Pare Down Dependencies from Gnome

Tom McLaughlin tmclaugh at sdf.lonestar.org
Sun Apr 2 20:21:34 UTC 2006 

On Sun, 2006-04-02 at 15:24 +0200, Thomas-Martin Seck wrote:
> * Pav Lucistnik <pav at freebsd.org> [gmane.os.freebsd.devel.ports]:
> 
> > [-- text/plain, encoding quoted-printable, charset: ISO-8859-2, 22 lines --]
> > 
> > Thomas-Martin Seck pí?e v ne 02. 04. 2006 v 14:28 +0200:
> > 
> >> > Here we go, gnomevfs2 has this:
> >> > 
> >> > .if exists(${LOCALBASE}/lib/libkrb5.so)
> >> > LIB_DEPENDS+=   krb5:${PORTSDIR}/security/heimdal
> >> > .endif
> >> 
> >> Ack, this is most evil. Could portlint(1) be extended to mark these
> >> constructs as fatal?  Hidden auto-dependencies that cannot be disabled
> >> are really nasty.
> > 
> > What if it's hidden auto-dependency in vendor configure script?
> > 
> > The port merely records the state of reality. Don't blame it for it.
> 
> In my opinion, a port should always be explicit about it's dependencies.
> The ported software itself should be, too and if not, it's a bug IMO.
> Most problems with implicit dependencies in a vendor's configure script
> are often cured by adding "--disable-foo" to CONFIGURE_ARGS unless the
> option is explicitly enabled via an appropriate port option. If there is
> no --disable-foo, then "foo" needs to be an explicit dependency.
> Auto-dependencies that cannot be overridden are - IMO - a big no-no.

There is no --disable-krb5 or --disable-gssapi available in gnomevfs2.
In the case of kerberos you have a weird situation.  Heimdal is a part
of the base and in the majority of installs that version will be used.
The port politely checks to see if the system has a version of Kerberos
installed from ports and if it does, then it assumes that the version
from ports is the prefered version.  You could patch the port to
determine which kerberos port is being used to quiet pkgdb.  (You can
still run into a situation where it is possible that gnomevfs2 will
think security/heimdal or security/krb5 is a dependency but the port is
linked again the base version if the user has not followed all the
instructions about using versions of kerberos from ports.)

Heimdal or MIT Kerberos cannot be an explicit dependency of gnomevfs2
because you run the risk of installing two versions of kerberos on the
same box.  The base version and a ports version.  If the user is not
prepared for that they inevitably end up with weird crashes because of
the conflicting versions.  Nor is the use of the ports version of
Heimdal or MIT necessary in most cases.  Some ports out there do
explicitly require the ports version of Heimdal which is bad such as
postgresql.  Heimdal from base should be patched to alleviate the need
for these situations.  Right now I just patch ports to work with the
base version as a workaround when I run into them.

(If someone is looking for something to do, trying working out an easy
way to handle all three versions of Kerberos in a uniform way within the
ports tree and avoids the hassles people often run into when using
versions from the ports tree.)

Tom

-- 
| tmclaugh at sdf.lonestar.org             tmclaugh at FreeBSD.org |
| FreeBSD                                   http://www.FreeBSD.org |
| BSD#                    http://www.mono-project.com/Mono:FreeBSD |

More information about the freebsd-ports mailing list