Skip site navigation (1)Skip section navigation (2)
Date:      Thu, 20 Apr 2017 15:01:46 +0200
From:      Michelle Sullivan <michelle@sorbs.net>
To:        Miroslav Lachman <000.fbsd@quip.cz>, Mathieu Arnold <mat@FreeBSD.org>, Julian Elischer <julian@freebsd.org>, Torfinn Ingolfsen <tingox@gmail.com>, FreeBSD Ports ML <freebsd-ports@freebsd.org>
Subject:   Re: Is pkg quarterly really needed?
Message-ID:  <d7704051-6ec8-0b2d-63bd-4be3527166c9@sorbs.net>
In-Reply-To: <58F8A7B9.6060607@quip.cz>
References:  <58F61A8D.1030309@a1poweruser.com> <CALfReyctL3vTt756oyh1ZTf%2BkgpAOHwp_SUZQCFQiZDccFNMow@mail.gmail.com> <CAOjFWZ4naPVfQFEr7Hz%2B9A0_fa5O1V0H%2Butd9eMo02eHPGxehg@mail.gmail.com> <68ad0daa-b1f5-f3a6-f056-dcf2f0047d94@freebsd.org> <CAJ_iqtYCzurer52X5JVsgvDvEeuvAFRPXyYea9=6=rLcmeACsA@mail.gmail.com> <20170420060017.GG74780@home.opsec.eu> <CAJ_iqtZT9zyh-ygCXd7mjs_Gft_bWVp8%2BppvXpJ04LOi0aCwtw@mail.gmail.com> <ce84d8d0-e1fb-f9d0-65e4-1fda17dabdc3@FreeBSD.org> <92d4387e-4515-6e11-1e7f-5cc008eab836@freebsd.org> <360ca352-8b8f-ef4e-f92b-99e72a6ba918@FreeBSD.org> <58F8A7B9.6060607@quip.cz>

next in thread | previous in thread | raw e-mail | index | archive | help
Miroslav Lachman wrote:
>
> It is not just about updates but about new installs too - if you have 
> dozens of machines for customers and you need them all in the same 
> version. Then some customer need some package not installed on his 
> machine and you cannot run "pkg install somepackage" because then you 
> will end up with upgrade of already installed packages (dependencies) 
> before new package from current quaterly branch is installed.
>
> (I do not use this scheme, but I understand the environment where 
> somebody needs frozen pkg repo for much longer time than 3 months)
Create your own snapshot... it has 2 immediate and distinct advantages:

1/ Its frozen across all your systems (which means when random updates 
on how the ports system works are applied breaking everything you're not 
affected.)
2/ You can apply patches (security patches) as you need them instead of 
having to upgrade/re-snapshot because the port manager refuses/ignores 
requests to update the previous snapshot (the one you settled on)..

Then when all that is done, you can do as I did, fork the entire lot 
into a secure, up to date and working tree/build system (for OS and 
ports) where you actually have a working and reliable production system 
rather than a moving target... then you can remove all the bloat and 
unnecessary crap from the base OS and replace it all with ports stuff so 
that the base OS doesn't need upgrading unless there is a 
libc/kernel/etc security issue...  Oh wait - that's exactly what I did 
as well... you get the idea..  don't argue for it, just do it yourself 
its a lot less of a waste of energy and you get exactly what you want/need.

Regards,

-- 
Michelle Sullivan
http://www.mhix.org/




Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?d7704051-6ec8-0b2d-63bd-4be3527166c9>