Date: Thu, 29 Nov 2001 20:04:28 +0100 From: Gerhard Sittig <Gerhard.Sittig@gmx.net> To: freebsd-security@freebsd.org Subject: Re: Updating ssh Message-ID: <20011129200427.C21918@shell.gsinet.sittig.org> In-Reply-To: <4.3.2.7.2.20011128151923.041d0710@localhost>; from brett@lariat.org on Wed, Nov 28, 2001 at 03:26:40PM -0700 References: <F49Gmjm08IyFrydlb9r0001c375@hotmail.com> <4.3.2.7.2.20011128151923.041d0710@localhost>
next in thread | previous in thread | raw e-mail | index | archive | help
On Wed, Nov 28, 2001 at 15:26 -0700, Brett Glass wrote:
>
> This reflects a common problem in FreeBSD. When you install a port or
> compile a newer version of an application which is included in the base
> install, it usually goes into /usr/local, so the system keeps on using
> the old version (which is ahead of the newer one in the path). What's
> more, the configuration files are often required to be in different
> places. [ ... ]
>
> Perhaps FreeBSD should put these things in /usr/local from the get-go?
How sick is the idea of having some mailwrapper alike for those
program suites (ssh, perl, named, cc, who else?) while keeping
the actual programs in some libexec directory (the base system
versions) or /usr/local (the ports)? So that the executable
always can be found in the one and only known and persistent
location (/usr/bin) while the "redirection mess" at installation
or update time is reduced to a port's "make install" and editing
just *one* config file (the wrapper conf).
The only downside I can see is increased complexity (the
company(id?) of flexibility, I guess ...) and increased chances
for somebody of those who didn't like mailwrapper to begin with
screaming "bloat!" ...
The other approach -- installing ports in a location where base
components reside -- will always be troublesome. An "make
installworld" will clobber the installed port. While "make
install" of a port with a destination in /usr/bin will clobber
base components. In my book editing config files is the most
natural way of administering a UNIX box and changing behaviour. :)
Not compiling certain base components by means of NO* in make.conf
seems to be just a bonus and time saving option.
BTW: Those who are familiar with and like replacing base components
with executables from the ports collection are still free to replace
the wrappers. :>
virtually yours 82D1 9B9C 01DC 4FB4 D7B4 61BE 3F49 4F77 72DE DA76
Gerhard Sittig true | mail -s "get gpg key" Gerhard.Sittig@gmx.net
--
If you don't understand or are scared by any of the above
ask your parents or an adult to help you.
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20011129200427.C21918>