Date: Tue, 26 Aug 2014 15:02:06 -0400 From: Michael Jung <mikej@mikej.com> To: Bryan Drewery <bdrewery@freebsd.org> Cc: pkg@freebsd.org, Ports FreeBSD <freebsd-ports@freebsd.org>, owner-freebsd-current@freebsd.org Subject: Re: SAT resolver problem - [CFT] SSP Package Repository available Message-ID: <e1b637b8a7fa4d3d768cc497cf8c688e@mail.mikej.com> In-Reply-To: <53F7A552.5050608@FreeBSD.org> References: <523D79CD.2090302@FreeBSD.org> <53F4CE0E.8040106@FreeBSD.org> <65f72f283578f9e08cb672928bc441e9@mail.mikej.com> <53F7A552.5050608@FreeBSD.org>
next in thread | previous in thread | raw e-mail | index | archive | help
On 2014-08-22 16:17, Bryan Drewery wrote: > On 8/22/2014 1:16 PM, mikej wrote: >> On , Bryan Drewery wrote: >>> On 9/21/2013 5:49 AM, Bryan Drewery wrote: >>>> Ports now support enabling Stack Protector [1] support on FreeBSD 10 >>>> i386 and amd64, and older releases on amd64 only currently. >>>> >>>> Support may be added for earlier i386 releases once all ports >>>> properly >>>> respect LDFLAGS. >>>> >>>> To enable, just add WITH_SSP=yes to your make.conf and rebuild all >>>> ports. >>>> >>>> The default SSP_CLFAGS is -fstack-protector, but >>>> -fstack-protector-all >>>> may optionally be set instead. >>>> >>>> Please help test this on your system. We would like to eventually >>>> enable >>>> this by default, but need to identify any major ports that have >>>> run-time >>>> issues due to it. >>>> >>>> [1] https://en.wikipedia.org/wiki/Buffer_overflow_protection >>>> >>> >>> We have not had any feedback on this yet and want to get it enabled >>> by >>> default for ports and packages. >>> >>> We now have a repository that you can use rather than the default to >>> help test. We need your help to identify any issues before switching >>> the >>> default. >>> >>> This repository is available for: >>> >>> head >>> 10.0 >>> 9.1,9.2,9.3 >>> >>> It is not available for 8.4. If someone is willing to test on 8.4 I >>> will >>> build a repository for it. >>> >>> Place this in /usr/local/etc/pkgs/repos/FreeBSD_ssp.conf: >>> >>> FreeBSD: { enabled: no } >>> FreeBSD_ssp: { >>> url: "pkg+http://pkg.FreeBSD.org/${ABI}/ssp", >>> mirror_type: "srv", >>> signature_type: "fingerprints", >>> fingerprints: "/usr/share/keys/pkg", >>> enabled: yes >>> } >>> >>> Once that is done you should force reinstall packages from this >>> repository: >>> >>> pkg update >>> pkg upgrade -f >>> >>> Thanks for your help! >>> Bryan Drewery >>> On behalf of portmgr. >> >> I have been using this without issue on several machines until today. >> >> root@firewall:/usr/ports # pkg -v >> 1.3.6 >> root@firewall:/usr/ports # >> >> >> Repositories: >> FreeBSD_ssp: { >> url : >> "pkg+http://pkg.FreeBSD.org/freebsd:10:x86:64/ssp", >> enabled : yes, >> mirror_type : "SRV", >> signature_type : "FINGERPRINTS", >> fingerprints : "/usr/share/keys/pkg" >> } >> >> >> root@firewall:/usr/ports # pkg update -f >> Updating repository catalogue >> pkg: http://pkg.FreeBSD.org/freebsd:10:x86:64/ssp/meta.txz: Not Found >> pkg: repository FreeBSD_ssp has no meta file, using default settings >> Fetching digests.txz: 100% of 1 MB >> Fetching packagesite.txz: 100% of 5 MB >> >> Adding new entries: 100% >> Incremental update completed, 23305 packages processed: >> 0 packages updated, 0 removed and 23305 added. >> root@firewall:/usr/ports # pkg install mdnsresponder >> Updating repository catalogue >> pkg: http://pkg.FreeBSD.org/freebsd:10:x86:64/ssp/meta.txz: Not Found >> pkg: repository FreeBSD_ssp has no meta file, using default settings >> FreeBSD_ssp repository is up-to-date >> All repositories are up-to-date >> Checking integrity... done (1 conflicting) >> pkg: Cannot solve problem using SAT solver: >> cannot install package mDNSResponder~net/mDNSResponder, remove it from >> request [Y/n]: y >> Checking integrity... done (0 conflicting) >> The most recent version of packages are already installed >> root@firewall:/usr/ports # uname -a >> FreeBSD firewall 10.0-STABLE FreeBSD 10.0-STABLE #0 r269366M: Fri Aug >> 1 >> 00:35:49 EDT 2014 mikej@firewall:/usr/obj/usr/src/sys/GENERIC >> amd64 >> root@firewall:/usr/ports # date >> Fri Aug 22 14:12:30 EDT 2014 >> root@firewall:/usr/ports # >> >> root@firewall:/usr/ports # pkg info | grep mdns >> root@firewall:/usr/ports # >> >> Regards, >> >> --mikej > > It looks like the (SSP) freebsd:10:x86:64 freebsd:11:x86:32 > repositories > are stale from a month ago. Looking into why. > > Sadly this was not noticed and the instructions effectively will > downgrade packages. These 2 repositories have pkg-1.2 still as well. Bryan, Any update? As you probably expect if I build the port locally with poudriere and install there is no issue. I'm building with WITH_SSP_PORTS=YES in /etc/make.conf Regards, --mikej
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?e1b637b8a7fa4d3d768cc497cf8c688e>