From nobody Tue Jan 21 22:43:09 2025 X-Original-To: freebsd-current@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4Yd2L43b2vz5lj6R for ; Tue, 21 Jan 2025 22:43:24 +0000 (UTC) (envelope-from junchoon@dec.sakura.ne.jp) Received: from www121.sakura.ne.jp (www121.sakura.ne.jp [153.125.133.21]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 4Yd2L15xpsz3D2x for ; Tue, 21 Jan 2025 22:43:20 +0000 (UTC) (envelope-from junchoon@dec.sakura.ne.jp) Authentication-Results: mx1.freebsd.org; dkim=fail ("headers rsa verify failed") header.d=dec.sakura.ne.jp header.s=s2405 header.b="KMLm05d/"; spf=pass (mx1.freebsd.org: domain of junchoon@dec.sakura.ne.jp designates 153.125.133.21 as permitted sender) smtp.mailfrom=junchoon@dec.sakura.ne.jp; dmarc=pass (policy=none) header.from=dec.sakura.ne.jp Received: from kalamity.joker.local (124-18-43-234.area1a.commufa.jp [124.18.43.234]) (authenticated bits=0) by www121.sakura.ne.jp (8.17.1/8.17.1/[SAKURA-WEB]/20201212) with ESMTPA id 50LMh9HC045991; Wed, 22 Jan 2025 07:43:09 +0900 (JST) (envelope-from junchoon@dec.sakura.ne.jp) DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple; d=dec.sakura.ne.jp; s=s2405; t=1737499392; bh=lESQWxPNrn6CdMSnCHNYcWNS6AlZRpLPI9QBQaInRSA=; h=Date:From:To:Cc:Subject:In-Reply-To:References; b=KMLm05d/G2VLKPID0zsVS4e8KfFysHnVcZuzz09baCOjVTsuMvWzXPLPPM0jgVjYA J6RYw1nuc7dBzGN50NLTP59V1KK9VKy3eaJQooXxu7wf3Mn1RfDEsvHFDV/mkpHz4R 1W3ZesFWgSWQR1pV/wwQb1n1ENu7ZoHZMT5nWw2Q= Date: Wed, 22 Jan 2025 07:43:09 +0900 From: Tomoaki AOKI To: Brandon Allbery Cc: Tomek CEDRO , Warner Losh , bob prohaska , Sulev-Madis Silber , freebsd-current@freebsd.org Subject: Re: /usr/src and /usr/ports not git directories ? Message-Id: <20250122074309.9062de69d8403c68a11cd79a@dec.sakura.ne.jp> In-Reply-To: References: Organization: Junchoon corps X-Mailer: Sylpheed 3.7.0 (GTK+ 2.24.33; amd64-portbld-freebsd14.2) List-Id: Discussions about the use of FreeBSD-current List-Archive: https://lists.freebsd.org/archives/freebsd-current List-Help: List-Post: List-Subscribe: List-Unsubscribe: Sender: owner-freebsd-current@FreeBSD.org Mime-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-Spamd-Result: default: False [2.75 / 15.00]; SUSPICIOUS_RECIPS(1.50)[]; SUSPICIOUS_URL_IN_SUSPICIOUS_MESSAGE(1.00)[]; RBL_SENDERSCORE_REPUT_9(-1.00)[153.125.133.21:from]; SUBJECT_ENDS_QUESTION(1.00)[]; NEURAL_HAM_LONG(-1.00)[-1.000]; NEURAL_HAM_SHORT(-1.00)[-1.000]; NEURAL_SPAM_MEDIUM(0.95)[0.946]; URIBL_RED(0.50)[dec.sakura.ne.jp:email,dec.sakura.ne.jp:mid]; MV_CASE(0.50)[]; ONCE_RECEIVED(0.20)[]; MIME_GOOD(-0.10)[text/plain]; HAS_ANON_DOMAIN(0.10)[]; BAD_REP_POLICIES(0.10)[]; DMARC_POLICY_ALLOW(0.00)[dec.sakura.ne.jp,none]; R_DKIM_REJECT(0.00)[dec.sakura.ne.jp:s=s2405]; FREEMAIL_TO(0.00)[gmail.com]; ARC_NA(0.00)[]; TO_DN_SOME(0.00)[]; RCVD_TLS_LAST(0.00)[]; MIME_TRACE(0.00)[0:+]; HAS_ORG_HEADER(0.00)[]; DKIM_TRACE(0.00)[dec.sakura.ne.jp:-]; RCVD_COUNT_ONE(0.00)[1]; RCPT_COUNT_FIVE(0.00)[6]; MLMMJ_DEST(0.00)[freebsd-current@freebsd.org]; TO_MATCH_ENVRCPT_SOME(0.00)[]; FROM_EQ_ENVFROM(0.00)[]; DMARC_POLICY_ALLOW_WITH_FAILURES(0.00)[]; MID_RHS_MATCH_FROM(0.00)[]; R_SPF_ALLOW(0.00)[+ip4:153.125.133.16/28]; TAGGED_RCPT(0.00)[]; ASN(0.00)[asn:7684, ipnet:153.125.128.0/18, country:JP]; RCVD_VIA_SMTP_AUTH(0.00)[]; FROM_HAS_DN(0.00)[] X-Spamd-Bar: ++ X-Rspamd-Queue-Id: 4Yd2L15xpsz3D2x On Tue, 21 Jan 2025 17:11:02 -0500 Brandon Allbery wrote: > I would offer a data point: the first thing I did was install sudo from a > package. The second thing I did was replace it with a build from the ports > package installed with 14.2-RELEASE… which _downgraded_ it. This seems bad > for any security-impacting port. Do you mean that you install sudo from official "latest" repo, then, `make package` in security/sudo with ports tree provided as ports.txz in installation media? If so, it could be latest/quarterly issue. > > On Tue, Jan 21, 2025 at 4:37 PM Tomek CEDRO wrote: > > > On Tue, Jan 21, 2025 at 10:29 PM Warner Losh wrote: > > > (..) > > > I think we should replace the populate /usr/src from a tarball with.... > > populate it > > > with a tarball that represents a 1-deep checkout tree at the rev we > > built the release > > > from. This lets users have the source, has minimal overhead and also > > lets users update > > > or turn the shallow checkout into a deep one, etc. A shallow checkout is > > quite a bit > > > less than a full tree, though still more than just the raw files. I've > > not done poking to > > > see size comparisons. > > > > Still having tarball of src and ports snapshots in the full release > > images is important to have, users could select which one they want to > > use, that seems best solution :-) > > > > -- > > CeDeROM, SQ7MHZ, http://www.tomek.cedro.info > > > > > > -- > brandon s allbery kf8nh > allbery.b@gmail.com -- Tomoaki AOKI