Remove options from poudriere option files for ports which were removed in the port

Michelle Sullivan michelle at
Fri Jul 1 13:38:37 UTC 2016

Miroslav Lachman wrote:
> I don't think it's worth the effort. The old no longer existent 
> options stored in the options files are harmless and simply unused by 
> the ports Makefile. The options files are not intended to be user 
> editable / viewable. The old options will be removed when some changes 
> will be saved.

Most of the time you are correct... however there is a gotcha.. Select a 
non default option, maintainer renames the option, suddenly subsequent 
packages are build without the option..  Not so much of a problem until 
you're talking about something like OpenSSL from Ports and OpenLDAP 
client and GSSAPI in some mix and match and one option suddently changes 
and some other dependent port is fundamentally changed where a security 
issue occurs and the new package is installed without the poor b******d 
looking after the machine realising that on reboot, apache is going to 
break, sudo is going to bread, access to postgresql is going to break 
etc etc etc... (I'm quoting some random sh*te mixed with experience here 
- as don't remember the exact details but I got caught - fortunately in 
my dev environment rather than prod, but you can be certain some will 
just deploy and get nailed... remote access only via SSH and no SU on 
non console etc..)

> And I am not sure that this is a problem of poudriere. I think it's 
> rather issue in ports options framework. Isn't it?
Correct (but also poudriere wouln't get the change either.)

Michelle Sullivan

More information about the freebsd-ports mailing list