[RFC/HEADSUP] portmaster default -w (preserve shared libraries)

Matthias Andree mandree at FreeBSD.org
Wed Dec 12 07:57:33 UTC 2012

Am 11.12.2012 20:34, schrieb Jeremy Messenger:

> If can't update all ports then please wait until when you can. I never
> have any problem to update all ports at a time by ran it over night
> time. Or even better, use packages if you can't afford the ports
> system.

This is ridiculous. We know that there have been extended (months!)
periods where we were stuck because all useful versions of some
important library had security vulnerabilities.  The last pain I
recollect was libxul.  Old version vulnerable, no new version, and then
when the new version was around, some dependencies did not work with
libxul-10*.  This would in effect have meant "no update for months".

Bryan, practially, I propose that portmaster should

- list stored libraries on each and every run, and ask that the user
updates those ports that use the old, saved, libraries, pointing to
bsdadminutils and pkg_libchk.

- we may need to save more than just the .so files, namely, the origin
and portname of a saved library so that portmaster can run portaudit
against those names to complain about security issues in saved libraries.

More information about the freebsd-ports mailing list