> everyone has different needs of course, but in my 15+ > years of openbsd usage both on desktop and servers i > needed to build ports exactly <counting fingers on 1 > hand, give or take> times.
Same experience my end too with OpenBSD. I have had a couple very rare occasions in a long time that something may have needed to be compiled from ports manually. Mainly as a test case, rather than any real usage of that port. In contrast with other operating systems pretending to offer ports and ease of software installation from sources, where most of the time is wasted on compiling and recompiling to stay on top of updates, due to either lack of packages, or insane (in more than one meaning of the word) defaults and option choices, messed up package managers and dependency hell. Probably sounds pretty familiar to advanced users outside OpenBSD. Newcomers may feel the need to follow habit and run outdated base with recompiling used ports in an attempt to keep a reproducible fixed environment, but that's not the better approach in my opinion. Solutions to this are many and depend on the use case, but the simplest and by far the best starting point is a fixed up (meaning improved, properly updated, recent patches etc with sane flavours) ports one may need and freedom to select snapshots or release, and optionally follow -current or -stable base accordingly. http://www.openbsd.org/faq/faq5.html#Flavors > for important infrastructure software more often than > not security patches are applied also backwards to > -stable releases and a simple pkg_add -u will do the > same as apt-get update/upgrade. of course man-power is > not the same so only the real pressing security issues > get this treatment. This is an important note for newcomers, so they don't feel insecure (or pressed to do compilations) if they select to follow -stable. Yet again, following snapshots in a reproducible (and optionally) automated manner or better - is the most logical choice for anyone devoting their systems to OpenBSD. > in any case, you won't > see ancient software on openbsd servers Yes, similar observations here too and this is considered a good practice no matter manual or automated, what operating system, use case, number of systems etc unless some very special reason exists not to do so. The usual reasons a novice or even power users grow over time are in most cases not the exception to the above. > desktop users tend to live on -current as ports > development follow -current. And it is very easy to keep up with -current in my experience. Recommending this to people coming from Linux (both novice and veterans) for a number of reasons. > the only reasons i had to make packages: > > 1. the package does not come in the FLAVOR > you want, as not all possible combinations > are made into packages (man ports) > for example vim-7.4.692-gtk2-perl-python-ruby > but you want python3-lua-whatever > > 2. making a debug build (to send bug reports) And also potentially the better path towards fixing up and improving the ports normal condition, instead of freezing everything in time and relying on recompilation for security updates. The frozen back in time may even be considered a flawed practice, except when deemed mandatory in special cases. > 3. there is no port for what you want, or your > port was rejected for some reason, it's WIP, etc. > in this case you still get to use the wonderful > scaffolding already in place, and can make > packages often with just a couple of lines > in a Makefile. creates packages you can > update/remove/etc just like "official" ones. This is a good suggestion for power users that need to create reproducible environments on multiple systems, in case the package is not to their taste. May even be extended further to become port maintainer for non existing ports. In my opinion, for most usage cases by far the best reproducible environments are snapshots + selected packages from a mirror and lightweight deployment scripting and then simply following -current and upgrading the various environments according to one's selected procedures. > 4. you don't want to wait until your ports mirror > catches up with its pre-built and you have a > machine with 128G of ram to compile firefox. 5. when the port maintainer is slacking and not updating in longer periods and you experience memory leaks, other faults or need to update for security reasons before port maintainer manages to catch up In this case mailing the respective port maintainer may also be a recommended pro-active approach to fixing the issues for a larger group of people, not just personal needs. > the fact is, openbsd made me into a lazy admin > when it comes to packages, and it is a breath > of fresh air every time i come back from work > (ubuntu/debian/osx). Most definitely the OpenBSD packages is the best process known to me too, and saves a lot of time. Thus provides room for other personal improvements and development, making each user a better skilled one in other areas as well. This is how OpenBSD has helped me achieve more over the years to begin with. Thank you for the excellent summary, this is an example of valuable information to consider for anyone that might need to improve their suggestions to fine tune the migration from Linux FAQ section.
