From nobody Wed Jan 22 21:59:13 2025 X-Original-To: ports-bugs@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4YddJf2HQQz5l7J4 for ; Wed, 22 Jan 2025 21:59:14 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R11" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4YddJf1Fvxz3TfK for ; Wed, 22 Jan 2025 21:59:14 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1737583154; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=YuWmamky8iQybMHG2O+GmYGm+hkYGf+zZ09mZ5/xS0g=; b=IkiR2zg80+AXm4M0iafqzR2rV7w4WMB9ObKEgeUcp+Ejfe9kN+f2KfajStMSEGhI9Pz1rQ 0YTzvA/o95LUHrUUH1wBHqRC5ApwIlUpBy+4SsKlT56qOR9LfEOtCunoVb7L9f43LThR1u dC9omyHA4pzpZgIZ6f/l+j7qdR/JwNUEDVuVhAQ0+KH6ugbl5Tls+YWjzCkz8sMzJj5oPf rX5MrhRJUkqJ3vqFwq5iq2DTYo5XyiWJW7OjVmVGEM+G5TVf3ZrF3xVa7hca4vDbh/4lMC 2e11TP6K7GWEmSbdjg+fotKOo1QPQIKETM3cXuTASD6zNnas3rkbMH+0V1aWLA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1737583154; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=YuWmamky8iQybMHG2O+GmYGm+hkYGf+zZ09mZ5/xS0g=; b=WOVslWE0NmgMidEA/peyZWfsElu51iUdr6zNx4PbsuVJ/0OsHQ+6SpzaKg0lfRHK15GQG2 p/W1kwXQAt2woxemw1sQPypNqoPkS/qaqWcEG9r490rHuxaPKVlTCs55MbALHvBkuw2tL6 THXE3b7IizM62lkSfqIbwTe107+hfW15R8B+yi5umwEGD+DIop4Nh87rrlMJvRK1hmOiXj SMfpxOA5oMy3zkX1AKo1Uz3nFTNk3e0DIr2ksGGb2lvbZx5RMPnzFG1FD2CnN9rRw1JY0S jrATYPxDHlfAuowkng84pKcx/B0bVrqlASkd0FUs/e2Oizo3tjhZvVFE6yrrVg== ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1737583154; a=rsa-sha256; cv=none; b=VyCcvOmJDiQ626vQDPbT1EFxQ0L30Q7kFmwDWlWVD0J/cvmX8cB4/R6d2dUq65YdkgtJve 2/vjdovflFSu0GOdlK6IkF2OcsVBfSeluWU26iCeARRJuBuUyxWl6w5qqrMCWo2pHOpqJp O47wsS5JZRwyN8yPBYUYWjyyFeldVsp8uBYza3MGQU4QIxZ1BOCrUYj5ptlCtUdngQP7IJ uX71D8U+TdP++FKd+KVhVjn0tViuWjz0/oSPp+x75epwu5Lwdx4WMtV7n2NM3XcsT7PFnL L39WHOSJ1Gvwm8QzfbXnc+mxzQIDFHv0lP1WUUPGNXbfLEtXVj9ygat9VG6Fjw== ARC-Authentication-Results: i=1; mx1.freebsd.org; none Received: from kenobi.freebsd.org (kenobi.freebsd.org [IPv6:2610:1c1:1:606c::50:1d]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 4YddJf0Yjzz195Y for ; Wed, 22 Jan 2025 21:59:14 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from kenobi.freebsd.org ([127.0.1.5]) by kenobi.freebsd.org (8.15.2/8.15.2) with ESMTP id 50MLxD3L088412 for ; Wed, 22 Jan 2025 21:59:13 GMT (envelope-from bugzilla-noreply@freebsd.org) Received: (from www@localhost) by kenobi.freebsd.org (8.15.2/8.15.2/Submit) id 50MLxDHT088411 for ports-bugs@FreeBSD.org; Wed, 22 Jan 2025 21:59:13 GMT (envelope-from bugzilla-noreply@freebsd.org) X-Authentication-Warning: kenobi.freebsd.org: www set sender to bugzilla-noreply@freebsd.org using -f From: bugzilla-noreply@freebsd.org To: ports-bugs@FreeBSD.org Subject: [Bug 284278] security/sudo: 1.9.16p2_1 pkg now pulls in 500MiB of dependencies Date: Wed, 22 Jan 2025 21:59:13 +0000 X-Bugzilla-Reason: AssignedTo X-Bugzilla-Type: new X-Bugzilla-Watch-Reason: None X-Bugzilla-Product: Ports & Packages X-Bugzilla-Component: Individual Port(s) X-Bugzilla-Version: Latest X-Bugzilla-Keywords: X-Bugzilla-Severity: Affects Only Me X-Bugzilla-Who: dch@freebsd.org X-Bugzilla-Status: New X-Bugzilla-Resolution: X-Bugzilla-Priority: --- X-Bugzilla-Assigned-To: garga@FreeBSD.org X-Bugzilla-Flags: maintainer-feedback? X-Bugzilla-Changed-Fields: bug_id short_desc product version rep_platform op_sys bug_status bug_severity priority component assigned_to reporter flagtypes.name Message-ID: Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="UTF-8" X-Bugzilla-URL: https://bugs.freebsd.org/bugzilla/ Auto-Submitted: auto-generated List-Id: Ports bug reports List-Archive: https://lists.freebsd.org/archives/freebsd-ports-bugs List-Help: List-Post: List-Subscribe: List-Unsubscribe: X-BeenThere: freebsd-ports-bugs@freebsd.org Sender: owner-freebsd-ports-bugs@FreeBSD.org MIME-Version: 1.0 https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=3D284278 Bug ID: 284278 Summary: security/sudo: 1.9.16p2_1 pkg now pulls in 500MiB of dependencies Product: Ports & Packages Version: Latest Hardware: Any OS: Any Status: New Severity: Affects Only Me Priority: --- Component: Individual Port(s) Assignee: garga@FreeBSD.org Reporter: dch@freebsd.org Assignee: garga@FreeBSD.org Flags: maintainer-feedback?(garga@FreeBSD.org) from vanilla 14.2-RELEASE amd64, using /latest/ packages, sudo pulls in additional 500MiB of dependencies. Ideally the default sudo should not need so many packages, these are included in every Cloud release, so this would bloat things significantly. compare 1.9.16p2, with gettext, indexinfo + sudo: ``` Updating FreeBSD repository catalogue... FreeBSD repository is up to date. All repositories are up to date. The following 3 package(s) will be affected (of 0 checked): New packages to be INSTALLED: gettext-runtime: 0.23 [FreeBSD] indexinfo: 0.3.1 [FreeBSD] sudo: 1.9.16p2 [FreeBSD] Number of packages to be installed: 3 The process will require 9 MiB more space. 2 MiB to be downloaded. Proceed with this action? [y/N]: ``` vs 1.9.16p2_1 with much more ``` # pkg install -r FreeBSD security/sudo The package management tool is not yet installed on your system. Do you want to fetch and install it now? [y/N]: y Bootstrapping pkg from http://pkg0.fra.FreeBSD.org/FreeBSD:14:amd64/latest, please wait... Verifying signature with trusted certificate pkg.freebsd.org.2013102301... = done [picard.skunkwerks.at] Installing pkg-1.21.3... [picard.skunkwerks.at] Extracting pkg-1.21.3: 100% Updating FreeBSD repository catalogue... FreeBSD repository is up to date. All repositories are up to date. Updating database digests format: 100% Checking integrity... done (1 conflicting) - sudo-1.9.16p2_1 [FreeBSD] conflicts with sudo-sssd-1.9.16p2_1 [FreeBSD]= on /usr/local/bin/cvtsudoers Cannot solve problem using SAT solver, trying another plan Checking integrity... done (0 conflicting) The following 98 package(s) will be affected (of 0 checked): New packages to be INSTALLED: adcli: 0.9.2_3 [FreeBSD] avahi-app: 0.8_2 [FreeBSD] brotli: 1.1.0,1 [FreeBSD] c-ares: 1.34.4 [FreeBSD] curl: 8.11.1_1 [FreeBSD] cyrus-sasl: 2.1.28_5 [FreeBSD] cyrus-sasl-gssapi: 2.1.28 [FreeBSD] dbus: 1.14.10_5,1 [FreeBSD] dbus-glib: 0.112_1 [FreeBSD] ding-libs: 0.6.1 [FreeBSD] e2fsprogs-libuuid: 1.47.2 [FreeBSD] expat: 2.6.4 [FreeBSD] gamin: 0.1.10_10 [FreeBSD] gdbm: 1.24 [FreeBSD] gettext-runtime: 0.23.1 [FreeBSD] glib: 2.80.5_1,2 [FreeBSD] gmp: 6.3.0 [FreeBSD] gnome_subr: 1.0 [FreeBSD] gnutls: 3.8.8 [FreeBSD] indexinfo: 0.3.1 [FreeBSD] jansson: 2.14 [FreeBSD] jose: 14 [FreeBSD] krb5: 1.21.3 [FreeBSD] ldb25: 2.5.3 [FreeBSD] libICE: 1.1.1,1 [FreeBSD] libSM: 1.2.4,1 [FreeBSD] libX11: 1.8.9,1 [FreeBSD] libXau: 1.0.11 [FreeBSD] libXdmcp: 1.1.5 [FreeBSD] libarchive: 3.7.7_1,1 [FreeBSD] libcbor: 0.11.0 [FreeBSD] libcjson: 1.7.18_2 [FreeBSD] libdaemon: 0.14_1 [FreeBSD] libevent: 2.1.12 [FreeBSD] libffi: 3.4.6 [FreeBSD] libfido2: 1.15.0 [FreeBSD] libgcrypt: 1.11.0 [FreeBSD] libgpg-error: 1.51 [FreeBSD] libiconv: 1.17_1 [FreeBSD] libidn2: 2.3.7 [FreeBSD] libinotify: 20240724 [FreeBSD] liblz4: 1.10.0,1 [FreeBSD] libnghttp2: 1.64.0 [FreeBSD] libpsl: 0.21.5_1 [FreeBSD] libssh2: 1.11.1,3 [FreeBSD] libsunacl: 1.0.1_1 [FreeBSD] libtasn1: 4.19.0_1 [FreeBSD] libunistring: 1.3 [FreeBSD] libunwind: 20240221_1 [FreeBSD] libxcb: 1.17.0 [FreeBSD] lmdb: 0.9.33,1 [FreeBSD] mpdecimal: 4.0.0 [FreeBSD] nettle: 3.10.1 [FreeBSD] openldap26-client: 2.6.9 [FreeBSD] p11-kit: 0.25.5 [FreeBSD] pcre2: 10.43 [FreeBSD] popt: 1.19_1 [FreeBSD] py311-aioquic: 1.2.0 [FreeBSD] py311-anyio: 4.7.0 [FreeBSD] py311-async_generator: 1.10 [FreeBSD] py311-attrs: 24.3.0 [FreeBSD] py311-certifi: 2024.12.14 [FreeBSD] py311-cffi: 1.17.1 [FreeBSD] py311-cryptography: 42.0.8_6,1 [FreeBSD] py311-dnspython: 2.7.0,1 [FreeBSD] py311-h11: 0.14.0 [FreeBSD] py311-h2: 4.1.0 [FreeBSD] py311-hpack: 4.0.0 [FreeBSD] py311-httpcore: 1.0.7 [FreeBSD] py311-httpx: 0.28.1 [FreeBSD] py311-hyperframe: 6.0.0 [FreeBSD] py311-idna: 3.10 [FreeBSD] py311-markdown: 3.6 [FreeBSD] py311-openssl: 24.1.0,1 [FreeBSD] py311-outcome: 1.3.0_1 [FreeBSD] py311-packaging: 24.2 [FreeBSD] py311-pyasn1: 0.6.0 [FreeBSD] py311-pyasn1-modules: 0.4.0 [FreeBSD] py311-pycparser: 2.22 [FreeBSD] py311-pylsqpack: 0.3.18 [FreeBSD] py311-service-identity: 24.2.0 [FreeBSD] py311-setuptools: 63.1.0_1 [FreeBSD] py311-sniffio: 1.3.1 [FreeBSD] py311-socksio: 1.0.0_1 [FreeBSD] py311-sortedcontainers: 2.4.0 [FreeBSD] py311-trio: 0.28.0 [FreeBSD] py311-truststore: 0.10.0 [FreeBSD] py311-typing-extensions: 4.12.2 [FreeBSD] python311: 3.11.11 [FreeBSD] readline: 8.2.13_2 [FreeBSD] samba416: 4.16.11_5 [FreeBSD] sssd2: 2.9.6 [FreeBSD] sudo-sssd: 1.9.16p2_1 [FreeBSD] talloc: 2.4.1 [FreeBSD] tdb: 1.4.9,1 [FreeBSD] tevent: 0.15.0 [FreeBSD] xorgproto: 2024.1 [FreeBSD] zstd: 1.5.6 [FreeBSD] Number of packages to be installed: 98 The process will require 472 MiB more space. Proceed with this action? [y/N]: n --=20 You are receiving this mail because: You are the assignee for the bug.=