Date: Fri, 01 Jul 2016 14:38:26 +0200 From: Michelle Sullivan <michelle@sorbs.net> To: Miroslav Lachman <000.fbsd@quip.cz>, ports@freebsd.org Subject: Re: Remove options from poudriere option files for ports which were removed in the port Message-ID: <57766442.40207@sorbs.net> In-Reply-To: <57764A3C.5000609@quip.cz> References: <71272a33-1a98-47a1-394d-725def6282a5@fechner.net> <57764A3C.5000609@quip.cz>
next in thread | previous in thread | raw e-mail | index | archive | help
Miroslav Lachman wrote: > > > I don't think it's worth the effort. The old no longer existent > options stored in the options files are harmless and simply unused by > the ports Makefile. The options files are not intended to be user > editable / viewable. The old options will be removed when some changes > will be saved. Most of the time you are correct... however there is a gotcha.. Select a non default option, maintainer renames the option, suddenly subsequent packages are build without the option.. Not so much of a problem until you're talking about something like OpenSSL from Ports and OpenLDAP client and GSSAPI in some mix and match and one option suddently changes and some other dependent port is fundamentally changed where a security issue occurs and the new package is installed without the poor b******d looking after the machine realising that on reboot, apache is going to break, sudo is going to bread, access to postgresql is going to break etc etc etc... (I'm quoting some random sh*te mixed with experience here - as don't remember the exact details but I got caught - fortunately in my dev environment rather than prod, but you can be certain some will just deploy and get nailed... remote access only via SSH and no SU on non console etc..) > > And I am not sure that this is a problem of poudriere. I think it's > rather issue in ports options framework. Isn't it? Correct (but also poudriere wouln't get the change either.) -- Michelle Sullivan http://www.mhix.org/
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?57766442.40207>