From owner-freebsd-questions@FreeBSD.ORG Wed Mar 19 19:59:35 2014 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 1EF4959A for ; Wed, 19 Mar 2014 19:59:35 +0000 (UTC) Received: from a0i55.smtpcorp.com (a0i55.smtpcorp.com [64.131.95.140]) (using TLSv1.2 with cipher DHE-RSA-AES128-SHA (128/128 bits)) (No client certificate requested) by mx1.freebsd.org (Postfix) with ESMTPS id E658F6EA for ; Wed, 19 Mar 2014 19:59:34 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=smtpcorp.com; s=a0_1; h=Content-Transfer-Encoding:Content-Type:MIME-Version:Message-ID:In-Reply-To:Date:References:Subject:Cc:To:From; bh=Or/rzjIspccUNSuOqHO/bZM+DHx64M3iU67xlYGV5DA=; b=baM2YlssDZFhVVZt2vPLMoszH5LrwvkoK5TZiPX2PjiCI64E/CZejxD/mDqwbdw+dx6OYHTVCNsIsNcl618K3pS0IpnrgQh3Gmz8VtzvtbTIzjn9i2A8GP8zHoEcS5EPpVHmfdaDsBucbhAoj5LZ0ru0t9qZr8bW/sd1JqCoalk=; From: Daniel Corbe To: Arthur Chance Subject: Re: FreeBSD is really great.. BUT.. References: <5329B35B.8040005@freebsd.org> <5329C1C0.6070004@qeng-ho.org> Date: Wed, 19 Mar 2014 15:59:25 -0400 In-Reply-To: <5329C1C0.6070004@qeng-ho.org> (Arthur Chance's message of "Wed, 19 Mar 2014 16:11:44 +0000") Message-ID: User-Agent: Gnus/5.13 (Gnus v5.13) Emacs/24.3 (berkeley-unix) MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: quoted-printable X-Smtpcorp-Track: 443790904.1.744579 Cc: Matthew Seaman , freebsd-questions@freebsd.org X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 19 Mar 2014 19:59:35 -0000 Arthur Chance writes: > On 19/03/2014 15:10, Matthew Seaman wrote: >> On 03/19/14 10:34, Martin Braun wrote: >>> The binary packages on FreeBSD are compiled with so few options availab= le >>> that you end up compiling the whole bunch from source anyway! >>> >>> A simple setup on a mailserver with Postfix, Dovecot, MySQL, and a coup= le >>> of other packages doesn't work using the binary packages because they a= re >>> NOT compiled to fit together! >>> >>> Now.. what the "=C2=A4"%"#!"!=C2=A4 is the point then!? Why don't we ju= st forget >>> about binary packages in FreeBSD and make everyone compile? >> >> Because we're in a state of transition at the moment. We have not yet >> completely obsoleted the old pkg_tools (soon though...), so there are >> changes to the ports tree we cannot make just yet. pkg(8) itself is >> right now in the process of growing a much more sophisticated solver, >> which will mean much more intelligence about constructing dependency >> trees based on the capabilities and requirements of the available >> packages, rather than the RUN_DEPENDS settings pulled from the ports tre= e. >> >> Yes, it's frustrating at the moment since we're in a half-way house >> between the old-style ports and the regime where binary packages >> basically 'just work' for the vast majority of users. (It's likely that >> there will always be people who want odd combinations of options who >> will be best advised to compile their own, but ideally they should be >> few and far between.) >> >> The best user experience at the moment seems to be for people building >> packages using poudriere (or similar) and running their own repo to >> distribute them. But that's just at the moment, and could well change >> pretty soon. > > That's good to hear and keep up the good work, but I suspect there are > some awkward customers (like me) who will always have to roll their > own. On world facing servers in particular I cut out large chunks of > the base system that aren't used, on the grounds that if it's present > it probably won't have security vulnerabilities, but if it's absent it > definitely can't have them. (Similarly, removing the tool chain on a > server prevents one well known attack escalation.) Some ports rely by > default on base system features I remove, so I'll always have to build > custom versions of those. However, if the pkgng work can satisfy 99% > of the FreeBSD audience the team will get major applause from me. > The current status quo is acceptable. Pre-built binary packages solve 80% of my problems and I have to build the other 20% from ports. But that's still 80% less work for me to do.