How To Install Port Marked IGNORE -- SOLVED
Drew Tomlinson
drew at mykitchentable.net
Mon Feb 24 02:26:43 UTC 2014
On 2/23/2014 5:03 PM, Polytropon wrote:
> On Sun, 23 Feb 2014 16:43:03 -0800, Drew Tomlinson wrote:
>> I'm trying to install net/ntp but get this message:
>>
>> ** Port marked as IGNORE: net/ntp:
>> is forbidden: CVE-2013-5211 / VU
>>
>> OK, I know about the monlist issue and will address that in my conf
>> file. Thus I'd like to build and install anyway. How do I override
>> this?
>> Google posts suggest removing the "IGNORE" from the Makefile.
> A very bad suggestion. You should not mess with port Makefiles,
> especially not for that kind of purpose, to fix a problem by
> creating another problem. :-)
>
>
>
>> However I do not see it in either net/ntp/Makefile or
>> net/ntp/Makefile.inc. Where is is? Or should I do something else?
> It will be set automatically if certain criteria are met.
> You'll find the mechanism and some hints why and where it is
> being used in /usr/ports/Mk/bsd.port.mk. Let me quote regarding
> the IGNORE mark:
>
> Package build should be skipped entirely (e.g.
> because of serious unfixable problems in the build,
> because it cannot be manually fetched, etc).
>
> The reason will be stored in $IGNORE so you can refer to it.
> This shows: Ports marked as IGNORE probably won't build at all.
>
> If you still want to (try to) build the port, see what "man 7 ports"
> has to offer (except it's refering to FORBIDDEN, not IGNORE):
>
> NO_IGNORE If defined, allow installation of ports marked as
> <FORBIDDEN>. The default behavior of the Ports framework
> is to abort when the installation of a forbidden port is
> attempted. Of course, these ports may not work as
> expected, but if you really know what you are doing and are
> sure about installing a forbidden port, then NO_IGNORE lets
> you do it.
>
> This is what you could try:
>
> # make -D NO_IGNORE install
>
> But keep in mind that IGNORE isn't there for no particular reason. :-)
Thank you for the nice explanation. Your suggestion worked.
I believe it is marked IGNORE only because of the security
vulnerability. Because this is used on my private LAN and not available
to the public, I do not believe I am at any risk. However I have
followed the configuration recommendations in the alert just to be sure.
--
Like card tricks?
Visit The Alchemist's Warehouse to
learn card magic secrets for free!
http://alchemistswarehouse.com
More information about the freebsd-questions
mailing list