RELENG_8 buildworld broken?

Jeremy Chadwick freebsd at jdc.parodius.com
Wed Dec 9 21:09:15 UTC 2009 

On Wed, Dec 09, 2009 at 08:55:20PM +0100, Pieter de Goeje wrote:
> On Wednesday 09 December 2009 20:32:39 Kevin Oberman wrote:
> > > Date: Wed, 09 Dec 2009 17:36:26 +0100
> > > From: ocean <ocean_ieee at yahoo.it>
> > > Sender: owner-freebsd-stable at freebsd.org
> > >
> 
> These options are not useless. You can for instance use them to reduce build 
> time and/or install only the binaries required for a jail or an embedded 
> system.
> 
> > In what way is delete-old broken?
> >
> > I agree that src.conf often does not work. Just try to build a system
> > with 'WITHOUT_OPENSSH='. PR with patch to Makefile.inc1 submitted by
> > b.f. three or four months ago. So far, no response.
> >
> > I have seen the really bad suggestion that somehow files not built due
> > to src.conf entries be added to the list of old files to be
> > deleted. PLEASE DON'T DO THAT!
> >
> > The single most important use I have for /etc/src.conf is to avoid
> > system upgrades over-writing the files for ssh and BIND when the ports
> > are installed to overwrite those in the base system. I certainly don't
> > want a delete-old to try to delete the files installed from ports.
> I agree completely. Obsolete files is there for files that will never be built 
> again and are generally useless/broken (or break other stuff) when left on 
> the filesystem. It's called "ObsoleteFiles" for a reason :)

The problem is this:

- User installs OS
- User creates src.conf with numerous WITHOUT_xxx entries.  Examples:

WITHOUT_ATM=true
WITHOUT_BLUETOOTH=true
WITHOUT_HTML=true
WITHOUT_I4B=true
WITHOUT_INET6=true
WITHOUT_IPFILTER=true
WITHOUT_IPX=true
WITHOUT_KERBEROS=true
WITHOUT_NCP=true
WITHOUT_PROFILE=true
WITHOUT_SENDMAIL=true

- User goes through building world + kernel, and installing kernel +
  world per steps in src/Makefile, with all binaries updated sans
  those related to the above src.conf entries.
- User is left with "stale" binaries in /bin, /usr/bin, /usr/lib,
  /usr/libexec, /usr/sbin, and /sbin -- "stale" in this case means
  binaries from when the OS was installed, or when world was last
  built/installed without above src.conf entries.
- User is forced to go through above said directories and cross
  their fingers hoping they're deleting the "right stuff".

Pros to this methodology:

- You can overwrite base system binaries/libs from here on out without
  any risk of world stomping them.
- (with regards to libraries) Not deleting libraries guarantees that
  existing binaries on the system built from ports/self-built software
  which is dynamically-linked will continue to function.

Cons to this methodology:

- User now has binaries and/or libs on their system which may contain
  security holes that could be exploited if exploits/issues are found
  in the future.  This is serious, and anyone who says otherwise has
  their head in the sand.
- User will eventually come across something stale and start wondering
  if it's safe or not to delete, not to mention post to mailing lists
  asking "why wasn't this stuff deleted?"  "Where did this file come
  from?  I have WITHOUT_xxx in my src.conf..."

Basically, all this comes back to the same thing: the entire "base
system" concept needs to be revisited (that's a nice way of saying
"nuked from orbit", but that's my opinion).  Everything should become a
port or a package -- something that's maintainable via pkg_* tools or
similar; src.conf is sort of a bastard to begin with.

This means that a stock FreeBSD system would then lack many useful
features that people have come to depend on out-of-the-box (OpenSSH and
Sendmail being quite possibly the most notable two -- everyone has their
priorities different).  This kind of change would be major, and would
very likely surprise the majority of the userbase.

On the flip side, nothing stops the user from adding the software they
want as a package during OS install time (which either requires them to
be using disc1/disc2 with packages on it, the DVD, or have a network
connection for downloading packages off the net), or can pkg_add -r (or
build them themselves) once the OS is installed.  I mention all of these
because many people install FreeBSD without a network connection.

Linux distributions like Debian and Gentoo have both adopted the "super
bare-bones" concept, forcing all software to be installed via CD/DVD,
off the net, or built via source through their packaging system.
Ubuntu/Kubuntu, same thing.

I believe I was told in the past why this style/method wouldn't be
adopted, and it had something to do with companies like Juniper, Citrix,
etc. relying upon the concept of FreeBSD coming out-of-the-box with
these binaries/libs.  I could be remembering wrong.

-- 
| Jeremy Chadwick                                   jdc at parodius.com |
| Parodius Networking                       http://www.parodius.com/ |
| UNIX Systems Administrator                  Mountain View, CA, USA |
| Making life hard for others since 1977.              PGP: 4BD6C0CB |

More information about the freebsd-stable mailing list