From owner-freebsd-questions@FreeBSD.ORG Sun Jun 15 10:07:33 2014 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 7138535B for ; Sun, 15 Jun 2014 10:07:33 +0000 (UTC) Received: from smtp-vbr12.xs4all.nl (smtp-vbr12.xs4all.nl [194.109.24.32]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 1ED7225C3 for ; Sun, 15 Jun 2014 10:07:32 +0000 (UTC) Received: from slackbox.erewhon.home (slackbox.xs4all.nl [83.162.243.5]) by smtp-vbr12.xs4all.nl (8.13.8/8.13.8) with ESMTP id s5FA6am5007694; Sun, 15 Jun 2014 12:06:41 +0200 (CEST) (envelope-from rsmith@xs4all.nl) Received: by slackbox.erewhon.home (Postfix, from userid 1001) id 3C3DD12394; Sun, 15 Jun 2014 12:06:36 +0200 (CEST) Date: Sun, 15 Jun 2014 12:06:36 +0200 From: Roland Smith To: Polytropon , Chris Maness Subject: Re: Port Changes FAQ Message-ID: <20140615100636.GB23568@slackbox.erewhon.home> Mail-Followup-To: Polytropon , Chris Maness , "freebsd-questions@freebsd.org" References: <20140615022626.7111be2c.freebsd@edvax.de> MIME-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha1; protocol="application/pgp-signature"; boundary="H+4ONPRPur6+Ovig" Content-Disposition: inline In-Reply-To: <20140615022626.7111be2c.freebsd@edvax.de> X-GPG-Fingerprint: 1A2B 477F 9970 BA3C 2914 B7CE 1277 EFB0 C321 A725 X-GPG-Key: http://www.xs4all.nl/~rsmith/pubkey.txt X-GPG-Notice: If this message is not signed, don't assume I sent it! User-Agent: Mutt/1.5.23 (2014-03-12) X-Virus-Scanned: by XS4ALL Virus Scanner Cc: "freebsd-questions@freebsd.org" X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 15 Jun 2014 10:07:33 -0000 --H+4ONPRPur6+Ovig Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On Sun, Jun 15, 2014 at 02:26:26AM +0200, Polytropon wrote: > On Sat, 14 Jun 2014 16:53:06 -0700, Chris Maness wrote: > > I used to use ports, portsnap, portaudit, portupgrade, etc... >=20 > No big changes here so far. The system's package database has > been moved from pkg_* tools to the pkg (pkgng) system, but > portupgrade or portmaster can deal with that fine. The data > is now kept in a different database (sqlite). The pkg command > also has an audit functionality now. >=20 > https://wiki.freebsd.org/pkgng >=20 > http://www.freebsd.org/cgi/man.cgi?query=3Dpkg&sektion=3D7 >=20 > http://www.freebsd.org/cgi/man.cgi?query=3Dpkg-audit&format=3Dhtml >=20 > Additionally, CVS has been deprecated, so you use SVN to get > the updates for your local ports tree (or simply use portsnap). It seems that portsnap and freebsd-update have certain vulnerabilities that make it vulnerable to e.g. MITM attacks; http://lists.freebsd.org/pipermail/freebsd-questions/2014-April/257394.html Some PRs have been filed about it as well, e.g; https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=3D188433 https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=3D188428 https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=3D188430 https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=3D188432 So unless somebody finds the time to address these, it is not inconceivable that portsnap will be retired after 8.x and 9.x reach EOL. Updating ports with svnlite is easy. Initially do a check-out; # rm -rf /usr/ports # mkdir /usr/ports # svnlite checkout https://svn0.eu.FreeBSD.org/ports/head /usr/ports (I'm using the European mirror as an example. Choose a relatively close mir= ror.) After that you can update the ports tree with; # svnlite update /usr/ports |& less > > I > > used to build everything from ports, #make install clean sorts of > > commands. Is this going away? >=20 > It sill works as expected and is still supported. For few > software, it's the only way of installation because no binary > package exists (maybe you need specific compile-time options > which are not the default options). >=20 > So far, those are the "big changes" regarding software > installation: >=20 > 1. pkg (instead of pkg_* toolset) >=20 > 2. clang (instead of gcc) >=20 > 3. Subversion (instead of CVS) There is another change coming; the support for installing Python packages = for multiple Python versions. Roland --=20 R.F.Smith http://rsmith.home.xs4all.nl/ [plain text _non-HTML_ PGP/GnuPG encrypted/signed email much appreciated] pgp: 5753 3324 1661 B0FE 8D93 FCED 40F6 D5DC A38A 33E0 (keyID: A38A33E0) --H+4ONPRPur6+Ovig Content-Type: application/pgp-signature -----BEGIN PGP SIGNATURE----- Version: GnuPG v2 iQIcBAEBAgAGBQJTnXAsAAoJEED21dyjijPgZykP/jk7e4PPRMUT453QzQfTwH+2 rG0bkpPhcsFfKKTs1oTQ2y94AS+o7W/5qAECXOheo29o4J96/5LhqwvqKhd31Ph4 OpzjI6Cztdd0MJ5MdGApGKQduaFetaq5UTce5N4Wq8VWqAKX0DHupqRonw1ACFfF vdgE03cvnGp15Wrpixuv/ayGGmecfdT5og29tgOzCi0otFfhMDSKBigyKDfs8VeL ByhrnU6ngMwi6Wh+/lR0nZsE4a+HZnCsoZAXmF04/aLdvxaiOFQeY9Ts1y6RTUML B98oR2iOJRhZXvdRnVTtmD+tlDoU4U7WG8ZRUdE7e3yRKU6n5dIaYc8iNr5lodGn QLWZEO8JxD2w8ZRAkZxTpLYa7QyKJMJUrQwJq2G4SuZwcb1dXHLpxUvfsIF7KlJ9 qK5KHR6PRSuMOhw2agZCy2hLWVRHP1NPGmv7tOyKYnlJAJKxmVHIzn3DVaQsbCVz 6TQx+gRUNI4NLc0AOhrrKQrZ1E9UKoMQdl9Kgjl+W9+j4tB3G5nvd0DTYkQjySgC ea16nBlQ2lq74VzgQxZ5A6ZXDuYo4qLfmJP06yFKSWj4s/bYOlE3seRf3pA8VQ6o ZPTfWBcVcWgzkZ478tlTnS9QNa/SbxE3WezdgGN77qS+HJM19GCnBz+61j94etbx lapR89TSk9VPR7PX7kl7 =9ogQ -----END PGP SIGNATURE----- --H+4ONPRPur6+Ovig--