/pkgbase and /usr/local/etc/pkgbase and /var/db/pkgbase dirs for managing PKGBASE packages. By pkgbase(8) I have the same pkg(8) project in mind - just renamed as pkgbase(8) and with */pkgbase dirs instead of */pkg. (2) My other idea is to 'mark' all FreeBSD Base System packages as 'vital' - so they are never removed automatically - but if someone wants to remove them with additional force option - then I assume he knows what he is doing. I would prefer (1) over (2) if you ask me. As for additional groups like base-minimal or base-standard - I do not have anything against such additional features or layers - its not related to the main topic IMHO - that with 'classic' FreeBSD the *pkg delete -af* removes only third party packages and with PKGBASE FreeBSD it removes almost all system rendering it unbootable/unusable. Hope that helps. Regards, vermaden Temat: Re: PKGBASE Removes FreeBSD Base System Feature Data: 2025-07-30 4:18 Nadawca: "Shawn Webb" <shawn.webb@hardenedbsd.org> Adresat: "vermaden" <vermaden@interia.pl>; DW: freebsd-pkgbase@freebsd.org; freebsd-stable@freebsd.org; freebsd-pkg@freebsd.org; freebsd-current@freebsd.org; > >> On Wed, Jul 30, 2025 at 02:28:35AM +0200, vermaden wrote: >> Hi, >> >> after short discussion here: >> - https://github.com/freebsd/pkg/issues/2485 >> >> I got REALLY concerned. >> >> One of THE features and selling points of a FreeBSD UNIX system is the 'untouchable' Base System. >> >> Without PKGBASE all the features are preserved. >> >> But when You convert to PKGBASE its ... GONE! >> >> Consider this command: >> >> # pkg delete -af >> >> What it does? >> >> It removes all third party packages on 'classic' FreeBSD system without touching the FreeBSD Base System. >> >> What the same "pkg delete -af" command does on a PKGBASE FreeBSD system? >> >> It kills/destroys almost all of the FreeBSD Base System and leaves only two PKGBASE packages called: >> >> - FreeBSD-clibs >> - FreeBSD-runtime >> >> All the rest of Base System is GONE. Destroyed. > > Hey vermaden, > > As mentioned in the GitHub ticket, it appears there might be some room > for discussion on which base packages ought to be marked vital and if > the current list (of two) should be expanded. > > I suspect there could also be room for discussion on technical > measures pkg could adopt to help mitigate issues like this. > > I myself don't have much in the way of suggestions on either topic of > discussion. I'm simply hoping this email moves the needle forward in a > positive direction. > > Thanks, > > -- > Shawn Webb > Cofounder / Security Engineer > HardenedBSD > > Signal Username: shawn_webb.74 > Tor-ified Signal: +1 303-901-1600 / shawn_webb_opsec.50 > https://git.hardenedbsd.org/hardenedbsd/pubkeys/-/raw/master/Shawn_Webb/03A4CBEBB82EA5A67D9F3853FF2E67A277F8E1FA.pub.asc > >help
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?fozdqxvxzylwxyvzfrmt>