On 05/22/06 06:45, Steven Hartland wrote:
> Brent Casavant wrote:
>> On Sun, 21 May 2006, Colin Percival wrote:
>
>> So, in short, that's why *I* rarely update ports for security reasons.
>>
>> There are steps that could be taken at the port maintenance level that
>> would work well for my particular case, however that's beyond the
>> scope of the survey. Thanks for taking the time put the survey
>> together, I certainly hope it proves useful.
>
> Perfectly put there Brent portupgrade is all very powerful but:
> * Take an absolute age to do anything but the simplest updates
> * Often fails and needs significant manual fixing
>
> Here its usually 100 times quicker to just do:
> pkg_info | awk '{print $1}' > packages.txt
> cat packages.txt | xargs pkg_delete -f
> cat packages.txt | xargs pkg_add -r
>
> This at least brings you up to a known good set. Alternatively I
> also use something similar but build from ports the problem with
> that is often the ports need to be built with custom options to get
> back to how you started so unless you where very maticuls in
> noting down the options to every port on every machine you
> installed something often goes wrong :(Dropping [EMAIL PROTECTED] The OPTIONS feature stores port preferences and helps a lot with this. Not all ports are converted yet, but that's just a matter of time. My only complaint is that when options are added I'm not prompted for my preference (I just get the default value). I have to go back and manually "make config" if I don't want the default. If automatic prompting for new options is added then we will truly have a "set it and forget it" configuration system. Because I track ports fairly closely and usually catch new options, this hasn't annoyed me enough to fix it... > On good example of portupgrade "going off on one" is a simple > upgrade of mtr we dont install any X on our machines so mtr-nox11 > is installed. Whenever I've tried portupgrade in the past its > always trolled of and started downloading and build the behemoth > that is X, CTRL+C hence always ensues and I forget about upgrading > until I really HAVE to. You have to tell the ports system you don't want X (put the following in /etc/make.conf): WITHOUT_X11= yes There are also ports (like bittorrent) that install GUIs by default. You should also tell the ports system you don't want GUIs: WITHOUT_GUI= yes Some ports will still need the X libs (like graphviz), but that's not a huge deal. -Jonathan -- Jonathan Noack | [EMAIL PROTECTED] | OpenPGP: 0x991D8195
signature.asc
Description: OpenPGP digital signature
