Re: Updating Bind & OpenSSL on 6.1-Stable/Release
On Tuesday 27 March 2007, Don O'Neil said: > Don't assume that just because this is the first time I've raised > concerns about the ports means that this is the first time I've > used FreeBSD I've been using FreeBSD since 1.X. > > My point is that it's a pain the rear to do a CVSUP/Buildworld > (takes a long time) so the ports collection is the easiest way to > update/upgrade software. > > It would be nice to have some sort of reference as to how the > original software was built and installed (the build options) or > have the ports be built to match the original to facilitate easy > upgrade of one or two items. I agree that in general these are 'add > on' tools, but there are core functions (bind, ssh, etc...) that > get patched from time to time because of security and it's a LOT > quicker to re-install the port than it is to do a buildworld. Upgrading the base ports a piece at a time is an excellent way to shoot yourself in the foot. I would install the port, put NO_BIND= true in /etc/make.conf. You can define the executable and files in /etc/rc.conf. AFAIK, most of the base ports can be set up this way. Then, they become independent of the world build and can be maintained with your favorite port tools. I use the port version of bind on my nameserver and have never had any problems with compatibility except when I built it with PORT_REPLACES_BASE_BIND9. That turned out to be a *BAD* idea. Beech > > These are just my observations. > > -Original Message- > From: [EMAIL PROTECTED] > [mailto:[EMAIL PROTECTED] On Behalf Of Eric > Crist Sent: Tuesday, March 27, 2007 5:10 AM > To: Don O'Neil > Cc: freebsd-questions@freebsd.org > Subject: Re: Updating Bind & OpenSSL on 6.1-Stable/Release > > On Mar 27, 2007, at 12:12 AM, Don O'Neil wrote: > > If they are 'ports' specificly built for FreeBSD, shouldn't the > > port maintainer make them install like the originals were? Makes > > sense to me > > > > Or maybe the original install/release needs to be changed to > > install the same as the port. > > > > It's a pain having to debug where everything went, change config > > files, update startup scripts, make symlinks, etc... When if it > > were Linux a simple RPM install would update it and I'd be done > > with it. > > > > Just my observations. > > The ports tree installs things to the /usr/local/ prefix, to help > you keep your ports and base system separate. This is a normal > behavior, and has been normal for a lot longer than you have been > using FreeBSD. I apologize, but I doubt the developers are going > to change the standard behavior just because you got confused the > first time you tried to replace a base system component. > > Look here in section 4.5.2.1: > http://www.freebsd.org/doc/en_US.ISO8859-1/books/handbook/ports- > using.html > > - > Eric F Crist > Secure Computing Networks > > > ___ > freebsd-questions@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-questions > To unsubscribe, send any mail to > "[EMAIL PROTECTED]" > > ___ > freebsd-questions@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-questions > To unsubscribe, send any mail to > "[EMAIL PROTECTED]" -- --- Beech Rintoul - Port Maintainer - [EMAIL PROTECTED] /"\ ASCII Ribbon Campaign | FreeBSD Since 4.x \ / - NO HTML/RTF in e-mail | http://www.freebsd.org X - NO Word docs in e-mail | Latest Release: / \ - http://www.freebsd.org/releases/6.2R/announce.html --- ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
RE: Updating Bind & OpenSSL on 6.1-Stable/Release
Don't assume that just because this is the first time I've raised concerns about the ports means that this is the first time I've used FreeBSD I've been using FreeBSD since 1.X. My point is that it's a pain the rear to do a CVSUP/Buildworld (takes a long time) so the ports collection is the easiest way to update/upgrade software. It would be nice to have some sort of reference as to how the original software was built and installed (the build options) or have the ports be built to match the original to facilitate easy upgrade of one or two items. I agree that in general these are 'add on' tools, but there are core functions (bind, ssh, etc...) that get patched from time to time because of security and it's a LOT quicker to re-install the port than it is to do a buildworld. These are just my observations. -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Eric Crist Sent: Tuesday, March 27, 2007 5:10 AM To: Don O'Neil Cc: freebsd-questions@freebsd.org Subject: Re: Updating Bind & OpenSSL on 6.1-Stable/Release On Mar 27, 2007, at 12:12 AM, Don O'Neil wrote: > If they are 'ports' specificly built for FreeBSD, shouldn't the port > maintainer make them install like the originals were? Makes sense to > me > > Or maybe the original install/release needs to be changed to install > the same as the port. > > It's a pain having to debug where everything went, change config > files, update startup scripts, make symlinks, etc... When if it were > Linux a simple RPM install would update it and I'd be done with it. > > Just my observations. The ports tree installs things to the /usr/local/ prefix, to help you keep your ports and base system separate. This is a normal behavior, and has been normal for a lot longer than you have been using FreeBSD. I apologize, but I doubt the developers are going to change the standard behavior just because you got confused the first time you tried to replace a base system component. Look here in section 4.5.2.1: http://www.freebsd.org/doc/en_US.ISO8859-1/books/handbook/ports- using.html - Eric F Crist Secure Computing Networks ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]" ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: Updating Bind & OpenSSL on 6.1-Stable/Release
I did... So I linked it to /etc/named.conf Everything works great now... My question is howver, why are the ports setup different than the original install? I would think that the port build would be set with the same options as the original install that came with the OS... I've seen this Mainly because FreeBSD is a complete system, not a kernel and mishmash of separate utilities like some other OS'es out there. Basically this means that you should upgrade supplied userland programs by using the usual cvsup the latest sources and buildworld procedure, rather than using the ports for upgrading. The versions of BIND/Sendmail/SSL in the ports are mainly in there for users who need new features or something not available in the versions installed with the operating system base. The separate install lets you bail out if something stops working with the replacements installed from ports and of course helps preventing breaking the interdependencies and stuff in the OS supplied userland. -Reko ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: Updating Bind & OpenSSL on 6.1-Stable/Release
On Mar 27, 2007, at 12:12 AM, Don O'Neil wrote: If they are 'ports' specificly built for FreeBSD, shouldn't the port maintainer make them install like the originals were? Makes sense to me Or maybe the original install/release needs to be changed to install the same as the port. It's a pain having to debug where everything went, change config files, update startup scripts, make symlinks, etc... When if it were Linux a simple RPM install would update it and I'd be done with it. Just my observations. The ports tree installs things to the /usr/local/ prefix, to help you keep your ports and base system separate. This is a normal behavior, and has been normal for a lot longer than you have been using FreeBSD. I apologize, but I doubt the developers are going to change the standard behavior just because you got confused the first time you tried to replace a base system component. Look here in section 4.5.2.1: http://www.freebsd.org/doc/en_US.ISO8859-1/books/handbook/ports- using.html - Eric F Crist Secure Computing Networks ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
RE: Updating Bind & OpenSSL on 6.1-Stable/Release
If they are 'ports' specificly built for FreeBSD, shouldn't the port maintainer make them install like the originals were? Makes sense to me Or maybe the original install/release needs to be changed to install the same as the port. It's a pain having to debug where everything went, change config files, update startup scripts, make symlinks, etc... When if it were Linux a simple RPM install would update it and I'd be done with it. Just my observations. -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Kevin Kinsey Sent: Monday, March 26, 2007 9:13 PM To: Don O'Neil Cc: 'Reko Turja'; freebsd-questions@freebsd.org Subject: Re: Updating Bind & OpenSSL on 6.1-Stable/Release Don O'Neil wrote: > I did... So I linked it to /etc/named.conf Everything works great now... > > My question is howver, why are the ports setup different than the > original install? I would think that the port build would be set with > the same options as the original install that came with the OS... I've > seen this before, and it's annoying as heck when you go to > patch/update something and it doesn't work because it's installing in > a different location and looks for config files in different places. > Because they are "ports"?? Kevin Kinsey > -Original Message- > From: Reko Turja [mailto:[EMAIL PROTECTED] > Sent: Monday, March 26, 2007 1:34 PM > To: Don O'Neil; freebsd-questions@freebsd.org > Subject: Re: Updating Bind & OpenSSL on 6.1-Stable/Release > >> My bind install that came on the 6.1 installation runs from /usr/bin, >> whereas both the package and the source want to run from >> /usr/local/bin... > > You should have named.conf in /etc/namedb unless there's something > funny with the original install. Not sure if you need to run > make-localhost script in that directory as I do it as a matter of > principle each new system install anyway. If I update SSL/SSH/BIND I > set the REPLACE_BASE/OVERWRITE_BASE knob (check the Makefile at ports > dir for relevant knob name!) so the updated version will overwrite the > older at /usr tree. > > -Reko -- The San Diego Freeway. Official Parking Lot of the 1984 Olympics! ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]" ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: Updating Bind & OpenSSL on 6.1-Stable/Release
Don O'Neil wrote: I did... So I linked it to /etc/named.conf Everything works great now... My question is howver, why are the ports setup different than the original install? I would think that the port build would be set with the same options as the original install that came with the OS... I've seen this before, and it's annoying as heck when you go to patch/update something and it doesn't work because it's installing in a different location and looks for config files in different places. Because they are "ports"?? Kevin Kinsey -Original Message- From: Reko Turja [mailto:[EMAIL PROTECTED] Sent: Monday, March 26, 2007 1:34 PM To: Don O'Neil; freebsd-questions@freebsd.org Subject: Re: Updating Bind & OpenSSL on 6.1-Stable/Release My bind install that came on the 6.1 installation runs from /usr/bin, whereas both the package and the source want to run from /usr/local/bin... You should have named.conf in /etc/namedb unless there's something funny with the original install. Not sure if you need to run make-localhost script in that directory as I do it as a matter of principle each new system install anyway. If I update SSL/SSH/BIND I set the REPLACE_BASE/OVERWRITE_BASE knob (check the Makefile at ports dir for relevant knob name!) so the updated version will overwrite the older at /usr tree. -Reko -- The San Diego Freeway. Official Parking Lot of the 1984 Olympics! ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
RE: Updating Bind & OpenSSL on 6.1-Stable/Release
I did... So I linked it to /etc/named.conf Everything works great now... My question is howver, why are the ports setup different than the original install? I would think that the port build would be set with the same options as the original install that came with the OS... I've seen this before, and it's annoying as heck when you go to patch/update something and it doesn't work because it's installing in a different location and looks for config files in different places. -Original Message- From: Reko Turja [mailto:[EMAIL PROTECTED] Sent: Monday, March 26, 2007 1:34 PM To: Don O'Neil; freebsd-questions@freebsd.org Subject: Re: Updating Bind & OpenSSL on 6.1-Stable/Release > My bind install that came on the 6.1 installation runs from /usr/bin, > whereas both the package and the source want to run from > /usr/local/bin... You should have named.conf in /etc/namedb unless there's something funny with the original install. Not sure if you need to run make-localhost script in that directory as I do it as a matter of principle each new system install anyway. If I update SSL/SSH/BIND I set the REPLACE_BASE/OVERWRITE_BASE knob (check the Makefile at ports dir for relevant knob name!) so the updated version will overwrite the older at /usr tree. -Reko ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: Updating Bind & OpenSSL on 6.1-Stable/Release
My bind install that came on the 6.1 installation runs from /usr/bin, whereas both the package and the source want to run from /usr/local/bin... You should have named.conf in /etc/namedb unless there's something funny with the original install. Not sure if you need to run make-localhost script in that directory as I do it as a matter of principle each new system install anyway. If I update SSL/SSH/BIND I set the REPLACE_BASE/OVERWRITE_BASE knob (check the Makefile at ports dir for relevant knob name!) so the updated version will overwrite the older at /usr tree. -Reko ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"