Jonathan Chen wrote:
Thomas Mueller <[email protected]> wrote:
I can still see possible use for portmaster in that something has to
be used to build synth or poudriere from source.
You don't need portmaster for that. You just need make(1).
This is what we do plus a few extras to share the resulting ports across
systems:
* instead of 'make install' use 'make package && pkg add' like
OpenBSD
* the package directory is updated with each new package
'cd /usr/ports/packages/All && pkg repo'
* the resulting repo is shared across jails using null mounts and/or
across hosts using apache or nginx
This has certain benefits over poudriere:
* KIS
* it is straightforward to update only ports with security
vulnerabilities
* works seamlessly in a jail, with or without zfs
* requires less cpu and disk
On the downside:
* haven't yet automated the entire process (pkg audit ; make
package ; (pkg add ; service restart))
* base cannot (yet) be updated this way even on hosts/jails with
packaged base
* 'pkg audit' is not as up-to-date or reliable as the same
functionality on Linux (tor, for example, has been vulnerable since
12/1, had an updated Makefile since 12/2, yet there is still no
mention of it in vuxml, 3 days and one 'cd security/vuxml;make
newentry' later)
FWIW,
Roger Marquis
_______________________________________________
[email protected] mailing list
https://lists.freebsd.org/mailman/listinfo/freebsd-ports
To unsubscribe, send any mail to "[email protected]"
