poudriere: "Permission denied" in the extract phase?
saper at saper.info
Tue Feb 27 01:11:27 UTC 2018
On Tue, 27 Feb 2018, Marcin Cieslak wrote:
> On Sun, 25 Feb 2018, Yuri wrote:
> > On 02/25/18 05:37, Marcin Cieslak wrote:
> > > Yes, this is my private port that I am using to produce FreeBSD binaries
> > > for node-sass. Getting binary npm modules into our ports tree is another
> > > conversation.
> > >
> > > The problem here is that a whole thing worked for me before for months
> > > so I am aware of all those limitations for particular build phases
> > > (it took me long to figure out that).
> > npm is an extremely volatile technology. Some package might work now, and then
> > break in a week due to a dependency package update.
> > It continuously automatically updates files that are downloaded as
> > dependencies.
> > NodeJS is largely incompatible with the FreeBSD ports system because of this
> > volatility.
> > NodeJS is also a very insecure technology. It brings files directly from
> > github without any vetting. So if somebody will update some github package
> > with malware, it is extremely likely that next day this malware will end up on
> > your production servers. There is nobody in between, you have to always trust
> > hundreds of parties.
> I think I have some idea how we can tame this somewhat without allowing for
> a wild fetch.
> It seems that I need to learn more about the code that checks the completness
> of the distfiles, since "make checksum" insists on redoing things all again:
> # rm -rf distinfo
> # make makesum
So I don't know what has changed and why but the temporary fix is to
use "if" to check if the desired files are not already there, and
then proceeding with "post-fetch" only if the files are not found.
-------------- next part --------------
A non-text attachment was scrubbed...
Size: 3663 bytes
Desc: S/MIME Cryptographic Signature
More information about the freebsd-ports