On Dec 17, 2007, at 9:19 AM, David Wood wrote:
Dear all,
In message <[EMAIL PROTECTED]>, Stephen Montgomery-
Smith <[EMAIL PROTECTED]> writes
One thing to look at is package building. I don't know how they
build the official packages, but my guess is that they build each
one from a clean system. But, for example, you have tons of
little ports each depending on xorg-server, and to rebuild xorg-
server for each little port must be a real burden.
On the other hand some ports really need to be built from a clean
system. Some of them autodetect ports that are already installed,
and then change options appropriately. (Maybe some of the
multimedia ports like vlc do this.) My guess is that this is to
some extent unavoidable because the "configure" script in the port
build process probably does this as well. Anyway, perhaps this
autodetecting of ports to provide options needs to be built into
the system in a systematic manner.
One example of ports that change their dependencies depending on
what is already installed is OpenSSL. bsd.openssl.mk ensures that
if the security/openssl port is available, it will be used by ports
instead of OpenSSL from the base system.
Because of the rules of a stable branch, the base OpenSSL on many
machines is quite old; it's kept up to date with security patches,
but that's it. Before I build anything else on a machine, I install
ports-mgmt/portconf and set ports.conf to build OpenSSL 0.9.8, then
I build security/openssl before building anything else.
On one system I'm logged into at the moment:
[EMAIL PROTECTED] ~]$ uname -prs
FreeBSD 6.2-RELEASE-p9 i386
[EMAIL PROTECTED] ~]$ openssl version
OpenSSL 0.9.7e-p1 25 Oct 2004
[EMAIL PROTECTED] ~]$ /usr/local/bin/openssl version
OpenSSL 0.9.8g 19 Oct 2007
[EMAIL PROTECTED] ~]$ pkg_info -R 'openssl-*'
Information for openssl-0.9.8g:
Required by:
apcupsd-3.14.2
freeradius-2.0.0.p2
libchk-1.9
mysql-client-5.0.51
neon-0.26.4
net-snmp-5.3.1_7
openldap-client-2.3.39
portupgrade-2.3.1,2
postgresql-client-7.4.18
ruby-1.8.6.111_1,1
ruby18-bdb44-0.6.2
samba-3.0.28,1
subversion-1.4.4_1
svn2cl-0.9
svn_load_dirs-1.4.3
svndelta-1.0.6
wireshark-0.99.6
Some of those are not direct dependencies.
7.x has rather more up to date OpenSSL in the base system, but it's
still not the latest version (csup followed by rebuilding kernel
and world about a week ago):
[EMAIL PROTECTED] ~]$ uname -prs
FreeBSD 7.0-BETA4 i386
[EMAIL PROTECTED] ~]$ openssl version
OpenSSL 0.9.8e 23 Feb 2007
[EMAIL PROTECTED] ~]$ /usr/local/bin/openssl version
OpenSSL 0.9.8g 19 Oct 2007
This is just one example of the complexities that can arise with
server ports. My main use for FreeBSD is as a server OS.
I maintain net/freeradius and there's a PR being worked on by a
committer for net/freeradius-devel (for FreeRADIUS 2.0.0-pre). (You
can see that port installed on 'titanium').
FreeRADIUS depends on OpenSSL (base or ports), and can depend on
the clients of OpenLDAP, MySQL, PostgreSQL, Firebird, Oracle (I've
got someone who's looking at creating an Oracle patch even though
it's not currently supported) as well as Heimdal or MIT Kerberos 5.
Throw in the dependencies of those clients, and things start to get
complicated quite rapidly.
The FreeBSD mail system that I'm working on that is likely to take
over from my Windows based mail system is another example of
complex dependencies. It's built around Postfix, Dovecot and
amavisd-new.
I have Postfix depending on Dovecot for authenticated SMTP SASL
logins from users and Cyrus-SASL for authenticated SMTP sending to
a smarthost, also OpenSSL for TLS/SSL, PCRE for regex support in
the configuration and the MySQL client for reading my database tables.
Dovecot has similarly complicated dependencies in many people's
systems.
amavisd-new typically has many levels of dependencies - it usually
depends on p5-Mail-SpamAssassin, which in turn usually depends on
gnupg, which in turn usually depends on openldap23-client!
By the time you're using LDAP, one or more SQL databases, SASL and
Berkeley DB across your server, the dependencies can be many levels
deep.
Best wishes,
David
--
David Wood
[EMAIL PROTECTED]
This was one of my deliverables for SoC (the lower prio one).
Basically, everything in the base system which has a port equivalent
needs to have a psuedo package created to help discern which binary
the user would want installed and functioning on their system.
For everything which is depended upon for building, I think that the
port should have an added knob in the config to "use non-base
libraries" when building ports / packages, such that the proper
options get passed to configure, then to gcc. Doing this (now that I
think about it) may open an unwanted pandora's box of issues, such
base and port packages which are depended upon should not be
installed at any one time (openssl for instance). As for leaf
packages such as openssh, this shouldn't be a problem..
-Garrett
_______________________________________________
freebsd-ports@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-ports
To unsubscribe, send any mail to "[EMAIL PROTECTED]"
