pkgng package repository tracking security updates

n j nino80 at gmail.com
Mon Jan 14 14:36:24 UTC 2013 

On Mon, Jan 14, 2013 at 3:15 PM, Matthew Seaman <matthew at freebsd.org> wrote:

> On 14/01/2013 13:10, Andrei Brezan wrote:
> > I thing that it's good to wait for ports to compile and to be able to
> > chose your configure options for the packages you install. It's good to
> > know what options you need and what options you don't and why, that's
> > one of the reasons why i'm using FreeBSD. I feel that the goal for pkgng
> > is that you can install your locally built binary packages in a
> > tinderbox on all your infrastructure so you don't have to compile every
> > port on every server. IIRC it was considered too cumbersome to compile
> > all the ports tree for all the architectures supported and provide the
> > so called official binary repositories.
>
> No, that's not *the* goal for pkgng.
>
> The goal is to provide a state-of-the-art binary package management
> system for FreeBSD (and anyone else who would like to use it).
>
> For many users this will entail downloading pre-compiled packages from
> FreeBSD official repositories.  But it will be possible for third
> parties to set up their own repositories, in the same way that eg. the
> Postgresql project has their own Yum repositories for RH-alikes.  It
> will also be possible for people to compile their own packages either
> for direct installation, or to create their own private repositories to
> serve their own networks with their custom configured packages.
>
> And, ideally, people will be able to use a *mix* of the above as best
> suits their needs.
>
>         Cheers,
>
>         Matthew
>

Hi Matthew,

The point of my question was exactly if it was possible to elaborate on the
"pre-compiled packages from FreeBSD official repositories" part. Would it
be possible to have a (security-wise) up-to-date pre-compiled packages in
the official repositories? Note, I don't expect an unreasonable effort here
- I understand there will always be delays between upstream fix --> ports
fix --> up-to-date package and it is acceptable for the binary package to
lag a few days behind the port (depending on the availability of package
building cluster or maintainer upload).

Regards,
-- 
Nino

More information about the freebsd-questions mailing list