Growing list of required(ish) ports

Freddie Cash fjwcash at
Mon Apr 8 15:26:54 UTC 2013

Note:  I may have messed up the quoting/attribution by snipping things.

On Sun, Apr 7, 2013 at 10:11 PM, Kevin Oberman <rkoberman at> wrote:

> On Sun, Apr 7, 2013 at 8:34 PM, Kimmo Paasiala <kpaasial at> wrote:
> > > On the other hand, there are a number of things that I think should be
> > > pulled out of base.  Some already have ports, and others would need
> > > ports created.  Examples of things to pull out of base are OpenSSL,
> > > Heimdal, OpenSSH, PF, ntpd, ipfilter, bind, sendmail, and others.
> > > Code that is typically way behind the upstream project basically.
> > >
> >
> > I think Bryan already explained the reasons why pkg should not be in
> > base, it's an external tool that is not strictly required to get a bare
> > bones FreeBSD system up and running. Including it in base you create
> > yet another maintainance burden and would slow down the development of
> > the ports/packages management tools.
> What people seem to miss is that putting tools into the base system
> strangles the tools. Look at the difficulty we have seen in updating
> openssl. perl was removed from base for exactly that reason. Once something
> is in base, it usually can only be updated  on major releases and even then
> it can be very complicated. That is a problem for any dynamically changing
> tool.
> I would love to see BIND removed from base, but most of the things  you
> listed really are hard to remove. I know that I don't want to try bringing
> up a new install of FreeBSD on a remote system without OpenSSH and that
> pulls in openssl.  In the case of many tools, it really turns into a
> bikeshed. But i can see no reason to add any of the new packaging tools
> simply because it is critical that updates be possible far  more often than
> is possible for the base system.
> Moving OpenSSH, OpenSSL, etc into the ports tree, but making the pkgs
available on the installation media, and having a final hook at the end to
install "required" pkgs, would solve that.  There's already a "do you want
to enable OpenSSH daemon" question in the installed, so adding "pkg add
/path/to/openssh-x.y.z.txz" wouldn't be hard.

Same for bind, sendmail, kerberos, etc.  For instance, just add a "daemon
selection screen" for each bit removed from base, to select which ones you
want installed as part of the OS install.

The hard part comes in finding stub/clients for each item moved to a pkg,
such that a desktop-oriented install is not hampered (ie, SSH client is
usable, DNS lookups can be done, local mail can be generated/delivered,

The really hard part is coming up with a migration path for those who
upgrade via source builds.
Freddie Cash
fjwcash at

More information about the freebsd-ports mailing list