Date: Thu, 20 Apr 2017 15:01:46 +0200 From: Michelle Sullivan <michelle@sorbs.net> To: Miroslav Lachman <000.fbsd@quip.cz>, Mathieu Arnold <mat@FreeBSD.org>, Julian Elischer <julian@freebsd.org>, Torfinn Ingolfsen <tingox@gmail.com>, FreeBSD Ports ML <freebsd-ports@freebsd.org> Subject: Re: Is pkg quarterly really needed? Message-ID: <d7704051-6ec8-0b2d-63bd-4be3527166c9@sorbs.net> In-Reply-To: <58F8A7B9.6060607@quip.cz> References: <58F61A8D.1030309@a1poweruser.com> <CALfReyctL3vTt756oyh1ZTf%2BkgpAOHwp_SUZQCFQiZDccFNMow@mail.gmail.com> <CAOjFWZ4naPVfQFEr7Hz%2B9A0_fa5O1V0H%2Butd9eMo02eHPGxehg@mail.gmail.com> <68ad0daa-b1f5-f3a6-f056-dcf2f0047d94@freebsd.org> <CAJ_iqtYCzurer52X5JVsgvDvEeuvAFRPXyYea9=6=rLcmeACsA@mail.gmail.com> <20170420060017.GG74780@home.opsec.eu> <CAJ_iqtZT9zyh-ygCXd7mjs_Gft_bWVp8%2BppvXpJ04LOi0aCwtw@mail.gmail.com> <ce84d8d0-e1fb-f9d0-65e4-1fda17dabdc3@FreeBSD.org> <92d4387e-4515-6e11-1e7f-5cc008eab836@freebsd.org> <360ca352-8b8f-ef4e-f92b-99e72a6ba918@FreeBSD.org> <58F8A7B9.6060607@quip.cz>
next in thread | previous in thread | raw e-mail | index | archive | help
Miroslav Lachman wrote: > > It is not just about updates but about new installs too - if you have > dozens of machines for customers and you need them all in the same > version. Then some customer need some package not installed on his > machine and you cannot run "pkg install somepackage" because then you > will end up with upgrade of already installed packages (dependencies) > before new package from current quaterly branch is installed. > > (I do not use this scheme, but I understand the environment where > somebody needs frozen pkg repo for much longer time than 3 months) Create your own snapshot... it has 2 immediate and distinct advantages: 1/ Its frozen across all your systems (which means when random updates on how the ports system works are applied breaking everything you're not affected.) 2/ You can apply patches (security patches) as you need them instead of having to upgrade/re-snapshot because the port manager refuses/ignores requests to update the previous snapshot (the one you settled on).. Then when all that is done, you can do as I did, fork the entire lot into a secure, up to date and working tree/build system (for OS and ports) where you actually have a working and reliable production system rather than a moving target... then you can remove all the bloat and unnecessary crap from the base OS and replace it all with ports stuff so that the base OS doesn't need upgrading unless there is a libc/kernel/etc security issue... Oh wait - that's exactly what I did as well... you get the idea.. don't argue for it, just do it yourself its a lot less of a waste of energy and you get exactly what you want/need. Regards, -- Michelle Sullivan http://www.mhix.org/
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?d7704051-6ec8-0b2d-63bd-4be3527166c9>