binary patches?
Danny Pansters
danny at ricin.com
Thu Mar 15 02:37:25 UTC 2007
On Thursday 15 March 2007 00:55, Beech Rintoul wrote:
<snip>
> This issue comes up about every six months. If you google the mailing
> list you will find extensive discussion about why binary upgrades are
> a bad idea. If you want to upgrade using packages only
> use 'portupgrade -PP'. Bear in mind it takes the package build
> cluster a couple of weeks to catch up. For security reasons we
> (maintainers) don't build packages and building binaries for every
That's not (mainly) for security reasons, it's for QA reasons (as in: does
your port survive a pointyhat run when in some cases there may even be
trouble caused by a dependent package not yours but you may have to deal with
it anyway). That's the main reason for building (and deinstalling) them in a
known environment as the build cluster does.
I do usually make available a (i386) package on my site when I PR a port but I
expect that people who use them know that they're using a stop-gap solution
(while the port isn't committed yet) or perhaps an get outdated package or
one that differs in any way from the "official" one that goes on the FreeBSD
CD and FTP mirrors. In other words I don't do package QA, while the build
cluster and the FreeBSD pkg people do. But it's not a security thing I think.
> possible configuration would place an extreme load on the build
> cluster (not to mention the space required to host them all).
I suspect that the build cluster is waiting for user input after failed builds
mostly ;-) Not building packages for every possible port config is probably
more a people limit than a CPU/RAM horsepower limit. Some poor soul is going
to have to report and/or fix it when it breaks after all...
Cheers,
Dan
More information about the freebsd-questions
mailing list