binary patches?

Danny Pansters danny at
Thu Mar 15 02:37:25 UTC 2007

On Thursday 15 March 2007 00:55, Beech Rintoul wrote:


> This issue comes up about every six months. If you google the mailing
> list you will find extensive discussion about why binary upgrades are
> a bad idea. If you want to upgrade using packages only
> use 'portupgrade -PP'. Bear in mind it takes the package build
> cluster a couple of weeks to catch up. For security reasons we
> (maintainers) don't build packages and building binaries for every

That's not (mainly) for security reasons, it's for QA reasons (as in: does 
your port survive a pointyhat run when in some cases there may even be 
trouble caused by a dependent package not yours but you may have to deal with 
it anyway). That's the main reason for building (and deinstalling) them in a 
known environment as the build cluster does. 

I do usually make available a (i386) package on my site when I PR a port but I 
expect that people who use them know that they're using a stop-gap solution 
(while the port isn't committed yet) or perhaps an get outdated package or 
one that differs in any way from the "official" one that goes on the FreeBSD 
CD and FTP mirrors. In other words I don't do package QA, while the build 
cluster and the FreeBSD pkg people do. But it's not a security thing I think.

> possible configuration would place an extreme load on the build
> cluster (not to mention the space required to host them all).

I suspect that the build cluster is waiting for user input after failed builds 
mostly ;-) Not building packages for every possible port config is probably 
more a people limit than a CPU/RAM horsepower limit. Some poor soul is going 
to have to report and/or fix it when it breaks after all...



More information about the freebsd-questions mailing list