port names and personal freedom
Oliver Eikemeier
eikemeier at fillmore-labs.com
Sat Jun 12 19:27:39 GMT 2004
Dear porters,
I'm just trying to add some vulnerabilities to the list that have been
forgotten recently. In this process I had to discover that we have a
new trend to creative naming in the ports tree. We have funny names like
www/apache13-modperl -> apache+mod_perl-1.3.31
(LATEST_LINK=apache+mod_perl)
mail/sendmail-ldap -> sendmail+tls+sasl2+ldap-8.12.11
(LATEST_LINK=sendmail+tls+sasl2+ldap)
net/samba3 (LATEST_LINK=samba-3)
... the list goes on. At the risk of starting another bikeshed about the
personal
freedom of maintainers to name their port how they please, why TF does
this have
to be? Do we have any benefit from that? Is `plus' as a package suffix
separator
en vouge this summer?
Please, I expect
- LATEST_LINK= directory name
If this doesn't collide with other ports, so that pkg_add -r `directory
name'
intuitively works.
- PKGNAMESUFFIX separated with a minus
Like most of the ports do.
- only a single PKGNAMESUFFIX
Out of the door, line on the left, one cross each.
- a PKGNAMESUFFIX means that a slave port with a directory name that
matches the
packages names exists.
This is not absolutely necessary in all cases, but this is what
PKGNAMESUFFIX is
designed for, those packages show up in the INDEX and are recognizable
for
vulnerability and conflict checking.
Please, if I make www/apache13-modssl
APACHE_WITH_IPV6=yes
APACHE_WITH_MODSNMP=yes
APACHE_WITH_MODACCEL=yes
APACHE_WITH_MODDEFLATE=yes
(why are they APACHE_WITH_* instead of WITH_*? more creativity?)
I get a PKGNAME of
apache+mod_ssl+mod_snmp+mod_accel+mod_deflate+ipv6-1.3.31+2.8.18+1.3.14.12+
1.0.31+1.0.21_4
(which current package tool truncate in most cases),
a LATEST_LINK of apache+mod_ssl+mod_snmp+mod_accel+mod_deflate+ipv6
and a CONFLICTS line of
apache+ipv6-1.* apache+ssl-1.* apache-1.* apache-2.* apache_fp-1.*
caudium-devel-1.* caudium10-1.* caudium12-* ru-apache+mod_ssl-1.*
ru-apache-1.* thttpd-2.* w3c-httpd-3.* apache+mod_ssl-1.*
apache+mod_ssl+ipv6-1.* apache+mod_ssl+mod_accel-1.*
apache+mod_ssl+mod_accel+ipv6-1.*
apache+mod_ssl+mod_accel+mod_deflate-1.*
apache+mod_ssl+mod_accel+mod_deflate+ipv6-1.*
apache+mod_ssl+mod_deflate-1.* apache+mod_ssl+mod_deflate+ipv6-1.*
MODSNMP_SUFFIX= +mod_snmp apache+mod_ssl-1.*
apache+mod_ssl+ipv6-1.* apache+mod_ssl+mod_snmp-1.*
apache+mod_ssl+mod_snmp+ipv6-1.*
apache+mod_ssl+mod_snmp+mod_deflate-1.*
apache+mod_ssl+mod_snmp+mod_deflate+ipv6-1.*
apache+mod_ssl+mod_deflate-1.* apache+mod_ssl+mod_deflate+ipv6-1.*
apache+mod_ssl-1.* apache+mod_ssl+ipv6-1.*
apache+mod_ssl+mod_snmp-1.* apache+mod_ssl+mod_snmp+ipv6-1.*
apache+mod_ssl+mod_snmp+mod_accel-1.*
apache+mod_ssl+mod_snmp+mod_accel+ipv6-1.*
apache+mod_ssl+mod_accel-1.* apache+mod_ssl+mod_accel+ipv6-1.*
apache+mod_ssl-1.* apache+mod_ssl+mod_snmp-1.*
apache+mod_ssl+mod_snmp+mod_accel-1.*
apache+mod_ssl+mod_snmp+mod_accel+mod_deflate-1.*
apache+mod_ssl+mod_accel-1.* apache+mod_ssl+mod_accel+mod_deflate-1.*
apache+mod_ssl+mod_deflate-1.*
Besides being buggy (which does not surprise me in all that chaos) all
this is a
mayor POLA violation. Can we please restrain our creativity to
pkg_message?
The pkg_message is displayed with pkg_info -D PKGNAME, so everybody can
find out with
what options the package has been compiled, should (s)he be interested.
Does really someone expect me to read every Makefile and add
apache{,+mod_ssl}{,+mod_snmp}{,+mod_accel}{,+mod_deflate}{,+ipv6}<1.3.31+2.
8.18+1.3.14.12+1.0.31+1.0.21_4
or whatever to CONFLICTS and vulnerability checking?
Please, please, let us fix this ASAP.
-Oliver
More information about the freebsd-ports
mailing list