Date: Tue, 21 Jan 2025 17:48:11 -0500 From: Brandon Allbery <allbery.b@gmail.com> To: Tomoaki AOKI <junchoon@dec.sakura.ne.jp> Cc: Tomek CEDRO <tomek@cedro.info>, Warner Losh <imp@bsdimp.com>, bob prohaska <fbsd@www.zefox.net>, Sulev-Madis Silber <freebsd-current-freebsd-org111@ketas.si.pri.ee>, freebsd-current@freebsd.org Subject: Re: /usr/src and /usr/ports not git directories ? Message-ID: <CAKFCL4XvGKFufJ4_0pPWj2OSuNPfKd7tpb-4LxSRfuMUnXoSeg@mail.gmail.com> In-Reply-To: <20250122074309.9062de69d8403c68a11cd79a@dec.sakura.ne.jp> References: <Z4vk3009iSwuzG4K@www.zefox.net> <Z4__B0EQM-ce0qPE@cell.glebi.us> <C509F94C-2AC2-414F-90C0-355C69869D72@ketas.si.pri.ee> <Z5AQ1GcwX_MZw69G@www.zefox.net> <CANCZdfoHUsZusqMg_gWN5mB9P3xByGv_GfELi9Dd63CHto1igw@mail.gmail.com> <CAFYkXjk7PPHNiTJftGo980DABOO0t-rK9t%2BoPnLY-5n%2B1qjEAg@mail.gmail.com> <CAKFCL4XCijAsNJJw%2Bx_K%2B0M5VAebXLLWKoT%2BECT6J4wwVFNfCQ@mail.gmail.com> <20250122074309.9062de69d8403c68a11cd79a@dec.sakura.ne.jp>
next in thread | previous in thread | raw e-mail | index | archive | help
--000000000000a44e7e062c3f2c3a Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable Yes, the pkg was 1.9.16p2, the build from ports.tgz was 1.9.16p1. (The one from ports HEAD as of a few days ago was 1.9.16p2_1, FWIW.) I'm still getting used to the little changes since the last time I ran FreeBSD (back around 5-CURRENT). On Tue, Jan 21, 2025 at 5:43=E2=80=AFPM Tomoaki AOKI <junchoon@dec.sakura.n= e.jp> wrote: > On Tue, 21 Jan 2025 17:11:02 -0500 > Brandon Allbery <allbery.b@gmail.com> wrote: > > > I would offer a data point: the first thing I did was install sudo from= a > > package. The second thing I did was replace it with a build from the > ports > > package installed with 14.2-RELEASE=E2=80=A6 which _downgraded_ it. Thi= s seems > bad > > for any security-impacting port. > > Do you mean that you install sudo from official "latest" repo, then, > `make package` in security/sudo with ports tree provided as ports.txz > in installation media? > > If so, it could be latest/quarterly issue. > > > > > > On Tue, Jan 21, 2025 at 4:37=E2=80=AFPM Tomek CEDRO <tomek@cedro.info> = wrote: > > > > > On Tue, Jan 21, 2025 at 10:29=E2=80=AFPM Warner Losh wrote: > > > > (..) > > > > I think we should replace the populate /usr/src from a tarball > with.... > > > populate it > > > > with a tarball that represents a 1-deep checkout tree at the rev we > > > built the release > > > > from. This lets users have the source, has minimal overhead and als= o > > > lets users update > > > > or turn the shallow checkout into a deep one, etc. A shallow > checkout is > > > quite a bit > > > > less than a full tree, though still more than just the raw files. > I've > > > not done poking to > > > > see size comparisons. > > > > > > Still having tarball of src and ports snapshots in the full release > > > images is important to have, users could select which one they want t= o > > > use, that seems best solution :-) > > > > > > -- > > > CeDeROM, SQ7MHZ, http://www.tomek.cedro.info > > > > > > > > > > -- > > brandon s allbery kf8nh > > allbery.b@gmail.com > > > -- > Tomoaki AOKI <junchoon@dec.sakura.ne.jp> > --=20 brandon s allbery kf8nh allbery.b@gmail.com --000000000000a44e7e062c3f2c3a Content-Type: text/html; charset="UTF-8" Content-Transfer-Encoding: quoted-printable <div dir=3D"ltr">Yes, the pkg was 1.9.16p2, the build from ports.tgz was 1.= 9.16p1. (The one from ports HEAD as of a few days ago was 1.9.16p2_1, FWIW.= ) I'm still getting used to the little changes since the last time I ra= n FreeBSD (back around 5-CURRENT).</div><br><div class=3D"gmail_quote gmail= _quote_container"><div dir=3D"ltr" class=3D"gmail_attr">On Tue, Jan 21, 202= 5 at 5:43=E2=80=AFPM Tomoaki AOKI <<a href=3D"mailto:junchoon@dec.sakura= .ne.jp">junchoon@dec.sakura.ne.jp</a>> wrote:<br></div><blockquote class= =3D"gmail_quote" style=3D"margin:0px 0px 0px 0.8ex;border-left:1px solid rg= b(204,204,204);padding-left:1ex">On Tue, 21 Jan 2025 17:11:02 -0500<br> Brandon Allbery <<a href=3D"mailto:allbery.b@gmail.com" target=3D"_blank= ">allbery.b@gmail.com</a>> wrote:<br> <br> > I would offer a data point: the first thing I did was install sudo fro= m a<br> > package. The second thing I did was replace it with a build from the p= orts<br> > package installed with 14.2-RELEASE=E2=80=A6 which _downgraded_ it. Th= is seems bad<br> > for any security-impacting port.<br> <br> Do you mean that you install sudo from official "latest" repo, th= en,<br> `make package` in security/sudo with ports tree provided as ports.txz<br> in installation media?<br> <br> If so, it could be latest/quarterly issue.<br> <br> <br> > <br> > On Tue, Jan 21, 2025 at 4:37=E2=80=AFPM Tomek CEDRO <<a href=3D"mai= lto:tomek@cedro.info" target=3D"_blank">tomek@cedro.info</a>> wrote:<br> > <br> > > On Tue, Jan 21, 2025 at 10:29=E2=80=AFPM Warner Losh wrote:<br> > > > (..)<br> > > > I think we should replace the populate /usr/src from a tarba= ll with....<br> > > populate it<br> > > > with a tarball that represents a 1-deep checkout tree at the= rev we<br> > > built the release<br> > > > from. This lets users have the source, has minimal overhead = and also<br> > > lets users update<br> > > > or turn the shallow checkout into a deep one, etc. A shallow= checkout is<br> > > quite a bit<br> > > > less than a full tree, though still more than just the raw f= iles. I've<br> > > not done poking to<br> > > > see size comparisons.<br> > ><br> > > Still having tarball of src and ports snapshots in the full relea= se<br> > > images is important to have, users could select which one they wa= nt to<br> > > use, that seems best solution :-)<br> > ><br> > > --<br> > > CeDeROM, SQ7MHZ, <a href=3D"http://www.tomek.cedro.info" rel=3D"n= oreferrer" target=3D"_blank">http://www.tomek.cedro.info</a><br>; > ><br> > ><br> > <br> > -- <br> > brandon s allbery kf8nh<br> > <a href=3D"mailto:allbery.b@gmail.com" target=3D"_blank">allbery.b@gma= il.com</a><br> <br> <br> -- <br> Tomoaki AOKI=C2=A0 =C2=A0 <<a href=3D"mailto:junchoon@dec.sakura.ne.jp" = target=3D"_blank">junchoon@dec.sakura.ne.jp</a>><br> </blockquote></div><div><br clear=3D"all"></div><div><br></div><span class= =3D"gmail_signature_prefix">-- </span><br><div dir=3D"ltr" class=3D"gmail_s= ignature"><div dir=3D"ltr"><div><div dir=3D"ltr"><div>brandon s allbery kf8= nh</div><div><a href=3D"mailto:allbery.b@gmail.com" target=3D"_blank">allbe= ry.b@gmail.com</a></div></div></div></div></div> --000000000000a44e7e062c3f2c3a--
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?CAKFCL4XvGKFufJ4_0pPWj2OSuNPfKd7tpb-4LxSRfuMUnXoSeg>