svn commit: r41007 - in projects/xml-tools: bn_BD.ISO10646-1/articles/explaining-bsd bn_BD.ISO10646-1/articles/new-users de_DE.ISO8859-1/htdocs de_DE.ISO8859-1/share/xml en_US.ISO8859-1/articles/co...
Gabor Kovesdan
gabor at FreeBSD.org
Mon Feb 18 15:29:08 UTC 2013
Author: gabor
Date: Mon Feb 18 15:29:06 2013
New Revision: 41007
URL: http://svnweb.freebsd.org/changeset/doc/41007
Log:
- MFH
Added:
projects/xml-tools/share/pgpkeys/achim.key
- copied unchanged from r41006, head/share/pgpkeys/achim.key
projects/xml-tools/share/pgpkeys/pclin.key
- copied unchanged from r41006, head/share/pgpkeys/pclin.key
Deleted:
projects/xml-tools/en_US.ISO8859-1/htdocs/FAQ/
Modified:
projects/xml-tools/bn_BD.ISO10646-1/articles/explaining-bsd/article.xml
projects/xml-tools/bn_BD.ISO10646-1/articles/new-users/article.xml
projects/xml-tools/de_DE.ISO8859-1/htdocs/about.xml
projects/xml-tools/de_DE.ISO8859-1/share/xml/news.xml
projects/xml-tools/de_DE.ISO8859-1/share/xml/press.xml
projects/xml-tools/en_US.ISO8859-1/articles/committers-guide/article.xml
projects/xml-tools/en_US.ISO8859-1/articles/contributors/contrib.additional.xml
projects/xml-tools/en_US.ISO8859-1/articles/contributors/contrib.committers.xml
projects/xml-tools/en_US.ISO8859-1/articles/portbuild/article.xml
projects/xml-tools/en_US.ISO8859-1/books/arch-handbook/book.xml
projects/xml-tools/en_US.ISO8859-1/books/arch-handbook/boot/chapter.xml
projects/xml-tools/en_US.ISO8859-1/books/arch-handbook/driverbasics/chapter.xml
projects/xml-tools/en_US.ISO8859-1/books/arch-handbook/isa/chapter.xml
projects/xml-tools/en_US.ISO8859-1/books/arch-handbook/jail/chapter.xml
projects/xml-tools/en_US.ISO8859-1/books/arch-handbook/kobj/chapter.xml
projects/xml-tools/en_US.ISO8859-1/books/arch-handbook/mac/chapter.xml
projects/xml-tools/en_US.ISO8859-1/books/arch-handbook/newbus/chapter.xml
projects/xml-tools/en_US.ISO8859-1/books/arch-handbook/pccard/chapter.xml
projects/xml-tools/en_US.ISO8859-1/books/arch-handbook/scsi/chapter.xml
projects/xml-tools/en_US.ISO8859-1/books/arch-handbook/smp/chapter.xml
projects/xml-tools/en_US.ISO8859-1/books/arch-handbook/sound/chapter.xml
projects/xml-tools/en_US.ISO8859-1/books/arch-handbook/usb/chapter.xml
projects/xml-tools/en_US.ISO8859-1/books/arch-handbook/vm/chapter.xml
projects/xml-tools/en_US.ISO8859-1/books/developers-handbook/testing/chapter.xml
projects/xml-tools/en_US.ISO8859-1/books/developers-handbook/tools/chapter.xml
projects/xml-tools/en_US.ISO8859-1/books/faq/book.xml
projects/xml-tools/en_US.ISO8859-1/books/fdp-primer/book.xml
projects/xml-tools/en_US.ISO8859-1/books/handbook/book.xml
projects/xml-tools/en_US.ISO8859-1/books/handbook/boot/chapter.xml
projects/xml-tools/en_US.ISO8859-1/books/handbook/config/chapter.xml
projects/xml-tools/en_US.ISO8859-1/books/handbook/cutting-edge/chapter.xml
projects/xml-tools/en_US.ISO8859-1/books/handbook/desktop/chapter.xml
projects/xml-tools/en_US.ISO8859-1/books/handbook/disks/chapter.xml
projects/xml-tools/en_US.ISO8859-1/books/handbook/filesystems/chapter.xml
projects/xml-tools/en_US.ISO8859-1/books/handbook/firewalls/chapter.xml
projects/xml-tools/en_US.ISO8859-1/books/handbook/geom/chapter.xml
projects/xml-tools/en_US.ISO8859-1/books/handbook/introduction/chapter.xml
projects/xml-tools/en_US.ISO8859-1/books/handbook/jails/chapter.xml
projects/xml-tools/en_US.ISO8859-1/books/handbook/kernelconfig/chapter.xml
projects/xml-tools/en_US.ISO8859-1/books/handbook/l10n/chapter.xml
projects/xml-tools/en_US.ISO8859-1/books/handbook/linuxemu/chapter.xml
projects/xml-tools/en_US.ISO8859-1/books/handbook/mac/chapter.xml
projects/xml-tools/en_US.ISO8859-1/books/handbook/mail/chapter.xml
projects/xml-tools/en_US.ISO8859-1/books/handbook/mirrors/chapter.xml
projects/xml-tools/en_US.ISO8859-1/books/handbook/printing/chapter.xml
projects/xml-tools/en_US.ISO8859-1/books/porters-handbook/book.xml (contents, props changed)
projects/xml-tools/en_US.ISO8859-1/htdocs/Makefile
projects/xml-tools/en_US.ISO8859-1/htdocs/donations/wantlist.xml
projects/xml-tools/en_US.ISO8859-1/htdocs/features.xml
projects/xml-tools/en_US.ISO8859-1/htdocs/internal/internal.xml
projects/xml-tools/en_US.ISO8859-1/htdocs/layout/css/layout.css
projects/xml-tools/en_US.ISO8859-1/htdocs/mailto.xml
projects/xml-tools/en_US.ISO8859-1/htdocs/projects/newbies.xml
projects/xml-tools/en_US.ISO8859-1/htdocs/releng/index.xml
projects/xml-tools/ja_JP.eucJP/books/handbook/advanced-networking/chapter.xml
projects/xml-tools/ja_JP.eucJP/books/handbook/cutting-edge/chapter.xml
projects/xml-tools/ja_JP.eucJP/books/handbook/mirrors/chapter.xml
projects/xml-tools/ja_JP.eucJP/books/handbook/ports/chapter.xml
projects/xml-tools/ja_JP.eucJP/htdocs/internal/internal.xml
projects/xml-tools/ja_JP.eucJP/htdocs/mailto.xml
projects/xml-tools/ja_JP.eucJP/share/xml/news.xml
projects/xml-tools/nl_NL.ISO8859-1/articles/contributing/article.xml
projects/xml-tools/nl_NL.ISO8859-1/books/handbook/audit/chapter.xml
projects/xml-tools/nl_NL.ISO8859-1/books/handbook/disks/chapter.xml
projects/xml-tools/nl_NL.ISO8859-1/books/handbook/filesystems/chapter.xml
projects/xml-tools/nl_NL.ISO8859-1/books/handbook/firewalls/chapter.xml
projects/xml-tools/nl_NL.ISO8859-1/books/handbook/jails/chapter.xml
projects/xml-tools/nl_NL.ISO8859-1/books/handbook/linuxemu/chapter.xml
projects/xml-tools/nl_NL.ISO8859-1/books/handbook/mail/chapter.xml
projects/xml-tools/nl_NL.ISO8859-1/books/handbook/multimedia/chapter.xml
projects/xml-tools/nl_NL.ISO8859-1/books/handbook/network-servers/chapter.xml
projects/xml-tools/nl_NL.ISO8859-1/books/handbook/ppp-and-slip/chapter.xml
projects/xml-tools/nl_NL.ISO8859-1/books/handbook/security/chapter.xml
projects/xml-tools/nl_NL.ISO8859-1/books/handbook/virtualization/chapter.xml
projects/xml-tools/share/pgpkeys/des.key
projects/xml-tools/share/pgpkeys/pgpkeys-developers.xml
projects/xml-tools/share/pgpkeys/pgpkeys.ent
projects/xml-tools/share/xml/authors.ent
projects/xml-tools/share/xml/developers.ent
projects/xml-tools/share/xml/mirrors.xml
projects/xml-tools/share/xml/news.xml
projects/xml-tools/share/xml/press.xml
Directory Properties:
projects/xml-tools/ (props changed)
projects/xml-tools/de_DE.ISO8859-1/ (props changed)
projects/xml-tools/en_US.ISO8859-1/ (props changed)
projects/xml-tools/ja_JP.eucJP/ (props changed)
projects/xml-tools/nl_NL.ISO8859-1/ (props changed)
projects/xml-tools/share/ (props changed)
Modified: projects/xml-tools/bn_BD.ISO10646-1/articles/explaining-bsd/article.xml
==============================================================================
--- projects/xml-tools/bn_BD.ISO10646-1/articles/explaining-bsd/article.xml Mon Feb 18 13:03:19 2013 (r41006)
+++ projects/xml-tools/bn_BD.ISO10646-1/articles/explaining-bsd/article.xml Mon Feb 18 15:29:06 2013 (r41007)
@@ -1,3 +1,4 @@
+<?xml version="1.0" encoding="utf-8"?>
<!DOCTYPE article PUBLIC "-//FreeBSD//DTD DocBook XML V4.5-Based Extension//EN"
"../../../share/xml/freebsd45.dtd">
<!--
Modified: projects/xml-tools/bn_BD.ISO10646-1/articles/new-users/article.xml
==============================================================================
--- projects/xml-tools/bn_BD.ISO10646-1/articles/new-users/article.xml Mon Feb 18 13:03:19 2013 (r41006)
+++ projects/xml-tools/bn_BD.ISO10646-1/articles/new-users/article.xml Mon Feb 18 15:29:06 2013 (r41007)
@@ -1,3 +1,4 @@
+<?xml version="1.0" encoding="utf-8"?>
<!DOCTYPE article PUBLIC "-//FreeBSD//DTD DocBook XML V4.5-Based Extension//EN"
"../../../share/xml/freebsd45.dtd">
<!--
Modified: projects/xml-tools/de_DE.ISO8859-1/htdocs/about.xml
==============================================================================
--- projects/xml-tools/de_DE.ISO8859-1/htdocs/about.xml Mon Feb 18 13:03:19 2013 (r41006)
+++ projects/xml-tools/de_DE.ISO8859-1/htdocs/about.xml Mon Feb 18 15:29:06 2013 (r41007)
@@ -1,8 +1,8 @@
<?xml version="1.0" encoding="iso-8859-1"?>
<!DOCTYPE html PUBLIC "-//FreeBSD//DTD XHTML 1.0 Transitional-Based Extension//EN"
"http://www.FreeBSD.org/XML/doc/share/xml/xhtml10-freebsd.dtd" [
-<!ENTITY dedate "$FreeBSDde: de-www/about.xml,v 1.13 2008/03/24 15:33:41 jkois Exp $">
-<!ENTITY reference "basiert auf: 1.13">
+<!ENTITY dedate "$FreeBSDde$">
+<!ENTITY reference "basiert auf: r40760">
<!ENTITY title "Über FreeBSD">
]>
@@ -64,7 +64,7 @@
<h2>Viele Anwendungen</h2>
- <p>Mit über 17.000 portierten Bibliotheken und <a
+ <p>Mit über 24.000 portierten Bibliotheken und <a
href="&base;/applications.html">Anwendungen</a> eignet sich
FreeBSD hervorragend als Betriebssystem für Desktop-
und Serversysteme sowie eingebettete Systeme.</p>
Modified: projects/xml-tools/de_DE.ISO8859-1/share/xml/news.xml
==============================================================================
--- projects/xml-tools/de_DE.ISO8859-1/share/xml/news.xml Mon Feb 18 13:03:19 2013 (r41006)
+++ projects/xml-tools/de_DE.ISO8859-1/share/xml/news.xml Mon Feb 18 15:29:06 2013 (r41007)
@@ -4,7 +4,7 @@
<!--
$FreeBSD$
$FreeBSDde$
- basiert auf: r40659
+ basiert auf: r40903
-->
<!-- Simple schema for FreeBSD Project news.
@@ -42,12 +42,30 @@
<name>1</name>
<day>
- <name>16</name>
+ <name>23</name>
<event>
- <p>Neuer Committer: <a
+ <p>Neuer Committer: <a
+ href="mailto:achim at FreeBSD.org">Achim Leubner</a> (src)</p>
+ </event>
+ </day>
+
+ <day>
+ <name>22</name>
+
+ <event>
+ <p>Neuer Committer: <a
+ href="mailto:dru at FreeBSD.org">Dru Lavigne</a> (doc)</p>
+ </event>
+ </day>
+
+ <day>
+ <name>16</name>
+
+ <event>
+ <p>Neuer Committer: <a
href="mailto:carl at FreeBSD.org">Carl Delsey</a> (src)</p>
- </event>
+ </event>
</day>
<day>
@@ -127,6 +145,15 @@
href="http://freebsdfoundation.blogspot.com/2013/01/faces-of-freebsd-thomas-abthorpe.html">hier.</a></p>
</event>
</day>
+
+ <day>
+ <name>7</name>
+
+ <event>
+ <p>Neuer Committer: <a
+ href="mailto:ian at FreeBSD.org">Ian Lepore</a> (src)</p>
+ </event>
+ </day>
</month>
</year>
@@ -160,6 +187,15 @@
</day>
<day>
+ <name>24</name>
+
+ <event>
+ <p>Neuer Committer: <a
+ href="mailto:koobs at FreeBSD.org">Kubilay Kocak</a> (ports)</p>
+ </event>
+ </day>
+
+ <day>
<name>20</name>
<event>
Modified: projects/xml-tools/de_DE.ISO8859-1/share/xml/press.xml
==============================================================================
--- projects/xml-tools/de_DE.ISO8859-1/share/xml/press.xml Mon Feb 18 13:03:19 2013 (r41006)
+++ projects/xml-tools/de_DE.ISO8859-1/share/xml/press.xml Mon Feb 18 15:29:06 2013 (r41007)
@@ -7,7 +7,7 @@
"freefall:/c/www/bsddoc/press/".
$FreeBSD$
$FreeBSDde$
- basiert auf: r40251
+ basiert auf: r40864
-->
<press>
@@ -16,6 +16,26 @@
</cvs:keyword>
<year>
+ <name>2013</name>
+
+ <month>
+ <name>1</name>
+
+ <story>
+ <name>A Decade of OS Access-control Extensibility</name>
+ <url>https://queue.acm.org/detail.cfm?id=2430732</url>
+ <site-name>ACM Queue</site-name>
+ <site-url>https://queue.acm.org/</site-url>
+ <date>18. Januar 2013</date>
+ <author>Robert N. M. Watson</author>
+ <p>Wer sich näher mit der Absicherung von Betriebssystemen
+ beschäftigt, ist erstaunt über die zahlreichen in der
+ Praxis eingesetzten Modelle zur Zugangskontrolle.</p>
+ </story>
+ </month>
+ </year>
+
+ <year>
<name>2012</name>
<month>
Modified: projects/xml-tools/en_US.ISO8859-1/articles/committers-guide/article.xml
==============================================================================
--- projects/xml-tools/en_US.ISO8859-1/articles/committers-guide/article.xml Mon Feb 18 13:03:19 2013 (r41006)
+++ projects/xml-tools/en_US.ISO8859-1/articles/committers-guide/article.xml Mon Feb 18 15:29:06 2013 (r41007)
@@ -4156,24 +4156,6 @@ bak/packages packages from last complet
there are at least some perks:</para>
<variablelist>
-
- <varlistentry>
- <term>Direct access to <hostid>cvsup-master</hostid></term>
-
- <listitem>
- <para>As a committer, you may apply to &a.kuriyama; for direct access
- to <hostid role="fqdn">cvsup-master.FreeBSD.org</hostid>,
- providing the public key output from <command>cvpasswd
- <replaceable>yourusername</replaceable>@FreeBSD.org
- freefall.FreeBSD.org</command>. Please note: you must
- specify <hostid>freefall.FreeBSD.org</hostid> on the
- <command>cvpasswd</command> command line even though the
- actual server is <hostid>cvsup-master</hostid>. Access to
- <hostid>cvsup-master</hostid> should not be overused as it is
- a busy machine.</para>
- </listitem>
- </varlistentry>
-
<varlistentry>
<term>Free 4-CD and DVD Sets</term>
Modified: projects/xml-tools/en_US.ISO8859-1/articles/contributors/contrib.additional.xml
==============================================================================
--- projects/xml-tools/en_US.ISO8859-1/articles/contributors/contrib.additional.xml Mon Feb 18 13:03:19 2013 (r41006)
+++ projects/xml-tools/en_US.ISO8859-1/articles/contributors/contrib.additional.xml Mon Feb 18 15:29:06 2013 (r41007)
@@ -2603,6 +2603,11 @@
</listitem>
<listitem>
+ <para>Dmitry Kazarov
+ <email>d.y.kazarov at mail.ru</email></para>
+ </listitem>
+
+ <listitem>
<para>Dmitry Khrustalev
<email>dima at xyzzy.machaon.ru</email></para>
</listitem>
@@ -3366,7 +3371,7 @@
<listitem>
<para>Gary Hayers
- <email>gary at hayers.net</email></para>
+ <email>gary at hayers.org</email></para>
</listitem>
<listitem>
@@ -6835,6 +6840,11 @@
</listitem>
<listitem>
+ <para>Michael Sanders
+ <email>mike at topcat.hypermart.net</email></para>
+ </listitem>
+
+ <listitem>
<para>Michael Sardo
<email>jaeger16 at yahoo.com</email></para>
</listitem>
@@ -8380,11 +8390,6 @@
</listitem>
<listitem>
- <para>Po-Chien Lin
- <email>linpc at cs.nctu.edu.tw</email></para>
- </listitem>
-
- <listitem>
<para>Pomegranate
<email>daver at flag.blackened.net</email></para>
</listitem>
@@ -8792,6 +8797,11 @@
</listitem>
<listitem>
+ <para>Dr. Rolf Jansen
+ <email>cyclaero at gmail.com</email></para>
+ </listitem>
+
+ <listitem>
<para>Roman Neuhauser
<email>neuhauser at chello.cz</email></para>
</listitem>
Modified: projects/xml-tools/en_US.ISO8859-1/articles/contributors/contrib.committers.xml
==============================================================================
--- projects/xml-tools/en_US.ISO8859-1/articles/contributors/contrib.committers.xml Mon Feb 18 13:03:19 2013 (r41006)
+++ projects/xml-tools/en_US.ISO8859-1/articles/contributors/contrib.committers.xml Mon Feb 18 15:29:06 2013 (r41007)
@@ -524,6 +524,10 @@
</listitem>
<listitem>
+ <para>&a.smh;</para>
+ </listitem>
+
+ <listitem>
<para>&a.ehaupt;</para>
</listitem>
@@ -820,6 +824,10 @@
</listitem>
<listitem>
+ <para>&a.achim;</para>
+ </listitem>
+
+ <listitem>
<para>&a.truckman;</para>
</listitem>
@@ -840,6 +848,10 @@
</listitem>
<listitem>
+ <para>&a.pclin;</para>
+ </listitem>
+
+ <listitem>
<para>&a.yzlin;</para>
</listitem>
Modified: projects/xml-tools/en_US.ISO8859-1/articles/portbuild/article.xml
==============================================================================
--- projects/xml-tools/en_US.ISO8859-1/articles/portbuild/article.xml Mon Feb 18 13:03:19 2013 (r41006)
+++ projects/xml-tools/en_US.ISO8859-1/articles/portbuild/article.xml Mon Feb 18 15:29:06 2013 (r41007)
@@ -60,7 +60,7 @@
<title>The codebase</title>
<para>Most of the package building magic occurs under the
- <filename>/var/portbuild</filename> directory. Unless
+ <filename>/a/portbuild</filename> directory. Unless
otherwise specified, all paths will be relative to
this location. <replaceable>${arch}</replaceable> will
be used to specify one of the package architectures
@@ -74,15 +74,16 @@
</para>
<note>
- <para>Packages are no longer built for branches 4, 5, or 6, nor
+ <para>FreeBSD no longer builds packages for branches 4, 5, or 6, nor
for the alpha architecture.</para>
</note>
- <para>The scripts that control all of this live in
- <filename role="directory">/var/portbuild/scripts/</filename>.
+ <para>The scripts that control all of this live in either
+ <filename role="directory">/a/portbuild/scripts/</filename> or.
+ <filename role="directory">/a/portbuild/admin/scripts/</filename>.
These are the checked-out copies from the Subversion repository at
- <ulink url="http://svnweb.freebsd.org/base/projects/portbuild/scripts/">
- <filename role="directory">base/projects/portbuild/scripts/</filename>
+ <ulink url="http://svnweb.freebsd.org/base/projects/portbuild/">
+ <filename role="directory">base/projects/portbuild/</filename>
</ulink>.</para>
<para>Typically, incremental builds are done that use previous
@@ -109,7 +110,7 @@
</sect2>
<sect2 id="codebase-notes">
- <title>Notes on the codebase</title>
+ <title>Historical notes on the codebase</title>
<para>Until mid-2010, the scripts were completely specific to
<hostid>pointyhat.FreeBSD.org</hostid> as the head (dispatch) node. During
@@ -145,18 +146,6 @@
</listitem>
</itemizedlist>
- <para>This document was originally written before these changes
- were made. Where things such as script invocations have changed,
- they were denoted as <literal>new codebase:</literal> as opposed
- to <literal>old codebase:</literal>.</para>
-
- <note>
- <para>Up until November 2012, <hostid>pointyhat</hostid> had still
- been running the old codebase. That installation has now been
- permanently offlined. Therefore, all the instructions having
- to do with the old codebase have been removed.</para>
- </note>
-
<note>
<para>Also during this process, the codebase was migrated to the
<ulink url="http://svnweb.freebsd.org/base/projects/portbuild/scripts/">
@@ -166,16 +155,61 @@
found in CVS</ulink>.</para>
</note>
</sect2>
+
+ <sect2 id="pointyhat-privsep">
+ <title>Notes on privilege separation</title>
+
+ <para>As of January 2013, a rewrite is in progress to further separate
+ privileges. The following concepts are introduced:</para>
+
+ <itemizedlist>
+ <listitem>
+ <para>Server-side user <username>portbuild</username> assumes all
+ responsiblity for operations involving builds and communicating
+ with the clients. This user no longer has access to
+ <application>sudo</application>.</para>
+ </listitem>
+
+ <listitem>
+ <para>Server-side user <username>srcbuild</username> is created
+ and given responsiblity for operations involving both VCS
+ operations and anything involving src builds for the clients.
+ This user does not have access to
+ <application>sudo</application>.</para>
+ </listitem>
+
+ <listitem>
+ <para>The server-side
+ <literal>ports-</literal><replaceable>arch</replaceable>
+ users go away.</para>
+ </listitem>
+
+ <listitem>
+ <para>None of the above server-side users have
+ <application>ssh</application> keys. Individual
+ <literal>portmgr</literal> will accomplish all those
+ tasks using <application>ksu</application>. (This is
+ still work-in-progress.)</para>
+ </listitem>
+
+ <listitem>
+ <para>The only client-side user is also named
+ <username>portbuild</username> and still has access to
+ <application>sudo</application> for the purpose of managing
+ jails.</para>
+ </listitem>
+ </itemizedlist>
+ </sect2>
</sect1>
<sect1 id="management">
<title>Build Client Management</title>
- <para>The &i386; clients co-located with <hostid>pointyhat</hostid>
- netboot from it (<replaceable>connected</replaceable> nodes); all
- other clients (<replaceable>disconnected</replaceable> nodes)
- are either self-hosted or netboot from some other
- <literal>pxe</literal> host.
+ <para>You may set up clients to either netboot from the master
+ (<replaceable>connected</replaceable> nodes)
+ or have them either self-hosted or netboot from some other
+ <literal>pxe</literal> host
+ (<replaceable>disconnected</replaceable> nodes).
In all cases they set themselves
up at boot-time to prepare to build packages.</para>
@@ -200,29 +234,31 @@
<sect1 id="setup">
<title>Jail Build Environment Setup</title>
- <para>Package builds are performed in a
+ <para>Package builds are performed by the clients in a
<literal>jail</literal> populated by the
<filename>portbuild</filename> script using the
<filename><replaceable>${arch}</replaceable>/<replaceable>${branch}</replaceable>/builds/<replaceable>${buildid}</replaceable>/bindist.tar</filename>
file.</para>
- <para>The <command>makeworld</command> command builds a world from the
+ <para>On the server, use the
+ <command>makeworld</command> command to build a world from the
<filename><replaceable>${arch}</replaceable>/<replaceable>${branch}</replaceable>/builds/<replaceable>${buildid}</replaceable>/src/</filename>
- tree and installs it into
+ tree and install it into
<filename><replaceable>${arch}</replaceable>/<replaceable>${branch}</replaceable>/builds/<replaceable>${buildid}</replaceable>/bindist.tar</filename>.
The tree will
be updated first unless <literal>-novcs</literal> is
- specified. It should be run as <username>root</username>:</para>
+ specified.</para>
- <screen>&prompt.root; <userinput>/var/portbuild/scripts/makeworld <replaceable>${arch}</replaceable> <replaceable>${branch}</replaceable> <replaceable>${buildid}</replaceable> [-novcs]</userinput></screen>
+ <screen>&prompt.root; <userinput>/a/portbuild/admin/scripts/makeworld <replaceable>${arch}</replaceable> <replaceable>${branch}</replaceable> <replaceable>${buildid}</replaceable> [-novcs]</userinput></screen>
- <para>The <filename>bindist.tar</filename> tarball is created from the
+ <para>Similiarly on the server, the
+ <filename>bindist.tar</filename> tarball is created from the
previously installed world by the <command>mkbindist</command>
- script. It should be also be run as <username>root</username>:</para>
+ script.</para>
- <screen>&prompt.root; <userinput>/var/portbuild/scripts/mkbindist <replaceable>${arch}</replaceable> <replaceable>${branch}</replaceable> <replaceable>${buildid}</replaceable></userinput></screen>
+ <screen>&prompt.root; <userinput>/a/portbuild/admin/scripts/mkbindist <replaceable>${arch}</replaceable> <replaceable>${branch}</replaceable> <replaceable>${buildid}</replaceable></userinput></screen>
- <para>The per-machine tarballs are located in
+ <para>The per-machine tarballs are located on the server in
<filename><replaceable>${arch}</replaceable>/clients</filename>.</para>
<para>The <filename>bindist.tar</filename> file is extracted
@@ -233,6 +269,16 @@
<para>For both commands above, if
<replaceable>${buildid}</replaceable> is
<literal>latest</literal>, it may be omitted.</para>
+
+ <note>
+ <para>Currently the above two scripts must be run as
+ <username>root</username>; otherwise, the install scripts
+ lack sufficient permissions. This is undesirable for
+ security reasons. Work is in progress in -HEAD to allow
+ users to do installations; once that is committed, the
+ intention is to use that and run these two commands as
+ <username>srcbuild</username>.</para>
+ </note>
</sect1>
<sect1 id="customizing">
@@ -782,7 +828,7 @@ PKG_BIN=/usr/local/sbin/pkg</programlist
<para>To free up resources, you will need to clean up client machines by
running <command>build cleanup</command> command. For example:</para>
- <screen>&prompt.user; <userinput>/var/portbuild/scripts/build cleanup i386 8-exp 20080714120411 -full</userinput></screen>
+ <screen>&prompt.user; <userinput>/a/portbuild/scripts/build cleanup i386 8-exp 20080714120411 -full</userinput></screen>
<para>If you forget to do this, then the old build
<literal>jail</literal>s will not be cleaned up for 24 hours, and no
@@ -797,6 +843,11 @@ PKG_BIN=/usr/local/sbin/pkg</programlist
and it is less than the number of jobs that <literal>loads</literal>
thinks are in use, you are in trouble.</para>
+ <note>
+ <para>The following notes about mounting only apply to
+ <literal>connected</literal> nodes.</para>
+ </note>
+
<para>You may have problem with the <command>umount</command>
commands hanging. If so, you are going to have to use the
<command>allgohans</command> script to run an &man.ssh.1;
@@ -826,6 +877,11 @@ umount: Cleanup of /x/tmp/8-exp/chroot/5
<para>You may also see messages about <literal>procfs</literal>.</para>
</note>
+ <note>
+ <para>The above is the end of the notes that apply only to
+ <literal>connected</literal> nodes.</para>
+ </note>
+
<para>After you have done all the above, remove the
<filename><replaceable>${arch}</replaceable>/lock</filename>
file before trying to restart the build. If you do not,
@@ -872,7 +928,7 @@ umount: Cleanup of /x/tmp/8-exp/chroot/5
<userinput>scripts/stats <replaceable>${branch}</replaceable></userinput>
command shows the number of packages already built.</para>
- <para>Running <userinput>cat /var/portbuild/*/loads/*</userinput>
+ <para>Running <userinput>cat /a/portbuild/*/loads/*</userinput>
shows the client loads and number of concurrent builds in
progress. The files that have been recently updated are the clients
that are online; the others are the offline clients.</para>
@@ -909,7 +965,7 @@ umount: Cleanup of /x/tmp/8-exp/chroot/5
it if not.</para>
<para>Keep an eye on &man.df.1; output. If the
- <filename>/var/portbuild</filename> file system becomes full
+ <filename>/a/portbuild</filename> file system becomes full
then <trademark>Bad Things</trademark> happen.</para>
<para>The status of all current builds is generated periodically
@@ -1014,12 +1070,7 @@ umount: Cleanup of /x/tmp/8-exp/chroot/5
<screen>&prompt.user; <userinput>cd <replaceable>${arch}</replaceable>/<replaceable>${branch}</replaceable></userinput>
&prompt.user; <userinput>find distfiles > distfiles-<replaceable>${release}</replaceable></userinput></screen>
- <!-- XXX MCL apparently obsolete -->
- <para>This inventory file typically lives in
- <filename>i386/<replaceable>${branch}</replaceable></filename>
- on the cluster master.</para>
-
- <para>This is useful to aid in periodically cleaning out
+ <para>You should use that output to periodically clean out
the distfiles from <hostid>ftp-master</hostid>. When space
gets tight, distfiles from recent releases can be kept while
others can be thrown away.</para>
@@ -1043,6 +1094,16 @@ umount: Cleanup of /x/tmp/8-exp/chroot/5
<sect1 id="uploading">
<title>Uploading Packages</title>
+ <note>
+ <para>For FreeBSD.org as of 2013, the instructions
+ about uploading to <hostid>ftp-master</hostid> are obsolete.
+ In the future, <hostid>ftp-master</hostid> will pull
+ from <hostid>pointyhat</hostid>, using a mechanism yet
+ to be implemented. However, the instructions about
+ <makevar>RESTRICTED</makevar> and <makevar>NO_CDROM</makevar>
+ must still be <emphasis>carefully</emphasis> followed.</para>
+ </note>
+
<para>Once a build has completed, packages and/or distfiles
can be transferred to <hostid>ftp-master</hostid> for
propagation to the FTP mirror network. If the build was
@@ -1120,7 +1181,7 @@ umount: Cleanup of /x/tmp/8-exp/chroot/5
a new release), copy packages to the staging area on
<hostid>ftp-master</hostid> with something like the following:</para>
- <screen>&prompt.root; <userinput>cd /var/portbuild/<replaceable>${arch}</replaceable>/<replaceable>${branch}</replaceable></userinput>
+ <screen>&prompt.root; <userinput>cd /a/portbuild/<replaceable>${arch}</replaceable>/<replaceable>${branch}</replaceable></userinput>
&prompt.root; <userinput>tar cfv - packages/ | ssh portmgr at ftp-master tar xfC - w/ports/<replaceable>${arch}</replaceable>/tmp/<replaceable>${subdir}</replaceable></userinput></screen>
<para>Then log into <hostid>ftp-master</hostid>, verify that
@@ -1148,7 +1209,7 @@ umount: Cleanup of /x/tmp/8-exp/chroot/5
<para>Distfiles should be transferred with the
<command>cpdistfiles</command> script:</para>
- <screen>&prompt.root; <userinput>/var/portbuild/scripts/cpdistfiles <replaceable>${arch}</replaceable> <replaceable>${branch}</replaceable> <replaceable>${buildid}</replaceable> [-yesreally] | tee log2</userinput></screen>
+ <screen>&prompt.root; <userinput>/a/portbuild/scripts/cpdistfiles <replaceable>${arch}</replaceable> <replaceable>${branch}</replaceable> <replaceable>${buildid}</replaceable> [-yesreally] | tee log2</userinput></screen>
<para>Doing it by hand is deprecated.</para>
</sect1>
@@ -1156,6 +1217,11 @@ umount: Cleanup of /x/tmp/8-exp/chroot/5
<sect1 id="expbuilds">
<title>Experimental Patches Builds</title>
+ <note>
+ <para>Most of the information in this section is obsolete
+ as of 2013 and needs to be rewritten.</para>
+ </note>
+
<para>Experimental patches builds are run from time to time to
new features or bugfixes to the ports infrastructure (i.e.
<filename>bsd.port.mk</filename>), or to test large sweeping
@@ -1206,21 +1272,15 @@ umount: Cleanup of /x/tmp/8-exp/chroot/5
build. This will ensure an apples-to-apples comparison
later.</para>
- <!-- XXX MCL currently there is only one build cluster
- <note><para>One build cluster can do the control build while the other
- does the experimental patches build. This can be a great
- time-saver.</para></note>
- -->
-
<para>Once the build finishes, compare the control build failures
to those of the experimental patches build. Use the following
commands to facilitate this (this assumes the <literal>8</literal>
branch is the control branch, and the <literal>8-exp</literal>
branch is the experimental patches branch):</para>
- <screen>&prompt.user; <userinput>cd /var/portbuild/i386/8-exp/errors</userinput>
+ <screen>&prompt.user; <userinput>cd /a/portbuild/i386/8-exp/errors</userinput>
&prompt.user; <userinput>find . -name \*.log\* | sort > /tmp/8-exp-errs</userinput>
-&prompt.user; <userinput>cd /var/portbuild/i386/8/errors</userinput>
+&prompt.user; <userinput>cd /a/portbuild/i386/8/errors</userinput>
&prompt.user; <userinput>find . -name \*.log\* | sort > /tmp/8-errs</userinput></screen>
<note>
@@ -1283,7 +1343,7 @@ umount: Cleanup of /x/tmp/8-exp/chroot/5
rebuild of the affected packages under the control
branch:</para>
- <screen>&prompt.user; <userinput>cd /var/portbuild/i386/8/ports</userinput></screen>
+ <screen>&prompt.user; <userinput>cd /a/portbuild/i386/8/ports</userinput></screen>
<note>
<para>The following example is obsolete</para>
@@ -1296,9 +1356,9 @@ umount: Cleanup of /x/tmp/8-exp/chroot/5
<!-- XXX MCL fix -->
<para>The following command will set up the control branch for
- the partial build (old codebase):</para>
+ the partial build:</para>
- <screen>&prompt.user; <userinput>/var/portbuild/scripts/dopackages.8 -noportsvcs -nobuild -novcs -nofinish</userinput></screen>
+ <screen>&prompt.user; <userinput>/a/portbuild/scripts/dopackages.wrapper i386 8 -noportsvcs -nobuild -novcs -nofinish</userinput></screen>
<!-- XXX MCL obsolete -->
<para>The builds must be performed from the
@@ -1306,14 +1366,14 @@ umount: Cleanup of /x/tmp/8-exp/chroot/5
initially be empty except for the Makefile symlink. If this
symlink does not exist, it must be created:</para>
- <screen>&prompt.user; <userinput>cd /var/portbuild/i386/8/packages/All</userinput>
+ <screen>&prompt.user; <userinput>cd /a/portbuild/i386/8/packages/All</userinput>
&prompt.user; <userinput>ln -sf ../../Makefile .</userinput>
&prompt.user; <userinput>make -k -j<#> <list of packages to build></userinput></screen>
<note>
<para><#> is the concurrency of the build to
attempt. It is usually the sum of the weights listed in
- <filename>/var/portbuild/i386/mlist</filename> unless you have a
+ <filename>/a/portbuild/i386/mlist</filename> unless you have a
reason to run a heavier or lighter build.</para>
<para>The list of packages to build should be a list of package
@@ -1346,17 +1406,15 @@ umount: Cleanup of /x/tmp/8-exp/chroot/5
<para>Before following these steps, please coordinate with
<literal>portmgr</literal>.</para>
- <note>
- <para>Due to some generous donations, <literal>portmgr</literal> is
- no longer looking for the loan of &i386; or <literal>amd64</literal>
- systems. However, we are still interested in borrowing tier-2
- systems.</para>
- </note>
-
<sect2 id="node-requirements">
<title>Node requirements</title>
- <para><literal>portmgr</literal> is still working on characterizing
+ <note>
+ <para>This section is only of interest when considering
+ tier-2 architectures.</para>
+ </note>
+
+ <para>Here are the requirement for
what a node needs to be generally useful.</para>
<itemizedlist>
@@ -1436,7 +1494,8 @@ umount: Cleanup of /x/tmp/8-exp/chroot/5
<filename>/usr2/</filename>.)</para>
<note>
<para>The filename <filename>chroot</filename> is a
- historical remnant.</para>
+ historical remnant. The <command>chroot</command>
+ command is no longer used.</para>
</note>
</step>
</procedure>
@@ -1477,8 +1536,9 @@ umount: Cleanup of /x/tmp/8-exp/chroot/5
<step>
<para>Generate a kernel config file. Include
- <filename>GENERIC</filename> (or, if you are using more than
- 3.5G on &i386;, <filename>PAE</filename>).</para>
+ <filename>GENERIC</filename> (or, if on &i386;, and
+ you are using more than
+ 3.5G, <filename>PAE</filename>).</para>
<para>Required options:</para>
@@ -1493,9 +1553,14 @@ options SHMMAXPGS=65536
options SEMMNI=40
options SEMMNS=240
options SEMUME=40
-options SEMMNU=120
+options SEMMNU=120</programlisting>
+
+ <para>If you are interested in debugging general
+ problems, you may wish to use the following.
+ However, for unattended operations, it is best
+ to leave it out:</para>
-options ALT_BREAK_TO_DEBUGGER</programlisting>
+ <programlisting>options ALT_BREAK_TO_DEBUGGER</programlisting>
<para>For <filename>PAE</filename>, it is not currently possible
to load modules. Therefore, if you are running an architecture
@@ -1912,7 +1977,7 @@ portbuild ALL=(ALL) NOPASSWD: ALL</p
<step>
<para>Create
- <filename>/var/portbuild/<replaceable>${arch}</replaceable>/clients/bindist-<replaceable>${hostname}</replaceable>.tar</filename>.</para>
+ <filename>/a/portbuild/<replaceable>${arch}</replaceable>/clients/bindist-<replaceable>${hostname}</replaceable>.tar</filename>.</para>
<itemizedlist>
<listitem>
@@ -1951,16 +2016,16 @@ MASTER_SITE_OVERRIDE= \
<para>Hint: you will need one of these for each machine;
however, if you have multiple machines at one site, you
should create a site-specific one (e.g., in
- <filename>/var/portbuild/conf/clients/</filename>)
+ <filename>/a/portbuild/conf/clients/</filename>)
and symlink to it.</para>
</step>
<step>
<para>Create
-<filename>/var/portbuild/<replaceable>${arch}</replaceable>/portbuild-<replaceable>${hostname}</replaceable></filename>
+<filename>/a/portbuild/<replaceable>${arch}</replaceable>/portbuild-<replaceable>${hostname}</replaceable></filename>
using one of the existing ones as a guide. This
file contains overrides to
-<filename>/var/portbuild/<replaceable>${arch}</replaceable>/portbuild.conf</filename>.</para>
+<filename>/a/portbuild/<replaceable>${arch}</replaceable>/portbuild.conf</filename>.</para>
<para>Suggested values:</para>
@@ -2026,7 +2091,7 @@ ssh_cmd="/usr/local/bin/ssh"</programlis
<step>
<para>Populate the client's copy of
<filename>/var/portbuild/scripts/</filename> by something like
- <userinput>/var/portbuild/scripts/dosetupnode <replaceable>arch</replaceable> <replaceable>major</replaceable> latest <replaceable>hostname</replaceable></userinput>.
+ <userinput>/a/portbuild/scripts/dosetupnode <replaceable>arch</replaceable> <replaceable>major</replaceable> latest <replaceable>hostname</replaceable></userinput>.
Verify that you now have files in that directory.</para>
</step>
@@ -2071,7 +2136,7 @@ ssh_cmd="/usr/local/bin/ssh"</programlis
<para>Once you are sure that the client is working, tell
<application>pollmachine</application> about it by adding
it to
- <filename>/var/portbuild/<replaceable>${arch}</replaceable>/mlist</filename>.</para>
+ <filename>/a/portbuild/<replaceable>${arch}</replaceable>/mlist</filename>.</para>
</step>
</procedure>
</sect2>
@@ -2087,10 +2152,15 @@ ssh_cmd="/usr/local/bin/ssh"</programlis
be done to specify that the previous branch is no longer
equivalent to <literal>HEAD</literal>.</para>
+ <note>
+ <para>As
+ <literal>srcbuild</literal>:</para>
+ </note>
+
<itemizedlist>
<listitem>
<para>
- Edit <filename>/var/portbuild/conf/server.conf</filename>
+ Edit <filename>/a/portbuild/conf/admin/admin.conf</filename>
with the following changes:</para>
<itemizedlist>
@@ -2115,7 +2185,7 @@ ssh_cmd="/usr/local/bin/ssh"</programlis
</listitem>
<listitem>
- <para>Run <command>/var/portbuild/updatesnap</command> manually.</para>
+ <para>Run <command>/a/portbuild/admin/scripts/updatesnap</command> manually.</para>
</listitem>
</itemizedlist>
</sect2>
@@ -2123,24 +2193,21 @@ ssh_cmd="/usr/local/bin/ssh"</programlis
<sect2 id="new-branch-post-qmanager">
<title>Steps necessary after <application>qmanager</application> is started</title>
- <note>
- <para>Again, as
- <literal>portbuild</literal>:</para>
- </note>
-
<itemizedlist>
<listitem>
<para>For each branch that will be supported, do the following:</para>
<itemizedlist>
<listitem>
- <para>Kick-start the build for the branch with:</para>
+ <para>As <literal>portbuild</literal>,
+ kick-start the build for the branch with:</para>
<screen>build create <replaceable>arch</replaceable> <replaceable>branch</replaceable></screen>
</listitem>
<listitem>
- <para><link linkend="setup">Create
+ <para>As <literal>srcbuild</literal>,
+ <link linkend="setup">create
<filename>bindist.tar</filename></link>.</para>
</listitem>
</itemizedlist>
@@ -2157,7 +2224,7 @@ ssh_cmd="/usr/local/bin/ssh"</programlis
<itemizedlist>
<listitem>
- <para>Edit <filename>/var/portbuild/conf/server.conf</filename>
+ <para>Edit <filename>/a/portbuild/admin/conf/admin.conf</filename>
with the following changes:</para>
<itemizedlist>
@@ -2184,7 +2251,7 @@ zfs destroy -r a/snap/src-<replaceable>o
<itemizedlist>
<listitem>
<para>You will probably find that the following files and
- symlinks in <filename>/var/portbuild/errorlogs/</filename>
+ symlinks in <filename>/a/portbuild/errorlogs/</filename>
can be removed:</para>
<itemizedlist>
@@ -2229,7 +2296,7 @@ zfs destroy -r a/snap/src-<replaceable>o
<itemizedlist>
<listitem>
- <para>Edit <filename>/var/portbuild/conf/server.conf</filename>
+ <para>Edit <filename>/a/portbuild/admin/conf/admin.conf</filename>
with the following changes:</para>
<itemizedlist>
@@ -2244,7 +2311,7 @@ zfs destroy -r a/snap/src-<replaceable>o
</listitem>
<listitem>
- <para>Run <command>/var/portbuild/updatesnap</command> manually.</para>
+ <para>Run <command>/a/portbuild/admin/scripts/updatesnap</command> manually.</para>
</listitem>
<listitem>
@@ -2268,49 +2335,24 @@ zfs destroy -r a/snap/src-<replaceable>o
<title>Steps necessary before <application>qmanager</application> is started</title>
<note>
- <para>The initial steps need to be done as
- <literal>root</literal>.</para>
+ <para>The next steps are most easily done as user
+ <literal>portbuild</literal>.</para>
</note>
- <itemizedlist>
- <listitem>
- <para>If it has not already been done, create the
- <literal>portbuild</literal>
- user and group.</para>
- </listitem>
-
- <listitem>
- <screen>mkdir /var/portbuild/<replaceable>arch</replaceable></screen>
- </listitem>
-
- <listitem>
- <para>Create a new <application>zfs</application> filesystem:</para>
-
- <screen>&prompt.root; zfs create -o mountpoint=/a/portbuild/<replaceable>arch</replaceable> a/portbuild/<replaceable>arch</replaceable></screen>
- </listitem>
-
- <listitem>
- <screen>&prompt.root; chown portbuild:portbuild /var/portbuild/<replaceable>arch</replaceable>;
-&prompt.root; chmod 775 /var/portbuild/<replaceable>arch</replaceable>;
-&prompt.root; cd /var/portbuild/<replaceable>arch</replaceable></screen>
- </listitem>
-
- <listitem>
- <para>Create the <filename>.ssh</filename> directory.</para>
- </listitem>
- </itemizedlist>
-
<note>
- <para>The next steps are most easily done as user
- <literal>portbuild</literal>.</para>
+ <para>The following assumes you have already run
+ <literal>mkportbuild</literal>.</para>
</note>
<itemizedlist>
<listitem>
- <para>Create an archive directory for buildlogs and errorlogs
- under <filename>archive/</filename>.</para>
+ <para>As the <literal>portbuild</literal> user, run</para>
+
+ <screen>&prompt.user; /a/portbuild/admin/tools/addarch <replaceable>arch</replaceable></screen>
</listitem>
+ </itemizedlist>
+ <itemizedlist>
<listitem>
<para>For each branch that will be supported, do the following:</para>
@@ -2354,8 +2396,10 @@ zfs destroy -r a/snap/src-<replaceable>o
</listitem>
<listitem>
- <para>Create a fresh <filename>portbuild.conf</filename> file
- from one of the ones for another architecture.</para>
+ <para>Edit <filename>portbuild.conf</filename>
+ from one of the ones for another architecture.
+ <literal>addarch</literal> will have created a default
+ one for you.</para>
</listitem>
<listitem>
@@ -2365,23 +2409,13 @@ zfs destroy -r a/snap/src-<replaceable>o
</listitem>
<listitem>
- <screen>&prompt.root; cd .ssh && ssh-keygen</screen>
- </listitem>
-
- <listitem>
- <para>If desired,
- edit the <filename>.ssh/config</filename> file for
- convenience in using <application>ssh</application>.</para>
- </listitem>
-
- <listitem>
<para>If you need to create any tunnels:</para>
<procedure>
<step>
<para>Make a private configuration directory:</para>
- <screen>&prompt.root; mkdir /var/portbuild/conf/<replaceable>arch</replaceable></screen>
+ <screen>&prompt.root; mkdir /a/portbuild/conf/<replaceable>arch</replaceable></screen>
</step>
<step>
@@ -2393,26 +2427,26 @@ zfs destroy -r a/snap/src-<replaceable>o
</itemizedlist>
<note>
- <para>Once again as <literal>root</literal>:</para>
+ <para>As <literal>srcbuild</literal>:</para>
</note>
<itemizedlist>
<listitem>
<para>Add <replaceable>arch</replaceable> to <makevar>SUPPORTED_ARCHS</makevar> in
- <filename>/var/portbuild/conf/server.conf</filename>.</para>
+ <filename>/a/portbuild/admin/conf/admin.conf</filename>.</para>
</listitem>
<listitem>
<para>Add the <replaceable>arch</replaceable> directory to
- <filename>/var/portbuild/scripts/zbackup</filename> and
- <filename>/var/portbuild/scripts/zexpire</filename>.</para>
+ <filename>/a/portbuild/admin/scripts/zbackup</filename>.
+ (This is a hack and should go away.)</para>
</listitem>
</itemizedlist>
<itemizedlist>
<listitem>
- <para>Add an appropriate <replaceable>arch</replaceable> entry for
- <filename>/var/portbuild/scripts/dologs</filename> to the portbuild
+ <para>Enable the appropriate <replaceable>arch</replaceable> entry for
+ <filename>/a/portbuild/scripts/dologs</filename> to the portbuild
<filename>crontab</filename>. (This is a hack and should go away.)</para>
</listitem>
</itemizedlist>
@@ -2422,17 +2456,11 @@ zfs destroy -r a/snap/src-<replaceable>o
<title>Steps necessary after <application>qmanager</application> is started</title>
<note>
- <para>Again as <literal>root</literal>:</para>
+ <para>Again as <literal>srcbuild</literal>:</para>
</note>
<itemizedlist>
<listitem>
- <para>Tell <application>qmanager</application> about the arch:</para>
-
- <screen>python <replaceable>path</replaceable>/qmanager/qclient add_acl name=ports-<replaceable>arch</replaceable> uidlist=ports-<replaceable>arch</replaceable> gidlist=portbuild sense=1</screen>
- </listitem>
-
- <listitem>
<para>For each branch that will be supported, do the following:</para>
<itemizedlist>
@@ -2452,54 +2480,6 @@ zfs destroy -r a/snap/src-<replaceable>o
<para>Please talk to Mark Linimon before making any changes
to this section.</para>
- <sect2 id="pointyhat-privsep">
- <title>Notes on privilege separation</title>
-
- <para>As of January 2013, a rewrite is in progress to further separate
- privileges. The following concepts are introduced:</para>
-
- <itemizedlist>
- <listitem>
- <para>Server-side user <username>portbuild</username> assumes all
- responsiblity for operations involving builds and communicating
- with the clients. This user no longer has access to
- <application>sudo</application>.</para>
- </listitem>
-
*** DIFF OUTPUT TRUNCATED AT 1000 LINES ***
More information about the svn-doc-projects
mailing list