From owner-freebsd-questions@FreeBSD.ORG Tue Apr 1 15:18:06 2014 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id D6E15316; Tue, 1 Apr 2014 15:18:06 +0000 (UTC) Received: from mail-ie0-x22d.google.com (mail-ie0-x22d.google.com [IPv6:2607:f8b0:4001:c03::22d]) (using TLSv1 with cipher ECDHE-RSA-RC4-SHA (128/128 bits)) (Client CN "smtp.gmail.com", Issuer "Google Internet Authority G2" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 9ED4F1D8; Tue, 1 Apr 2014 15:18:06 +0000 (UTC) Received: by mail-ie0-f173.google.com with SMTP id rl12so9262387iec.4 for ; Tue, 01 Apr 2014 08:18:05 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:sender:date:message-id:subject:from:to:content-type; bh=FFOW8FzgVgnpqRyjXz3E+zUIzj07FK0AETx0XuNAtTw=; b=SHxScCvfsjSlX7FRj9sKruqTI4wuHFyVGjyiBs7EGTx33VPmh9zZgo8bkJ1xwcuLlf gupsnVG7ZIoEy/MTiA0h4GWneOmp/LxvR75ZBSIuT49gkdTw3GXxtQnWW4yhvRmA6c9I V/bbgVv8xWzwkXz7Ud0hqZMbYOZyixp2AGsF6JsGQ84sTKB0rIW+Ec5H0UzZHI9m1an2 e9ElCnMU5EzvLxuoZp44XyEst6PeH/GDgGaSv/2VbWNTRsj0GxmMz3ocSBosgvPtPkyw yDYVzMgAp1w1FECimnS4GUCgHU6o7AJgA/s8uUDBfvOp2PnVkBvacgP9ujrROywdc5ue 8cNg== MIME-Version: 1.0 X-Received: by 10.50.111.79 with SMTP id ig15mr2822892igb.14.1396365485760; Tue, 01 Apr 2014 08:18:05 -0700 (PDT) Sender: jdavidlists@gmail.com Received: by 10.42.238.77 with HTTP; Tue, 1 Apr 2014 08:18:05 -0700 (PDT) Date: Tue, 1 Apr 2014 11:18:05 -0400 X-Google-Sender-Auth: hbBy6dujIqCqlszQhgCFL6Cx198 Message-ID: Subject: Updating less-than-everything with poudriere & pkgng From: J David To: freebsd-ports@freebsd.org, freebsd-questions@freebsd.org Content-Type: text/plain; charset=ISO-8859-1 X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 01 Apr 2014 15:18:06 -0000 Poudriere and pkgng have been great tools for managing large numbers of FreeBSD ports. However, we would like to optimize the build in some cases. Consider a poudriere-generated pkgng repository with about 10,000 packages in it. Now, just because the FreeBSD ports collection is the way it is, about 8,000 of those packages are going to depend directly or indirectly on perl. Now suppose one of those 10,000 packages is foobar-1.2.2. A security advisory is released, and it is now urgent to upgrade all the machines using this repository to foobar-1.2.3 ASAP. But foobar-1.2.3 (like 7,999 of its brethren) depends on perl, and perl has also been updated from perl-5.12.3.4_5a to 5.12.3.4_5a1. What we want is to do a poudriere build that updates to foobar-1.2.3 and rebuild anything that depends on foobar. But the first thing poudriere is going to do is whack perl-5.12.3.4_5a and all 8000 packages that depend on it. This is a problem for two reasons. First, this takes at least a day to build, during which time foobar-1.2.2 is out there waiting to be exploited. (Alternatively you can try to build less than the full set to get it done quicker, but this introduces its own set of problems; packages that didn't get rebuilt may stop working.) Second, it's virtually a guarantee that hidden somewhere in those 8000 packages is an update that breaks something for somebody using that repository. So poudriere creates this situation where to get any security update, you have to take every other unrelated update, even if they are very bad for you. Is there any way to either: - Convince poudriere only to build a specific port and its dependents, or - Build port(s) outside of poudriere and then inject them into the pkgng repo maintained by poudriere? For example, if there were some way we could manually delete what we want rebuilt and tell poudriere to rebuild only the missing, not the outdated, that would be great. (It would be *ideal* if we could just delete the target package and poudriere would take care of deleting its dependents.) Thanks for any advice!