Port Changes FAQ
Roland Smith
rsmith at xs4all.nl
Sun Jun 15 10:07:33 UTC 2014
On Sun, Jun 15, 2014 at 02:26:26AM +0200, Polytropon wrote:
> On Sat, 14 Jun 2014 16:53:06 -0700, Chris Maness wrote:
> > I used to use ports, portsnap, portaudit, portupgrade, etc...
>
> No big changes here so far. The system's package database has
> been moved from pkg_* tools to the pkg (pkgng) system, but
> portupgrade or portmaster can deal with that fine. The data
> is now kept in a different database (sqlite). The pkg command
> also has an audit functionality now.
>
> https://wiki.freebsd.org/pkgng
>
> http://www.freebsd.org/cgi/man.cgi?query=pkg&sektion=7
>
> http://www.freebsd.org/cgi/man.cgi?query=pkg-audit&format=html
>
> Additionally, CVS has been deprecated, so you use SVN to get
> the updates for your local ports tree (or simply use portsnap).
It seems that portsnap and freebsd-update have certain vulnerabilities that
make it vulnerable to e.g. MITM attacks;
http://lists.freebsd.org/pipermail/freebsd-questions/2014-April/257394.html
Some PRs have been filed about it as well, e.g;
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=188433
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=188428
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=188430
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=188432
So unless somebody finds the time to address these, it is not inconceivable
that portsnap will be retired after 8.x and 9.x reach EOL.
Updating ports with svnlite is easy. Initially do a check-out;
# rm -rf /usr/ports
# mkdir /usr/ports
# svnlite checkout https://svn0.eu.FreeBSD.org/ports/head /usr/ports
(I'm using the European mirror as an example. Choose a relatively close mirror.)
After that you can update the ports tree with;
# svnlite update /usr/ports |& less
> > I
> > used to build everything from ports, #make install clean sorts of
> > commands. Is this going away?
>
> It sill works as expected and is still supported. For few
> software, it's the only way of installation because no binary
> package exists (maybe you need specific compile-time options
> which are not the default options).
>
> So far, those are the "big changes" regarding software
> installation:
>
> 1. pkg (instead of pkg_* toolset)
>
> 2. clang (instead of gcc)
>
> 3. Subversion (instead of CVS)
There is another change coming; the support for installing Python packages for
multiple Python versions.
Roland
--
R.F.Smith http://rsmith.home.xs4all.nl/
[plain text _non-HTML_ PGP/GnuPG encrypted/signed email much appreciated]
pgp: 5753 3324 1661 B0FE 8D93 FCED 40F6 D5DC A38A 33E0 (keyID: A38A33E0)
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 819 bytes
Desc: not available
URL: <http://lists.freebsd.org/pipermail/freebsd-questions/attachments/20140615/8df3c87d/attachment.sig>
More information about the freebsd-questions
mailing list