From owner-freebsd-current@FreeBSD.ORG Mon Aug 27 00:52:12 2012 Return-Path: Delivered-To: current@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [69.147.83.52]) by hub.freebsd.org (Postfix) with ESMTP id 933E5106566C; Mon, 27 Aug 2012 00:52:12 +0000 (UTC) (envelope-from peter@rulingia.com) Received: from vps.rulingia.com (host-122-100-2-194.octopus.com.au [122.100.2.194]) by mx1.freebsd.org (Postfix) with ESMTP id 055128FC17; Mon, 27 Aug 2012 00:52:11 +0000 (UTC) Received: from aspire.rulingia.com (12.58.233.220.static.exetel.com.au [220.233.58.12]) by vps.rulingia.com (8.14.5/8.14.5) with ESMTP id q7R0px80041322 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=OK); Mon, 27 Aug 2012 10:52:03 +1000 (EST) (envelope-from peter@rulingia.com) Received: from aspire.rulingia.com (localhost [127.0.0.1]) by aspire.rulingia.com (8.14.5/8.14.5) with ESMTP id q7R0ppC0082729 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO); Mon, 27 Aug 2012 10:51:51 +1000 (EST) (envelope-from peter@aspire.rulingia.com) Received: (from peter@localhost) by aspire.rulingia.com (8.14.5/8.14.5/Submit) id q7R0poGo082728; Mon, 27 Aug 2012 10:51:50 +1000 (EST) (envelope-from peter) Date: Mon, 27 Aug 2012 10:51:49 +1000 From: Peter Jeremy To: Doug Barton Message-ID: <20120827005149.GD27130@aspire.rulingia.com> References: <20120824081543.GB2998@ithaqua.etoilebsd.net> <50380269.6020003@FreeBSD.org> <20120825000148.GF37867@ithaqua.etoilebsd.net> <50396113.3080607@cyberleo.net> <20120826122649.GA8995@stack.nl> <20120826125846.GD37534@ithaqua.etoilebsd.net> <503A6D4B.9070606@FreeBSD.org> <20120826185810.GB42842@ithaqua.etoilebsd.net> <1346008112.1140.76.camel@revolution.hippie.lan> <503A78AD.6010402@FreeBSD.org> MIME-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha1; protocol="application/pgp-signature"; boundary="76DTJ5CE0DCVQemd" Content-Disposition: inline In-Reply-To: <503A78AD.6010402@FreeBSD.org> X-PGP-Key: http://www.rulingia.com/keys/peter.pgp User-Agent: Mutt/1.5.21 (2010-09-15) Cc: ports@freebsd.org, current@freebsd.org Subject: Re: pkgng suggestion: renaming /usr/sbin/pkg to /usr/sbin/pkg-bootstrap X-BeenThere: freebsd-current@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Discussions about the use of FreeBSD-current List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 27 Aug 2012 00:52:12 -0000 --76DTJ5CE0DCVQemd Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On 2012-Aug-26 12:27:41 -0700, Doug Barton wrote: >On 08/26/2012 12:08, Ian Lepore wrote: >> Maybe it could rename itself to /usr/local/sbin/pkg-bootstrap as part of >> replacing itself, so that you could re-bootstrap your way out of a >> problem later. > >That's certainly creative thinking, but I'm still queasy about 2 >commands with the same name that do 2 different things. And having it >rename itself adds to the confusion down the road. I also like the idea of a pkg-bootstrap command. Possibly a symlink =66rom pkg to pkg-bootstrap, that gets removed as part of the bootstrap process, would help - but it should just tell you how to run pkg-bootstrap. I don't like the idea of pkg{-bootstrap} autonomously installing something I didn't ask for. And I don't like the idea that all pkg commands get bounced through a /usr/sbin/pkg once it has been bootstrapped. >Having a simple pkg bootstrapping tool in the base is a good idea. But >the functionality needs to be extremely limited so that we don't >increase the security exposure; and so that we don't end up in a >situation where a bug fix for something in the base limits our ability >to innovate with pkg in the ports tree. Agreed. BTW, one thing that needs to be considered is how to recover =66rom the embedded public key needing to be invalidated (eg due to the private key being exposed). --=20 Peter Jeremy --76DTJ5CE0DCVQemd Content-Type: application/pgp-signature -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.19 (FreeBSD) iEYEARECAAYFAlA6xKUACgkQ/opHv/APuIe+GwCgvjqFVCjtsNd0pcR4XGZWRKWI qwIAnjIQpXEkuEl4Tekh3767ChPyTybQ =tcjQ -----END PGP SIGNATURE----- --76DTJ5CE0DCVQemd--