From owner-freebsd-ports@FreeBSD.ORG Tue May 29 12:20:00 2012 Return-Path: Delivered-To: freebsd-ports@FreeBSD.org Received: from mx1.freebsd.org (mx1.freebsd.org [69.147.83.52]) by hub.freebsd.org (Postfix) with ESMTP id 4B07A106564A; Tue, 29 May 2012 12:20:00 +0000 (UTC) (envelope-from hrs@FreeBSD.org) Received: from mail.allbsd.org (gatekeeper.allbsd.org [IPv6:2001:2f0:104:e001::32]) by mx1.freebsd.org (Postfix) with ESMTP id 9F0008FC0A; Tue, 29 May 2012 12:19:59 +0000 (UTC) Received: from alph.allbsd.org (p4242-ipbf1504funabasi.chiba.ocn.ne.jp [118.7.211.242]) (authenticated bits=128) by mail.allbsd.org (8.14.5/8.14.5) with ESMTP id q4TCJc6B064465; Tue, 29 May 2012 21:19:49 +0900 (JST) (envelope-from hrs@FreeBSD.org) Received: from localhost (localhost [IPv6:::1]) (authenticated bits=0) by alph.allbsd.org (8.14.4/8.14.4) with ESMTP id q4TCJZng077270; Tue, 29 May 2012 21:19:37 +0900 (JST) (envelope-from hrs@FreeBSD.org) Date: Tue, 29 May 2012 21:07:47 +0900 (JST) Message-Id: <20120529.210747.1201141455541317832.hrs@allbsd.org> To: stephen@missouri.edu, crees@FreeBSD.org From: Hiroki Sato In-Reply-To: References: <4FC3A93C.6080009@t-hosting.hu> <4FC3B1B9.1050703@missouri.edu> X-PGPkey-fingerprint: BDB3 443F A5DD B3D0 A530 FFD7 4F2C D3D8 2793 CF2D X-Mailer: Mew version 6.4.50 on Emacs 23.4 / Mule 6.0 (HANACHIRUSATO) Mime-Version: 1.0 Content-Type: Multipart/Signed; protocol="application/pgp-signature"; micalg=pgp-sha1; boundary="--Security_Multipart(Tue_May_29_21_07_47_2012_676)--" Content-Transfer-Encoding: 7bit X-Virus-Scanned: clamav-milter 0.97.4 at gatekeeper.allbsd.org X-Virus-Status: Clean X-Greylist: Sender succeeded SMTP AUTH, not delayed by milter-greylist-4.2.7 (mail.allbsd.org [133.31.130.32]); Tue, 29 May 2012 21:19:49 +0900 (JST) X-Spam-Status: No, score=-98.2 required=13.0 tests=CONTENT_TYPE_PRESENT, MIMEQENC, QENCPTR1, QENCPTR2, RCVD_IN_RP_RNBL, USER_IN_WHITELIST autolearn=no version=3.3.2 X-Spam-Checker-Version: SpamAssassin 3.3.2 (2011-06-06) on gatekeeper.allbsd.org Cc: gabor@t-hosting.hu, freebsd-ports@FreeBSD.org Subject: Re: Request to review: print/texlive-install X-BeenThere: freebsd-ports@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Porting software to FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 29 May 2012 12:20:00 -0000 ----Security_Multipart(Tue_May_29_21_07_47_2012_676)-- Content-Type: Text/Plain; charset=iso-8859-1 Content-Transfer-Encoding: quoted-printable Chris Rees wrote in : cr> On 28 May 2012 18:11, Stephen Montgomery-Smith wrote: cr> > On 05/28/2012 11:35 AM, G=E1bor K=F6vesd=E1n wrote: cr> >> cr> >> On 2012.05.28. 18:16, Stephen Montgomery-Smith wrote: cr> >>>> cr> >>>> cr> >>>> cr> >>>> On 5/28/12 10:11 AM, Stephen Montgomery-Smith wrote: cr> >>>>> cr> >>>>> cr> >>>>> How about if I add lines like this: cr> >>>>> cr> >>>>> .if !defined(IGNORE_SECURITY_RISK) cr> >>>>> IGNORE=3D has a security risk because it downloads a file \ cr> >>>>> without a checksum. Define IGNORE_SECURITY_RISK to build this= port cr> >>>>> .endif cr> >>>>> cr> >>>>> Would it be considered OK to commit it then? cr> >>>> cr> >>>> could you host it somewhere that won't go away at missouri.edu= ? cr> >>>> cr> >>> cr> >>> cr> >>> I could host it somewhere at missouri.edu that will stay as lon= g as I cr> >>> am alive or keep my job. cr> >> cr> >> Better to host it on the FreeBSD mirrors. You only have to creat= e a cr> >> public_distfiles in your home directory after logging in to free= fall and cr> >> drop the file there. This is the usual way of doing it. cr> > cr> > cr> > Thank you for the info. =A0Here is my latest version: cr> > cr> > http://people.freebsd.org/~stephen/ cr> > cr> = cr> I'm afraid my concerns still hold [1]. cr> = cr> This port fetches $WHOKNOWSWHAT from $WHOKNOWSWHERE outside the fet= ch cr> stage, which isn't how ports are supposed to work. cr> = cr> I know 'having a port' is usually considered a good thing, but as I= cr> said before, it's no easier or safer to install this via the port t= han cr> just download and run the script. cr> = cr> Also, on deinstall/upgrade the port will clobber anything that was cr> there on install (automatic plist generation also sucks in anything= cr> that was there) [2]. I also think this port is too tricky. Although I do understand one big package for texlive is easy to install and it will be one which can satisfy many people, it should get along with the ports framework---I do not think defining IGNORE_SECURITY_RISK is what we want to do. I spent a lot of time for teTeX-to-texlive migration in the ports tree but I could not accomplish it actually so far since I could find only a suboptimal solution. Importing a texlive port should replace the current teTeX ports at one burst because there are many ports which depend on TeX. I may not be qualified to say "no" here because I have not been able to create an alternative for a long time, but adding a texlive port with no specific migration plan would make the ports tree confused. I have created and used a prototype which consists of modularized texlive ports (~200 ports) generated from macro package list in texlive source and metadata from texlive.tlpdb to replace print/teTeX* in the tree completely. It is because strong demands for modularity and/or smaller configurations from TeX users who are using it in non-X11 environment, for example, still remain. It has worked, but one big problem is that it is not compatible with tlmgr. If people use a tlmgr-like tool to download and install a macro package instead of the ports, the texmf tree will be broken easily. In addition, inconsistency between package database and actually installed files breaks our ports framework in various ways. Trouble reports on print/teTeX* ports I received were mostly due to broken texmf trees, so I am feeling this should be mitigated in some way. I can post the port set with disabling some of tlmgr's capability (package install/removal part). Is it still an interesting one for people? -- Hiroki ----Security_Multipart(Tue_May_29_21_07_47_2012_676)-- Content-Type: application/pgp-signature Content-Transfer-Encoding: 7bit -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.11 (FreeBSD) iEYEABECAAYFAk/EvBMACgkQTyzT2CeTzy3FYwCg318Qe0cmqluH5iJd1ZC3E+Eo M+IAn22YCNXiBClpwOv9vrEiFF2uBTqm =IgU7 -----END PGP SIGNATURE----- ----Security_Multipart(Tue_May_29_21_07_47_2012_676)----