Port Changes FAQ

Chris Maness chris at chrismaness.com
Sun Jun 15 13:38:22 UTC 2014 

Thanks, guys.  I like the new pkg (8) command.  Will they be
recompiling ports whenever they have been patched against
vulnerabilities?

Chris

On Sun, Jun 15, 2014 at 3:06 AM, Roland Smith <rsmith at xs4all.nl> wrote:
> On Sun, Jun 15, 2014 at 02:26:26AM +0200, Polytropon wrote:
>> On Sat, 14 Jun 2014 16:53:06 -0700, Chris Maness wrote:
>> > I used to use ports, portsnap, portaudit, portupgrade, etc...
>>
>> No big changes here so far. The system's package database has
>> been moved from pkg_* tools to the pkg (pkgng) system, but
>> portupgrade or portmaster can deal with that fine. The data
>> is now kept in a different database (sqlite). The pkg command
>> also has an audit functionality now.
>>
>> https://wiki.freebsd.org/pkgng
>>
>> http://www.freebsd.org/cgi/man.cgi?query=pkg&sektion=7
>>
>> http://www.freebsd.org/cgi/man.cgi?query=pkg-audit&format=html
>>
>> Additionally, CVS has been deprecated, so you use SVN to get
>> the updates for your local ports tree (or simply use portsnap).
>
> It seems that portsnap and freebsd-update have certain vulnerabilities that
> make it vulnerable to e.g. MITM attacks;
> http://lists.freebsd.org/pipermail/freebsd-questions/2014-April/257394.html
>
> Some PRs have been filed about it as well, e.g;
> https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=188433
> https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=188428
> https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=188430
> https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=188432
>
> So unless somebody finds the time to address these, it is not inconceivable
> that portsnap will be retired after 8.x and 9.x reach EOL.
>
> Updating ports with svnlite is easy. Initially do a check-out;
>
>     # rm -rf /usr/ports
>     # mkdir /usr/ports
>     # svnlite checkout https://svn0.eu.FreeBSD.org/ports/head /usr/ports
>
> (I'm using the European mirror as an example. Choose a relatively close mirror.)
>
> After that you can update the ports tree with;
>
>     # svnlite update /usr/ports |& less
>
>> > I
>> > used to build everything from ports, #make install clean sorts of
>> > commands.  Is this going away?
>>
>> It sill works as expected and is still supported. For few
>> software, it's the only way of installation because no binary
>> package exists (maybe you need specific compile-time options
>> which are not the default options).
>>
>> So far, those are the "big changes" regarding software
>> installation:
>>
>> 1. pkg (instead of pkg_* toolset)
>>
>> 2. clang (instead of gcc)
>>
>> 3. Subversion (instead of CVS)
>
> There is another change coming; the support for installing Python packages for
> multiple Python versions.
>
> Roland
> --
> R.F.Smith                                   http://rsmith.home.xs4all.nl/
> [plain text _non-HTML_ PGP/GnuPG encrypted/signed email much appreciated]
> pgp: 5753 3324 1661 B0FE 8D93  FCED 40F6 D5DC A38A 33E0 (keyID: A38A33E0)

More information about the freebsd-questions mailing list