new package system proposal

Chris Whitehouse cwhiteh at
Fri Apr 10 07:25:20 PDT 2009

Bob Johnson wrote:
> On 4/8/09, Jonathan McKeown <j.mckeown at> wrote:
>> On Tuesday 07 April 2009 23:35:03 Bob Johnson wrote:
>>> On 4/4/09, Chris Whitehouse <cwhiteh at> wrote:

>> The drawback I can see is the disk space required to keep several
>> generations
>> of packages online - if the package-port bundle is rebuilt every three
>> weeks,
>> let's say, and you want to keep 6 months' worth of packages online, you need
>> to keep 9 complete versions available.

Is there a quick way to find out how big are the tarballs without 
downloading them all or adding them up one by one?

My distfiles directory is 1.2gb. I guess you could allow 5gb for each 
cycle, that's only 45gb for 6 months. If that is realistic a 500gb hard 
disk would store 5 years worth. Would anyone want a five year old package?

> I think a bigger drawback is the security issue. As soon as any
> package in the collection has a significant announced security flaw,
> you are faced with the choice of withdrawing the entire collection,
> withdrawing only that package, or leaving the flawed package out there
> for people to use because it is more convenient for them.

Yes this might be an issue> How often are there serious security issues 
with desktop type ports?

> PC-BSD seems to already keep up-to-date binary packages of their
> applications. Do they accomplish that by only offering a small subset
> of the full ports collection?
A big difference with PBI's is that each PBI is self contained "with all 
the files and libraries necessary for the installed program to function" 
(quote from the website). Upside is that it is very easy to install and 
avoids dependency problems. Downside is that it requires more bandwidth 
to download and more disk space.

I did wonder if it would make sense to just use the PBI system. The 
number of packages depends to some extent on individuals volunteering to 
make and maintain them - true FreeBSD style.


More information about the freebsd-questions mailing list