From owner-freebsd-questions@freebsd.org Wed Jan 20 05:52:33 2016 Return-Path: Delivered-To: freebsd-questions@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id D86EAA89229 for ; Wed, 20 Jan 2016 05:52:33 +0000 (UTC) (envelope-from schultz@ime.usp.br) Received: from iris.ime.usp.br (iris.ime.usp.br [143.107.45.5]) by mx1.freebsd.org (Postfix) with ESMTP id 91FFE18E1 for ; Wed, 20 Jan 2016 05:52:33 +0000 (UTC) (envelope-from schultz@ime.usp.br) Received: from cage0 (OTWAON234VW-LP140-05-1176444850.dsl.bell.ca [70.31.31.178]) (using TLSv1 with cipher ECDHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) (Authenticated sender: schultz@iris.ime.usp.br) by iris.ime.usp.br (Postfix) with ESMTPSA id 6FF3E290029E; Wed, 20 Jan 2016 03:52:20 -0200 (BRST) DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple; d=ime.usp.br; s=mail; t=1453269145; bh=nDUQCLTGAtQdTR+G6HnGcKM2vx7FYyzEDNEWLNvsX64=; h=Date:From:To:Cc:Subject:In-Reply-To:References:From; b=Ihg1HiR7jq63rby2Z+3VwVx/oHi8IXuMtv0F0v/WZF4ETgM2A9EGopEJA1mBjqEVn tX12VbfaJ1r4SvrDWfdmcaT4QW4nzXXPedpNatstYxl+mvcfOb83pjUm2/+qpkOFQg NNA5SwU89BjuoGWBnYaL34nPlPZUJ6bZ/fkbG2O4= Date: Wed, 20 Jan 2016 05:51:08 +0000 From: =?ISO-8859-1?Q?Lu=EDs?= Fernando Schultz Xavier da Silveira To: "Michael B. Eichorn" Cc: kpneal@pobox.com, Polytropon , freebsd-questions@freebsd.org Subject: Re: Unexpected dependencies of graphics/libGL Message-Id: <20160120055108.b9516e8b6ddf576a5239370c@ime.usp.br> In-Reply-To: <1453263751.6711.61.camel@michaeleichorn.com> References: <20160117031923.ce1f36547351bf07b6fff9a0@ime.usp.br> <20160117070715.1c33732b.freebsd@edvax.de> <20160117162018.964db3b1f2f2133242773e78@ime.usp.br> <20160117220247.69e6774f.freebsd@edvax.de> <20160118161235.GA92637@neutralgood.org> <20160119050806.cd08ca0687e76a4b09a701e3@ime.usp.br> <20160119062345.5402e98b.freebsd@edvax.de> <20160119063438.ca57c8a3bd8ba6781a58b040@ime.usp.br> <20160119141257.GA64358@neutralgood.org> <20160120031432.cd8793f3626c07fc803ee308@ime.usp.br> <1453263751.6711.61.camel@michaeleichorn.com> X-Mailer: Sylpheed 3.4.3 (GTK+ 2.24.29; amd64-portbld-freebsd10.2) Mime-Version: 1.0 Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: quoted-printable X-Spam-Status: No, score=-1.9 required=5.0 tests=BAYES_00,UNPARSEABLE_RELAY autolearn=ham autolearn_force=no version=3.4.0 X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on iris.ime.usp.br X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.20 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 20 Jan 2016 05:52:33 -0000 Hello, You are correct. As you described and as I pointed out before, Poudriere is the right tool for creating package repositories. It prevents badly written ports from interfering with the host system. However, in a system where the packages built this way are then installed into it, this tidyness/security benefit vanishes. This is my use case and, thus, for my personal use, Poudriere does not make sense. On Tue, 19 Jan 2016 23:22:31 -0500 "Michael B. Eichorn" wrote: > On Wed, 2016-01-20 at 03:14 +0000, Lu=EDs Fernando Schultz Xavier da > Silveira wrote: > > Hi, > >=20 > > In a nutshell, the point is that the build dependencies should not be > > there at all. Keeping them in a jail is not a proper solution because > > they can still influence the host system (since the packages > > resulting > > from computations done in the jail will be installed in the host). >=20 > There is nothing inherently wrong about this. The jail is not insecure, > it runs no external services. In the case of poudriere we trust the > build jails in the exact same way we trust software built on the the > host from ports. >=20 > The jails are used not so much for security as for isolating the build > from the host environment. Do recall that jails are in a way secure > extensions of the chroot concept; and that chroot was developed not for > security, but for compling software in a controlled environment. This > is what poudriere does, complie software in a controlled environment. >=20 > Further the complied packages are not 'kept' in a jail, after running > poudriere all jails are stopped and compliation jails are destroyed. > Poudriere creates a package repository on the host system where built > packages are kept. >=20 > One big advantage to poudriere is that since you are building this repo > you can confirm the whole build went well before installing any new > package on a production system. For a complex build like x11/gnome3 > this can be a major advantage. >=20 > TLDR: Poudriere is at least as secure as building from ports. (Exactly > as kpneal and Polytropon said.) >=20 > >=20 > > On Tue, 19 Jan 2016 09:12:57 -0500 > > kpneal@pobox.com wrote: > >=20 > > > On Tue, Jan 19, 2016 at 06:34:38AM +0000, Lu=EDs Fernando Schultz > > > Xavier da Silveira wrote: > > > > Hello, > > > >=20 > > > > > But this is not different from how ports are being built in > > > > > the regular ports tree: Compilation tools could be compromized > > > > > or package content could be affected. The typical "make > > > > > install" > > > > > will generate a package which is then installed via pkg. > > > >=20 > > > > Indeed, it is not different, and that is my point. > > >=20 > > > Huh? When did this turn into a discussion about security? > > >=20 > > > You can do a small amount of work and have security concerns or you > > > can > > > do much more work and have the exact same security concerns. I > > > really don't > > > see how this reflects badly on Poudriere. > > >=20 > > > I thought this was a discussion about how to avoid having build > > > dependencies > > > installed when all you wanted was the run-time dependencies. > > > Poudriere > > > handles this nicely without all that mucking about with locking > > > packages, > > > keeping your ports tree in sync with the one checked out at > > > freebsd.org, > > > etc. > > >=20