From owner-freebsd-questions@freebsd.org Mon Dec 7 16:41:05 2015 Return-Path: Delivered-To: freebsd-questions@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 131679C1907 for ; Mon, 7 Dec 2015 16:41:05 +0000 (UTC) (envelope-from aberg010@my.HennepinTech.edu) Received: from na01-bn1-obe.outbound.protection.outlook.com (mail-bn1on0116.outbound.protection.outlook.com [157.56.110.116]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-SHA384 (256/256 bits)) (Client CN "mail.protection.outlook.com", Issuer "MSIT Machine Auth CA 2" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id B7ADE1E61 for ; Mon, 7 Dec 2015 16:41:03 +0000 (UTC) (envelope-from aberg010@my.HennepinTech.edu) Authentication-Results: spf=none (sender IP is ) smtp.mailfrom=aberg010@my.HennepinTech.edu; Received: from [IPv6:2601:440:c000:85dd::30] (2601:440:c000:85dd::30) by BLUPR03MB1492.namprd03.prod.outlook.com (10.163.81.22) with Microsoft SMTP Server (TLS) id 15.1.331.20; Mon, 7 Dec 2015 16:40:55 +0000 Subject: Re: [Phishing]Re: Migrating to FreeBSD from Debian To: References: <86poyiuynx.fsf@gmail.com> <56659FC8.8020904@FreeBSD.org> <444mfujmpd.fsf@be-well.ilk.org> From: Andrew Berg X-Enigmail-Draft-Status: N1110 Message-ID: <5665B693.6060004@my.hennepintech.edu> Date: Mon, 7 Dec 2015 10:40:51 -0600 User-Agent: Mozilla/5.0 (Windows NT 6.2; WOW64; rv:38.0) Gecko/20100101 Thunderbird/38.4.0 MIME-Version: 1.0 In-Reply-To: Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: 8bit X-Originating-IP: [2601:440:c000:85dd::30] X-ClientProxiedBy: BLUPR14CA0064.namprd14.prod.outlook.com (25.163.209.160) To BLUPR03MB1492.namprd03.prod.outlook.com (25.163.81.22) X-Microsoft-Exchange-Diagnostics: 1; BLUPR03MB1492; 2:MxpZvoqyp1++rEmkh1aUhERV0F/a4grO1pDe1IKJdV8BsernvO3qOw+fqH0xKkk0n44BNmCVAoFWv7OwqWMHOwcObgyXnKo+I0UetjnZbPJkJiSefEi4npPBpUV7WqfMqowErM0gjTEKfRqnsCZGAw==; 3:bxYrJiu9f5LdOEatumZ5oNtvrhh+kTO359zAu2ddJRM/XDTeoTlPalV7TbfWiaNYasroicnAZOQCKTF4liOgYt8RuO6wx7XDndWPZY/mLW8RP4DFf0uknXhcHxuvCwRB; 25:5YdpiR8mUozWCVKiQ8PR3W8hr3v2RFkHQwnw4VGbHeyCChLogGz6FZWIVGZ5szkQbNvx7qWA9Ni2fp7QJX4jT5o7/ur1YBVSpoY0hi7QH+woJV9uMB8pCfnRJyilxgI7ToIbC1nLyKMqr8WuKqQm/gwSz1iQrxR+uM2GWelivLJhFbWfTH9B/QcBSBrGFJSy0LoiqJMcsy3AVqurJwX87nSM/36SfJIR4+GJLhAXE68kzNtHJQ1gnZUYyua+TOmgKh+xj1Jl8TvCrxb8/DNYFA==; 20:kTk60+NY4YskxPT8TPmEp7tbVbZsE5nz3jlB6LXXz2D8PnhT7rT2b+hPugcGYTfzQ9fXK3aPOlg2kiG5/Bn3ThC6Om9JA7Om2wRATSx8LItHwnumM/pOXvFaFjLw5jWmrcFLuhfNqo5V0zsaiEJyeH7+WjYpURssygvYVNOMl4nsloveU3Ktd/ltFtmcPVWHNxCu3FnCHRTP3mLsUwgskarIVd6CWvLv5/WMHn62xdXd/OpcocoqjqQ3Yy9I2We87rqp+DTO9uphm1G7projpXFi9QfqSDP0RyCj8k7xjL92S9y5haumZLYheRD0mG8liunUgxqjbGHwQqXVDnbygQ== X-Microsoft-Antispam: UriScan:;BCL:0;PCL:0;RULEID:;SRVR:BLUPR03MB1492; X-Forefront-PRVS: 078310077C X-Forefront-Antispam-Report: SFV:NSPM; SFS:(10019020)(6009001)(189002)(24454002)(199003)(2950100001)(76176999)(87266999)(81156007)(110136002)(107886002)(50986999)(64126003)(4001350100001)(75432002)(189998001)(101416001)(2351001)(59896002)(33656002)(88552001)(105586002)(450100001)(40100003)(89122001)(83506001)(77096005)(65816999)(54356999)(50466002)(106356001)(1706002)(87976001)(97736004)(42186005)(93886004)(80316001)(122386002)(65806001)(65956001)(92566002)(23676002)(586003)(5004730100002)(5008740100001)(6116002)(47776003)(86362001)(89472002)(3826002)(547064002); DIR:OUT; SFP:1102; SCL:1; SRVR:BLUPR03MB1492; H:[IPv6:2601:440:c000:85dd::30]; FPR:; SPF:None; PTR:InfoNoRecords; MX:1; A:0; LANG:en; Received-SPF: None (protection.outlook.com: my.HennepinTech.edu does not designate permitted sender hosts) X-Microsoft-Exchange-Diagnostics: =?utf-8?B?MTtCTFVQUjAzTUIxNDkyOzIzOjF0SDZLbGNRekQxVzFiaTFTSzA0T3N1WHov?= =?utf-8?B?QlZtamRjcGNPam8vd2FvZzh6MHJiQmFmdWFFcjlRMC9JakRDWWJyc091M2ht?= =?utf-8?B?NGNCUWJGT3VBU1d4cGoxcEU4aDg2aS9jY2NBdDJXMmcyK2o2ZHRwcjJmRGlH?= =?utf-8?B?aklobm4yblRuMTJKbWdpbkQwTEdqNVdLTkdSMGNnVU5aZGliOWlsUE9BczFE?= =?utf-8?B?NGRkZjJXL0FHNGcrYVNnYVpKNWNYWGhrVHdJUHB6UVNuK0ZwVlZtZHZ6ZERM?= =?utf-8?B?ZGFQSGIzdTZYa0VhTFNPandBTHlOQTgwazVDVXVEems1TEFEemdPVzQyVmVL?= =?utf-8?B?NjIycWpVZkprWWV1OUhpTExYY2lWSm9IWkNMS01XYXQzYkJ6Ym1FUEhyeE1i?= =?utf-8?B?cGhENUl4Z0FJZnRiUW84YzNkb1RvLzhPYnVKcGluRi94dC9MSXdLb0thTWMv?= =?utf-8?B?QzhDMTBJK0pFUXNicXNkdG1KdGlmV0puL1pXOWpFWlFZZWphc3NWaExQcGV0?= =?utf-8?B?RDc5VkxCSlI4N1pWbyswSWJWRmorcGZKRlp3aWFoZTF6TkFYQVRrNmFEQTAv?= =?utf-8?B?bWZ4YW5henJLcnVyMDg4dENCZnF6OHFHb3hZYU1oSDNvTURpMWJ6ZVlINlFS?= =?utf-8?B?ejlZbXAvWXRRVXhGNkZMZWE0S3IxY0U4NGV4M2JyNVBrWDhQTUF6ZTQ0dGpM?= =?utf-8?B?VnVVcVEzTWJFUmZvMmtCT0tzeGRzc0Z3TVhRMVo2eWxSUWcvZm9MWkVXeGtE?= =?utf-8?B?U3hEVUE1SzFIRjFuVDN1WDdydlpmL0VFRFB1anEzNVJPZE5tL2doNjlGbEpY?= =?utf-8?B?aDBDZHNlaGt3M0dJTFNVc09RVFE2STZydk1rRzU1VWNIVlI1bEdkcUkxYUVR?= =?utf-8?B?Z0JTR0Y0a2RCRk5qTDJ5enRraDFoZlY0Vk4xeVFVemV4UXBlaDZoV3hSTFN4?= =?utf-8?B?MmZ5Yk05Yk5iSkJzNHB6RXgzR1VJWjYwbzg5eE5uS3o5Q0RzMTY5eEZEdzhx?= =?utf-8?B?azFkajAxWkV6a01aSXlpRHdvbW9qMVBjRFp1WDBLYlVJM01jMDhNa3o4dEZk?= =?utf-8?B?akF6OS9qOEZSeTA4NVBHdnMvcHVHb0tHUUpvSlRLc3FlMTVSV1h1dHlQWXl0?= =?utf-8?B?bWpCNVZieFVEMHlnRFlBZGQxemZLZ0M0blBrZ0g5d0ZjSFYrV3d1Q3VDR0Z0?= =?utf-8?B?cmhMQWJtejdkM0FFUEJJU3RTL1d3bUM2RWtQaUVIKzhBUE1rTVhyU3VwMTdY?= =?utf-8?B?VmhWckYyV3d2NjVZZEhRYVRCTFlXd0M1VWJQK3hvZEVLbFd5RGM5WjR5T282?= =?utf-8?B?aUdEUmd1UWczMGhHREROb3B2QzN6RDQ2bE5oTyt5cXhJVFZPYlpyTnZLV3ZQ?= =?utf-8?B?OXl1eFRyMWJlZzgxWlgxdC9WdWU5azlvZ3FicUhrYUhCbE00eVZ5V092eEpk?= =?utf-8?B?WlArVmtYdmZHSTJ0cTNXT2JnOFh5ZHA3ZDExU2tsaFhoa2wwczJqZDlMZEc3?= =?utf-8?B?NGI5b211S2JyUFNtYkVvdVZtdTA5SzB4a21sYzBMM1BaT2VpK1VlOWQzV1Zj?= =?utf-8?B?aUgxbTd6UXRTWmRJcHdmbUE0OEFLdkhyQmJXUFZ5WmY5V3h1VHBGdTdhZ2hZ?= =?utf-8?B?a0NaZ3NqUEFDc1NWdkZZdGd4Y2VhZUl3VXhZTHpDalB1MHNKZC9LOVZzckpz?= =?utf-8?Q?2euuSQkqD7kljssmFORtYKoT+b/3zvIAPWeeds/?= X-Microsoft-Exchange-Diagnostics: 1; BLUPR03MB1492; 24:le0dHMzRWdTfVcZUOpwMjKhtP8vsqSs+TiT3pjn92bxeF0kZ3/8fZ0CzL/U+BvC4ur/f94dodDRZjLmwQiWLgq/7l1m44um0PKZzZjLaqoI= SpamDiagnosticOutput: 1:23 SpamDiagnosticMetadata: NSPM X-OriginatorOrg: my.hennepintech.edu X-MS-Exchange-CrossTenant-OriginalArrivalTime: 07 Dec 2015 16:40:55.6238 (UTC) X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted X-MS-Exchange-Transport-CrossTenantHeadersStamped: BLUPR03MB1492 X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.20 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 07 Dec 2015 16:41:05 -0000 On 2015.12.07 09:54, Daniel Feenberg wrote: > > > On Mon, 7 Dec 2015, Lowell Gilbert wrote: > >>> But we should warn then about not mixing ports & packages. I agree, >>> pkg is a good choice [when pkg only]. >> >> That's gradually become a much smaller issue than it used to be. > > What does the warning mean? That once I have installed a single package I > can never use ports? So if I want a port, and already have packages, I > have to uninstall all of the packages first and can never in the future > install any package? That seems extreme. Or is there a less restrictive > interpretation that is more correct? It has to do with mixing trees. Everything is packages, and packages come from ports. If you get packages from the official repo, and then download the ports tree and build and install your own, some packages won't play nice with each other because they aren't from the same point in time (your copy of the tree is a little bit newer than the one used by the official repo at the time). pkg will detect most issues, but it can't generally fix them. It is possible to be in sync with the official repo, but doing so is more complicated and requires more hands-on attention. Trying to use the official repo and then mix in a few of your own here and there is almost always more effort and trouble than it's worth. Ultimately, you have 3 options: 1. Use the official repo. This is the simplest and easiest. You never have to compile anything or know how ports works and upgrades are easy. This also scales to many machines easily. The downside is that you have limited flexibility - no custom options and you can't change the default versions for things such as Python, Perl, PHP, Apache, et al.. You also don't get updates as soon as they're committed, but the time between updates is only about a few days. 2. Use ports tools directly (or a wrapper such as Portmaster) and compile packages yourself. This is a little more work, but you get custom options for your packages (and you can have your own custom modifications to the ports tree). You can have new versions of packages within minutes of the changes being committed to the tree (depending on how long it takes to compile). However, you will have to compile everything and sharing these packages is crude and possibly a bit error-prone because your environment is not 100% clean. This doesn't scale well unless you build your own tooling to make it so. Otherwise, you will have to compile everything you want on each individual machine, and you will have to do some scripting to make your custom options consistent across them. 3. Use Poudriere. This is essentially tooling to make #2 scale well. Once you have packages built, it creates a repo, making them very easy to share. On your other machines, you point them to your own repo instead of the official one. They will all have the custom options and modifications you want, but you compile once on one machine. Poudriere builds every package in a clean environment using jails to help keep things consistent and less complicated when there are issues. I recommend #1 unless you have a compelling reason not to ("oh no, 100MB of disk space is used up by a package I don't use" isn't one). If you really need custom options (because you need something to get work done), then I recommend #3. In any case, pick one and do that. If you want to switch from one approach to another, reinstall all packages using the new approach. As Matthew alluded to, things are being worked on to make options 2 and 3 less necessary for most people, but there is still much work to be done in ports and in pkg, and it will take a while to get it all done right.