Date: Fri, 22 Aug 2014 15:17:22 -0500 From: Bryan Drewery <bdrewery@FreeBSD.org> To: mikej <mikej@mikej.com>, Ports FreeBSD <freebsd-ports@freebsd.org> Cc: pkg@freebsd.org, owner-freebsd-current@freebsd.org Subject: Re: SAT resolver problem - [CFT] SSP Package Repository available Message-ID: <53F7A552.5050608@FreeBSD.org> In-Reply-To: <65f72f283578f9e08cb672928bc441e9@mail.mikej.com> References: <523D79CD.2090302@FreeBSD.org> <53F4CE0E.8040106@FreeBSD.org> <65f72f283578f9e08cb672928bc441e9@mail.mikej.com>
next in thread | previous in thread | raw e-mail | index | archive | help
This is an OpenPGP/MIME signed message (RFC 4880 and 3156) --XeQpn3cIdkxNowLvtRT0nnXua9L2VkVnb Content-Type: text/plain; charset=windows-1252 Content-Transfer-Encoding: quoted-printable On 8/22/2014 1:16 PM, mikej wrote: > On , Bryan Drewery wrote: >> On 9/21/2013 5:49 AM, Bryan Drewery wrote: >>> Ports now support enabling Stack Protector [1] support on FreeBSD 10 >>> i386 and amd64, and older releases on amd64 only currently. >>> >>> Support may be added for earlier i386 releases once all ports properl= y >>> respect LDFLAGS. >>> >>> To enable, just add WITH_SSP=3Dyes to your make.conf and rebuild all >>> ports. >>> >>> The default SSP_CLFAGS is -fstack-protector, but -fstack-protector-al= l >>> may optionally be set instead. >>> >>> Please help test this on your system. We would like to eventually ena= ble >>> this by default, but need to identify any major ports that have run-t= ime >>> issues due to it. >>> >>> [1] https://en.wikipedia.org/wiki/Buffer_overflow_protection >>> >> >> We have not had any feedback on this yet and want to get it enabled by= >> default for ports and packages. >> >> We now have a repository that you can use rather than the default to >> help test. We need your help to identify any issues before switching t= he >> default. >> >> This repository is available for: >> >> head >> 10.0 >> 9.1,9.2,9.3 >> >> It is not available for 8.4. If someone is willing to test on 8.4 I wi= ll >> build a repository for it. >> >> Place this in /usr/local/etc/pkgs/repos/FreeBSD_ssp.conf: >> >> FreeBSD: { enabled: no } >> FreeBSD_ssp: { >> url: "pkg+http://pkg.FreeBSD.org/${ABI}/ssp", >> mirror_type: "srv", >> signature_type: "fingerprints", >> fingerprints: "/usr/share/keys/pkg", >> enabled: yes >> } >> >> Once that is done you should force reinstall packages from this >> repository: >> >> pkg update >> pkg upgrade -f >> >> Thanks for your help! >> Bryan Drewery >> On behalf of portmgr. >=20 > I have been using this without issue on several machines until today. >=20 > root@firewall:/usr/ports # pkg -v > 1.3.6 > root@firewall:/usr/ports # >=20 >=20 > Repositories: > FreeBSD_ssp: { > url : "pkg+http://pkg.FreeBSD.org/freebsd:10:x86:64/ssp= ", > enabled : yes, > mirror_type : "SRV", > signature_type : "FINGERPRINTS", > fingerprints : "/usr/share/keys/pkg" > } >=20 >=20 > root@firewall:/usr/ports # pkg update -f > Updating repository catalogue > pkg: http://pkg.FreeBSD.org/freebsd:10:x86:64/ssp/meta.txz: Not Found > pkg: repository FreeBSD_ssp has no meta file, using default settings > Fetching digests.txz: 100% of 1 MB > Fetching packagesite.txz: 100% of 5 MB >=20 > Adding new entries: 100% > Incremental update completed, 23305 packages processed: > 0 packages updated, 0 removed and 23305 added. > root@firewall:/usr/ports # pkg install mdnsresponder > Updating repository catalogue > pkg: http://pkg.FreeBSD.org/freebsd:10:x86:64/ssp/meta.txz: Not Found > pkg: repository FreeBSD_ssp has no meta file, using default settings > FreeBSD_ssp repository is up-to-date > All repositories are up-to-date > Checking integrity... done (1 conflicting) > pkg: Cannot solve problem using SAT solver: > cannot install package mDNSResponder~net/mDNSResponder, remove it from > request [Y/n]: y > Checking integrity... done (0 conflicting) > The most recent version of packages are already installed > root@firewall:/usr/ports # uname -a > FreeBSD firewall 10.0-STABLE FreeBSD 10.0-STABLE #0 r269366M: Fri Aug = 1 > 00:35:49 EDT 2014 mikej@firewall:/usr/obj/usr/src/sys/GENERIC amd6= 4 > root@firewall:/usr/ports # date > Fri Aug 22 14:12:30 EDT 2014 > root@firewall:/usr/ports # >=20 > root@firewall:/usr/ports # pkg info | grep mdns > root@firewall:/usr/ports # >=20 > Regards, >=20 > --mikej It looks like the (SSP) freebsd:10:x86:64 freebsd:11:x86:32 repositories are stale from a month ago. Looking into why. Sadly this was not noticed and the instructions effectively will downgrade packages. These 2 repositories have pkg-1.2 still as well. --=20 Regards, Bryan Drewery --XeQpn3cIdkxNowLvtRT0nnXua9L2VkVnb Content-Type: application/pgp-signature; name="signature.asc" Content-Description: OpenPGP digital signature Content-Disposition: attachment; filename="signature.asc" -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.10 (MingW32) iQEcBAEBAgAGBQJT96VSAAoJEDXXcbtuRpfPB0IIAIYLftJd0PK2eyUBX0VuROxr Qq5v9gKmGbGpGhGUiXP204Op0Qp3vtk6HIqnU5KvyaEJGPt9NGq77iiUYH+tgCfg MNch6dzDHnyCjyr+bSz2YCVxoIBFy6yMhS2YLrd2ywJVGwmZMBx9kXRiviFwbpzF W6Z1XCnAzyvBOXdxWiG73bPArxVTWtzEVJPpaU9OSUFemZY+MPAuOuCVhlVaFZUF 66p3+LC/CD+StvVEK+UqsxylQscCuFYbepMpUt/Szm/meoG01dtnV9ptlEjAGGsA U5IXU0pqg8gSg29UevwBKWL02gg6zHOmYIfZpwH2PnGOcgzWkmfgegJ70O/yL9k= =A5JI -----END PGP SIGNATURE----- --XeQpn3cIdkxNowLvtRT0nnXua9L2VkVnb--
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?53F7A552.5050608>