Date: Fri, 2 Oct 2015 22:42:24 +0300 From: Kimmo Paasiala <kpaasial@gmail.com> To: Dirk Engling <erdgeist@erdgeist.org> Cc: freebsd-ports <freebsd-ports@freebsd.org> Subject: Re: change ports default work directory prefix Message-ID: <CA%2B7WWSfdgESwSLNrXYPgJ5gKoBqAQWd77b4M8cmjCYqg5KJdpw@mail.gmail.com> In-Reply-To: <560ED943.4060106@erdgeist.org> References: <560ED943.4060106@erdgeist.org>
next in thread | previous in thread | raw e-mail | index | archive | help
On Fri, Oct 2, 2015 at 10:21 PM, Dirk Engling <erdgeist@erdgeist.org> wrote: > Today in EuroBSDCon's jail working group we discussed changing the > default for WRKDIRPREFIX to /usr/obj/ports. This has the advantage of > being able to share the ports tree between host system and jails. > Another plus is that cleaning all work directories is much faster than a > recursive make clean. > > With the current default, exposing the ports tree to jails potentially > leaks information about installed programs, configured options or host > specific generated secrets (thinking of LocalSettings.php). > > On the down side, developers can't by default just copy the port, hack > away and be sure to only modify files in their respective home directories. > > bapt@ asked me to discuss this here, also looking for potential other > pitfalls I have not thought about. > > Regards, > > erdgeist What about DISTDIR (/usr/ports/distfiles) and PACKAGES (/usr/ports/packages)? Those are now kinda stuck under /usr/ports as well forcing the ports tree to be read-write unless overridden to some other directories. For the distfiles I've used /var/cache/distfiles and I think that would follow hier(7) nicely if it was changed that way. -Kimmo
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?CA%2B7WWSfdgESwSLNrXYPgJ5gKoBqAQWd77b4M8cmjCYqg5KJdpw>