From nobody Tue Jan 21 22:48:11 2025 X-Original-To: freebsd-current@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4Yd2Rt4nxwz5lj32 for ; Tue, 21 Jan 2025 22:48:26 +0000 (UTC) (envelope-from allbery.b@gmail.com) Received: from mail-ej1-x635.google.com (mail-ej1-x635.google.com [IPv6:2a00:1450:4864:20::635]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (2048 bits) client-digest SHA256) (Client CN "smtp.gmail.com", Issuer "WR4" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4Yd2Rt2cvGz3F68 for ; Tue, 21 Jan 2025 22:48:26 +0000 (UTC) (envelope-from allbery.b@gmail.com) Authentication-Results: mx1.freebsd.org; none Received: by mail-ej1-x635.google.com with SMTP id a640c23a62f3a-ab39f84cbf1so766169766b.3 for ; Tue, 21 Jan 2025 14:48:26 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1737499704; x=1738104504; darn=freebsd.org; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:from:to:cc:subject:date:message-id:reply-to; bh=cKyz5r0Uy8x9WwPFG+tq0rNc7DjoqLAb6hBP5AaBDF0=; b=co/nuOn7rMDBhlOzOOsaqYgKT65s2PG3xg2TZj1bYbShGAG5fiiN0nuVVxezKwqjvu 8GrYXq9eMbLnqkHLf6sbypmde5biksr2FoUWJM6PfA/w3x2Ytvhw+OUUacxLls6k/JFh oTR0oS4e3CZD/LCXF08VMiYJ69/te0RMlhtGRVzXJ2orxI9g2PIXZJsokf8UXhKA0f4+ Q1gnHa1q8Qre3+4g7MPZuSy2hIMveHYr815zBP7c2E3zPCj4v/mlytwghwUM6U32aU5O t3KXuOkfDwHILbojLbaKmudNY6fnm9sKuuCZK6fXHKJteqWaXqcWYUt1hhhskiGCAjKN /Adg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1737499704; x=1738104504; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:x-gm-message-state:from:to:cc:subject:date:message-id :reply-to; bh=cKyz5r0Uy8x9WwPFG+tq0rNc7DjoqLAb6hBP5AaBDF0=; b=fTGd5A+581HsRIP8yTilDRKNOP0YnPcbFo1pvrfqcK6YDfJ2UDwuA1dJ1fsuvUJ3Wr NMZiQmhlSNgy963MGexHFQxVznJL601vz+qCuHjc2rMrHT+9q+q7nkEP6VqvEM7RBjPq Mcbi6Lm8UazNGAL5lAX/58u5phRPM0h+TNWUzwfzwcNwPTLwKrQw+wIQwFGJj/wDn2wN IWvdI4h3VMXCwfYkLQuS1G3d0QLt63Wsj6YKIoQt2/wrMYcuMjcmiGNAxG6hsUbmGXRU d1/ht1Fcl/rwM6rpoJ4o7fNWgnCyDF39O4FFVTlUBrZXgWz4PkPG0TuBwxoUjUGmWqtr RdAA== X-Forwarded-Encrypted: i=1; AJvYcCVRAp3zLcRctErOahQdyHWfZ329yIK/WGi9FnSE+tixjgyULW5fqZnmU9hcDXyV9bfk9gSjSEW8sGLu2igiENI=@freebsd.org X-Gm-Message-State: AOJu0YxerOFWi84IbhhZ3MFqjN5+5db02KoJi1DfMi0JLoZEQrUEkoR4 TKjPEBeqRvM1eFRq/04P+ZR5g9LA4W70HMnzwf1qgwk6FJuxap6RtfJVAqM9TZQxiRKycsSanXP e5EtV2TUHEp8UzVJCbQfgP/RB8n4= X-Gm-Gg: ASbGncu2900YkvdH8gp3In2eyOBG03TcBQwBRb10XH+t2TeB0mV/aTEtC8XYDqnZDOF 1lj4mxTHFVvI+OMew0/jAqA73SzR6153xoiYk5H2++G8vQvML/f4= X-Google-Smtp-Source: AGHT+IH/2NI3xSMPJ35zU32L9kiYTr6cHiNDhOGKA8OUGpvKSn8L/up5H4X7XphTfNpIJKl8dDYmqNb/1FppWBaloVQ= X-Received: by 2002:a17:907:3f95:b0:aac:1b56:324a with SMTP id a640c23a62f3a-ab38b161425mr1737843666b.26.1737499703788; Tue, 21 Jan 2025 14:48:23 -0800 (PST) List-Id: Discussions about the use of FreeBSD-current List-Archive: https://lists.freebsd.org/archives/freebsd-current List-Help: List-Post: List-Subscribe: List-Unsubscribe: Sender: owner-freebsd-current@FreeBSD.org MIME-Version: 1.0 References: <20250122074309.9062de69d8403c68a11cd79a@dec.sakura.ne.jp> In-Reply-To: <20250122074309.9062de69d8403c68a11cd79a@dec.sakura.ne.jp> From: Brandon Allbery Date: Tue, 21 Jan 2025 17:48:11 -0500 X-Gm-Features: AbW1kvY02y-0Ap5-npNpGv6nVdVkPwsbuueghmxsriExQtCD0lJtQf1Xtx-7JwA Message-ID: Subject: Re: /usr/src and /usr/ports not git directories ? To: Tomoaki AOKI Cc: Tomek CEDRO , Warner Losh , bob prohaska , Sulev-Madis Silber , freebsd-current@freebsd.org Content-Type: multipart/alternative; boundary="000000000000a44e7e062c3f2c3a" X-Rspamd-Queue-Id: 4Yd2Rt2cvGz3F68 X-Spamd-Bar: ---- X-Rspamd-Pre-Result: action=no action; module=replies; Message is reply to one we originated X-Spamd-Result: default: False [-4.00 / 15.00]; REPLY(-4.00)[]; ASN(0.00)[asn:15169, ipnet:2a00:1450::/32, country:US]; TAGGED_FROM(0.00)[] --000000000000a44e7e062c3f2c3a Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable Yes, the pkg was 1.9.16p2, the build from ports.tgz was 1.9.16p1. (The one from ports HEAD as of a few days ago was 1.9.16p2_1, FWIW.) I'm still getting used to the little changes since the last time I ran FreeBSD (back around 5-CURRENT). On Tue, Jan 21, 2025 at 5:43=E2=80=AFPM Tomoaki AOKI wrote: > On Tue, 21 Jan 2025 17:11:02 -0500 > Brandon Allbery wrote: > > > I would offer a data point: the first thing I did was install sudo from= a > > package. The second thing I did was replace it with a build from the > ports > > package installed with 14.2-RELEASE=E2=80=A6 which _downgraded_ it. Thi= s seems > bad > > for any security-impacting port. > > Do you mean that you install sudo from official "latest" repo, then, > `make package` in security/sudo with ports tree provided as ports.txz > in installation media? > > If so, it could be latest/quarterly issue. > > > > > > On Tue, Jan 21, 2025 at 4:37=E2=80=AFPM Tomek CEDRO = wrote: > > > > > On Tue, Jan 21, 2025 at 10:29=E2=80=AFPM Warner Losh wrote: > > > > (..) > > > > I think we should replace the populate /usr/src from a tarball > with.... > > > populate it > > > > with a tarball that represents a 1-deep checkout tree at the rev we > > > built the release > > > > from. This lets users have the source, has minimal overhead and als= o > > > lets users update > > > > or turn the shallow checkout into a deep one, etc. A shallow > checkout is > > > quite a bit > > > > less than a full tree, though still more than just the raw files. > I've > > > not done poking to > > > > see size comparisons. > > > > > > Still having tarball of src and ports snapshots in the full release > > > images is important to have, users could select which one they want t= o > > > use, that seems best solution :-) > > > > > > -- > > > CeDeROM, SQ7MHZ, http://www.tomek.cedro.info > > > > > > > > > > -- > > brandon s allbery kf8nh > > allbery.b@gmail.com > > > -- > Tomoaki AOKI > --=20 brandon s allbery kf8nh allbery.b@gmail.com --000000000000a44e7e062c3f2c3a Content-Type: text/html; charset="UTF-8" Content-Transfer-Encoding: quoted-printable
Yes, the pkg was 1.9.16p2, the build from ports.tgz was 1.= 9.16p1. (The one from ports HEAD as of a few days ago was 1.9.16p2_1, FWIW.= ) I'm still getting used to the little changes since the last time I ra= n FreeBSD (back around 5-CURRENT).

On Tue, Jan 21, 202= 5 at 5:43=E2=80=AFPM Tomoaki AOKI <junchoon@dec.sakura.ne.jp> wrote:
On Tue, 21 Jan 2025 17:11:02 -0500
Brandon Allbery <allbery.b@gmail.com> wrote:

> I would offer a data point: the first thing I did was install sudo fro= m a
> package. The second thing I did was replace it with a build from the p= orts
> package installed with 14.2-RELEASE=E2=80=A6 which _downgraded_ it. Th= is seems bad
> for any security-impacting port.

Do you mean that you install sudo from official "latest" repo, th= en,
`make package` in security/sudo with ports tree provided as ports.txz
in installation media?

If so, it could be latest/quarterly issue.


>
> On Tue, Jan 21, 2025 at 4:37=E2=80=AFPM Tomek CEDRO <tomek@cedro.info> wrote:
>
> > On Tue, Jan 21, 2025 at 10:29=E2=80=AFPM Warner Losh wrote:
> > > (..)
> > > I think we should replace the populate /usr/src from a tarba= ll with....
> > populate it
> > > with a tarball that represents a 1-deep checkout tree at the= rev we
> > built the release
> > > from. This lets users have the source, has minimal overhead = and also
> > lets users update
> > > or turn the shallow checkout into a deep one, etc. A shallow= checkout is
> > quite a bit
> > > less than a full tree, though still more than just the raw f= iles. I've
> > not done poking to
> > > see size comparisons.
> >
> > Still having tarball of src and ports snapshots in the full relea= se
> > images is important to have, users could select which one they wa= nt to
> > use, that seems best solution :-)
> >
> > --
> > CeDeROM, SQ7MHZ, http://www.tomek.cedro.info
> >
> >
>
> --
> brandon s allbery kf8nh
> allbery.b@gma= il.com


--
Tomoaki AOKI=C2=A0 =C2=A0 <junchoon@dec.sakura.ne.jp>


--
brandon s allbery kf8= nh
--000000000000a44e7e062c3f2c3a--