Poudriere questions

Guido Falsi mad at madpilot.net
Wed Feb 20 17:07:30 UTC 2013 

On 02/20/13 17:08, Patrick M. Hausen wrote:
> Hello,
>
> we use NanoBSD to build the software installations for our hosting platform
> and I'm trying to better automate the process of building packages.
>
> Poudriere looked like an interesting tool to me, so I tried it. Quite painless,
> but two questions currently remain:
>
> To me it looks like Poudriere populates the build jail/chroot from release
> tarballs fetched from an FTP server - but I'd rather use, say, 8.3p6 as
> the build platform as well as the one at runtime. At ~300+ installed ports
> I simply do not know if anything links statically against base system libraries
> and I want to catch all security updates included in RELENG_X_Y.
> How would I go about that?

I'm not sure I get what you ask. You can make poudriere fetch sources 
from any subversion branch/tag and compile those, instead of using the 
distribution files. For example:

poudriere jail -c -j 91releng -v releng/9.1 -m svn

will fetch sources from the 9.1 security fix branch with all the latest 
security fixes, compile those and crate a new jail.

>
> Second, how do I specify build time options that are not available via the
> dialog most ports use for "make config"? Currently we use an ad hoc shell
> script that simply installs all the ports I want, and the line for e.g. Apache reads:
>
> cd /usr/ports/www/apache22 && make -DBATCH -DPROXY=on -DPROXY_HTTP=on -DSUEXEC=on -DSUEXEC_DOCROOT=/var/apache -DSUEXEC_LOGFILE=/var/apache/GLOBAL/suexec_log install
>
> I can enable all options that simply taken an "on" setting, but what about
> the paths for suexec? Obviously they are critical to the operation of our servers.

I think your best bet is using customized make.conf files in 
/usr/local/etc/poudriere.d.

This is documented well in the CUSTOMIZATION section of the poudriere(8) 
man page.

for example you could create a file make.conf there with the above 
options defined and all jails would read it.

BTW be aware that ports using OPTINSng will prefer their own syntax for 
defining their options in make.conf.

i.e. OPTIONS_SET+= XFT OPENSSL

>
> If this is the wrong list, I can of course take the discussion to -ports or
> anything else more appropriate. The Poudriere wiki doesn't mention
> external ressources besides IRC.

-- 
Guido Falsi <mad at madpilot.net>

More information about the freebsd-stable mailing list