change ports default work directory prefix
mailinglists at toco-domains.de
Wed Oct 7 08:15:11 UTC 2015
> Today in EuroBSDCon's jail working group we discussed changing the
> default for WRKDIRPREFIX to /usr/obj/ports. This has the advantage of
> being able to share the ports tree between host system and jails.
> Another plus is that cleaning all work directories is much faster than a
> recursive make clean.
Speeding up make clean would be nice. Otherwise i've just use a simple
find, because its much faster than the recursive make clean.
> With the current default, exposing the ports tree to jails potentially
> leaks information about installed programs, configured options or host
> specific generated secrets (thinking of LocalSettings.php).
The options are stored under /var/db/ports; therefore this should be saved.
But i believe i did not understand the change you propose. What is the
idea behind this? Do you want the portstree to be sharable with the
jails? In this case the distfiles must be considered. Sometime it is
very nice to share them between the jails. Sometimes i do not want this.
Also the options should be discussed. Do i want them exposed to the
tree? In my history there were cases i want this and sometimes not.
Next thought: why should i share the portstree to my jail? Obviously to
save time/space if every jail use the same tree. If this is the case.
Enabling the portstree exposing optionally to a jail would be very fine.
Therefore i support changing WRKDIRPREFIX. But we need to take care of
the distfiles and the options. distfiles should move out of the
portstree - otherwise the tree must be writable to the jails and this
can case different sideeffects; for example when building the same port
at the same time in different jails.
> On the down side, developers can't by default just copy the port, hack
> away and be sure to only modify files in their respective home directories.
Why? When i'm in a jail and build a port, whould the WRKDIRPREFIX not
apply within the jail? Therefore it should be save to build a port (even
with different options) in host or jail. Or did i miss something?
> bapt@ asked me to discuss this here, also looking for potential other
> pitfalls I have not thought about.
Is there a documentation about the thoughts and pitfalls you already
found? This would be very helpful for a discussion. Otherwise its more
like a guessing. ;)
More information about the freebsd-ports