Hi Diana,

Diana Eichert wrote on Mon, Aug 07, 2017 at 02:41:36PM -0600:

> I saw the same problem this morning, determined it was wxallowed
> required on /usr.  After updating /usr mount with wxallowed
> Python build continued.

What a terrible idea.  You certainly don't want wxallowed on /usr.

> I did not create a new partition for ports, so it is a directory
> on /usr.

To use messy ports, a separate /usr/local is required, and to build
them, a separate /usr/ports/pobj.

> As Adam stated perhaps an update to faq15?

I think this ought to be documented in the manual pages.
It is a major trap for the unwary.


Index: packages.7
RCS file: /cvs/src/share/man/man7/packages.7,v
retrieving revision 1.41
diff -u -p -r1.41 packages.7
--- packages.7  27 Mar 2017 20:05:51 -0000      1.41
+++ packages.7  8 Aug 2017 16:25:35 -0000
@@ -85,6 +85,16 @@ security issues and
 will warn if those are installed and cannot be updated.
 This prevents a scenario where a bad guy would maintain a partial mirror
 with outdated packages.
+A small number of packages contain insecure code requiring
+.Xr mmap 2
+memory both writeable and executable.
+To use such insecurely written software, a separate
+.Pa /usr/local
+file system with the
+.Cm wxallowed
+.Xr mount 8
+option is needed.
 The package system offers some strong warranties.
 .Ss "Installing a package won't erase existing files"
Index: ports.7
RCS file: /cvs/src/share/man/man7/ports.7,v
retrieving revision 1.113
diff -u -p -r1.113 ports.7
--- ports.7     10 Jul 2017 22:48:00 -0000      1.113
+++ ports.7     8 Aug 2017 16:25:35 -0000
@@ -700,6 +700,12 @@ The default ports directory.
 Ports master Makefile.
 .It Pa /usr/ports/INDEX
 Ports index.
+.It Pa /usr/ports/pobj
+Build directories.
+A number of insecurely coded ports require a dedicated file system with the
+.Cm wxallowed
+.Xr mount 8
 .It Pa /usr/ports/infrastructure/mk/bsd.port.mk
 The ports main engine.
 .It Pa /usr/ports/infrastructure/templates/network.conf.template

Reply via email to