Date: Thu, 8 Dec 2016 13:28:02 +0100 From: Baptiste Daroussin <bapt@FreeBSD.org> To: Daniil Berendeev <pipfstarrd@openmailbox.org> Cc: freebsd-ports@FreeBSD.org Subject: Re: The ports collection has some serious issues Message-ID: <20161208122802.5d6dy7hjkkusms7h@ivaldir.etoilebsd.net> In-Reply-To: <c5bc24cc-5293-252b-ddbc-1e94a17ca3a8@openmailbox.org> References: <c5bc24cc-5293-252b-ddbc-1e94a17ca3a8@openmailbox.org>
next in thread | previous in thread | raw e-mail | index | archive | help
--zv7bc7ptzlaohqi2 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On Thu, Dec 08, 2016 at 05:16:24AM +0000, Daniil Berendeev wrote: > Hello guys! >=20 > First of all, it's not a hate mail, I appreciate all the work done on > the system and I enjoy using FreeBSD every day. >=20 > But after some recent experience I'd like to point out some problems > that make using the ports collection uncomfortable and painful. >=20 > Some overview before we start: > * Why I use ports over pkg? > Because, generally, packages are built with poor default options, for > example moc isn't able to play .alac/.mod and that's frustrating. Lot's of work has been done over the last years improve the default options= for general pupose cases. Have you open an issue about that one? >=20 > * Why pkg is still nice? > It is able to update packages with broken ABI, it's fast and easy to > use. Some packages/ports don't have options and can be used via pkg by a > ports user. >=20 > I want to contribute to FreeBSD development, so, long story short, I've > decided to move to -CURRENT. Everything went fine except the ports upgrad= e. >=20 > Is it possible to upgrade the ports by hand? Well, it is, but it is not > too comfortable. Ports collection by itself doesn't provide a nice way > to work with port management, so a user needs to use something for port > management. As the handbook advised, I picked portmaster. >=20 > And here begin the problems. >=20 > 1) portmaster is not nice for the user. > If it comes over an error even in one little tiny port that is a > dependency for something bigger , it will abort its work and leave all > the other ports not updated. So, if you try to to do `portmaster -af`, > you should not forget `-m DISABLE_VULNERABILITIES=3Dyes` (we will return > to this one later) and you must pray to God for not coming around a > circular dependency or some port that would fail to deinstall its older > version. You can't leave portmaster for a night to update all the needed > ports and deal with broken ones in the morning, you need to cherry pick > the broken ports and ignore them, and then try to deal with them. >=20 > Although portmaster is not releated to the FreeBSD project and is an > outside tool, there aren't any alternatives from the project itself. So > use it or die. Not a nice situation. >=20 > 2) pkg and ports are not in sync. > pkg appeals to build ports that are from 2xxxQx branches. The promoted > tool for syncing ports (portsnap) always fetches from head. And there is > no way to choose. That gives us the next problem: >=20 > 3) no integration between ports and packages > There is no clear, easy way to use ports and packages simultaneously. If > I'd like to use some built packages to speed up port updates, I have to > ignore by hand all the packages that I want to be built as ports. It's > easier to stick to only ports or only packages. >=20 > 4) uncomfortable way of rollback > If I want to rollback, or just choose the branch from where the packages > are built (to stay in sync with pkg), I have to pull the whole svn > repository. >=20 > 5) svn repository. > I don't want to spark a holy war and I don't belong to those type of > people who are always obsessed that something isn't done in their way. > But guys, svn is not a good tool for ports. Just for one reason, > actually (as for me, I could tolerate anything else, but not this one) > -- size. The size of repository is 20G+ and growing. I don't want to > pull 20G+ in /usr/ports just because I need to use ports. It's just > sick. The repository is so big because, as all ya know, svn is expensive > in branch operations. Since you've began to do those 2xxxQx branches the > size of the repository began to grow rapidly. It's inefficient and > uncomfortable. For such a work something like git or mercurial should be > used, they'd fit in 3-4G. >=20 > 6) broken ports are pushed to head > Why do we have such a situation, when head contains a handful of broken > ports? Why commit a port that won't build? It's sick. > Ports are broken in a different way. Some fail to build. Some fail to > uninstall their older version (like rust), so that you need to do > `pkg remove -f portname; portmaster portname`. Some have a circular > dependency (d-bus) and will try build until the heat death of the > universe. I just don't get it, why broken ports are pushed to head, if > head is then used by portsnap to update /usr/ports? You leave tons of > users with a broken setup. And there is always a bunch of ports that > won't build. It's not just one, or two, it's a handful of ports. > pkg-fallout@FreeBSD.org is overwhelmed with build fails. >=20 > 7) No way to update ports with broken ABI. > I need to run `pkg update` and then pick the broken ports by hand. Or do > `portmaster -af`. >=20 > 8) ports with vulnerabilities. > They exist in the tree and on build attempt they shout that they won't > build without DISABLE_VULNERABILITIES=3Dyes. The catch is that there is > always a bunch of ports with vulnerabilities. So if you are doing a > fresh install, you have to install those nasty vulnerable ports anyways. > It causes you to do extra moves and doesn't add no security or safety. > There is no way to pick the latest safe version. >=20 > I hope that my mail will produce a productive discussion that will lead > to some good decisions for fixing these problems. >=20 Have you considered using things like poudriere that would allow you to bui= ld your own repository with your own set of packages and options. You will benefit: - ability to use pkg for your upgrades - ability to use customize your packages - safe rebuild process (in case of broken ABI) Best regards, Bapt --zv7bc7ptzlaohqi2 Content-Type: application/pgp-signature; name="signature.asc" -----BEGIN PGP SIGNATURE----- iQIzBAABCAAdFiEEgOTj3suS2urGXVU3Y4mL3PG3PloFAlhJUc8ACgkQY4mL3PG3 Plrhew//d53TApVjA6BXt8UCkUJsfcwGg97oB44RtX7FVbPyYW4TzsIQtJ7PzIdz lO3FwCJn5zN1c31ITgCjB8hxTmrTH1O1JcDpCIQQfd12KB7SOEPkxA14GL2LkUcJ AGZ3cdV/g4mWopwt6MOa8gWOW0AkbRmJ2sEtTqcSWrWOYelaafpU3ZCCZt4oucdd 4tWIpsDqL/Wu1CP2FlQwkwdCLKhjS3p9q64h9StrbreO1A2BTc00fNLjEZ/9shmR nr5Yiiv/lLzJiI18zTy8BHHw39nQRZc7QgPZhy4tS0EQ/Q3zwMRhwmhHW5Qa4lAx SRW3MW+R44gf5WOEGuv6EAxmdaFtUZF2tuVsgSuQHrhCPKdpmnPbtTJcK9fJpdEW vQGEc7rk3Qk/bGPRNoSVcgduy9QZJjVfEEPYTXczYM3DNdMyrtkXYVMHuq6C0iaB g7A9B1lu1T6GDSfhluK4+rH8W6iP0vtEzFQfx9be16wtMbR+GlqAIG3JHGLpnsop niTHt0CKNWFkfPDLg/Xgz7lpXBWDmP+ZI10y5rsrCleehx2ag70941pJ5Wk5QiMw OR2regMmV1gDF7ZPmN/yFEDv5hoSMHGyU5ScWV/ubEtcbV1rEPILMtPbNLZOOCgz O3NzL0qRZv40MjahE4ctYoR6VcaJjEyTfWu0t/eEe6178MuU/oo= =9Z8O -----END PGP SIGNATURE----- --zv7bc7ptzlaohqi2--
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20161208122802.5d6dy7hjkkusms7h>