pkgng suggestion: renaming /usr/sbin/pkg to
/usr/sbin/pkg-bootstrap
Warren Block
wblock at wonkity.com
Sun Aug 26 20:39:14 UTC 2012
On Sun, 26 Aug 2012, Ian Lepore wrote:
> On Sun, 2012-08-26 at 20:58 +0200, Baptiste Daroussin wrote:
>> On Sun, Aug 26, 2012 at 11:39:07AM -0700, Doug Barton wrote:
>>> On 08/26/2012 05:58, Baptiste Daroussin wrote:
>>> This isn't the security issue I was talking about by having sbin/pkg
>>> pass every command line to local/sbin/pkg.
>>>
>>> You keep saying that you have no objections to changing the name. I am
>>> asking you to do that. I don't care if it is pkg-bootstrap or something
>>> else you like better. But please change the name to not be pkg, and
>>> limit the functionality of the tool to bootstrapping the pkg package.
>>>
>>
>> I received more feedback about keep pkg and changing it to
>> pkg-bootstrap, so what should I do, changing it because you are asking for it?
>
> Would this get better if the bootstrap tool were named pkg and were
> installed on a fresh system at /usr/local/sbin, so that it in effect
> replaces itself with the real thing, and has no need to leave a
> forwarding stub in /usr/sbin ?
>
> Maybe it could rename itself to /usr/local/sbin/pkg-bootstrap as part of
> replacing itself, so that you could re-bootstrap your way out of a
> problem later.
Ew. But on a similar note, an idea I just had in IRC is to have pkgng
overwrite the base /usr/bin/pkg with a link to /usr/local/bin/pkg.
That effectively removes that binary. We do have precedent for ports
overwriting base with sendmail and openssl.
> Hmmm, might have to be careful that future updates don't replace the
> real thing with a newer bootstrap program.
Yes. A link could be detected by installworld and not
overwritten... although that's a hack.
More information about the freebsd-ports
mailing list