Date: Mon, 08 Apr 2013 19:22:44 +0200 From: Florent Peterschmitt <florent@peterschmitt.fr> To: Daniel Nebdal <dnebdal@gmail.com> Cc: FreeBSD Mailing List <freebsd-ports@freebsd.org> Subject: Re: Growing list of required(ish) ports Message-ID: <1365441764.4112.1.camel@localhost> In-Reply-To: <CA%2Bt49PLz4-kg-=umrPm5Aad6Wjj=Ud=n=js39EJ-dEzJ60MmrQ@mail.gmail.com> References: <CA%2BQLa9Af3CC=FKMkrnmSL_-frW7ZvCQJ3=q7xkHUz5-3YyE3fQ@mail.gmail.com> <51622F44.3050604@FreeBSD.org> <CA%2BQLa9C5pfcRWrLXEiKzZEvVYd5W=wbN9i5wjtp=m92Fn8oq5w@mail.gmail.com> <CA%2B7WWSfwGBfXRcmc0UJ2ebguq5%2B-pYY82eopicpPcgeKxUCj3A@mail.gmail.com> <CAN6yY1ttmkiV_ns1qfhjd8ROiZ8WfUfmaj%2Ba1N6Ezapj3-QNcw@mail.gmail.com> <CAOjFWZ6EMjsBLHde-x7ZAx1qPmCB%2BvOSyCt-WWkmxtYfJsCJQw@mail.gmail.com> <CA%2Bt49PLz4-kg-=umrPm5Aad6Wjj=Ud=n=js39EJ-dEzJ60MmrQ@mail.gmail.com>
next in thread | previous in thread | raw e-mail | index | archive | help
--=-9eUIF36T6vEyqOp8ipFn Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable Le lundi 08 avril 2013 =C3=A0 17:40 +0200, Daniel Nebdal a =C3=A9crit : > On Mon, Apr 8, 2013 at 5:26 PM, Freddie Cash <fjwcash@gmail.com> wrote: > > Note: I may have messed up the quoting/attribution by snipping things. > > > > On Sun, Apr 7, 2013 at 10:11 PM, Kevin Oberman <rkoberman@gmail.com> wr= ote: > > > >> On Sun, Apr 7, 2013 at 8:34 PM, Kimmo Paasiala <kpaasial@gmail.com> wr= ote: > >> > >> > > On the other hand, there are a number of things that I think shoul= d be > >> > > pulled out of base. Some already have ports, and others would nee= d > >> > > ports created. Examples of things to pull out of base are OpenSSL= , > >> > > Heimdal, OpenSSH, PF, ntpd, ipfilter, bind, sendmail, and others. > >> > > Code that is typically way behind the upstream project basically. > >> > > > >> > > >> > I think Bryan already explained the reasons why pkg should not be in > >> > base, it's an external tool that is not strictly required to get a b= are > >> > bones FreeBSD system up and running. Including it in base you create > >> > yet another maintainance burden and would slow down the development = of > >> > the ports/packages management tools. > >> > >> What people seem to miss is that putting tools into the base system > >> strangles the tools. Look at the difficulty we have seen in updating > >> openssl. perl was removed from base for exactly that reason. Once some= thing > >> is in base, it usually can only be updated on major releases and even= then > >> it can be very complicated. That is a problem for any dynamically chan= ging > >> tool. > >> > >> I would love to see BIND removed from base, but most of the things yo= u > >> listed really are hard to remove. I know that I don't want to try brin= ging > >> up a new install of FreeBSD on a remote system without OpenSSH and tha= t > >> pulls in openssl. In the case of many tools, it really turns into a > >> bikeshed. But i can see no reason to add any of the new packaging tool= s > >> simply because it is critical that updates be possible far more often= than > >> is possible for the base system. > >> > >> Moving OpenSSH, OpenSSL, etc into the ports tree, but making the pkgs > > available on the installation media, and having a final hook at the end= to > > install "required" pkgs, would solve that. There's already a "do you w= ant > > to enable OpenSSH daemon" question in the installed, so adding "pkg add > > /path/to/openssh-x.y.z.txz" wouldn't be hard. > > > > Same for bind, sendmail, kerberos, etc. For instance, just add a "daem= on > > selection screen" for each bit removed from base, to select which ones = you > > want installed as part of the OS install. > > > > The hard part comes in finding stub/clients for each item moved to a pk= g, > > such that a desktop-oriented install is not hampered (ie, SSH client is > > usable, DNS lookups can be done, local mail can be generated/delivered, > > etc). > > > > The really hard part is coming up with a migration path for those who > > upgrade via source builds. > > -- > > Freddie Cash > > fjwcash@gmail.com >=20 >=20 > There's also the issue that OpenSSH is used for remote administration > - being able to do destructive things with pkg without worrying about > continued SSH-access is rather relaxing. With danger of entering > bikeshed territory, it's one of the things that makes FreeBSD more > relaxing than the Linuxes: You can blast every installed package and > still be fine - and a working sshd is a part of "fine" for me, since > it's kind of a requirement for doing anything else. >=20 > Admittedly, my personal worst-case scenario is "drag a monitor and > keyboard to the other side of the room", so I will probably survive > either way. :) >=20 > -- > Daniel Nebdal Yep, OpenSSH is tiny enought to keep it in base system. It would be a big loss not to have it by default, securely installed in the base system. > _______________________________________________ > freebsd-ports@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-ports > To unsubscribe, send any mail to "freebsd-ports-unsubscribe@freebsd.org" --=20 Florent Peterschmitt +33 (0)6 64 33 97 92 florent@peterschmitt.fr --=-9eUIF36T6vEyqOp8ipFn Content-Type: application/pgp-signature; name="signature.asc" Content-Description: This is a digitally signed message part Content-Transfer-Encoding: 7bit -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.19 (GNU/Linux) iQEcBAABAgAGBQJRYvzpAAoJEMtO2Sol0IImvzwH/Amrou3KAQjLbfa1Y7Hm/Nyp mTr35UmhTvZWZxCvXYndT85gzr3iENEWT91Qqc0I4jud+6r9TYm0ztl6C1acHU1R JHWxmsvaha7QGJmQRgpphLVYCyDGCaLkWLipSiVqHWWa/z6jwTES+/pQUFHAYYq2 7G+N0MNhaI0gKtxycqZvqffvDumanW6rkZ2EkRg1MUvlw48QonvEf3awmwH1uxbn rCgRPg4RiSYBulu2rH6brtIMNoOghk68qZPNosAbPE7OwtyV3mUETQbrgEc7K8C5 7XF3QIo4ulOhXzBrr64JLE8PEPRAG1GezW2fS9KiKAGALTaQRGEtqLlm9ZtskdY= =kxW0 -----END PGP SIGNATURE----- --=-9eUIF36T6vEyqOp8ipFn--
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?1365441764.4112.1.camel>