svn commit: r219181 - head/release
Garrett Cooper
gcooper at FreeBSD.org
Thu Mar 3 20:04:02 UTC 2011
On Thu, Mar 3, 2011 at 11:37 AM, Matthew Jacob <mj at feral.com> wrote:
>
>
>> I think it is a very important feature to ensure release builds are not
>> polluted by local changes in /etc/src.conf, etc. I think it would be good
>> to support both models perhaps, but for our official release builds I
>> think
>> we need the clean environment. I certainly use 'make release' now for my
>> own custom FooBSD builds to get a clean environment.
>>
> While not disagreeing with you on this, one should really always do 'env -i
> PATH=/usr/bin:/bin make release' if you want to ensure non-pollution.
It's more in-depth than that. The only way to ensure that the release
builds are non-tainted without doing a ton of hacks is to create an
untainted chroot/jail for the release build, or do the previous
incantation in release/Makefile, as a number of components can taint
the environment outside of PATH (see nanobsd's build scripts for a
start on this).
My personal preference is to have the scripts and infrastructure exist
within release to do this instead of within release/Makefile, but this
would require changes to any existing infrastructure that anyone
depending on release/Makefile is employing out in the field; on the
bright side maybe release/Makefile and nanobsd could converge because
they'd be using more of the same logic to run things and the things
that would truly differ are just the payload content.
Thanks,
-Garrett
More information about the svn-src-head
mailing list