Re: pkgng suggestion: renaming /usr/sbin/pkg to /usr/sbin/pkg-bootstrap
On 01-09-2012 21:40, Matthew Seaman wrote: On 01/09/2012 18:43, Tijl Coosemans wrote: In this scenario the ports tree needs to keep support for older releases, but that's a consequence of the fact that there's only one ports tree for all releases. Somewhere in between the ports and the various releases there has to be some form encapsulation, not just for pkg, but for all the tools used by the ports tree. Given how the ports tree currently encapsulates both the old and new pkg tools I don't see how supporting multiple versions of pkgng would be a problem because presumably the difference between pkgng versions is going to be much smaller than the difference between the old and new tools. New functionality already in the process of development will entail making non-backwards compatible changes to the DB schema. If we're tied to supporting a version of pkgng bundled with a release, that's going to make rolling out such changes much harder. On the other hand, if pkgng is in ports, then we can release a new version and simultaneously publish new package sets (incorporating the update to pkgng) from the repositories which will have been built using the updated DB schema. But you cannot update the pkgng repo on the release DVDs. And also, there's no such thing as simultaneous. After you've updated the port it takes days even weeks for the package build cluster to rebuild package sets for all branches and all architectures (think powerpc, sparc64) and then it takes even more time for the ftp mirrors to pick up the new set from the master ftp and it takes even more time for a user to actually update his ports/packages (months to years). During all this time there can be a difference in version (possibly several versions) between the pkgng in ports, the pkgng of the official repositories and the pkgng version that is currently installed on the user's system. The ports tree doesn't track the versioning of the base system, and it makes perfect sense to me that tools for dealing with the ports should follow changes to ports rather than changes to the base. How about the following: If you can guarantee that the pkg port can always be built and installed from ports no matter what version of pkg is currently installed, then the ports tree only needs to support the version of pkg that is currently in the tree. Guaranteeing that the pkg port can always be built probably means it should set a flag in its Makefile (e.g.BUILDING_PKG) that causes bsd.port.mk to not use pkg at all until after installation (so it cannot do conflicts checking for instance). During installation the port also updates the local pkg registry such that after installation bsd.port.mk can register the package with the new pkg version. Special-casing the pkg port this way effectively creates a bootstrap in the ports tree itself (instead of having a pkg-bootstrap tool in base or during FreeBSD installation). Similarly, for package users, pkg should always be able to update itself from a remote repo no matter what version is currently installed. jhb's idea of putting pkg in a self extracting script in a fixed location of a package repo is probably the most flexible. This creates a bootstrap in every pkg repo. And then you can put pkg with a pkg repo on FreeBSD release media as well, such that packages (including pkg) can be installed during and after installation without needing an internet connection. If there is an internet connection and the user wants to install packages from a remote repo, the pkg on the release media can fetch and install pkg from the repo and then that pkg can be used to install other packages. I'd be ok with this. The ports tree only has to support one version of pkgng, there's no separate bootstrap tool, release media are nicely self-contained and no matter how outdated a user's installed packages are he can always update using either ports or packages. signature.asc Description: OpenPGP digital signature
Re: pkgng suggestion: renaming /usr/sbin/pkg to /usr/sbin/pkg-bootstrap
On 31-08-2012 14:22, Baptiste Daroussin wrote: On Fri, Aug 31, 2012 at 08:10:50AM -0400, John Baldwin wrote: On Friday, August 31, 2012 5:59:10 am Baptiste Daroussin wrote: On Thu, Aug 30, 2012 at 01:02:06PM -1000, Doug Barton wrote: I agree with John on all counts here. Further, the idea of a self-installing package, at least for the pkg stuff itself, addresses the issue that someone else brought up about how to handle installation of pkg by the installer for a new system. I like the idea of also providing a self-installing package, and it seems really easy to do, so I'll try to see what I can do in this area I'll wrote a PoC in 5 minutes which looks pretty good, this could also be a very simple and easy way to integrate into bsdinstaller. I'll do work in that direction. Still it doesn't solve the problem of boostrapping pkgng in a fresh new box, because the user may not know where to download the pkg-setup.sh. I do think that is something bsdinstall should be able to handle, and I would certainly want bsdinstall to include a dialog that says do you want to install the package manager? Of course this is being worked on by dteske@ on his bsdconfig scripts, so yes in anycase the bsdinstaller will end up with a boostrap dialog to install pkgng. Something else I thought of, you can't assume there's a working internet connection during installation. And also, even if there is a connection, can you guarantee that the downloaded pkg supports the packages on the dvd for the lifetime of the release? I really think you should just do vendor imports of pkg in base and include pkg on the dvd. There's no bootstrap problem then and the dvd is nicely self-contained. It also shouldn't be a problem to keep the official pkg repo for that release compatible with it. Just keep using the same version of pkg to create the repo. You've been able to develop and introduce pkgng without breaking older releases which shows having pkg tools tied to releases was never a problem. All that was needed was to move pkg development outside base. You should be able to do pkg 2.0 development in the same way. And when that new version is ready you import betas and release candidates in head and use current users as testers, just like is done with clang. In this scenario the ports tree needs to keep support for older releases, but that's a consequence of the fact that there's only one ports tree for all releases. Somewhere in between the ports and the various releases there has to be some form encapsulation, not just for pkg, but for all the tools used by the ports tree. Given how the ports tree currently encapsulates both the old and new pkg tools I don't see how supporting multiple versions of pkgng would be a problem because presumably the difference between pkgng versions is going to be much smaller than the difference between the old and new tools. signature.asc Description: OpenPGP digital signature
Re: pkgng suggestion: renaming /usr/sbin/pkg to /usr/sbin/pkg-bootstrap
On 9/1/2012 7:43 PM, Tijl Coosemans wrote: On 31-08-2012 14:22, Baptiste Daroussin wrote: On Fri, Aug 31, 2012 at 08:10:50AM -0400, John Baldwin wrote: On Friday, August 31, 2012 5:59:10 am Baptiste Daroussin wrote: On Thu, Aug 30, 2012 at 01:02:06PM -1000, Doug Barton wrote: I agree with John on all counts here. Further, the idea of a self-installing package, at least for the pkg stuff itself, addresses the issue that someone else brought up about how to handle installation of pkg by the installer for a new system. I like the idea of also providing a self-installing package, and it seems really easy to do, so I'll try to see what I can do in this area I'll wrote a PoC in 5 minutes which looks pretty good, this could also be a very simple and easy way to integrate into bsdinstaller. I'll do work in that direction. Still it doesn't solve the problem of boostrapping pkgng in a fresh new box, because the user may not know where to download the pkg-setup.sh. I do think that is something bsdinstall should be able to handle, and I would certainly want bsdinstall to include a dialog that says do you want to install the package manager? Of course this is being worked on by dteske@ on his bsdconfig scripts, so yes in anycase the bsdinstaller will end up with a boostrap dialog to install pkgng. Something else I thought of, you can't assume there's a working internet connection during installation. And also, even if there is a connection, can you guarantee that the downloaded pkg supports the packages on the dvd for the lifetime of the release? The packages set included on the dvd will probably be EOLed before the lifetime of the release. I really think you should just do vendor imports of pkg in base and include pkg on the dvd. There's no bootstrap problem then and the dvd is nicely self-contained. It also shouldn't be a problem to keep the official pkg repo for that release compatible with it. Just keep using the same version of pkg to create the repo. You've been able to develop and introduce pkgng without breaking older releases which shows having pkg tools tied to releases was never a problem. All that was needed was to move pkg development outside base. You should be able to do pkg 2.0 development in the same way. And when that new version is ready you import betas and release candidates in head and use current users as testers, just like is done with clang. In this scenario the ports tree needs to keep support for older releases, but that's a consequence of the fact that there's only one ports tree for all releases. Somewhere in between the ports and the various releases there has to be some form encapsulation, not just for pkg, but for all the tools used by the ports tree. Given how the ports tree currently encapsulates both the old and new pkg tools I don't see how supporting multiple versions of pkgng would be a problem because presumably the difference between pkgng versions is going to be much smaller than the difference between the old and new tools. ___ freebsd-ports@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-ports To unsubscribe, send any mail to freebsd-ports-unsubscr...@freebsd.org
Re: pkgng suggestion: renaming /usr/sbin/pkg to /usr/sbin/pkg-bootstrap
On Thu, Aug 30, 2012 at 01:02:06PM -1000, Doug Barton wrote: On 08/30/2012 07:32 AM, John Baldwin wrote: On Thursday, August 30, 2012 1:10:24 pm Chris Rees wrote: On 30 Aug 2012 18:03, John Baldwin j...@freebsd.org wrote: I agree with John on all counts here. Further, the idea of a self-installing package, at least for the pkg stuff itself, addresses the issue that someone else brought up about how to handle installation of pkg by the installer for a new system. I like the idea of also providing a self-installing package, and it seems really easy to do, so I'll try to see what I can do in this area I'll wrote a PoC in 5 minutes which looks pretty good, this could also be a very simple and easy way to integrate into bsdinstaller. I'll do work in that direction. Still it doesn't solve the problem of boostrapping pkgng in a fresh new box, because the user may not know where to download the pkg-setup.sh. regards, Bapt pgplT8J8RNhd5.pgp Description: PGP signature
Re: pkgng suggestion: renaming /usr/sbin/pkg to /usr/sbin/pkg-bootstrap
On Friday, August 31, 2012 5:59:10 am Baptiste Daroussin wrote: On Thu, Aug 30, 2012 at 01:02:06PM -1000, Doug Barton wrote: On 08/30/2012 07:32 AM, John Baldwin wrote: On Thursday, August 30, 2012 1:10:24 pm Chris Rees wrote: On 30 Aug 2012 18:03, John Baldwin j...@freebsd.org wrote: I agree with John on all counts here. Further, the idea of a self-installing package, at least for the pkg stuff itself, addresses the issue that someone else brought up about how to handle installation of pkg by the installer for a new system. I like the idea of also providing a self-installing package, and it seems really easy to do, so I'll try to see what I can do in this area I'll wrote a PoC in 5 minutes which looks pretty good, this could also be a very simple and easy way to integrate into bsdinstaller. I'll do work in that direction. Still it doesn't solve the problem of boostrapping pkgng in a fresh new box, because the user may not know where to download the pkg-setup.sh. I do think that is something bsdinstall should be able to handle, and I would certainly want bsdinstall to include a dialog that says do you want to install the package manager? -- John Baldwin ___ freebsd-ports@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-ports To unsubscribe, send any mail to freebsd-ports-unsubscr...@freebsd.org
Re: pkgng suggestion: renaming /usr/sbin/pkg to /usr/sbin/pkg-bootstrap
On Fri, Aug 31, 2012 at 08:10:50AM -0400, John Baldwin wrote: On Friday, August 31, 2012 5:59:10 am Baptiste Daroussin wrote: On Thu, Aug 30, 2012 at 01:02:06PM -1000, Doug Barton wrote: On 08/30/2012 07:32 AM, John Baldwin wrote: On Thursday, August 30, 2012 1:10:24 pm Chris Rees wrote: On 30 Aug 2012 18:03, John Baldwin j...@freebsd.org wrote: I agree with John on all counts here. Further, the idea of a self-installing package, at least for the pkg stuff itself, addresses the issue that someone else brought up about how to handle installation of pkg by the installer for a new system. I like the idea of also providing a self-installing package, and it seems really easy to do, so I'll try to see what I can do in this area I'll wrote a PoC in 5 minutes which looks pretty good, this could also be a very simple and easy way to integrate into bsdinstaller. I'll do work in that direction. Still it doesn't solve the problem of boostrapping pkgng in a fresh new box, because the user may not know where to download the pkg-setup.sh. I do think that is something bsdinstall should be able to handle, and I would certainly want bsdinstall to include a dialog that says do you want to install the package manager? -- John Baldwin ___ freebsd-ports@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-ports To unsubscribe, send any mail to freebsd-ports-unsubscr...@freebsd.org Of course this is being worked on by dteske@ on his bsdconfig scripts, so yes in anycase the bsdinstaller will end up with a boostrap dialog to install pkgng. regards, Bapt pgp9zF6fXKBSf.pgp Description: PGP signature
Re: pkgng suggestion: renaming /usr/sbin/pkg to /usr/sbin/pkg-bootstrap
On 31 Aug 2012 13:15, John Baldwin j...@freebsd.org wrote: On Friday, August 31, 2012 5:59:10 am Baptiste Daroussin wrote: On Thu, Aug 30, 2012 at 01:02:06PM -1000, Doug Barton wrote: On 08/30/2012 07:32 AM, John Baldwin wrote: On Thursday, August 30, 2012 1:10:24 pm Chris Rees wrote: On 30 Aug 2012 18:03, John Baldwin j...@freebsd.org wrote: I agree with John on all counts here. Further, the idea of a self-installing package, at least for the pkg stuff itself, addresses the issue that someone else brought up about how to handle installation of pkg by the installer for a new system. I like the idea of also providing a self-installing package, and it seems really easy to do, so I'll try to see what I can do in this area I'll wrote a PoC in 5 minutes which looks pretty good, this could also be a very simple and easy way to integrate into bsdinstaller. I'll do work in that direction. Still it doesn't solve the problem of boostrapping pkgng in a fresh new box, because the user may not know where to download the pkg-setup.sh. I do think that is something bsdinstall should be able to handle, and I would certainly want bsdinstall to include a dialog that says do you want to install the package manager? Putting aside my previous emotional red herring, this is a great idea; I don't see how it's different from a base binary, but OK. I don't see the need to be prompted-- it's not like the base system doesn't have other larger amounts of software that is useless to many. Can't it just go in? Chris ___ freebsd-ports@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-ports To unsubscribe, send any mail to freebsd-ports-unsubscr...@freebsd.org
Re: pkgng suggestion: renaming /usr/sbin/pkg to /usr/sbin/pkg-bootstrap
On 31-08-2012 14:22, Baptiste Daroussin wrote: On Fri, Aug 31, 2012 at 08:10:50AM -0400, John Baldwin wrote: On Friday, August 31, 2012 5:59:10 am Baptiste Daroussin wrote: On Thu, Aug 30, 2012 at 01:02:06PM -1000, Doug Barton wrote: I agree with John on all counts here. Further, the idea of a self-installing package, at least for the pkg stuff itself, addresses the issue that someone else brought up about how to handle installation of pkg by the installer for a new system. I like the idea of also providing a self-installing package, and it seems really easy to do, so I'll try to see what I can do in this area I'll wrote a PoC in 5 minutes which looks pretty good, this could also be a very simple and easy way to integrate into bsdinstaller. I'll do work in that direction. Still it doesn't solve the problem of boostrapping pkgng in a fresh new box, because the user may not know where to download the pkg-setup.sh. I do think that is something bsdinstall should be able to handle, and I would certainly want bsdinstall to include a dialog that says do you want to install the package manager? Of course this is being worked on by dteske@ on his bsdconfig scripts, so yes in anycase the bsdinstaller will end up with a boostrap dialog to install pkgng. ...using a mechanism that will be supported for the lifetime of the release. My concern is that the problem with the pkg tools was never that they were tied to FreeBSD releases. If that were true then you cannot accept the bootstrap solution above because it has exactly the same problems. The problem in my opinion was simply that the source code lived in src where ports developers didn't have good access to it. And the solution for that is to turn pkg development into a third party project and import that into base from time to time. There can also be a port for it so people can use more recent versions if they want to. That's the situation for several third party tools in base. Given that the ports tree is currently supporting both the old and new pkg tools I don't think it would be a problem for them to support older versions of pkgng when the time comes, especially since the database used by pkgng is much more flexible and you can execute any sql query on it. I also suspect that with pkgng's deployment features the temptation to package and deploy base with it are going to be bigger. And if that happens you want to ship a version of pkg on the release media and be able to do package management from the fixit shell. It would also be nice if the installation could fetch the latest security fixes for the release and install the latest packages so you don't have to install a browser with known vulnerabilities, etc. signature.asc Description: OpenPGP digital signature
Re: pkgng suggestion: renaming /usr/sbin/pkg to /usr/sbin/pkg-bootstrap
On Fri, Aug 31, 2012 at 8:47 AM, Tijl Coosemans t...@coosemans.org wrote: On 31-08-2012 14:22, Baptiste Daroussin wrote: On Fri, Aug 31, 2012 at 08:10:50AM -0400, John Baldwin wrote: On Friday, August 31, 2012 5:59:10 am Baptiste Daroussin wrote: On Thu, Aug 30, 2012 at 01:02:06PM -1000, Doug Barton wrote: I agree with John on all counts here. Further, the idea of a self-installing package, at least for the pkg stuff itself, addresses the issue that someone else brought up about how to handle installation of pkg by the installer for a new system. I like the idea of also providing a self-installing package, and it seems really easy to do, so I'll try to see what I can do in this area I'll wrote a PoC in 5 minutes which looks pretty good, this could also be a very simple and easy way to integrate into bsdinstaller. I'll do work in that direction. Still it doesn't solve the problem of boostrapping pkgng in a fresh new box, because the user may not know where to download the pkg-setup.sh. I do think that is something bsdinstall should be able to handle, and I would certainly want bsdinstall to include a dialog that says do you want to install the package manager? Of course this is being worked on by dteske@ on his bsdconfig scripts, so yes in anycase the bsdinstaller will end up with a boostrap dialog to install pkgng. ...using a mechanism that will be supported for the lifetime of the release. My concern is that the problem with the pkg tools was never that they were tied to FreeBSD releases. If that were true then you cannot accept the bootstrap solution above because it has exactly the same problems. The problem in my opinion was simply that the source code lived in src where ports developers didn't have good access to it. And the solution for that is to turn pkg development into a third party project and import that into base from time to time. There can also be a port for it so people can use more recent versions if they want to. That's the situation for several third party tools in base. Given that the ports tree is currently supporting both the old and new pkg tools I don't think it would be a problem for them to support older versions of pkgng when the time comes, especially since the database used by pkgng is much more flexible and you can execute any sql query on it. I also suspect that with pkgng's deployment features the temptation to package and deploy base with it are going to be bigger. And if that happens you want to ship a version of pkg on the release media and be able to do package management from the fixit shell. It would also be nice if the installation could fetch the latest security fixes for the release and install the latest packages so you don't have to install a browser with known vulnerabilities, etc. That seems easy to solve with symlinks and/or putting the tarball in the release directory, so that way bsdconfig downloads the copy that lives out in the release directory instead of the latest version in ports. Once development stabilizes a bit more, it might be wise to maintain multiple `release branches` of pkgng so it's possible to maintain the level of compatibility that FreeBSD users typically expect. Thanks, -Garrett ___ freebsd-ports@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-ports To unsubscribe, send any mail to freebsd-ports-unsubscr...@freebsd.org
Re: pkgng suggestion: renaming /usr/sbin/pkg to /usr/sbin/pkg-bootstrap
On Fri, Aug 31, 2012 at 2:59 AM, Baptiste Daroussin b...@freebsd.org wrote: On Thu, Aug 30, 2012 at 01:02:06PM -1000, Doug Barton wrote: On 08/30/2012 07:32 AM, John Baldwin wrote: On Thursday, August 30, 2012 1:10:24 pm Chris Rees wrote: On 30 Aug 2012 18:03, John Baldwin j...@freebsd.org wrote: I agree with John on all counts here. Further, the idea of a self-installing package, at least for the pkg stuff itself, addresses the issue that someone else brought up about how to handle installation of pkg by the installer for a new system. ... Still it doesn't solve the problem of boostrapping pkgng in a fresh new box, because the user may not know where to download the pkg-setup.sh. A bit self-referential, but why not do something similar to what I proposed on http://docs.freebsd.org/cgi/getmsg.cgi?fetch=120111+0+current/freebsd-ports ? Thanks, -Garrett ___ freebsd-ports@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-ports To unsubscribe, send any mail to freebsd-ports-unsubscr...@freebsd.org
Re: pkgng suggestion: renaming /usr/sbin/pkg to /usr/sbin/pkg-bootstrap
On 31 August 2012 16:47, Tijl Coosemans t...@coosemans.org wrote: On 31-08-2012 14:22, Baptiste Daroussin wrote: On Fri, Aug 31, 2012 at 08:10:50AM -0400, John Baldwin wrote: On Friday, August 31, 2012 5:59:10 am Baptiste Daroussin wrote: On Thu, Aug 30, 2012 at 01:02:06PM -1000, Doug Barton wrote: I agree with John on all counts here. Further, the idea of a self-installing package, at least for the pkg stuff itself, addresses the issue that someone else brought up about how to handle installation of pkg by the installer for a new system. I like the idea of also providing a self-installing package, and it seems really easy to do, so I'll try to see what I can do in this area I'll wrote a PoC in 5 minutes which looks pretty good, this could also be a very simple and easy way to integrate into bsdinstaller. I'll do work in that direction. Still it doesn't solve the problem of boostrapping pkgng in a fresh new box, because the user may not know where to download the pkg-setup.sh. I do think that is something bsdinstall should be able to handle, and I would certainly want bsdinstall to include a dialog that says do you want to install the package manager? Of course this is being worked on by dteske@ on his bsdconfig scripts, so yes in anycase the bsdinstaller will end up with a boostrap dialog to install pkgng. ...using a mechanism that will be supported for the lifetime of the release. My concern is that the problem with the pkg tools was never that they were tied to FreeBSD releases. If that were true then you cannot accept the bootstrap solution above because it has exactly the same problems. The problem in my opinion was simply that the source code lived in src where ports developers didn't have good access to it. And the solution for that is to turn pkg development into a third party project and import that into base from time to time. There can also be a port for it so people can use more recent versions if they want to. That's the situation for several third party tools in base. Given that the ports tree is currently supporting both the old and new pkg tools I don't think it would be a problem for them to support older versions of pkgng when the time comes, especially since the database used by pkgng is much more flexible and you can execute any sql query on it. Absolutely not. This is close to the top reason pkg has been moved to ports-- it should not be in base, because then we're stuck with supporting that version for a very long time. Chris ___ freebsd-ports@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-ports To unsubscribe, send any mail to freebsd-ports-unsubscr...@freebsd.org
Re: pkgng suggestion: renaming /usr/sbin/pkg to /usr/sbin/pkg-bootstrap
On Friday, August 31, 2012 9:41:13 am Chris Rees wrote: On 31 Aug 2012 13:15, John Baldwin j...@freebsd.org wrote: On Friday, August 31, 2012 5:59:10 am Baptiste Daroussin wrote: On Thu, Aug 30, 2012 at 01:02:06PM -1000, Doug Barton wrote: On 08/30/2012 07:32 AM, John Baldwin wrote: On Thursday, August 30, 2012 1:10:24 pm Chris Rees wrote: On 30 Aug 2012 18:03, John Baldwin j...@freebsd.org wrote: I agree with John on all counts here. Further, the idea of a self-installing package, at least for the pkg stuff itself, addresses the issue that someone else brought up about how to handle installation of pkg by the installer for a new system. I like the idea of also providing a self-installing package, and it seems really easy to do, so I'll try to see what I can do in this area I'll wrote a PoC in 5 minutes which looks pretty good, this could also be a very simple and easy way to integrate into bsdinstaller. I'll do work in that direction. Still it doesn't solve the problem of boostrapping pkgng in a fresh new box, because the user may not know where to download the pkg-setup.sh. I do think that is something bsdinstall should be able to handle, and I would certainly want bsdinstall to include a dialog that says do you want to install the package manager? Putting aside my previous emotional red herring, this is a great idea; I don't see how it's different from a base binary, but OK. I don't see the need to be prompted-- it's not like the base system doesn't have other larger amounts of software that is useless to many. Can't it just go in? We could also do that. I had imagined something similar to sysinstall's Do you want to browse the packages collection and install packages dialog and that choosing yes to that in bsdinstall/bsdconfig would bootstrap pkgng when you say yes to that. However, I'm not opposed to just installing pkgng by default. -- John Baldwin ___ freebsd-ports@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-ports To unsubscribe, send any mail to freebsd-ports-unsubscr...@freebsd.org
Re: pkgng suggestion: renaming /usr/sbin/pkg to /usr/sbin/pkg-bootstrap
Hi, I think the details of the patch would need to be worked out a bit, but I think you are on the right track. I think it would be nice to: (1) Have deprecation warnings in the legacy pkg_* tools. If someone types pkg_add, maybe warn them that it is deprecated, and they should read UPDATING and type pkg help add. (2) If $PKG_DBDIR/local.sqlite exists (usually /var/db/pkgs/local.sqlite), and someone types a legacy pkg_* command, then error out and warn them to use the new pkg equivalent. When I was playing with pkgng, I ran into some confusion when I typed the old commands after I had migrated my package database to the new system, so I have seen how this can be confusing for first-time users. Any *sensible* anti-foot shooting measures and useful diagnostics/warnings that we can put into the tools would help a lot. -- Craig Rodrigues rodr...@crodrigues.org On Sun, Aug 26, 2012 at 4:09 PM, Garrett Cooper yaneg...@gmail.com wrote: Rather than providing a solution for that problem because that's a bigger architectural issue (and not my job to solve), I offer this patch I quickly hacked up instead as my 2 cents for the discussion on how to make users aware that pkg_install is dying/dead, as this is one case that needs to be better handled. Thanks, -Garrett ___ freebsd-ports@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-ports To unsubscribe, send any mail to freebsd-ports-unsubscr...@freebsd.org
Re: pkgng suggestion: renaming /usr/sbin/pkg to /usr/sbin/pkg-bootstrap
On 08/30/2012 07:32 AM, John Baldwin wrote: On Thursday, August 30, 2012 1:10:24 pm Chris Rees wrote: On 30 Aug 2012 18:03, John Baldwin j...@freebsd.org wrote: On Thursday, August 30, 2012 10:39:17 am Tijl Coosemans wrote: On 27-08-2012 18:24, John Baldwin wrote: On Sunday, August 26, 2012 4:37:53 pm Doug Barton wrote: The problem is that we don't really support the idea of things in the base magically deleting themselves. As I have said in previous messages, the bootstrapping problem is being overblown by several orders of magnitude. For newly installed systems where pkg is the default, /usr/local/bin/pkg will be installed. So there is no bootstrapping problem. For already-installed systems who wish to switch to pkg, they can install from /usr/ports, or use the pkg bootstrap tool in the base. Given that they will be intentionally making this change, and there will be instructions written up on how to do this which include the bootstrapping step, once again this is a non-issue. The whole idea of having every call to /usr/local/sbin/pkg pass through /usr/sbin/pkg in order to help a tiny minority of users with a one-time bootstrapping issue is just plain ludicrous. I agree. Even if we keep /usr/sbin/pkg, we will presumably want to remove it from the base in a year or so via 'make delete-old', etc. Given that, I'm not sure we need it there in the first place. What if you pkg_delete \* or rm -rf /usr/local? Do you have to reboot pkg then? Yes, if we've decided it (pkgng) should not be part of the base. This doesn't strike me as that weird. It seems similar to how one has to bootstrap, say, MacPorts. Difference is, MacPorts isn't the official Mac distribution centre. Leaving out pkg-bootstrap (or whatever) is marginalising ports as a non-integral part of the OS. *sigh* I sadly expected an emotional red herring reply such as this. This has nothing to do with marginalising ports. Prior to this it has been a key argument and point that pkg* should _not_ be tied to the base system as that limits flexibility in the pkg tools. I completely agree with that argument and having /usr/sbin/pkg doesn't appear to be consistent with that. For example, we've already shipped a binary in 9.1 release that has a hardcoded URL of http://pkgbeta.FreeBSD.org;. So now you are stuck keeping that URL around for the next N years, albeit pointing to the production (not-beta) repository. You can't safely reuse pkgbeta.FreeBSD.org for anything until 9.1 is EOL'd. And you'd have to change that before 9.2 and 10.0 if you want to avoid being in the same boat for even longer. That is directly contrary to the goal of having pkg* not being tied to the base. A much more flexible and scalable approach would be for each pkg repository to include a binary/script whatever that you can make available at a URL (which is easily changeable in documentation on our website) that when you run self-extracts and bootstraps pkgng. (The pkg-static stuff is already basically this AFAICT.) If you wish to support existing users of, say, 8.2 or 8.3 release then you need something like this anyway. Also, as a downstream consumer who plans to use a custom pkgng repository on top of a modified FreeBSD distribution, this approach is less failure prone (i.e. if someone runs 'pkg' and it tries to download something from some hardcoded URL that's completely wrong). I agree with John on all counts here. Further, the idea of a self-installing package, at least for the pkg stuff itself, addresses the issue that someone else brought up about how to handle installation of pkg by the installer for a new system. For example it's pretty common in the Linux world to have a package which is wrapped in a shell script which unpacks the tarball, verifies it with a digital signature, then installs the bits from the tarball where they need to go. Since pkg brings a lot of the pieces of this to the party already, it wouldn't be hard to add the rest. ... and please feel free to insert your favorite version of my We have to get away from the idea that something is only good/cool/really part of FreeBSD if it's in the base rant here. :) Doug ___ freebsd-ports@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-ports To unsubscribe, send any mail to freebsd-ports-unsubscr...@freebsd.org
Re: pkgng suggestion: renaming /usr/sbin/pkg to /usr/sbin/pkg-bootstrap
2012/8/26 Baptiste Daroussin b...@freebsd.org: I received more feedback about keep pkg and changing it to pkg-bootstrap, so what should I do, changing it because you are asking for it? So, just a me too for renaming pkg, for consistency. I don't mind the new name... -- Olivier Smedts _ ASCII ribbon campaign ( ) e-mail: oliv...@gid0.org- against HTML email vCards X www: http://www.gid0.org- against proprietary attachments / \ Il y a seulement 10 sortes de gens dans le monde : ceux qui comprennent le binaire, et ceux qui ne le comprennent pas. ___ freebsd-ports@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-ports To unsubscribe, send any mail to freebsd-ports-unsubscr...@freebsd.org
Re: pkgng suggestion: renaming /usr/sbin/pkg to /usr/sbin/pkg-bootstrap
On Sat, Aug 25, 2012 at 06:34:43PM -0500, CyberLeo Kitsana wrote: On 08/24/2012 07:01 PM, Baptiste Daroussin wrote: Can anyone give me he details on the security related problem? Off the top of my head, it seems to represent a break in the chain of trust: how does the bootstrapper verify that the tarball it just downloaded to bootstrap pkg is genuine, and not, for example, a trojan? The source in usr.sbin/pkg/pkg.c[1] doesn't seem to suggest it cares. Indeed it does not care, and the current security features are insufficient (unless the bootstrapper can use the signed sqlite db to verify the pkg package). I think the fix is to modify 'pkg repo' so it detects the pkg package and creates a separate signature for it which can be verified by the bootstrapper, without needing sqlite. The public key for this signature will have to be distributed with base (like the public keys for freebsd-update and portsnap). -- Jilles Tjoelker ___ freebsd-ports@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-ports To unsubscribe, send any mail to freebsd-ports-unsubscr...@freebsd.org
Re: pkgng suggestion: renaming /usr/sbin/pkg to /usr/sbin/pkg-bootstrap
On Sun, Aug 26, 2012 at 02:26:50PM +0200, Jilles Tjoelker wrote: On Sat, Aug 25, 2012 at 06:34:43PM -0500, CyberLeo Kitsana wrote: On 08/24/2012 07:01 PM, Baptiste Daroussin wrote: Can anyone give me he details on the security related problem? Off the top of my head, it seems to represent a break in the chain of trust: how does the bootstrapper verify that the tarball it just downloaded to bootstrap pkg is genuine, and not, for example, a trojan? The source in usr.sbin/pkg/pkg.c[1] doesn't seem to suggest it cares. Indeed it does not care, and the current security features are insufficient (unless the bootstrapper can use the signed sqlite db to verify the pkg package). I think the fix is to modify 'pkg repo' so it detects the pkg package and creates a separate signature for it which can be verified by the bootstrapper, without needing sqlite. The public key for this signature will have to be distributed with base (like the public keys for freebsd-update and portsnap). The is the longer plan but this with also true with pkg_add -r, and the pkg bootstrap may it be pkg-bootstrap or /usr/sbin/pkg. We have been discussing with Security officers and we are waiting for the plan being written and setup by them, so we can improved security in both pkgng and the bootstrap. This should have happen in BSDCan, but lack of time from everyone, didn't made it happen, we are now aiming at Cambridge DevSummit for that. Given that such a security issue is already in with the current pkg_* tools, it was accepting that we can still go that way until the policy is written, given that the final goal is to have the pkgng package checked against a signature. regards, Bapt pgpEF920EdyX3.pgp Description: PGP signature
Re: pkgng suggestion: renaming /usr/sbin/pkg to /usr/sbin/pkg-bootstrap
On 08/25/2012 02:49, Julien Laffaye wrote: True. But when you create jails without the installer, you have to install pkgng by hand. Just like all the other ports you have to install in a jail. -- I am only one, but I am one. I cannot do everything, but I can do something. And I will not let what I cannot do interfere with what I can do. -- Edward Everett Hale, (1822 - 1909) ___ freebsd-ports@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-ports To unsubscribe, send any mail to freebsd-ports-unsubscr...@freebsd.org
Re: pkgng suggestion: renaming /usr/sbin/pkg to /usr/sbin/pkg-bootstrap
On Sun, Aug 26, 2012 at 11:34:08AM -0700, Doug Barton wrote: On 08/25/2012 02:49, Julien Laffaye wrote: True. But when you create jails without the installer, you have to install pkgng by hand. Just like all the other ports you have to install in a jail. -- I am only one, but I am one. I cannot do everything, but I can do something. And I will not let what I cannot do interfere with what I can do. -- Edward Everett Hale, (1822 - 1909) We are speaking about binary only packages, not ports. regards, Bapt pgps40PW8Thqu.pgp Description: PGP signature
Re: pkgng suggestion: renaming /usr/sbin/pkg to /usr/sbin/pkg-bootstrap
On 08/26/2012 11:37, Baptiste Daroussin wrote: On Sun, Aug 26, 2012 at 11:34:08AM -0700, Doug Barton wrote: On 08/25/2012 02:49, Julien Laffaye wrote: True. But when you create jails without the installer, you have to install pkgng by hand. Just like all the other ports you have to install in a jail. We are speaking about binary only packages, not ports. Um, duh. I have a bad habit of using the terms interchangeably, sorry if I caused confusion. Doesn't change my actual point though. -- I am only one, but I am one. I cannot do everything, but I can do something. And I will not let what I cannot do interfere with what I can do. -- Edward Everett Hale, (1822 - 1909) ___ freebsd-ports@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-ports To unsubscribe, send any mail to freebsd-ports-unsubscr...@freebsd.org
Re: pkgng suggestion: renaming /usr/sbin/pkg to /usr/sbin/pkg-bootstrap
On 08/26/2012 05:58, Baptiste Daroussin wrote: The is the longer plan but this with also true with pkg_add -r, and the pkg bootstrap may it be pkg-bootstrap or /usr/sbin/pkg. We have been discussing with Security officers and we are waiting for the plan being written and setup by them, so we can improved security in both pkgng and the bootstrap. This should have happen in BSDCan, but lack of time from everyone, didn't made it happen, we are now aiming at Cambridge DevSummit for that. It would be nice if this were in place before 10-current shifted to pkg by default in order to limit the number of times that we have to start testing over from scratch. Given that such a security issue is already in with the current pkg_* tools, it was accepting that we can still go that way until the policy is written, given that the final goal is to have the pkgng package checked against a signature. This isn't the security issue I was talking about by having sbin/pkg pass every command line to local/sbin/pkg. You keep saying that you have no objections to changing the name. I am asking you to do that. I don't care if it is pkg-bootstrap or something else you like better. But please change the name to not be pkg, and limit the functionality of the tool to bootstrapping the pkg package. Doug -- I am only one, but I am one. I cannot do everything, but I can do something. And I will not let what I cannot do interfere with what I can do. -- Edward Everett Hale, (1822 - 1909) ___ freebsd-ports@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-ports To unsubscribe, send any mail to freebsd-ports-unsubscr...@freebsd.org
Re: pkgng suggestion: renaming /usr/sbin/pkg to /usr/sbin/pkg-bootstrap
On Sun, Aug 26, 2012 at 11:39:07AM -0700, Doug Barton wrote: On 08/26/2012 05:58, Baptiste Daroussin wrote: The is the longer plan but this with also true with pkg_add -r, and the pkg bootstrap may it be pkg-bootstrap or /usr/sbin/pkg. We have been discussing with Security officers and we are waiting for the plan being written and setup by them, so we can improved security in both pkgng and the bootstrap. This should have happen in BSDCan, but lack of time from everyone, didn't made it happen, we are now aiming at Cambridge DevSummit for that. It would be nice if this were in place before 10-current shifted to pkg by default in order to limit the number of times that we have to start testing over from scratch. Given that such a security issue is already in with the current pkg_* tools, it was accepting that we can still go that way until the policy is written, given that the final goal is to have the pkgng package checked against a signature. This isn't the security issue I was talking about by having sbin/pkg pass every command line to local/sbin/pkg. You keep saying that you have no objections to changing the name. I am asking you to do that. I don't care if it is pkg-bootstrap or something else you like better. But please change the name to not be pkg, and limit the functionality of the tool to bootstrapping the pkg package. I received more feedback about keep pkg and changing it to pkg-bootstrap, so what should I do, changing it because you are asking for it? regards, Bapt pgpnisowrHYbh.pgp Description: PGP signature
Re: pkgng suggestion: renaming /usr/sbin/pkg to /usr/sbin/pkg-bootstrap
On 08/26/2012 11:58, Baptiste Daroussin wrote: On Sun, Aug 26, 2012 at 11:39:07AM -0700, Doug Barton wrote: On 08/26/2012 05:58, Baptiste Daroussin wrote: The is the longer plan but this with also true with pkg_add -r, and the pkg bootstrap may it be pkg-bootstrap or /usr/sbin/pkg. We have been discussing with Security officers and we are waiting for the plan being written and setup by them, so we can improved security in both pkgng and the bootstrap. This should have happen in BSDCan, but lack of time from everyone, didn't made it happen, we are now aiming at Cambridge DevSummit for that. It would be nice if this were in place before 10-current shifted to pkg by default in order to limit the number of times that we have to start testing over from scratch. Given that such a security issue is already in with the current pkg_* tools, it was accepting that we can still go that way until the policy is written, given that the final goal is to have the pkgng package checked against a signature. This isn't the security issue I was talking about by having sbin/pkg pass every command line to local/sbin/pkg. You keep saying that you have no objections to changing the name. I am asking you to do that. I don't care if it is pkg-bootstrap or something else you like better. But please change the name to not be pkg, and limit the functionality of the tool to bootstrapping the pkg package. I received more feedback about keep pkg As far as I could tell the people who responded that way don't seem to be aware that every command to /usr/local/sbin/pkg is going to pass through /usr/sbin/pkg. On its face, that is a bad idea for many reasons, not the least of which is that it adds complexity where that complexity does not need to be. The larger problem with that approach is that gives an attacker 2 places to compromise the package installation process instead of just 1. This becomes even more important if the pkg bootstrap tool is the place that the public key for the digital signature is located. and changing it to pkg-bootstrap, so what should I do, changing it because you are asking for it? A) You said you had no objections to changing it B) I'm not the only one asking Doug -- I am only one, but I am one. I cannot do everything, but I can do something. And I will not let what I cannot do interfere with what I can do. -- Edward Everett Hale, (1822 - 1909) ___ freebsd-ports@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-ports To unsubscribe, send any mail to freebsd-ports-unsubscr...@freebsd.org
Re: pkgng suggestion: renaming /usr/sbin/pkg to /usr/sbin/pkg-bootstrap
On Sun, 2012-08-26 at 20:58 +0200, Baptiste Daroussin wrote: On Sun, Aug 26, 2012 at 11:39:07AM -0700, Doug Barton wrote: On 08/26/2012 05:58, Baptiste Daroussin wrote: This isn't the security issue I was talking about by having sbin/pkg pass every command line to local/sbin/pkg. You keep saying that you have no objections to changing the name. I am asking you to do that. I don't care if it is pkg-bootstrap or something else you like better. But please change the name to not be pkg, and limit the functionality of the tool to bootstrapping the pkg package. I received more feedback about keep pkg and changing it to pkg-bootstrap, so what should I do, changing it because you are asking for it? Would this get better if the bootstrap tool were named pkg and were installed on a fresh system at /usr/local/sbin, so that it in effect replaces itself with the real thing, and has no need to leave a forwarding stub in /usr/sbin ? Maybe it could rename itself to /usr/local/sbin/pkg-bootstrap as part of replacing itself, so that you could re-bootstrap your way out of a problem later. Hmmm, might have to be careful that future updates don't replace the real thing with a newer bootstrap program. -- Ian ___ freebsd-ports@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-ports To unsubscribe, send any mail to freebsd-ports-unsubscr...@freebsd.org
Re: pkgng suggestion: renaming /usr/sbin/pkg to /usr/sbin/pkg-bootstrap
On 08/26/2012 12:08, Ian Lepore wrote: Would this get better if the bootstrap tool were named pkg and were installed on a fresh system at /usr/local/sbin, so that it in effect replaces itself with the real thing, and has no need to leave a forwarding stub in /usr/sbin ? Maybe it could rename itself to /usr/local/sbin/pkg-bootstrap as part of replacing itself, so that you could re-bootstrap your way out of a problem later. That's certainly creative thinking, but I'm still queasy about 2 commands with the same name that do 2 different things. And having it rename itself adds to the confusion down the road. Having a simple pkg bootstrapping tool in the base is a good idea. But the functionality needs to be extremely limited so that we don't increase the security exposure; and so that we don't end up in a situation where a bug fix for something in the base limits our ability to innovate with pkg in the ports tree. Doug -- I am only one, but I am one. I cannot do everything, but I can do something. And I will not let what I cannot do interfere with what I can do. -- Edward Everett Hale, (1822 - 1909) ___ freebsd-ports@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-ports To unsubscribe, send any mail to freebsd-ports-unsubscr...@freebsd.org
Re: pkgng suggestion: renaming /usr/sbin/pkg to /usr/sbin/pkg-bootstrap
On Sun, 26 Aug 2012, Ian Lepore wrote: On Sun, 2012-08-26 at 20:58 +0200, Baptiste Daroussin wrote: On Sun, Aug 26, 2012 at 11:39:07AM -0700, Doug Barton wrote: On 08/26/2012 05:58, Baptiste Daroussin wrote: This isn't the security issue I was talking about by having sbin/pkg pass every command line to local/sbin/pkg. You keep saying that you have no objections to changing the name. I am asking you to do that. I don't care if it is pkg-bootstrap or something else you like better. But please change the name to not be pkg, and limit the functionality of the tool to bootstrapping the pkg package. I received more feedback about keep pkg and changing it to pkg-bootstrap, so what should I do, changing it because you are asking for it? Would this get better if the bootstrap tool were named pkg and were installed on a fresh system at /usr/local/sbin, so that it in effect replaces itself with the real thing, and has no need to leave a forwarding stub in /usr/sbin ? Maybe it could rename itself to /usr/local/sbin/pkg-bootstrap as part of replacing itself, so that you could re-bootstrap your way out of a problem later. Ew. But on a similar note, an idea I just had in IRC is to have pkgng overwrite the base /usr/bin/pkg with a link to /usr/local/bin/pkg. That effectively removes that binary. We do have precedent for ports overwriting base with sendmail and openssl. Hmmm, might have to be careful that future updates don't replace the real thing with a newer bootstrap program. Yes. A link could be detected by installworld and not overwritten... although that's a hack. ___ freebsd-ports@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-ports To unsubscribe, send any mail to freebsd-ports-unsubscr...@freebsd.org
Re: pkgng suggestion: renaming /usr/sbin/pkg to /usr/sbin/pkg-bootstrap
On 08/26/2012 13:35, Warren Block wrote: On Sun, 26 Aug 2012, Ian Lepore wrote: On Sun, 2012-08-26 at 20:58 +0200, Baptiste Daroussin wrote: On Sun, Aug 26, 2012 at 11:39:07AM -0700, Doug Barton wrote: On 08/26/2012 05:58, Baptiste Daroussin wrote: This isn't the security issue I was talking about by having sbin/pkg pass every command line to local/sbin/pkg. You keep saying that you have no objections to changing the name. I am asking you to do that. I don't care if it is pkg-bootstrap or something else you like better. But please change the name to not be pkg, and limit the functionality of the tool to bootstrapping the pkg package. I received more feedback about keep pkg and changing it to pkg-bootstrap, so what should I do, changing it because you are asking for it? Would this get better if the bootstrap tool were named pkg and were installed on a fresh system at /usr/local/sbin, so that it in effect replaces itself with the real thing, and has no need to leave a forwarding stub in /usr/sbin ? Maybe it could rename itself to /usr/local/sbin/pkg-bootstrap as part of replacing itself, so that you could re-bootstrap your way out of a problem later. Ew. But on a similar note, an idea I just had in IRC is to have pkgng overwrite the base /usr/bin/pkg with a link to /usr/local/bin/pkg. That effectively removes that binary. We do have precedent for ports overwriting base with sendmail and openssl. ... and bind, but that's a whole different category of problems. Hmmm, might have to be careful that future updates don't replace the real thing with a newer bootstrap program. Yes. A link could be detected by installworld and not overwritten... although that's a hack. Like you said above, Ew. :) There really is no need to be so clever here. The bootstrapping issue is going to be a minor annoyance that affects a small percentage of our users. Doug -- I am only one, but I am one. I cannot do everything, but I can do something. And I will not let what I cannot do interfere with what I can do. -- Edward Everett Hale, (1822 - 1909) ___ freebsd-ports@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-ports To unsubscribe, send any mail to freebsd-ports-unsubscr...@freebsd.org
Re: pkgng suggestion: renaming /usr/sbin/pkg to /usr/sbin/pkg-bootstrap
On 2012-Aug-26 12:27:41 -0700, Doug Barton do...@freebsd.org wrote: On 08/26/2012 12:08, Ian Lepore wrote: Maybe it could rename itself to /usr/local/sbin/pkg-bootstrap as part of replacing itself, so that you could re-bootstrap your way out of a problem later. That's certainly creative thinking, but I'm still queasy about 2 commands with the same name that do 2 different things. And having it rename itself adds to the confusion down the road. I also like the idea of a pkg-bootstrap command. Possibly a symlink from pkg to pkg-bootstrap, that gets removed as part of the bootstrap process, would help - but it should just tell you how to run pkg-bootstrap. I don't like the idea of pkg{-bootstrap} autonomously installing something I didn't ask for. And I don't like the idea that all pkg commands get bounced through a /usr/sbin/pkg once it has been bootstrapped. Having a simple pkg bootstrapping tool in the base is a good idea. But the functionality needs to be extremely limited so that we don't increase the security exposure; and so that we don't end up in a situation where a bug fix for something in the base limits our ability to innovate with pkg in the ports tree. Agreed. BTW, one thing that needs to be considered is how to recover from the embedded public key needing to be invalidated (eg due to the private key being exposed). -- Peter Jeremy pgpvdn7KHnqSv.pgp Description: PGP signature
Re: pkgng suggestion: renaming /usr/sbin/pkg to /usr/sbin/pkg-bootstrap
On Sun, 26 Aug 2012, Doug Barton wrote: ... There really is no need to be so clever here. The bootstrapping issue is going to be a minor annoyance that affects a small percentage of our users. I think Doug's correct in this case about it being a one-time problem as installing via bsdinstall, etc should take care of this (I disagree with the small percentage of our users part though). There's still a chicken and egg problem with installing packaging via bsdinstall, etc though, as ports requires pkg* in order to function; I really hope that some of the naysayers have considered this minor issue as this would be a stop-gap to removing pkg(8) from base. Rather than providing a solution for that problem because that's a bigger architectural issue (and not my job to solve), I offer this patch I quickly hacked up instead as my 2 cents for the discussion on how to make users aware that pkg_install is dying/dead, as this is one case that needs to be better handled. Thanks, -Garrett PS It's really sad that no one really has been updating UPDATING in either ports or src, as I think this would help alleviate the need for unnecessary obfuscation. Index: UPDATING === --- UPDATING(revision 239716) +++ UPDATING(working copy) @@ -24,6 +24,10 @@ disable the most expensive debugging functionality run ln -s 'abort:false,junk:false' /etc/malloc.conf.) +2014: + pkg_install has been replaced with pkgng; please see webpage + XXX/install port YYY for more details. + 20120727: The sparc64 ZFS loader has been changed to no longer try to auto- detect ZFS providers based on diskN aliases but now requires these Index: usr.sbin/pkg_install/version/main.c === --- usr.sbin/pkg_install/version/main.c (revision 239290) +++ usr.sbin/pkg_install/version/main.c (working copy) @@ -123,6 +123,8 @@ argc -= optind; argv += optind; +PKG_PORTS_MSG(); + return pkg_perform(argv); } Index: usr.sbin/pkg_install/add/main.c === --- usr.sbin/pkg_install/add/main.c (revision 239290) +++ usr.sbin/pkg_install/add/main.c (working copy) @@ -215,6 +215,8 @@ argc -= optind; argv += optind; +PKG_PORTS_MSG(); + if (AddMode != SLAVE) { pkgs = (char **)malloc((argc+1) * sizeof(char *)); for (ch = 0; ch = argc; pkgs[ch++] = NULL) ; Index: usr.sbin/pkg_install/info/main.c === --- usr.sbin/pkg_install/info/main.c(revision 239290) +++ usr.sbin/pkg_install/info/main.c(working copy) @@ -238,6 +238,8 @@ argc -= optind; argv += optind; +PKG_PORTS_MSG(); + if (Flags SHOW_PTREV) { if (!Quiet) printf(Package tools revision: ); Index: usr.sbin/pkg_install/delete/main.c === --- usr.sbin/pkg_install/delete/main.c (revision 239290) +++ usr.sbin/pkg_install/delete/main.c (working copy) @@ -128,6 +128,8 @@ argc -= optind; argv += optind; +PKG_PORTS_MSG(); + /* Get all the remaining package names, if any */ while (*argv) { /* Don't try to apply heuristics if arguments are regexs */ Index: usr.sbin/pkg_install/create/main.c === --- usr.sbin/pkg_install/create/main.c (revision 239290) +++ usr.sbin/pkg_install/create/main.c (working copy) @@ -229,6 +229,8 @@ argc -= optind; argv += optind; +PKG_PORTS_MSG(); + /* Get all the remaining package names, if any */ while (*argv) *pkgs++ = *argv++; Index: usr.sbin/pkg_install/lib/lib.h === --- usr.sbin/pkg_install/lib/lib.h (revision 239290) +++ usr.sbin/pkg_install/lib/lib.h (working copy) @@ -31,6 +31,7 @@ #include sys/utsname.h #include ctype.h #include dirent.h +#include err.h #include stdarg.h #include stdio.h #include stdlib.h @@ -239,4 +240,33 @@ extern int AutoAnswer; extern int Verbose; +#defineEOL_VERSION 1100 + +#definePKG_INSTALL_DEPRECATION_MSG \ + pkg_install has been deprecated in favor of pkgng; please see UPDATING for more details + +#if __FreeBSD_version EOL_VERSION + +#define PKG_PORTS_MSG() \ +do { \ + if (Quiet) { \ + exit(1); \ + } else { \ + warnx(PKG_INSTALL_DEPECATION_MSG); \ + } \ +} while (0) + +#else + +#define PKG_PORTS_MSG() \ +do { \ + if (Quiet) { \ + exit(1); \ + } else { \ + errx(1, PKG_INSTALL_DEPRECATION_MSG); \ + } \ +} while (0) + +#endif /* __FreeBSD_version EOL_VERSION */ + #endif /* _INST_LIB_LIB_H_ */ Index: usr.sbin/pkg_install/updating/main.c
Re: pkgng suggestion: renaming /usr/sbin/pkg to /usr/sbin/pkg-bootstrap
On 8/24/2012 11:57 PM, Doug Barton wrote: On 8/23/2012 8:03 PM, Eitan Adler wrote: On 23 August 2012 22:59, Doug Barton do...@freebsd.org wrote: I tend to agree with Steve here ... we can't be responsible for other people's poorly written docs. This isn't about poorly written docs. This is the user expecting a tool to exist, which doesn't. Take another example of a sysadmin which rarely installs new systems, installs FreeBSD for the third time, and then gets confused when pkg install vim fails. Aren't we going to install the pkg package on new systems when they are installed? Isn't that (shouldn't that be?) part of the project plan? It would be insane for us not to do that, at least for the releases where pkg is the default. True. But when you create jails without the installer, you have to install pkgng by hand. Hence the /usr/sbin/pkg bootstrap. You bring up a valid point that we should keep in mind for our own however. The bootstrapping issue will be the smallest possible annoyance on a long road of the migration process. The bootstrapping issue is a factor even after the migration :) I think that the point I'm trying to make is that it shouldn't be. note that I'm not talking about the mechanism here, I'm trying to avoid pkg doesn't seem to be installed on my fresh system becoming a FAQ. The way that we avoid that problem is not to create it for ourselves in the first place. :) The role of pkg-bootstrap is for those users who have already-installed systems that need to do the conversion, or if somehow pkg becomes corrupted on the user's system and needs to be reinstalled. That's it. I like that you're thinking through the related issues, but in this particular case I think you're overthinking it. Doug ___ freebsd-ports@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-ports To unsubscribe, send any mail to freebsd-ports-unsubscr...@freebsd.org
Re: pkgng suggestion: renaming /usr/sbin/pkg to /usr/sbin/pkg-bootstrap
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On 08/24/2012 07:01 PM, Baptiste Daroussin wrote: Can anyone give me he details on the security related problem? Off the top of my head, it seems to represent a break in the chain of trust: how does the bootstrapper verify that the tarball it just downloaded to bootstrap pkg is genuine, and not, for example, a trojan? The source in usr.sbin/pkg/pkg.c[1] doesn't seem to suggest it cares. [1] http://git.cyberleo.net/?p=FreeBSD/releng/9.1.git;a=blob;f=usr.sbin/pkg/pkg.c;hb=b96b623d8debed8fa8fd7df5af01a350344549c9 - -- Fuzzy love, - -CyberLeo Technical Administrator CyberLeo.Net Webhosting http://www.CyberLeo.Net cyber...@cyberleo.net Furry Peace! - http://.fur.com/peace/ -BEGIN PGP SIGNATURE- Version: GnuPG v2.0.19 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iEYEARECAAYFAlA5YRMACgkQi7w8kEi1KHLZhwCgrGb8piGeNb07IryWvoc/JdzH xfAAoNfxm+nLoXU7BUclKqnLGbkxgilX =o9Br -END PGP SIGNATURE- ___ freebsd-ports@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-ports To unsubscribe, send any mail to freebsd-ports-unsubscr...@freebsd.org
Re: pkgng suggestion: renaming /usr/sbin/pkg to /usr/sbin/pkg-bootstrap
On 8/24/2012 3:57 AM, Eitan Adler wrote: On 23 August 2012 18:19, Steve Wills swi...@freebsd.org wrote: Hi, It seems to me that renaming the pkg binary in /usr/sbin/pkg to /usr/sbin/pkg-bootstrap would make sense. From a user standpoint, it is confusing that running the command gets different results the second time it is run vs. the first time. I can imagine a user saying I ran pkg, but it didn't do what they said it would. Now I run it again, and it does do what it is supposed to. Also, it would enable setting up a pkg-bootstrap man page separate from the pkg man page, without confusion about which one you're looking at. So, opinions? There may still be time to fix it for 9.1 if we can decide quickly. no opinion on the name, but imho there should be *something* called pkg on a fresh system. Users will install a new system, follow some random how-to, and not realize they missed a step. If the default package errors with exit code 1 and says run pkgbootstrap first that is okay too. Ideally, pkgng bootstrap process will be part of the bsdinstall steps (using the pkg package tarball on the installation media). The bootstrap tool is in base (instead of only on the install media) essentially for installations without the installer (like creating jails). So its true that in these case you have to think to run the bootstrap command. ___ freebsd-ports@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-ports To unsubscribe, send any mail to freebsd-ports-unsubscr...@freebsd.org
Re: pkgng suggestion: renaming /usr/sbin/pkg to /usr/sbin/pkg-bootstrap
On Thu, Aug 23, 2012 at 06:19:57PM -0400, Steve Wills wrote: Hi, It seems to me that renaming the pkg binary in /usr/sbin/pkg to /usr/sbin/pkg-bootstrap would make sense. From a user standpoint, it is confusing that running the command gets different results the second time it is run vs. the first time. I can imagine a user saying I ran pkg, but it didn't do what they said it would. Now I run it again, and it does do what it is supposed to. Also, it would enable setting up a pkg-bootstrap man page separate from the pkg man page, without confusion about which one you're looking at. So, opinions? There may still be time to fix it for 9.1 if we can decide quickly. Thanks, Steve BTW for people who haven't tested and want to share their opinion, here is how work /usr/sbin/pkg: it first checks if ${LOCALBASE}/sbin/pkg is there - if yes it directly execute ${LOCALBASE}/sbin/pkg with arguments passed to /usr/sbin/pkg - if no then it will determine you ABI (or take the one in environnement variable), and fetch the last available pkgng version from http://pkgbeta... it will extract pkg-static and use it to install pkgng with itself. on installation is done: it executes ${LOCALBASE}/sbin/pkg with arguments passed to /usr/sbin/pkg. Lots of people having ask in the early days of pkgng for a transparent bootstrap I have done it that way. On of the thing I forgot and kan@ has added is a prompt for the user in case it is going to bootstrap. So that mean that for a normal user, on a fresh vanilla FreeBSD pkg install vim-lite will prompt the user asking if he wants to bootstrap pkgng, and once bootstraped proceed to the installation of vim-lite if pkgng is already there then it will just install vim-lite. It was just to clarify, so that anyone understand was this is about. I tend to like the bootstrap like it is now (I find it transparent, and straight forward) but as I said earlier I have no strong opinion on this, so it most people prefers a separate pkg-bootstrap tools then I'll do it :) regards, Bapt pgpl5goSqwUkb.pgp Description: PGP signature
Re: pkgng suggestion: renaming /usr/sbin/pkg to /usr/sbin/pkg-bootstrap
On Thu, 23 Aug 2012 23:00:25 -0400 Eitan Adler li...@eitanadler.com wrote: On 23 August 2012 22:55, Steve Wills swi...@freebsd.org wrote: As far as I understand it, POLA is about changing existing things: okay, so forget POLA. My point is that a user following a how to or even *our* documentation on how to install something unrelated, like say, apache, will be very confused when the documentation tells them to run pkg install apache and finds out that pkg doesn't exist. A similar example is needing rehash in tcsh. what about autorehash, it didn't work ? you commit that change into default tcsh config long time ago :) -- wbr, tiger ___ freebsd-ports@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-ports To unsubscribe, send any mail to freebsd-ports-unsubscr...@freebsd.org
Re: pkgng suggestion: renaming /usr/sbin/pkg to /usr/sbin/pkg-bootstrap
On 08/24/2012 10:15, Baptiste Daroussin wrote: On Thu, Aug 23, 2012 at 06:19:57PM -0400, Steve Wills wrote: Hi, It seems to me that renaming the pkg binary in /usr/sbin/pkg to /usr/sbin/pkg-bootstrap would make sense. From a user standpoint, it is confusing that running the command gets different results the second time it is run vs. the first time. I can imagine a user saying I ran pkg, but it didn't do what they said it would. Now I run it again, and it does do what it is supposed to. Also, it would enable setting up a pkg-bootstrap man page separate from the pkg man page, without confusion about which one you're looking at. So, opinions? There may still be time to fix it for 9.1 if we can decide quickly. Thanks, Steve BTW for people who haven't tested and want to share their opinion, here is how work /usr/sbin/pkg: it first checks if ${LOCALBASE}/sbin/pkg is there - if yes it directly execute ${LOCALBASE}/sbin/pkg with arguments passed to /usr/sbin/pkg - if no then it will determine you ABI (or take the one in environnement variable), and fetch the last available pkgng version from http://pkgbeta... it will extract pkg-static and use it to install pkgng with itself. on installation is done: it executes ${LOCALBASE}/sbin/pkg with arguments passed to /usr/sbin/pkg. Lots of people having ask in the early days of pkgng for a transparent bootstrap I have done it that way. On of the thing I forgot and kan@ has added is a prompt for the user in case it is going to bootstrap. So that mean that for a normal user, on a fresh vanilla FreeBSD pkg install vim-lite will prompt the user asking if he wants to bootstrap pkgng, and once bootstraped proceed to the installation of vim-lite if pkgng is already there then it will just install vim-lite. It was just to clarify, so that anyone understand was this is about. I tend to like the bootstrap like it is now (I find it transparent, and straight forward) but as I said earlier I have no strong opinion on this, so it most people prefers a separate pkg-bootstrap tools then I'll do it :) Having installed a few 9.1-BETA1 boxes recently, i have to say i absolutely like this behavior, it's totally transparent and you can just start installing packages like you could with pkg_add -r. I don't see the need to introduce an additional step. I actually think the current behavior is user friendly, and renaming it would make it more difficult. If people think the current behavior is misleading we could still clarify the confirmation message. Florian ___ freebsd-ports@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-ports To unsubscribe, send any mail to freebsd-ports-unsubscr...@freebsd.org
Re: pkgng suggestion: renaming /usr/sbin/pkg to /usr/sbin/pkg-bootstrap
Baptiste Daroussin ha scritto: On of the thing I forgot and kan@ has added is a prompt for the user in case it is going to bootstrap. So, removing the prompt will make everybody happy? :-) What about a prompt with timeout? This is the first time pkg is run, I'll start bootstrapping in 10 seconds. Press CTRL-C now to abort -- Alex Dupre ___ freebsd-ports@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-ports To unsubscribe, send any mail to freebsd-ports-unsubscr...@freebsd.org
Re: pkgng suggestion: renaming /usr/sbin/pkg to /usr/sbin/pkg-bootstrap
On Fri, Aug 24, 2012 at 02:23:47PM +0200, Alex Dupre wrote: Baptiste Daroussin ha scritto: On of the thing I forgot and kan@ has added is a prompt for the user in case it is going to bootstrap. So, removing the prompt will make everybody happy? :-) What about a prompt with timeout? This is the first time pkg is run, I'll start bootstrapping in 10 seconds. Press CTRL-C now to abort Imho the best is to prompt only if not on a tty, otherwise fail, except if a environment variable is set. regards, Bapt pgpyLTXUrvjJM.pgp Description: PGP signature
Re: pkgng suggestion: renaming /usr/sbin/pkg to /usr/sbin/pkg-bootstrap
On 8/24/2012 9:31 AM, Baptiste Daroussin wrote: On Fri, Aug 24, 2012 at 02:23:47PM +0200, Alex Dupre wrote: Baptiste Daroussin ha scritto: On of the thing I forgot and kan@ has added is a prompt for the user in case it is going to bootstrap. So, removing the prompt will make everybody happy? :-) What about a prompt with timeout? This is the first time pkg is run, I'll start bootstrapping in 10 seconds. Press CTRL-C now to abort Imho the best is to prompt only if not on a tty, otherwise fail, except if a environment variable is set. regards, Bapt Maybe an ENV variable to auto confirm the prompt too? I'm thinking about scripts using pkg to bootstrap an entire system install. Maybe I'm on a TTY and just want it to confirm auto anyway. Bryan ___ freebsd-ports@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-ports To unsubscribe, send any mail to freebsd-ports-unsubscr...@freebsd.org
Re: pkgng suggestion: renaming /usr/sbin/pkg to /usr/sbin/pkg-bootstrap
On Fri, Aug 24, 2012 at 10:50:30AM -0500, Bryan Drewery wrote: On 8/24/2012 9:31 AM, Baptiste Daroussin wrote: On Fri, Aug 24, 2012 at 02:23:47PM +0200, Alex Dupre wrote: Baptiste Daroussin ha scritto: On of the thing I forgot and kan@ has added is a prompt for the user in case it is going to bootstrap. So, removing the prompt will make everybody happy? :-) What about a prompt with timeout? This is the first time pkg is run, I'll start bootstrapping in 10 seconds. Press CTRL-C now to abort Imho the best is to prompt only if not on a tty, otherwise fail, except if a environment variable is set. regards, Bapt Maybe an ENV variable to auto confirm the prompt too? I'm thinking about scripts using pkg to bootstrap an entire system install. Maybe I'm on a TTY and just want it to confirm auto anyway. This is already the case (thanks kan@) Bryan pgp8BvoeSV1Qd.pgp Description: PGP signature
Re: pkgng suggestion: renaming /usr/sbin/pkg to /usr/sbin/pkg-bootstrap
On 8/24/2012 11:02 AM, Baptiste Daroussin wrote: On Fri, Aug 24, 2012 at 10:50:30AM -0500, Bryan Drewery wrote: On 8/24/2012 9:31 AM, Baptiste Daroussin wrote: On Fri, Aug 24, 2012 at 02:23:47PM +0200, Alex Dupre wrote: Baptiste Daroussin ha scritto: On of the thing I forgot and kan@ has added is a prompt for the user in case it is going to bootstrap. So, removing the prompt will make everybody happy? :-) What about a prompt with timeout? This is the first time pkg is run, I'll start bootstrapping in 10 seconds. Press CTRL-C now to abort Imho the best is to prompt only if not on a tty, otherwise fail, except if a environment variable is set. regards, Bapt Maybe an ENV variable to auto confirm the prompt too? I'm thinking about scripts using pkg to bootstrap an entire system install. Maybe I'm on a TTY and just want it to confirm auto anyway. This is already the case (thanks kan@) Perfect. I see it now, ALWAYS_ASSUME_YES. Bryan ___ freebsd-ports@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-ports To unsubscribe, send any mail to freebsd-ports-unsubscr...@freebsd.org
Re: pkgng suggestion: renaming /usr/sbin/pkg to /usr/sbin/pkg-bootstrap
On 8/23/2012 8:03 PM, Eitan Adler wrote: On 23 August 2012 22:59, Doug Barton do...@freebsd.org wrote: I tend to agree with Steve here ... we can't be responsible for other people's poorly written docs. This isn't about poorly written docs. This is the user expecting a tool to exist, which doesn't. Take another example of a sysadmin which rarely installs new systems, installs FreeBSD for the third time, and then gets confused when pkg install vim fails. Aren't we going to install the pkg package on new systems when they are installed? Isn't that (shouldn't that be?) part of the project plan? It would be insane for us not to do that, at least for the releases where pkg is the default. You bring up a valid point that we should keep in mind for our own however. The bootstrapping issue will be the smallest possible annoyance on a long road of the migration process. The bootstrapping issue is a factor even after the migration :) I think that the point I'm trying to make is that it shouldn't be. note that I'm not talking about the mechanism here, I'm trying to avoid pkg doesn't seem to be installed on my fresh system becoming a FAQ. The way that we avoid that problem is not to create it for ourselves in the first place. :) The role of pkg-bootstrap is for those users who have already-installed systems that need to do the conversion, or if somehow pkg becomes corrupted on the user's system and needs to be reinstalled. That's it. I like that you're thinking through the related issues, but in this particular case I think you're overthinking it. Doug -- I am only one, but I am one. I cannot do everything, but I can do something. And I will not let what I cannot do interfere with what I can do. -- Edward Everett Hale, (1822 - 1909) ___ freebsd-ports@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-ports To unsubscribe, send any mail to freebsd-ports-unsubscr...@freebsd.org
Re: pkgng suggestion: renaming /usr/sbin/pkg to /usr/sbin/pkg-bootstrap
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 On 8/24/2012 1:15 AM, Baptiste Daroussin wrote: BTW for people who haven't tested and want to share their opinion, here is how work /usr/sbin/pkg: it first checks if ${LOCALBASE}/sbin/pkg is there - if yes it directly execute ${LOCALBASE}/sbin/pkg with arguments passed to /usr/sbin/pkg As others have already pointed out, this is a bad idea for a variety of reasons, not the least of which is security related. It also removes one of the primary benefits of pkg, that it be (fully) hosted in the ports tree. The bootstrap procedure does not need to be simple or transparent because it's only going to exist for a very short period while users are bringing pkg into already-installed systems where pkg is not already the default; and they don't have an existing ports tree. The way that you solve the bootstrap problem for systems where pkg IS the default is to install the pkg package at system install time. Let me rephrase that more simply ... very few users are ever going to need the bootstrapping tool that will be in the base. Making it mandatory for *every* user is therefore not only a bad idea, it's contrary to one of the primary goals of the project. Doug - -- I am only one, but I am one. I cannot do everything, but I can do something. And I will not let what I cannot do interfere with what I can do. -- Edward Everett Hale, (1822 - 1909) -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.12 (MingW32) iQEcBAEBCAAGBQJQOAJpAAoJEFzGhvEaGryEY2QH/2Hv+cW20htODBTrFNScd7qS NxBc7YHr3ddoyoui+Qwtl3ErjMOJr+kA3nRSsZ5ewGN5HVQ4gCAWp76bJn75BM71 q2Qmgx7HCnBMJKrmRTvDAA1nJcTKAgXFKK8hYQgiTOhWFaIjJxhDlln5llFcXwBa VN0ErF421FkD8oyHpcQLga1BHLtldOL5itt/4Tp9cKaC5l2P9dBNbyCTxVa4XBiZ tsK+x7XJqwj0NvXLk+b3icLIEeyopa3TJAoAtXZ27igg65norCoh2EPo7aJqP2zY T75PKdbRJprwCpeJXulC02oZu/UERoIMLeaH1JbCZRcLAqaCJQuEGSP95as3hSY= =BEya -END PGP SIGNATURE- ___ freebsd-ports@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-ports To unsubscribe, send any mail to freebsd-ports-unsubscr...@freebsd.org
Re: pkgng suggestion: renaming /usr/sbin/pkg to /usr/sbin/pkg-bootstrap
On Fri, Aug 24, 2012 at 03:38:33PM -0700, Doug Barton wrote: -BEGIN PGP SIGNED MESSAGE- Hash: SHA256 On 8/24/2012 1:15 AM, Baptiste Daroussin wrote: BTW for people who haven't tested and want to share their opinion, here is how work /usr/sbin/pkg: it first checks if ${LOCALBASE}/sbin/pkg is there - if yes it directly execute ${LOCALBASE}/sbin/pkg with arguments passed to /usr/sbin/pkg As others have already pointed out, this is a bad idea for a variety of reasons, not the least of which is security related. It also removes one of the primary benefits of pkg, that it be (fully) hosted in the ports tree. Can anyone give me he details on the security related problem? Can I also have the details on why it would remove the benefits of being fully hosted in the ports, I have no plan to remove it, currently the ports tree is also able to bootstrap itself pkg without needing /usr/sbin/pkg. the bootstrap tool is currently just a transparent way to bootstrap pkgng, it is not mandatory at all, one can leave without it, and it doesn't prevent pkgng to fully leave in the ports tree? What do I miss here? Once again I'm not opposed at all to remove it in favour of pkg-bootstrap, but it currently seems to lacks a bit of detailed arguments. Let me rephrase that more simply ... very few users are ever going to need the bootstrapping tool that will be in the base. Making it mandatory for *every* user is therefore not only a bad idea, it's contrary to one of the primary goals of the project. Why would it be mandatory? it is just a transparent kind of helper tool regards, Bapt pgpUb5tRLNtpt.pgp Description: PGP signature
Re: pkgng suggestion: renaming /usr/sbin/pkg to /usr/sbin/pkg-bootstrap
On 24 Aug 2012, at 23:38, Doug Barton do...@freebsd.org wrote: Let me rephrase that more simply ... very few users are ever going to need the bootstrapping tool that will be in the base. But surely the whole point of pkgng is that people *will* use pkg as the default method of acquiring third-party software, so they'll want to pkg install foo and have it Just Work. To say either you must download the ports tree in order to use binary packages or you must use pkg_add to install pkg seems to miss the point... Jon -- Jonathan Anderson jonat...@freebsd.org http://freebsd.org/~jonathan/___ freebsd-ports@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-ports To unsubscribe, send any mail to freebsd-ports-unsubscr...@freebsd.org
Re: pkgng suggestion: renaming /usr/sbin/pkg to /usr/sbin/pkg-bootstrap
On Sat, Aug 25, 2012 at 01:25:15AM +0100, Jonathan Anderson wrote: On 24 Aug 2012, at 23:38, Doug Barton do...@freebsd.org wrote: Let me rephrase that more simply ... very few users are ever going to need the bootstrapping tool that will be in the base. So, then they won't use it. I fail to see the problem here. But surely the whole point of pkgng is that people *will* use pkg as the default method of acquiring third-party software, so they'll want to pkg install foo and have it Just Work. To say either you must download the ports tree in order to use binary packages or you must use pkg_add to install pkg seems to miss the point... /usr/sbin/pkg installs /usr/local/sbin/pkg without requiring the Ports Collection to be available locally. Glen pgp33mgeXS1QX.pgp Description: PGP signature
Re: pkgng suggestion: renaming /usr/sbin/pkg to /usr/sbin/pkg-bootstrap
On Saturday, 25 August 2012 at 01:33, Glen Barber wrote: On Sat, Aug 25, 2012 at 01:25:15AM +0100, Jonathan Anderson wrote: On 24 Aug 2012, at 23:38, Doug Barton do...@freebsd.org (mailto:do...@freebsd.org) wrote: Let me rephrase that more simply ... very few users are ever going to need the bootstrapping tool that will be in the base. So, then they won't use it. I fail to see the problem here. I also fail to see the problem. :) Just to be clear, my post was arguing against Doug's assertion that few will use pkg's bootstrapper (and that this is a problem): I hope that pkgng and package sets will vastly increase the use of binary packages by FreeBSD consumers. /usr/sbin/pkg installs /usr/local/sbin/pkg without requiring the Ports Collection to be available locally. Which is exactly the behaviour that I want: I view the ports tree as a last resort to be used only if binary packages fail to fulfil my needs. Sometimes I don't even bother fetching it. Once again, we may be in violent agreement here. :) Jon -- Jonathan Anderson jonat...@freebsd.org ___ freebsd-ports@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-ports To unsubscribe, send any mail to freebsd-ports-unsubscr...@freebsd.org
Re: pkgng suggestion: renaming /usr/sbin/pkg to /usr/sbin/pkg-bootstrap
On Sat, Aug 25, 2012 at 01:47:26AM +0100, Jonathan Anderson wrote: On Saturday, 25 August 2012 at 01:33, Glen Barber wrote: On Sat, Aug 25, 2012 at 01:25:15AM +0100, Jonathan Anderson wrote: On 24 Aug 2012, at 23:38, Doug Barton do...@freebsd.org (mailto:do...@freebsd.org) wrote: Let me rephrase that more simply ... very few users are ever going to need the bootstrapping tool that will be in the base. So, then they won't use it. I fail to see the problem here. I also fail to see the problem. :) Just to be clear, my post was arguing against Doug's assertion that few will use pkg's bootstrapper (and that this is a problem): I hope that pkgng and package sets will vastly increase the use of binary packages by FreeBSD consumers. I was avoiding writing two separate emails about this thread - yes, I did realize we had a similar point of view on this. Sorry if it came out differently. /usr/sbin/pkg installs /usr/local/sbin/pkg without requiring the Ports Collection to be available locally. Which is exactly the behaviour that I want: I view the ports tree as a last resort to be used only if binary packages fail to fulfil my needs. Sometimes I don't even bother fetching it. Once again, we may be in violent agreement here. :) Understood. I misinterpreted your last sentence. What I would like to know, is why all the anti-progress emails[1] have to wait until the Last Minute(tm) when information on pkgng availability has been available for quite some time now. Welcome to 2012. [1] - Doing the same things we've done keeps us in the same place we've been. Glen pgpxZUyUkivgk.pgp Description: PGP signature
Re: pkgng suggestion: renaming /usr/sbin/pkg to /usr/sbin/pkg-bootstrap
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 On 8/24/2012 5:33 PM, Glen Barber wrote: On Sat, Aug 25, 2012 at 01:25:15AM +0100, Jonathan Anderson wrote: On 24 Aug 2012, at 23:38, Doug Barton do...@freebsd.org wrote: Let me rephrase that more simply ... very few users are ever going to need the bootstrapping tool that will be in the base. So, then they won't use it. I fail to see the problem here. That's because you're not paying attention. :) Which comes first in your PATH, /usr/sbin, or /usr/local/sbin? Which comes first in the default PATH? What Baptiste said is that the way /usr/sbin/pkg works is to take arguments handed to it and pass them through to /usr/local/sbin/pkg. That means that every user who has their PATH configured in the default manner (which is what every security text on Unix has recommended for 30 years) will be using /usr/sbin/pkg every time they type the pkg command. But surely the whole point of pkgng is that people *will* use pkg as the default method of acquiring third-party software, so they'll want to pkg install foo and have it Just Work. To say either you must download the ports tree in order to use binary packages or you must use pkg_add to install pkg seems to miss the point... /usr/sbin/pkg installs /usr/local/sbin/pkg without requiring the Ports Collection to be available locally. It does much more than that. Go read the code. As to the security related problems, they should be obvious. Having 1 binary that is always executed to pass arguments to another binary at minimum doubles your attack surface. Given what /usr/sbin/pkg does, it more than doubles it. Not to mention the flat out wrong-headed design of having a binary that will be run as root whose primary purpose is to pass arguments to another binary. The reason this defeats the purpose of putting pkg in the ports tree is that if there is a bug in /usr/sbin/pkg (which of course, there will be) then it has to be fixed in the base, with all of the consequent drama and delays that this will entail. If there is a bug in /usr/local/bin/pkg, it gets fixed in the ports tree and instantly updated, which is part of the virtue of having it in the ports tree in the first place. Given that if we do the rollout properly the bootstrap function will be limited to a very small percentage of users, it makes sense to split that function out into a separate, limited binary; and not pollute the pkg stream with extra cruft it does not need. What I would like to know, is why all the anti-progress emails[1] have to wait until the Last Minute(tm) when information on pkgng availability has been available for quite some time now. First off, I resent being told that because I'm raising legitimate issues with something that I am being obstructionist, or anti-progress. And my concerns are certainly not last minute. I've been raising concerns about pkg since day 1, and given that there is still no coherent, comprehensive project plan about the migration it's not at all surprising that others are also starting to discover daemons in the details. It's also part and parcel of life in an open source project. Most people don't pay attention about most things until they feel that it will be affecting them. This is doubly true in open source. Given how well-known this issue is, it should be planned for in any kind of big project such as this. It's probably also worth mentioning that there are only so many hours in the day, so one has to prioritize. Doug - -- I am only one, but I am one. I cannot do everything, but I can do something. And I will not let what I cannot do interfere with what I can do. -- Edward Everett Hale, (1822 - 1909) -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.12 (MingW32) iQEcBAEBCAAGBQJQOCwUAAoJEFzGhvEaGryEcpgH/2CAPBCldr7HlTjIzErqtbTO S0ZaI0RabwEk85+HuFCmBLTbdKqVjGYcLqIbz7l6wOa20N1rPARtBDy5DkrMrL6s 5YAgWiZ43FyKQ4826VDVBvhPqxXMD0O+sETs2kskFUkV73u/r1/8EpfZgwCDk9F9 G8hqMVTRyoWgoh1HIaBba5/m4D7+UGPYE2w8M3QAGSULePYJLgaRdu+jd2aNBrJD NFjY4lyLbitbIH1/fYHDR90KqlBVP6vr+bWUvdoHFJQ0W0HQw7wMtamo418SlORI qfTaoHL4sA1sggHrlUVvxjgWbAtIcYT2F3K+u34yTaWAoqxoN9pzRy3GWXyFRzM= =PNr3 -END PGP SIGNATURE- ___ freebsd-ports@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-ports To unsubscribe, send any mail to freebsd-ports-unsubscr...@freebsd.org
Re: pkgng suggestion: renaming /usr/sbin/pkg to /usr/sbin/pkg-bootstrap
On Thu, Aug 23, 2012 at 06:19:57PM -0400, Steve Wills wrote: Hi, It seems to me that renaming the pkg binary in /usr/sbin/pkg to /usr/sbin/pkg-bootstrap would make sense. From a user standpoint, it is confusing that running the command gets different results the second time it is run vs. the first time. I can imagine a user saying I ran pkg, but it didn't do what they said it would. Now I run it again, and it does do what it is supposed to. Also, it would enable setting up a pkg-bootstrap man page separate from the pkg man page, without confusion about which one you're looking at. So, opinions? There may still be time to fix it for 9.1 if we can decide quickly. I do personnally have no opinion on this, I have hesitated long between both before choosing /usr/sbin/pkg. I'm interested in other's opinion. regards, Bapt pgpGOXJNtLOlE.pgp Description: PGP signature
Re: pkgng suggestion: renaming /usr/sbin/pkg to /usr/sbin/pkg-bootstrap
On 8/23/2012 3:19 PM, Steve Wills wrote: Hi, It seems to me that renaming the pkg binary in /usr/sbin/pkg to /usr/sbin/pkg-bootstrap would make sense. From a user standpoint, it is confusing that running the command gets different results the second time it is run vs. the first time. I can imagine a user saying I ran pkg, but it didn't do what they said it would. Now I run it again, and it does do what it is supposed to. Also, it would enable setting up a pkg-bootstrap man page separate from the pkg man page, without confusion about which one you're looking at. So, opinions? There may still be time to fix it for 9.1 if we can decide quickly. Yes please. Every time in the past that we have talked about moving the pkg_* tools to the ports the corresponding change for the base was to have a pkg_bootstrap tool that was a use once and forget kind of thing. I was quite surprised when sbin/pkg was added, but since people tell me I already comment on too much, I decided to wait and see what others thought. Doug -- I am only one, but I am one. I cannot do everything, but I can do something. And I will not let what I cannot do interfere with what I can do. -- Edward Everett Hale, (1822 - 1909) ___ freebsd-ports@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-ports To unsubscribe, send any mail to freebsd-ports-unsubscr...@freebsd.org
Re: pkgng suggestion: renaming /usr/sbin/pkg to /usr/sbin/pkg-bootstrap
On 8/23/2012 5:19 PM, Steve Wills wrote: Hi, It seems to me that renaming the pkg binary in /usr/sbin/pkg to /usr/sbin/pkg-bootstrap would make sense. From a user standpoint, it is confusing that running the command gets different results the second time it is run vs. the first time. I can imagine a user saying I ran pkg, but it didn't do what they said it would. Now I run it again, and it does do what it is supposed to. Also, it would enable setting up a pkg-bootstrap man page separate from the pkg man page, without confusion about which one you're looking at. So, opinions? There may still be time to fix it for 9.1 if we can decide quickly. Thanks, Steve Even automated tools can be prone to that mistake. I think either we need to make the bootstrapper be silent and forward the command to the downloaded version (kind of surprising... what is taking so long??) (and higher risk to rush in right now) or rename as you suggested. But if we rename, when and who runs it? Will we update bsd.port.mk to run it if needed? Bryan ___ freebsd-ports@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-ports To unsubscribe, send any mail to freebsd-ports-unsubscr...@freebsd.org
Re: pkgng suggestion: renaming /usr/sbin/pkg to /usr/sbin/pkg-bootstrap
Le Fri, 24 Aug 2012 00:27:13 +0200, Baptiste Daroussin b...@freebsd.org a écrit : Hello, So, opinions? There may still be time to fix it for 9.1 if we can decide quickly. I do personnally have no opinion on this, I have hesitated long between both before choosing /usr/sbin/pkg. I'm interested in other's opinion. I was hit by this: install poudriere, forgot to install pkgng (yes it is documented...). Run poudriere bulk, it will be stuck waiting an user input (it does not output anything too) and it closes the poudriere jail juste after a key is pressed. I've spent sometime to understand why pkg was waiting on the tty wchan... So yes this is confusing IMO. Regards. ___ freebsd-ports@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-ports To unsubscribe, send any mail to freebsd-ports-unsubscr...@freebsd.org
Re: pkgng suggestion: renaming /usr/sbin/pkg to /usr/sbin/pkg-bootstrap
On Thu, 23 Aug 2012 18:19:57 -0400 Steve Wills swi...@freebsd.org wrote: Hi, It seems to me that renaming the pkg binary in /usr/sbin/pkg to /usr/sbin/pkg-bootstrap would make sense. From a user standpoint, it is confusing that running the command gets different results the second time it is run vs. the first time. I can imagine a user saying I ran pkg, but it didn't do what they said it would. Now I run it again, and it does do what it is supposed to. Also, it would enable setting up a pkg-bootstrap man page separate from the pkg man page, without confusion about which one you're looking at. So, opinions? There may still be time to fix it for 9.1 if we can decide quickly. Thanks, Steve Remove it or rename it. Do _NOT_ make it download the package and install it silently as this is a security nightmare waiting to happen. -- Alexander Kabaev signature.asc Description: PGP signature
Re: pkgng suggestion: renaming /usr/sbin/pkg to /usr/sbin/pkg-bootstrap
On 23 August 2012 18:19, Steve Wills swi...@freebsd.org wrote: Hi, It seems to me that renaming the pkg binary in /usr/sbin/pkg to /usr/sbin/pkg-bootstrap would make sense. From a user standpoint, it is confusing that running the command gets different results the second time it is run vs. the first time. I can imagine a user saying I ran pkg, but it didn't do what they said it would. Now I run it again, and it does do what it is supposed to. Also, it would enable setting up a pkg-bootstrap man page separate from the pkg man page, without confusion about which one you're looking at. So, opinions? There may still be time to fix it for 9.1 if we can decide quickly. no opinion on the name, but imho there should be *something* called pkg on a fresh system. Users will install a new system, follow some random how-to, and not realize they missed a step. If the default package errors with exit code 1 and says run pkgbootstrap first that is okay too. -- Eitan Adler ___ freebsd-ports@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-ports To unsubscribe, send any mail to freebsd-ports-unsubscr...@freebsd.org
Re: pkgng suggestion: renaming /usr/sbin/pkg to /usr/sbin/pkg-bootstrap
On Aug 23, 2012, at 9:57 PM, Eitan Adler wrote: On 23 August 2012 18:19, Steve Wills swi...@freebsd.org wrote: Hi, It seems to me that renaming the pkg binary in /usr/sbin/pkg to /usr/sbin/pkg-bootstrap would make sense. From a user standpoint, it is confusing that running the command gets different results the second time it is run vs. the first time. I can imagine a user saying I ran pkg, but it didn't do what they said it would. Now I run it again, and it does do what it is supposed to. Also, it would enable setting up a pkg-bootstrap man page separate from the pkg man page, without confusion about which one you're looking at. So, opinions? There may still be time to fix it for 9.1 if we can decide quickly. no opinion on the name, but imho there should be *something* called pkg on a fresh system. Users will install a new system, follow some random how-to, and not realize they missed a step. If the default package errors with exit code 1 and says run pkgbootstrap first that is okay too. Why can't one of those steps be to run pkg-bootstrap? Steve ___ freebsd-ports@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-ports To unsubscribe, send any mail to freebsd-ports-unsubscr...@freebsd.org
Re: pkgng suggestion: renaming /usr/sbin/pkg to /usr/sbin/pkg-bootstrap
On 23 August 2012 22:05, Steve Wills swi...@freebsd.org wrote: Why can't one of those steps be to run pkg-bootstrap? Because the how-to may not be for a new system ;) -- Eitan Adler ___ freebsd-ports@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-ports To unsubscribe, send any mail to freebsd-ports-unsubscr...@freebsd.org
Re: pkgng suggestion: renaming /usr/sbin/pkg to /usr/sbin/pkg-bootstrap
On Aug 23, 2012, at 10:08 PM, Eitan Adler wrote: On 23 August 2012 22:05, Steve Wills swi...@freebsd.org wrote: Why can't one of those steps be to run pkg-bootstrap? Because the how-to may not be for a new system ;) The possibility of bad docs somewhere outside of our control, when we can (and I am actively working on) document(ing) pkgng for the handbook seems kinda thin. It's not even Something's wrong on the Internet! (http://xkcd.com/386/), it's Something might some day be wrong on the Internet! Steve ___ freebsd-ports@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-ports To unsubscribe, send any mail to freebsd-ports-unsubscr...@freebsd.org
Re: pkgng suggestion: renaming /usr/sbin/pkg to /usr/sbin/pkg-bootstrap
On 23 August 2012 22:15, Steve Wills swi...@freebsd.org wrote: On Aug 23, 2012, at 10:08 PM, Eitan Adler wrote: On 23 August 2012 22:05, Steve Wills swi...@freebsd.org wrote: Why can't one of those steps be to run pkg-bootstrap? Because the how-to may not be for a new system ;) The possibility of bad docs somewhere outside of our control, when we can (and I am actively working on) document(ing) pkgng for the handbook seems kinda thin. It's not even Something's wrong on the Internet! (http://xkcd.com/386/), it's Something might some day be wrong on the Internet! It isn't a problem of bad docs. Its a problem of the user following some not-for-new-systems documentation and getting very confused when they see command not found.. It is practically the definition of POLA. -- Eitan Adler ___ freebsd-ports@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-ports To unsubscribe, send any mail to freebsd-ports-unsubscr...@freebsd.org
Re: pkgng suggestion: renaming /usr/sbin/pkg to /usr/sbin/pkg-bootstrap
On Aug 23, 2012, at 10:23 PM, Eitan Adler wrote: On 23 August 2012 22:15, Steve Wills swi...@freebsd.org wrote: On Aug 23, 2012, at 10:08 PM, Eitan Adler wrote: On 23 August 2012 22:05, Steve Wills swi...@freebsd.org wrote: Why can't one of those steps be to run pkg-bootstrap? Because the how-to may not be for a new system ;) The possibility of bad docs somewhere outside of our control, when we can (and I am actively working on) document(ing) pkgng for the handbook seems kinda thin. It's not even Something's wrong on the Internet! (http://xkcd.com/386/), it's Something might some day be wrong on the Internet! It isn't a problem of bad docs. Its a problem of the user following some not-for-new-systems documentation and getting very confused when they see command not found.. It is practically the definition of POLA. As far as I understand it, POLA is about changing existing things: http://www.freebsd.org/doc/handbook/freebsd-glossary.html#POLA-GLOSSARY So this isn't POLA, it's documentation. Steve ___ freebsd-ports@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-ports To unsubscribe, send any mail to freebsd-ports-unsubscr...@freebsd.org
Re: pkgng suggestion: renaming /usr/sbin/pkg to /usr/sbin/pkg-bootstrap
On 8/23/2012 7:23 PM, Eitan Adler wrote: On 23 August 2012 22:15, Steve Wills swi...@freebsd.org wrote: On Aug 23, 2012, at 10:08 PM, Eitan Adler wrote: On 23 August 2012 22:05, Steve Wills swi...@freebsd.org wrote: Why can't one of those steps be to run pkg-bootstrap? Because the how-to may not be for a new system ;) The possibility of bad docs somewhere outside of our control, when we can (and I am actively working on) document(ing) pkgng for the handbook seems kinda thin. It's not even Something's wrong on the Internet! (http://xkcd.com/386/), it's Something might some day be wrong on the Internet! It isn't a problem of bad docs. Its a problem of the user following some not-for-new-systems documentation and getting very confused when they see command not found.. It is practically the definition of POLA. No, POLA refers to not changing long-established practices out from under the user. I tend to agree with Steve here ... we can't be responsible for other people's poorly written docs. You bring up a valid point that we should keep in mind for our own however. The bootstrapping issue will be the smallest possible annoyance on a long road of the migration process. OTOH this is a good use case for the prompt the user when they type a command for something that can be installed from ports idea. :) Doug -- I am only one, but I am one. I cannot do everything, but I can do something. And I will not let what I cannot do interfere with what I can do. -- Edward Everett Hale, (1822 - 1909) ___ freebsd-ports@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-ports To unsubscribe, send any mail to freebsd-ports-unsubscr...@freebsd.org
Re: pkgng suggestion: renaming /usr/sbin/pkg to /usr/sbin/pkg-bootstrap
On 23 August 2012 22:55, Steve Wills swi...@freebsd.org wrote: As far as I understand it, POLA is about changing existing things: okay, so forget POLA. My point is that a user following a how to or even *our* documentation on how to install something unrelated, like say, apache, will be very confused when the documentation tells them to run pkg install apache and finds out that pkg doesn't exist. A similar example is needing rehash in tcsh. -- Eitan Adler ___ freebsd-ports@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-ports To unsubscribe, send any mail to freebsd-ports-unsubscr...@freebsd.org
Re: pkgng suggestion: renaming /usr/sbin/pkg to /usr/sbin/pkg-bootstrap
On 23 August 2012 22:59, Doug Barton do...@freebsd.org wrote: No, POLA refers to not changing long-established practices out from under the user. forget pola I tend to agree with Steve here ... we can't be responsible for other people's poorly written docs. This isn't about poorly written docs. This is the user expecting a tool to exist, which doesn't. Take another example of a sysadmin which rarely installs new systems, installs FreeBSD for the third time, and then gets confused when pkg install vim fails. You bring up a valid point that we should keep in mind for our own however. The bootstrapping issue will be the smallest possible annoyance on a long road of the migration process. The bootstrapping issue is a factor even after the migration :) OTOH this is a good use case for the prompt the user when they type a command for something that can be installed from ports idea. :) even this is fine, provided that *for the command called pkg* it is on by default. note that I'm not talking about the mechanism here, I'm trying to avoid pkg doesn't seem to be installed on my fresh system becoming a FAQ. -- Eitan Adler ___ freebsd-ports@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-ports To unsubscribe, send any mail to freebsd-ports-unsubscr...@freebsd.org
Re: pkgng suggestion: renaming /usr/sbin/pkg to /usr/sbin/pkg-bootstrap
On Thu, 23 Aug 2012, Eitan Adler wrote: On 23 August 2012 22:55, Steve Wills swi...@freebsd.org wrote: As far as I understand it, POLA is about changing existing things: okay, so forget POLA. My point is that a user following a how to or even *our* documentation on how to install something unrelated, like say, apache, will be very confused when the documentation tells them to run pkg install apache and finds out that pkg doesn't exist. A similar example is needing rehash in tcsh. I need to apologize to Steve Wills. I brought this up on IRC, and then shirked posting it here. My concern was having two programs called pkg with decidedly different behavior. Or rather, what appears to the user to be a single program that does not behave predictably. I should also apologize for not looking at this earlier; I was planning on using pkgng after release, and only just now got involved due to documentation. Alexander Kabaev's point about security is interesting. Maybe a compromise would be for /usr/sbin/pkg to remain, but merely show instructions on how to install the pkg package. ___ freebsd-ports@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-ports To unsubscribe, send any mail to freebsd-ports-unsubscr...@freebsd.org