From owner-freebsd-ports@FreeBSD.ORG Thu Apr 12 18:19:40 2012 Return-Path: Delivered-To: freebsd-ports@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id C0EFB1065670 for ; Thu, 12 Apr 2012 18:19:40 +0000 (UTC) (envelope-from freebsd@heesakkers.info) Received: from server4.ohos.nl (server4.ohos.nl [IPv6:2a00:d880:0:6::c951:214d]) by mx1.freebsd.org (Postfix) with ESMTP id 5D5928FC0A for ; Thu, 12 Apr 2012 18:19:40 +0000 (UTC) Received: from [78.40.193.205] (helo=huis.heesakkers.info) by server4.ohos.nl with esmtpsa (TLSv1:AES256-SHA:256) (Exim 4.77) (envelope-from ) id 1SIOcL-000JkD-OS for freebsd-ports@freebsd.org; Thu, 12 Apr 2012 20:19:39 +0200 MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8; format=flowed Content-Transfer-Encoding: 7bit Date: Thu, 12 Apr 2012 20:19:38 +0200 From: Oliver Heesakkers To: In-Reply-To: References: Message-ID: <5479d7fdf8836152540bfe9fbfa42c3b@huis.heesakkers.info> X-Sender: freebsd@heesakkers.info User-Agent: Roundcube Webmail/0.8-beta Subject: Re: security/openssl so bump w/o mention in UPDATING X-BeenThere: freebsd-ports@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Porting software to FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 12 Apr 2012 18:19:40 -0000 Kevin Oberman schreef op 12.04.2012 18:13: > On Thu, Apr 12, 2012 at 4:23 AM, Oliver Heesakkers > wrote: >> security/openssl was brought up to 1.0.1 recently which includes >> bumping >> OPENSSL_SHLIBVER from 7 to 8. >> >> Which means, that in order not to break surprisingly many ports on >> my >> desktop >> I have to "portmaster -r" this port. >> >> "portmaster -w" might have also done the trick and I'll leave >> mentions of >> other ports-mgmt tools to whomever who will commit this to UPDATING >> as I >> believe should happen. > > Sorry to sound like a broken record, but using 'portmaster -r' for > this is using a .50 cal. machine gun to kill a fly. Serious > over-kill! > > Install sysutils/bsdadminscripts, update the port (with -w if you > want) and use 'pkg_libchk -o'. It will l list just the ports that > actually link to the library in question. Then just re-install these > ports. The number of ports needing re-installation will often drop > from hundreds to a dozen or so. Not many things depend directly on > openssl, but those ports' libraries are linked to a great many more. > > Just '-w' is of limited value if you update ports (and it appears > that > you do) as you will start getting rtld errors when an executable > links > to two shareables, one of which is linked to the old version and one > to the new. For something like openssl, this will happen a lot and > getting rid of references to the old openssl shareable is the only > way > to fix it. > > Because a fer ports do their own linking to shareables (java comes to > mind), pkg_chklib will generate a few false positives. If you pipe > the > output to a grep for the shareable in question, you can avoid > updating > ports that don't need it. > > As pkg_libchk is just a shell script and one that can be a huge > time-saver, I think I may start pushing to either be integrated into > portmaster (I doubt Doug will go for that and I probably wouldn't, > either) or made a standard tool for the system. Yes, you're quite right. I'll rephrase: IMHO *something* should be said in UPDATING, what exactly is up to maintainer / committer(s).