Discussion on moving manpages to ${PREFIX}/share/man

[Yasuhiro KIMURA]

Hello,

Commit message of ports r484628 says as following.

--
r484628 | bapt | 2018-11-11 03:12:57 +0900 (Sun, 11 Nov 2018) | 23 lines

Install texinfo files (GNU info) into ${PREFIX}/share/info

After a discussion on the mailing list on moving manpages to
${PREFIX}/share/man for consistency with base where it is
installed in usr/share/man, it appeared the same should happen
to GNU info files which were installed under share in base and
not in ports.
--

I checked 2018's archive of this ML but couldn't find such thread.
Would someone please tell me where this discussion took place?

Best Regards.

---
Yasuhiro KIMURA
___
freebsd-ports@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/freebsd-ports
To unsubscribe, send any mail to "freebsd-ports-unsubscr...@freebsd.org"

Re: sed failed: backup file same as original

[Mathieu Arnold]

On Fri, Jan 10, 2020 at 08:07:40PM +0100, w.schwarzenfeld wrote:
> Ok, got my wires crossed. I understand it.

Just to be sure you get it right, it tells you that these files have
REINPLACE_CMD on them that do nothing.  It may be because it is only
replacing /usr/local with ${LOCALBASE} which is also /usr/local, it can
also be because it used to be useful but is no longer.

-- 
Mathieu Arnold


signature.asc
Description: PGP signature

Re: replacement of security/ipsec-tools

[Michael Grimm]

Victor Sudakov  wrote:
> Michael Grimm wrote:

First of all, I'd like to thank all of you for your input, which helped a lot.

>> I am running ipsec-tools to implement a VPN tunnel (esp) between two hosts 
>> for years now.
>> 
>> But this statement on http://ipsec-tools.sourceforge.net makes me think 
>> about an alternative:
>>  The development of ipsec-tools has been ABANDONED. 
>>  ipsec-tools has security issues, and you should not use it. Please 
>> switch to a secure alternative! 
>> 
>> Could you provide me with links where I could find more details about the 
>> above mentioned 'security issues'? I want to find out, if my specific setup 
>> has security issues at all. Thanks.

Well, now I do know that security patches have been applied to 
security/ipsec-tools. Thus one can ignore "Please switch to a secure 
alternative!"

>> What would be a secure alternative if one is needed? 
>>  #) security/racoon2
>>  #) security/strongswan
>>  #) something else?
> 
> There was also security/isakmpd but is marked as BROKEN now.
> 
> I've been told that strongswan works on FreeBSD. I've tried installing
> strongswan, but it looks too complex and tricky in comparison with
> racoon.
> 
> If you ever find good documentation/howto  for strongswan on FreeBSD,
> please share with me.

Sorry, but I never tried strongswan as a replacement, mainly due to the reasons 
you mentioned as well: I couldn't get it running. Thus I used racoon instead.

Kurt mentioned wireguard. I could get the tunnel running, but I failed in 
getting the routing at both sites running (in my preliminary tests).

Then this mail made my day:

>> What do I need?
>>  #) a VPN tunnel between two hosts
>>  #) both local networks reachable from the remote host
> 
> That is what kernel IPSec is for, you can even do it on static keys
> without any ISAKMP daemon like racoon. See an example in if_ipsec(4).

I did install my IPSEC/racoon tunnel many years ago and missed the recent 
implementation of if_ipsec completely. 

Victor, thank you very, very much for pointing me to this interface. Now, my 
tunnel is far less complicated to implement[1], and I will no longer need 
security/ipsec-tools at all! 

[1] Following if_ipsec(4) and 
https://github.com/opnsense/core/issues/2332#issuecomment-379181820, because 
the example with "right" and "left" notation helped to understand if_ipsec(4) 
better (for me).

Thanks and regards,
Michael 


___
freebsd-ports@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/freebsd-ports
To unsubscribe, send any mail to "freebsd-ports-unsubscr...@freebsd.org"