From owner-freebsd-questions@FreeBSD.ORG Wed Mar 19 16:11:49 2014 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 02893341; Wed, 19 Mar 2014 16:11:49 +0000 (UTC) Received: from blue.qeng-ho.org (blue.qeng-ho.org [217.155.128.241]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mx1.freebsd.org (Postfix) with ESMTPS id 74D5DBD2; Wed, 19 Mar 2014 16:11:48 +0000 (UTC) Received: from fileserver.home.qeng-ho.org (localhost [127.0.0.1]) by fileserver.home.qeng-ho.org (8.14.7/8.14.5) with ESMTP id s2JGBiM1007723; Wed, 19 Mar 2014 16:11:46 GMT (envelope-from freebsd@qeng-ho.org) Message-ID: <5329C1C0.6070004@qeng-ho.org> Date: Wed, 19 Mar 2014 16:11:44 +0000 From: Arthur Chance User-Agent: Mozilla/5.0 (X11; FreeBSD amd64; rv:24.0) Gecko/20100101 Thunderbird/24.3.0 MIME-Version: 1.0 To: Matthew Seaman , freebsd-questions@freebsd.org Subject: Re: FreeBSD is really great.. BUT.. References: <5329B35B.8040005@freebsd.org> In-Reply-To: <5329B35B.8040005@freebsd.org> Content-Type: text/plain; charset=UTF-8; format=flowed Content-Transfer-Encoding: 8bit X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 19 Mar 2014 16:11:49 -0000 On 19/03/2014 15:10, Matthew Seaman wrote: > On 03/19/14 10:34, Martin Braun wrote: >> The binary packages on FreeBSD are compiled with so few options available >> that you end up compiling the whole bunch from source anyway! >> >> A simple setup on a mailserver with Postfix, Dovecot, MySQL, and a couple >> of other packages doesn't work using the binary packages because they are >> NOT compiled to fit together! >> >> Now.. what the "¤"%"#!"!¤ is the point then!? Why don't we just forget >> about binary packages in FreeBSD and make everyone compile? > > Because we're in a state of transition at the moment. We have not yet > completely obsoleted the old pkg_tools (soon though...), so there are > changes to the ports tree we cannot make just yet. pkg(8) itself is > right now in the process of growing a much more sophisticated solver, > which will mean much more intelligence about constructing dependency > trees based on the capabilities and requirements of the available > packages, rather than the RUN_DEPENDS settings pulled from the ports tree. > > Yes, it's frustrating at the moment since we're in a half-way house > between the old-style ports and the regime where binary packages > basically 'just work' for the vast majority of users. (It's likely that > there will always be people who want odd combinations of options who > will be best advised to compile their own, but ideally they should be > few and far between.) > > The best user experience at the moment seems to be for people building > packages using poudriere (or similar) and running their own repo to > distribute them. But that's just at the moment, and could well change > pretty soon. That's good to hear and keep up the good work, but I suspect there are some awkward customers (like me) who will always have to roll their own. On world facing servers in particular I cut out large chunks of the base system that aren't used, on the grounds that if it's present it probably won't have security vulnerabilities, but if it's absent it definitely can't have them. (Similarly, removing the tool chain on a server prevents one well known attack escalation.) Some ports rely by default on base system features I remove, so I'll always have to build custom versions of those. However, if the pkgng work can satisfy 99% of the FreeBSD audience the team will get major applause from me.