Welcome flavors! portmaster now dead? synth?
Roger Marquis
marquis at roble.com
Mon Dec 4 19:04:30 UTC 2017
Jonathan Chen wrote:
>Thomas Mueller <mueller6722 at twc.com> wrote:
>> I can still see possible use for portmaster in that something has to
>be used to build synth or poudriere from source.
>You don't need portmaster for that. You just need make(1).
This is what we do plus a few extras to share the resulting ports across
systems:
* instead of 'make install' use 'make package && pkg add' like
OpenBSD
* the package directory is updated with each new package
'cd /usr/ports/packages/All && pkg repo'
* the resulting repo is shared across jails using null mounts and/or
across hosts using apache or nginx
This has certain benefits over poudriere:
* KIS
* it is straightforward to update only ports with security
vulnerabilities
* works seamlessly in a jail, with or without zfs
* requires less cpu and disk
On the downside:
* haven't yet automated the entire process (pkg audit ; make
package ; (pkg add ; service restart))
* base cannot (yet) be updated this way even on hosts/jails with
packaged base
* 'pkg audit' is not as up-to-date or reliable as the same
functionality on Linux (tor, for example, has been vulnerable since
12/1, had an updated Makefile since 12/2, yet there is still no
mention of it in vuxml, 3 days and one 'cd security/vuxml;make
newentry' later)
FWIW,
Roger Marquis
More information about the freebsd-ports
mailing list