Date: Mon, 20 Feb 2006 05:00:16 -0500 From: Kris Kennaway <kris@obsecurity.org> To: Marius Strobl <marius@alchemy.franken.de> Cc: cvs-ports@FreeBSD.org, ports-committers@FreeBSD.org, cvs-all@FreeBSD.org, Kris Kennaway <kris@obsecurity.org> Subject: Re: cvs commit: ports/security/ssh2 Makefile pkg-message pkg-plist ports/security/ssh2/files patch-apps::ssh::Makefile.in patch-apps::ssh::sshd2_config patch-apps::ssh::sshfilecopy.c patch-startup::solaris::sshd2 sshd2.sh.in Message-ID: <20060220100016.GA89292@xor.obsecurity.org> In-Reply-To: <20060220103842.D53619@newtrinity.zeist.de> References: <200602192256.k1JMuZMU011544@repoman.freebsd.org> <20060219231051.GA70104@xor.obsecurity.org> <20060220093915.C53619@newtrinity.zeist.de> <20060220085816.GA88075@xor.obsecurity.org> <20060220103842.D53619@newtrinity.zeist.de>
next in thread | previous in thread | raw e-mail | index | archive | help
--h31gzZEtNLTqOjlF Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On Mon, Feb 20, 2006 at 10:38:42AM +0100, Marius Strobl wrote: > > > Yes, the package builders should no longer report left over files > > > as a side-effect. But is a port really required to clean up such > > > files, i.e. files like modified config files, certificates, etc > > > that in a real installation aren't removed on deinstall but the > > > user is informed to remove manually, in the package building > > > environment? > >=20 > > Yes :) The less manual work for the user the better, so when the files > > are unchanged from the "default" versions they should be removed > > automatically. > >=20 >=20 > Well, that's what the ssh2 port did and does as far as possible, > i.e. for the config files. But generally if there's any host > specific file which is automatically created during install of > the port (host key, certificate, config file with ip address, ...), > i.e. files were there's nothing like a "default" version and > which you also don't want to re-generate with every update of > an already installed port, do these really need to be wrapped > in #ifndef PACKAGE_BUILDING, moved to the startup script, etc or > can the warnings from the package builders just be ignored? Just as with your fix here, host-specific stuff needs to be done at package install time on the host; otherwise, it will either be omitted altogether from the package and the users left scratching their head wondering how to recreate it by hand after package install, or the version from the machine that built the package will be packaged and incorrectly used on the user's machine. Kris --h31gzZEtNLTqOjlF Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.2 (FreeBSD) iD8DBQFD+ZMwWry0BWjoQKURAhtaAJ9M6UVvr21o3Ng5r0MozdbSm4ZI5wCffGHn xEwj3zGGyAKlI+UPRz3zJmA= =n5Et -----END PGP SIGNATURE----- --h31gzZEtNLTqOjlF--
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20060220100016.GA89292>