How To Install Port Marked IGNORE -- SOLVED

Drew Tomlinson drew at
Mon Feb 24 02:26:43 UTC 2014

On 2/23/2014 5:03 PM, Polytropon wrote:
> On Sun, 23 Feb 2014 16:43:03 -0800, Drew Tomlinson wrote:
>> I'm trying to install net/ntp but get this message:
>> ** Port marked as IGNORE: net/ntp:
>>           is forbidden: CVE-2013-5211 / VU
>> OK, I know about the monlist issue and will address that in my conf
>> file.  Thus I'd like to build and install anyway.  How do I override
>> this?
>> Google posts suggest removing the "IGNORE" from the Makefile.
> A very bad suggestion. You should not mess with port Makefiles,
> especially not for that kind of purpose, to fix a problem by
> creating another problem. :-)
>> However I do not see it in either net/ntp/Makefile or
>> net/ntp/  Where is is?  Or should I do something else?
> It will be set automatically if certain criteria are met.
> You'll find the mechanism and some hints why and where it is
> being used in /usr/ports/Mk/ Let me quote regarding
> the IGNORE mark:
> 	Package build should be skipped entirely (e.g.
> 	because of serious unfixable problems in the build,
> 	because it cannot be manually fetched, etc).
> The reason will be stored in $IGNORE so you can refer to it.
> This shows: Ports marked as IGNORE probably won't build at all.
> If you still want to (try to) build the port, see what "man 7 ports"
> has to offer (except it's refering to FORBIDDEN, not IGNORE):
>       NO_IGNORE     If defined, allow installation of ports marked as
>                     <FORBIDDEN>.  The default behavior of the Ports framework
>                     is to abort when the installation of a forbidden port is
>                     attempted.  Of course, these ports may not work as
>                     expected, but if you really know what you are doing and are
>                     sure about installing a forbidden port, then NO_IGNORE lets
>                     you do it.
> This is what you could try:
> 	# make -D NO_IGNORE install
> But keep in mind that IGNORE isn't there for no particular reason. :-)
Thank you for the nice explanation.  Your suggestion worked.

I believe it is marked IGNORE only because of the security 
vulnerability.  Because this is used on my private LAN and not available 
to the public, I do not believe I am at any risk.  However I have 
followed the configuration recommendations in the alert just to be sure.

Like card tricks?

Visit The Alchemist's Warehouse to
learn card magic secrets for free!

More information about the freebsd-questions mailing list