OpenBSD Journal

New Ports of The Week (June 29)

Contributed by maxime on from the 4.5-stable dept.

There were 5 new ports for the week of June 22 to June 28:

Some ports had updates that users should be aware of; no port was removed. Some patches were backported to the 4.5-stable branch.

New ports, listed in the order they were committed to the tree:

  • databases/pear-MDB2-mysqli
    • This is the MySQLi MDB2 driver for pear-MDB2.
  • databases/pear-MDB2-sqlite
    • This is the SQLite MDB2 driver for pear-MDB2.
  • devel/p5-Devel-ebug
    • Devel::ebug is a simple, extensible Perl debugger with a clean API. Using this module, you may easily write a Perl debugger to debug your programs. Alternatively, it comes with an interactive debugger, ebug.
  • editors/texworks
    • The TeXworks project is an effort to build a simple TeX front-end program (working environment) that will be available for all today's major desktop operating systems-in particular, MS Windows (XP and Vista), typical GNU/Linux distros and other X11-based systems, and Mac OS X. It is deliberately modeled on Dick Koch's award-winning TeXShop for Mac OS X, which is credited with a resurgence of TeX usage on the Mac platform.
  • lang/llvm-gcc4
    • lvm-gcc is the LLVM C front end. It is a modified version of gcc that compiles C/C++/ObjC programs into native objects, LLVM bitcode or LLVM assembly language, depending upon the options. By default, llvm-gcc compiles to native objects just like GCC does. If the -emit-llvm option is given then it will generate LLVM bitcode files instead. If -S (assembly) is also given, then it will generate LLVM assembly. Being derived from the GNU Compiler Collection, llvm-gcc has many of gcc's features and accepts most of gcc's options. It handles a number of gcc's extensions to the C programming language.
      Note: it is not yet linked to the build. This is a work in progress, largely based on the gcc port in ports/lang/gcc/4.2. It's somewhat usable on i386 (shared lib versions not yet properly under control). Build on amd64 currently fails with -fPIC problems.

Updated ports that users should be aware of:

Patches backported to the 4.5-stable branch:

(Comments are closed)


Comments
  1. By Brynet (Brynet) on

    Woah, -STABLE ports? have there been any others since the 4.5 release? :-)

    Will http://www.openbsd.org/pkg-stable.html be updated? and packages provided?

    Comments
    1. By Anonymous Coward (76.4.221.243) on

      > Woah, -STABLE ports? have there been any others since the 4.5 release? :-)
      >
      > Will http://www.openbsd.org/pkg-stable.html be updated? and packages provided?

      http://openbsd.rutgers.edu/

      Comments
      1. By Brynet (Brynet) on

        > http://openbsd.rutgers.edu/

        I was aware of this effort, but it's unofficial.

  2. By RC (76.175.123.95) on

    You know what's great about OpenBSD? The way you tell it to compile the MPlayer port, and you come back 5 hours later to see it compiling and installing CUPS, Glitz, Pango, and pretty much every other port in the tree... WTH does GTK2 depend on CUPS now? Of course you can't tell it to compile the MPlayer GUI with GTK-1, or disable the GUI without disabling all usable video output methods.

    Did I mention 3 different versions of autoconf, nasm AND yasm, and rtunes for my nonexistent Apple hardware.

    This is ridiculous, guys. Ports either need to default to the LEAST number of possible dependencies, or each port with multiple flavors needs to prompt the user, rather than continuing on and installing the entire port tree to support some trivial option in a tiny app, that next to NOBODY uses anyways...

    The same is true of packages. There's no reason you should have to install most-all of GNOME to use some trivial GTK app.

    Comments
    1. By Anonymous Coward (219.90.161.198) on

      The situation is the same on every other dependency based package management system. Guess what? It sucks, but implementing something like gentoo's USE flags is a fools game. Guess what? Building from ports is unsupported, packages exist for a reason.

      --
      I'm quite happy that firefox 3.5 has support for the HTML5 <video> tag. Hopefully we'll start to see some adoption of this to replace flash video in the near future.

      Comments
      1. By Arach (95.188.93.44) on

        > The situation is the same on every other dependency based package management system.
        No, it is not the same.

        > Guess what? It sucks, but implementing something like gentoo's USE flags is a fools game.
        Didn't you forgot to explain why it is a "fools game" (no matter how implemented and used)?


        > Guess what? Building from ports is unsupported, packages exist for a reason.
        What a bs. Go get rid of the ports in the tree that doesn't allow packaging, then.

        Comments
        1. By Anonymous Coward (67.171.157.251) on

          > > The situation is the same on every other dependency based package management system.
          > No, it is not the same.
          >
          > > Guess what? It sucks, but implementing something like gentoo's USE flags is a fools game.
          > Didn't you forgot to explain why it is a "fools game" (no matter how implemented and used)?
          >
          >
          > > Guess what? Building from ports is unsupported, packages exist for a reason.
          > What a bs. Go get rid of the ports in the tree that doesn't allow packaging, then.

          the purpose of the ports tree is to make packages, but it's recommended
          to use official packages. *some* ports make packages that are not
          redistributable.

          if you're using ports to install most of your packages, you're not
          following the advice given so your whining is simply pointless.

          Comments
          1. By Arach (95.188.93.44) on

            > the purpose of the ports tree is to make packages, but it's recommended
            > to use official packages.

            And? Since when recommended(a) implicitly equals unsupported(b)? Where's a note about building is being unsupported in the official documentation? There's none. If you're a developer, go and fix documentation, or propose a patch and be a good not-a-whiner boy. Either way your claims worth nothing. Go troll your scoolmates.

            > *some* ports make packages that are not redistributable.

            Exactly.
            1. Build is required to use such ports.
            2. Build is required to apply security updates.
            3. Build is required if one prefer not to trust packages that cannot be fetched in secure way.

            So give me a better explaination on what does your "building from ports is unsupported" mean, and where this is stated in the documentation.

            And tell me more on how outdated packages, with vulnerabilities known to public, that can be fetched over insecure channels with no sign of identity, does not make a fools game to use OpenBSD.

            > if you're using ports to install most of your packages, you're not
            > following the advice given so your whining is simply pointless.

            Pointless? Do you suggest to use outdated packages with no security patches applied, that can only be fetched over insecure channels? And you state *I* am being poitless?

            I see you prefer to stay with no arguments about why USE flags or alike is a "fools game". Now tell me more about being pointless.

            Comments
            1. By sthen (2a01:348:108:100:230:18ff:fea0:6af6) on

              > And tell me more on how outdated packages, with vulnerabilities known to public,

              I guess you're talking about stable here, right? stable ports has only been re-opened recently, these things take time to arrange.

              > that can be fetched over insecure channels with no sign of identity, does not make a fools game to use OpenBSD.

              "no sign"?

              http://kerneltrap.org/mailarchive/openbsd-source-changes/2009/4/14/5481474

              Yes, it's not all finished and running yet, but that's certainly more than "no sign".

              Comments
              1. By Arach (95.188.93.44) on

                > I guess you're talking about stable here, right? stable ports has only been re-opened recently, these things take time to arrange.

                Yes. Following -current sometimes cause undesireable side effects. Like with Berkeley DB 4.5.x removal, when OpenLDAP 2.3 bdb flavor has been marked as BROKEN with no bdb4.6-compatible OpenLDAP 2.4 in the tree.

                (And there always are some Anonymous Cowards pointlessly ranting about portage's USE flags... But *BSDs are having troubles with BDB 4.5 -> 4.6, vsftpd 2.0.6 - 2.0.7 transitions and so on, not Gentoo.)

                > Yes, it's not all finished and running yet, but that's certainly more than "no sign".

                I'm glad and appreciate the efforts, but we were talking about the current situation here.

                Comments
                1. By sthen (2a01:348:108:100:230:18ff:fea0:6af6) on

                  > > I guess you're talking about stable here, right? stable ports has only been re-opened recently, these things take time to arrange.
                  >
                  > Yes. Following -current sometimes cause undesireable side effects. Like with Berkeley DB 4.5.x removal, when OpenLDAP 2.3 bdb flavor has been marked as BROKEN with no bdb4.6-compatible OpenLDAP 2.4 in the tree.

                  That's not just -current, it's been in for a couple of releases, and nobody has come up with a good diff to bring in 2.4 yet. (we have to keep 2.3 around, and the rest of packages must work seamlessly, so the libraries need to be moved around to avoid configure scripts from picking them up, and binaries need handling to avoid conflicts somehow - maybe renamed - and this has to be tested with the ~60 odd dependencies).

                  I made a start but I don't actually use OpenLDAP at all so it hasn't been top priority for me...

                  Comments
                  1. By Arach (95.188.93.44) on

                    > That's not just -current, it's been in for a couple of releases

                    I know. But I faced this when I was following -current, because -stable was barely useful.

            2. By Anonymous Coward (67.171.157.251) on

              > > the purpose of the ports tree is to make packages, but it's recommended
              > > to use official packages.
              >
              > And? Since when recommended(a) implicitly equals unsupported(b)? Where's a note about building is being unsupported in the official documentation? There's none. If you're a developer, go and fix documentation, or propose a patch and be a good not-a-whiner boy. Either way your claims worth nothing. Go troll your scoolmates.

              I never said it was unsupported. I said it is not recommended.

              > > *some* ports make packages that are not redistributable.
              >
              > Exactly.
              > 1. Build is required to use such ports.
              > 2. Build is required to apply security updates.

              *some* ports. neither of those apply to the exact one that started
              this thread, mplayer.

              > 3. Build is required if one prefer not to trust packages that cannot be fetched in secure way.

              how did you get OpenBSD in the first place?

              > So give me a better explaination on what does your "building from ports is unsupported" mean, and where this is stated in the documentation.
              >
              > And tell me more on how outdated packages, with vulnerabilities known to public, that can be fetched over insecure channels with no sign of identity, does not make a fools game to use OpenBSD.
              >
              > > if you're using ports to install most of your packages, you're not
              > > following the advice given so your whining is simply pointless.
              >
              > Pointless? Do you suggest to use outdated packages with no security patches applied, that can only be fetched over insecure channels? And you state *I* am being poitless?

              yes, because most ports NEVER NEED TO BE BUILT BY THE USER, EVER.
              buy the CD sets if you are worried authenticity.

              Comments
              1. By Arach (95.188.93.44) on

                > I never said it was unsupported. I said it is not recommended.

                Yes, you said exactly it is unsupported. Do you need a quote?

                > *some* ports. neither of those apply to the exact one that started
                > this thread, mplayer.

                I don't care about mplayer, I did reply on your comments, with quotation.

                > how did you get OpenBSD in the first place?

                Irrelevant. In the first place I was searching the web for hashes, key fingerprints and so on, collecting information from multiple sources through multiple channels that's hard to spoof (yes, I really-really do this kind of BDSM from time to time to train in discipline and just for fun).

                There was a possibility of spoofing, but I rate it as very low, and I accepted the risks *once*. But do you suggest me to rape Google, mailing lists' archives and so on every time I want to verify identity of every single package? Rhetorical question.

                Not a rhetorical one: do you really mean *if* someone *once* accepted and relied on any unverified information (code), the someone should do this on a daily basis during every package install, making a good trial for attackers to conduct a spoofing attack? Bull. Shit. Dude.

                > yes, because most ports NEVER NEED TO BE BUILT BY THE USER, EVER.
                > buy the CD sets if you are worried authenticity.

                Ho-ho-ho, dude. I am worried about authenticity AND security AND stability. How do I suppose to get the later two from a CD? Should I perform heretic rituals, cast spells and burn a CD in the exact meaning of "burn"? Tell me how, dude!

                Comments
                1. By Arach (95.188.93.44) on

                  > > I never said it was unsupported. I said it is not recommended. > > Yes, you said exactly it is unsupported. Do you need a quote? I'm sorry, that wasn't you. But you better don't intervent in our... um... conversation next time. ;)

                2. By Anonymous Coward (67.171.157.251) on

                  > > I never said it was unsupported. I said it is not recommended.
                  >
                  > Yes, you said exactly it is unsupported. Do you need a quote?
                  >
                  > > *some* ports. neither of those apply to the exact one that started
                  > > this thread, mplayer.
                  >
                  > I don't care about mplayer, I did reply on your comments, with quotation.
                  >
                  > > how did you get OpenBSD in the first place?
                  >
                  > Irrelevant. In the first place I was searching the web for hashes, key fingerprints and so on, collecting information from multiple sources through multiple channels that's hard to spoof (yes, I really-really do this kind of BDSM from time to time to train in discipline and just for fun).
                  >
                  > There was a possibility of spoofing, but I rate it as very low, and I accepted the risks *once*. But do you suggest me to rape Google, mailing lists' archives and so on every time I want to verify identity of every single package? Rhetorical question.
                  >
                  > Not a rhetorical one: do you really mean *if* someone *once* accepted and relied on any unverified information (code), the someone should do this on a daily basis during every package install, making a good trial for attackers to conduct a spoofing attack? Bull. Shit. Dude.
                  >
                  > > yes, because most ports NEVER NEED TO BE BUILT BY THE USER, EVER.
                  > > buy the CD sets if you are worried authenticity.
                  >
                  > Ho-ho-ho, dude. I am worried about authenticity AND security AND stability. How do I suppose to get the later two from a CD? Should I perform heretic rituals, cast spells and burn a CD in the exact meaning of "burn"? Tell me how, dude!

                  please, dude, tell me what percentage of the ports tree would
                  actually need to be recompiled when following -stable? if
                  you can't do that, then you have not convinced me that the work
                  needed to make you happy is useful, because you have not even
                  taken the time to make a real argument. instead make ridiculously
                  exaggerated statements like "on a daily basis".

                  Comments
                  1. By Arach (95.188.93.44) on

                    > please, dude, tell me what percentage of the ports tree would
                    > actually need to be recompiled when following -stable? if

                    Yeah, um gonna tell ya, dude. 100% of the ports tree need to be recompiled until you came up with a PKI and actually start signing the packages. Whether it be current or stable or release, doesn't matter for now.

                    Now teach me on how I should admire *your* trust in a plain luck to accept *my* risks.

                    By the way, where's your arguments to support the statements about safety of fetching usigned packages through untrusted channels? Please, provide them. I'm very interested. Really. Seriously. I would listen.

                    > you can't do that, then you have not convinced me that the work

                    Have not convinced you? The work needed to make me happy? Like I care...

                    Work needed by who, dude? I use ports tree on OpenBSD only as a source of distfiles' identity, among other sources, and as a source of OpenBSD-specific patches. And I didn't ask you nor anybody else to make me happy with the ports tree/packages. I ensure identity, stability, security and resolve the dependencies of 3rd-party software I install by myself. There's very less I need on my OpenBSD servers beside the OpenBSD base. Hardened Gentoo is my choice for desktop and other servers, if you want to know.

                    But I see you would want me to ask you for something, wouldn't you? Because then you can call me a whiner and satisfy your ego by teaching me how to ask politely, and at the very same time begging the question about whether your own arguments worth anything.

                    But I didn't, don't and won't ask, dude. The very reason I started my humble trolling is good-old Anonymous Cowards were making good-old snobish statements about "fools games", unsupported builds and about how USE flags or alike in every dependency-based packaging systems sucks. That's just lies.

                    > needed to make you happy is useful, because you have not even

                    Oh, come on, dude. Like you would want to make happy anyone else except yourself.

                    > taken the time to make a real argument. instead make ridiculously
                    > exaggerated statements like "on a daily basis".

                    Ho-ho, dude. I think your libastral.so is a bit out of date. Because I actually *did* install software on OpenBSD on a daily basis. Not during 365 days of year, of course, but during a week and a half, I think. On a daily basis. So, even if my statement is exaggerated, then slightly, not rediculously.

                    I hope to hear your arguments, reasonable and unexaggerated.

                    Comments
                    1. By Anonymous Coward (67.171.157.251) on

                      > > please, dude, tell me what percentage of the ports tree would
                      > > actually need to be recompiled when following -stable? if
                      >
                      > Yeah, um gonna tell ya, dude. 100% of the ports tree need to be recompiled until you came up with a PKI and actually start signing the packages. Whether it be current or stable or release, doesn't matter for now.

                      you could buy the CDs. you seem to totally ignore that possibility,
                      along with all the other advice you've been given.

                      > Now teach me on how I should admire *your* trust in a plain luck to accept *my* risks.

                      I'm telling you to buy the CDs, not to trust plain luck.
                      but I'm curious. in the history of OpenBSD, how many users
                      have been affected by what you are ranting about? I'm not
                      saying it's not possible, but how relevant is it? further, there
                      is work in progress, so why are you ranting at all? just to be
                      a hater?

                      > By the way, where's your arguments to support the statements about safety of fetching usigned packages through untrusted channels? Please, provide them. I'm very interested. Really. Seriously. I would listen.
                      >
                      > > you can't do that, then you have not convinced me that the work
                      >
                      > Have not convinced you? The work needed to make me happy? Like I care...

                      and that's why your trolling is pointless. you're not convincing the
                      people who might actually do the work. in fact, you're probably
                      turning them off.

                      > Work needed by who, dude? I use ports tree on OpenBSD only as a source of distfiles' identity, among other sources, and as a source of OpenBSD-specific patches. And I didn't ask you nor anybody else to make me happy with the ports tree/packages.

                      then why are you ranting? you are trying to tell people what is
                      obvious? what is your point? why are you here?

                      > I ensure identity, stability, security and resolve the dependencies of 3rd-party software I install by myself. There's very less I need on my OpenBSD servers beside the OpenBSD base. Hardened Gentoo is my choice for desktop and other servers, if you want to know.
                      >
                      > But I see you would want me to ask you for something, wouldn't you? Because then you can call me a whiner and satisfy your ego by teaching me how to ask politely, and at the very same time begging the question about whether your own arguments worth anything.
                      >
                      > But I didn't, don't and won't ask, dude. The very reason I started my humble trolling is good-old Anonymous Cowards were making good-old snobish statements about "fools games", unsupported builds and about how USE flags or alike in every dependency-based packaging systems sucks. That's just lies.

                      and I was trying to correct someone else' statement. then you
                      jumped all over me for no reason at all, claiming I said things that
                      I did not. you are not here to make real arguments, you are here to
                      troll and flame. I am here to show that is your purpose. I'm glad
                      you admitted as much.

                      > > needed to make you happy is useful, because you have not even
                      >
                      > Oh, come on, dude. Like you would want to make happy anyone else except yourself.
                      >
                      > > taken the time to make a real argument. instead make ridiculously
                      > > exaggerated statements like "on a daily basis".
                      >
                      > Ho-ho, dude. I think your libastral.so is a bit out of date. Because I actually *did* install software on OpenBSD on a daily basis. Not during 365 days of year, of course, but during a week and a half, I think. On a daily basis. So, even if my statement is exaggerated, then slightly, not rediculously.
                      >
                      > I hope to hear your arguments, reasonable and unexaggerated.

                      again, you could buy the CD sets.

                      Comments
                      1. By Arach (95.188.93.44) on

                        > you could buy the CDs. you seem to totally ignore that possibility,
                        > along with all the other advice you've been given.

                        There are no updates for packages on the CDs, even if I choose to follow -stable with small traffic of changes. That is the reason I ignore your single advice to buy the CDs.

                        There were *no* other advices (except the implicit one: to trust plain luck). Are you trying to make a fat troll out of me intentionally?

                        > I'm telling you to buy the CDs, not to trust plain luck.

                        No, you are telling me to buy the CDs, and then to trust plain luck every time I need to do security or reliability update out of packages. So the answer to your question remains the same: 100% of packages need to be recompiled when following -stable (or -current - doesn't matter).

                        > but I'm curious. in the history of OpenBSD, how many users
                        > have been affected by what you are ranting about? I'm not
                        > saying it's not possible, but how relevant is it? further, there

                        It's relevant for me if I know I easily could do or already did such things, or if I know exactly that one of my pals could do the same easily.

                        > is work in progress, so why are you ranting at all? just to be
                        > a hater?

                        No. Because the problem still exsist, and your advises wouldn't solve it at all. Go, deploy the PKI, start produce signed packages and then teach me how pointles I am.

                        > and that's why your trolling is pointless. you're not convincing the

                        Not every thing in the world you wouldn't agree is pointless, dude.

                        > people who might actually do the work. in fact, you're probably
                        > turning them off.

                        If I would want somebody to do some work for me, then yes, this behavior would be pointless. But when you call my opinion pointless, and I choose to prove you wrong, there's a point to me. And I see there is a point to you, since you continue to "feed" me.

                        > then why are you ranting? you are trying to tell people what is
                        > obvious? what is your point? why are you here?

                        Ranting. Obvious. That's how you call that... Dude. If what I tell you is so obvious, then why are you calling me pointless and trying to proove me wrong, parroting your advise to buy the CDs that doesn't solve untrusted updates problem at all?

                        > and I was trying to correct someone else' statement. then you
                        > jumped all over me for no reason at all, claiming I said things that

                        I'm sorry for that.

                        > I did not. you are not here to make real arguments, you are here to

                        I've made real arguments. Do you need me to repeat them? OK.

                        Even if I buy the CDs, I still need to trust plain luck when updating from packages. So the CDs doesn't offer security nor stability.

                        > troll and flame. I am here to show that is your purpose. I'm glad
                        > you admitted as much.

                        You are here to parroting I'm wrong. Pointlessly like this: "Buy the CDs and then trust plain luck every time you update from packages"

                        > again, you could buy the CD sets.

                        Again. Even if I buy the CDs, I still need to trust plain luck when updating from packages. So the CDs doesn't offer security nor stability.

                        Comments
                        1. By Anonymous Coward (67.171.157.251) on

                          > > you could buy the CDs. you seem to totally ignore that possibility,
                          > > along with all the other advice you've been given.
                          >
                          > There are no updates for packages on the CDs, even if I choose to follow -stable with small traffic of changes. That is the reason I ignore your single advice to buy the CDs.
                          >
                          > There were *no* other advices (except the implicit one: to trust plain luck). Are you trying to make a fat troll out of me intentionally?
                          >
                          > > I'm telling you to buy the CDs, not to trust plain luck.
                          >
                          > No, you are telling me to buy the CDs, and then to trust plain luck every time I need to do security or reliability update out of packages.

                          and how often is "every time". why can't you answer that?

                          > So the answer to your question remains the same: 100% of packages need to be recompiled when following -stable (or -current - doesn't matter).

                          really, every port needs a security update? again, you either do
                          not know what you are talking about, or are making ridiculous
                          exaggerations.

                          > > but I'm curious. in the history of OpenBSD, how many users
                          > > have been affected by what you are ranting about? I'm not
                          > > saying it's not possible, but how relevant is it? further, there
                          >
                          > It's relevant for me if I know I easily could do or already did such things, or if I know exactly that one of my pals could do the same easily.

                          again, no real answer, but some conjecture.

                          > > is work in progress, so why are you ranting at all? just to be
                          > > a hater?
                          >
                          > No. Because the problem still exsist, and your advises wouldn't solve it at all. Go, deploy the PKI, start produce signed packages and then teach me how pointles I am.
                          >
                          > > and that's why your trolling is pointless. you're not convincing the
                          >
                          > Not every thing in the world you wouldn't agree is pointless, dude.
                          >
                          > > people who might actually do the work. in fact, you're probably
                          > > turning them off.
                          >
                          > If I would want somebody to do some work for me, then yes, this behavior would be pointless. But when you call my opinion pointless, and I choose to prove you wrong, there's a point to me. And I see there is a point to you, since you continue to "feed" me.

                          I never said your opinion is pointless. I said your whining and
                          ranting is pointless.

                          the only reason I keep replying is because you keep replying without
                          answering the questions I am asking.

                          you are only proving that you cannot answer some basic questions.

                          > > then why are you ranting? you are trying to tell people what is
                          > > obvious? what is your point? why are you here?
                          >
                          > Ranting. Obvious. That's how you call that... Dude. If what I tell you is so obvious, then why are you calling me pointless and trying to proove me wrong, parroting your advise to buy the CDs that doesn't solve untrusted updates problem at all?

                          you keep changing your stance. first you were talking about
                          all ports/packages that one would install. the CDs would provide
                          that first install. now you are talking about only updates, but
                          you cannot answer how often updates are needed.

                          > > and I was trying to correct someone else' statement. then you
                          > > jumped all over me for no reason at all, claiming I said things that
                          >
                          > I'm sorry for that.
                          >
                          > > I did not. you are not here to make real arguments, you are here to
                          >
                          > I've made real arguments. Do you need me to repeat them? OK.
                          >
                          > Even if I buy the CDs, I still need to trust plain luck when updating from packages. So the CDs doesn't offer security nor stability.

                          but how often is it that packages would need to be updated?
                          you still have not answered that.

                          > > troll and flame. I am here to show that is your purpose. I'm glad
                          > > you admitted as much.
                          >
                          > You are here to parroting I'm wrong. Pointlessly like this: "Buy the CDs and then trust plain luck every time you update from packages"

                          how often is that?

                          > > again, you could buy the CD sets.
                          >
                          > Again. Even if I buy the CDs, I still need to trust plain luck when updating from packages. So the CDs doesn't offer security nor stability.

                          and how often is that? you know what, there aren't even packages
                          for -stable, so it'd be none.

                          Comments
                          1. By Arach (95.188.93.44) on

                            > and how often is "every time". why can't you answer that?

                            Yes, I can answer that. I update from 1 to 4 applications/libraries per month on OpenBSD servers. Of course this numbers are configuration-dependant. If I would run OpenBSD instead of Hardened Gentoo for the same purposes (as I did early), the nubmer will be very close to 4 or even more - that's for stable production.

                            And all that is irrelevant.

                            > really, every port needs a security update? again, you either do

                            That's not what I mean. I mean every port that needs to be updated (100% of such ports) must be recompiled, no matter if untrusted packages will ever be available online. (Btw, why do you ask about security updates only? There's reliability updates that also must be applied.)

                            So you were asking about a percentage of the whole ports tree? I misunderstood your question in the first place. Then, it's not 100% of the ports tree, but counting the percentage for the whole tree is not relevant anyway.

                            1 to 4 packages that needs to be updated monthly is enough to me. Hell, even 1 package per year is enough. Why? Think what time frame an attacker will choose to operate.

                            > not know what you are talking about, or are making ridiculous
                            > exaggerations.

                            Ridiculous exaggerations? How did you calculate that? What do you know about insecurity in the environments where my servers are hosted? What do you know about my ISPs? You know nothing. And I, believe me, know at least something. I was breaking in their systems (long ago) and saw how brain-damaged they are. I was trying to convince them to fix security issues (recently, many times), and that was useless most of the time, because They Just Don't Care.

                            But still you sure that quantity of packages updated per given time frame matters. It matters my ass, dude. The update time frames are predictable, the environments are flawed permanently, and more-or-less experienced attacker won't fail if he will do some tests before actually trying. And I was making fun of similar things when I was younger, so you don't hang spagetti on my ears now about how hard, how barely possible and barely feasible it *supposed* to be.

                            You're making very convenient assumptions out of your own "common sense" to support your opinion and trying to prove me wrong. Find something better than it-would-be-safe assumptions, dude.

                            I know my environments and have my reasons not to trust untrusted fetches. Period.

                            > > It's relevant for me if I know I easily could do or already did such things, or if I know exactly that one of my pals could do the same easily.
                            >
                            > again, no real answer, but some conjecture.

                            OMG, what real answer you the hell want to hear? It is relevant, because it very possible and very feasible in environments where I operate. In fact, insecurity is everywhere. If *fact*, dude. You want the details? Then ask. If you need simple answer, then: yes, it's relevant, because my environment pretty much allow such tricks.

                            > I never said your opinion is pointless. I said your whining and
                            > ranting is pointless.

                            Pointless... Pointless-pointless. Blah-blah-blah... This is my initial comment where you've found whining:

                            >> The situation is the same on every other dependency based package management system.
                            >No, it is not the same.

                            >> Guess what? It sucks, but implementing something like gentoo's USE flags is a fools game.
                            >Didn't you forgot to explain why it is a "fools game" (no matter how implemented and used)?

                            >> Guess what? Building from ports is unsupported, packages exist for a reason.
                            >What a bs. Go get rid of the ports in the tree that doesn't allow packaging, then.

                            Now, please, show me *where exactly* did you find that so called pointless whinihg? Which my words are pointless whining, and why do you think they are?

                            > the only reason I keep replying is because you keep replying without
                            > answering the questions I am asking.

                            Irrelevant questions you're asking.

                            > you are only proving that you cannot answer some basic questions.

                            I can make and repeat such empty statements too. But who cares. Go back to teach me how quantity and frequency of updates amazingly lower the risks. Find some facts. Describe a threat model. Do something.

                            > you keep changing your stance. first you were talking about

                            Yes, I've changed my stance only *once* (now show me where I *keep* changing) and only because I decided to agree with that the CDs, after all, is some kind of authenticated source. I could disagree and ask you how to ensure authenticity of the CDs. What would you suggest then? Nothing. And my point would stay completely valid: strictly saying, the CDs does not provide authenticity, just like untrusted packages. Does. Not. Provide. You send the CDs, and I recieve... what? A cat in a bag that my pal sent to me just to make fun in best traditions of social engineering.

                            Another point is the CDs does not provide any capabilities to OpenBSD ports/packaging systme to ensure authenticity. No signatire verification, no trusted fetches, no hashes, no nothing.

                            > all ports/packages that one would install. the CDs would provide
                            > that first install. now you are talking about only updates, but
                            > you cannot answer how often updates are needed.

                            Not exactly. Now *we* are talking about only updates, and only because you did ask about quantity of packages needed to be recompiled when following -stable. Like that's relevant...

                            > but how often is it that packages would need to be updated?
                            > you still have not answered that.

                            You have your answer. So what?

                            > how often is that?

                            Now you answer me: why "how often" matters?

                            > and how often is that? you know what, there aren't even packages
                            > for -stable, so it'd be none.

                            I don't have to know whether there is any packages to support my point, since I know none packages are trusted and none packages were trusted ever. I hope they will be soon though...

    2. By Janne Johansson (jj) jj@inet6.se on .

      > You know what's great about OpenBSD? The way you tell it to compile the MPlayer port, and you come back 5 hours later to see it compiling and installing CUPS, Glitz, Pango, and pretty much every other port in the tree... WTH does GTK2 depend on CUPS now? Of course you can't tell it to compile the MPlayer GUI with GTK-1, or disable the GUI without disabling all usable video output methods.
      > Did I mention 3 different versions of autoconf, nasm AND yasm, and rtunes for my nonexistent Apple hardware.

      If you really think you must warm the house by compiling some of the stuff, or the license of the port(s) says you must, you can still set the
      FETCH_PACKAGES variable so it will pick up packages for all the stuff it can get precompiled, and save lots of time.

    3. By Jacob Meuser (67.171.157.251) jakemsr@sdf.lonestar.org on

      > You know what's great about OpenBSD? The way you tell it to compile the MPlayer port

      no, OpenBSD tells you to use packages.

      > This is ridiculous, guys. Ports either need to default to the LEAST number of possible dependencies, or each port with multiple flavors needs to prompt the user, rather than continuing on

      so the package builders have to spend hours answering stupid questions?

      > The same is true of packages. There's no reason you should have to install most-all of GNOME to use some trivial GTK app.

      the only "gnome" thing the mplayer package needs is gtk+2.

      Comments
      1. By Anonymous Coward (95.188.93.44) on

        > > You know what's great about OpenBSD? The way you tell it to compile the MPlayer port
        >
        > no, OpenBSD tells you to use packages.

        Outdated, with publicly-disclosed vulnerabilities, with no sign of identity packages. Sweet.

        > so the package builders have to spend hours answering stupid questions?

        So the package builders have to honestly admit they have no resources to maintain stable, up-to-date and secure packages.

        Comments
        1. By Anonymous Coward (78.1.147.142) on

          > > so the package builders have to spend hours answering stupid questions?
          >
          > So the package builders have to honestly admit they have no resources to maintain stable, up-to-date and secure packages.

          I agree. Workaround for this is to use an unofficial third party package repository (pkgsrc, rutgers, ...). And that's the reason OpenBSD sucks.





          Comments
          1. By sthen (2a01:348:108:100:230:18ff:fea0:6af6) on

            > > > so the package builders have to spend hours answering stupid questions?
            > >
            > > So the package builders have to honestly admit they have no resources to maintain stable, up-to-date and secure packages.
            >
            > I agree. Workaround for this is to use an unofficial third party package repository (pkgsrc, rutgers, ...).

            pkgsrc provide binary packages for OpenBSD -stable? that's news to me.

            The other workarounds are to run snapshots, or build your own packages, it's not that hard.

            > And that's the reason OpenBSD sucks.

            This is the type of person who wants stable packages built? Makes you question whether it would be worth it.

          2. By Predrag (76.4.221.243) on

            > > > so the package builders have to spend hours answering stupid questions?
            > >
            > > So the package builders have to honestly admit they have no resources to maintain stable, up-to-date and secure packages.
            >
            > I agree. Workaround for this is to use an unofficial third party package repository (pkgsrc, rutgers, ...). And that's the reason OpenBSD sucks.
            >
            >
            >
            >
            >
            >


            Is anybody forcing you to use OpenBSD? I can't speak for the developers but I personally would to keep users as you as far as possible from OpenBSD.

            I really do not get the whole troll. If anybody wants to use apt-get or
            portage they should run Debian or Gentoo. Open source ecosystem is quite
            healthy and there is a great variety of operating systems as well as
            package management systems to satisfy different tastes.

            Best,
            Predrag

            P.S. I would like to thank developers for this great effort to resurrect the stable ports. Thank you and keep up great work!

    4. By sthen (2a01:348:108:100:230:18ff:fea0:6af6) on

      > This is ridiculous, guys. Ports either need to default to the LEAST number of possible dependencies, or each port with multiple flavors needs to prompt the user, rather than continuing on and installing the entire port tree to support some trivial option in a tiny app, that next to NOBODY uses anyways...

      If you want that, run some OS like FreeBSD where things are oriented around using ports rather than packages.

      The OpenBSD ports tree is arranged to make things easier to make packages. So some decisions are made in a way which makes that easier and quicker, even if it makes things a bit harder for people using ports.

      We have a hard enough time getting good test reports for simple cases "apply this diff and run make". If we had to get multiple flavours tested (and importantly, interactions between multiple flavours of one port and the rest of the tree) from the limited number of people who are testing and giving good reports, you would instead be complaining about everything being old and out of date.

      Comments
      1. By Anonymous Coward (95.188.93.44) on

        > If you want that, run some OS like FreeBSD where things are oriented around using ports rather than packages.

        Sad. FreeBSD is not much better.

        Comments
        1. By Brad (2001:470:b01e:3:216:41ff:fe17:6933) brad at comstyle dot com on

          > > If you want that, run some OS like FreeBSD where things are oriented around using ports rather than packages.
          >
          > Sad. FreeBSD is not much better.

          The original comment makes no sense. Their ports are horrible. IMO it is considerably worse.

          Comments
          1. By sthen (2a01:348:108:100:230:18ff:fea0:6af6) on

            > > > If you want that, run some OS like FreeBSD where things are oriented around using ports rather than packages.
            > >
            > > Sad. FreeBSD is not much better.
            >
            > The original comment makes no sense. Their ports are horrible. IMO it is considerably worse.

            I don't disagree with this, but, they do often have fancy menus so you can choose which dependencies you want, which seems to be what the OP was looking for.

            Comments
            1. By Anonymous Coward (67.232.95.224) on

              > I don't disagree with this, but, they do often have fancy menus so you can choose which dependencies you want, which seems to be what the OP was looking for.

              And as a port maintainer for FreeBSD, my inbox is flooded by idiots who try and configure every port with every feature presented, breaking later port builds with unpredictable/incompatible conflicts. End users should have a means to set customization, but they should also have to seek them out when they know they want it.

              Lastly, the threads OP seems to be having a bigger issue with all of the build depends. This has nothing to do with *BSD or portage. It has to do with the needs of every tiny bit that the port you are building depends on. That's right... your port's depends also have depends, be they for building or running, and you will have to build all of those as well. Porters have no control over what each port's upstream designates as needed for it to build, they just implement it. Use packages if this is a problem, that way you only get the final product and not the extra build-time only depends.

      2. By RC (76.175.123.95) on

        > If you want that, run some OS like FreeBSD

        I do.

        > The OpenBSD ports tree is arranged to make things easier to make packages. So some decisions are made in a way which makes that easier and quicker, even if it makes things a bit harder for people using ports.

        FreeBSD automates package builds from the ports tree without problems... Would you car what specifically you're talking about, which FreeBSD hasn't figure out, or reluctantly tolerates?

        > If we had to get multiple flavours tested (and importantly, interactions between multiple flavours of one port and the rest of the tree)

        I see your point. So my first suggestion of reducing all packages to a reasonable minimum number of dependencies would indeed be best option, and would make your testing EASIER with fewer package interactions...

        > from the limited number of people who are testing and giving good reports, you would instead be complaining about everything being old and out of date.

        Been there, done that (a lot of years ago). I got by on updating ports on my own, and hand-compiling a few source tarballs myself that didn't exist in ports at all. I'd have to say, things were better-off that way.

        In fact today I find myself preferring slightly older versions of programs much of the time. eg. xfce3, Openbox2 (vs. Blackbox/Fluxbox--vs. OpenBox3 with it's pointless GTK2 bloat and no new features to show for it), xmms1, sylpheed1, etc. Of course there's plenty of counter-examples as well, but still, a bit out of date isn't the end of the world for most software. In fact I advocated keeping obsolete OpenBSD ports in the tree rather than blindly removing anything that isn't the newest, wherever they didn't require any additional maintenance to continue to build... I didn't win anyone over on that one, either, I'm afraid...

        Comments
        1. By sthen (2a01:348:108:100:230:18ff:fea0:6af6) on

          > > If you want that, run some OS like FreeBSD
          >
          > I do.
          >
          > > The OpenBSD ports tree is arranged to make things easier to make packages. So some decisions are made in a way which makes that easier and quicker, even if it makes things a bit harder for people using ports.
          >
          > FreeBSD automates package builds from the ports tree without problems... Would you car what specifically you're talking about, which FreeBSD hasn't figure out, or reluctantly tolerates?

          It's pretty normal for an OpenBSD port to *deliberately* pull in any dependencies which people might find useful, build the port just once, and split at the packaging stage. This is explained in more detail at http://www.openbsd.org/porting/packaging.html.

          Since some of the machine arch we bulk-build packages on take several *months* for a full build, we try and avoid the unnecessary duplicate builds that would happen if we were to provide separately flavoured complete packages for each build option.

          mplayer which was used as an example *doesn't* do this yet. If someone is interested in changing things and particularly cares about mplayer, perhaps they could provide a diff that moves gmplayer to a subpackage, so only the subpackage would pull in the extra library dependencies, and add a PSEUDO_FLAVOR to disable gmplayer. We'd still need the no_x11 FLAVOR e.g. for people who want an mencoder that doesn't need X, so it won't be the most straightforward thing ever, but it wouldn't be especially difficult and there are similar examples in the tree to crib from. (Yeah, it would have been quicker for me to do this than to write this post... but I am hopeful that enough readers will benefit from the explanation that it was worthwhile. It would just be lost in a sea of Ms at this point in release cycle anyway ;-)

          Contrary to what some people posting on this page believe, you don't need a CVS account to get work done. Yes it can help to get things in when things slip through the cracks, but many of the diffs on ports@ which don't get in cannot be committed without a bunch of reworking. Get a name for sending good useful diffs that can be committed as-is or with only minor changes, and when there are dozens of diffs sitting on ports@, people will generally read yours early...

    5. By Anonymous Coward (69.71.222.187) on

      Well there is a reason for this and I'll explain it shortly.


      OpenBSD has fucked up proceedures trolled partly by "we are leet"-guys like Brad. In fact you DO REQUIRE a system account at Theo-Net to be able to MODIFY, UPDATE OR OTHERWISE DEAL WITH A PORT.

      Of course they tell you that you could send your modifications to the maintainer or post it to the mailinglist but I saw a lot stuff not getting applied because either the port had no maintainer or the maintainer maintains +40 other ports and IS a active developer.. which brings us to the time consuming part of a port.

      Updates for -STABLE where droped once because we where told that 2 things are missing:

      1. manpower
      2. "build" mashines for packages


      For 1:
      Change to GIT or patch OpenCVS to allow people to have COMMIT RIGHTS for example just to a single port (like net/nmap) in the portstree in the CVS.

      For 2:
      Simply improve the ports (btw: for john: dmesg | grep CPU <- look for sse and use sse except of mmx... such changes are easy to make just how to get them into the port itself?!)...

      I totaly angree with yout that the current status just sucks.
      But it would require changes... and Theo would need to drop partly some control..


      To make it even more short: Yes it sucks and yes nothing will change. All your submissions get forgotten and you post will, if you keep on, censored away like many others here..

      Comments
      1. By sthen (2a01:348:108:100:230:18ff:fea0:6af6) on

        > OpenBSD has fucked up proceedures trolled partly by "we are leet"-guys like Brad. In fact you DO REQUIRE a system account at Theo-Net to be able to MODIFY, UPDATE OR OTHERWISE DEAL WITH A PORT.

        You certainly can modify or update or otherwise deal with a port. The only thing you can't do directly is commit changes to the tree, so you have to work with people who can.

        > Change to GIT or patch OpenCVS to allow people to have COMMIT RIGHTS for example just to a single port (like net/nmap) in the portstree in the CVS.

        The ports tree is a whole entity, it's not just a bunch of separate parts. I'd rother have some updates missed than have a bunch of work cleaning up after people who don't understand this.

      2. By Anonymous Coward (67.171.157.251) on

        > patch OpenCVS to allow people to have COMMIT RIGHTS

        wow.

        that comment shows just how much you know about the process of
        making and maintaining an OS, and how relevant your remarks are.

        Comments
        1. By Anonymous Coward (190.188.109.45) on

          > > patch OpenCVS to allow people to have COMMIT RIGHTS
          >
          > wow.
          >
          > that comment shows just how much you know about the process of
          > making and maintaining an OS, and how relevant your remarks are.
          >

          And that's the stuff I mean if I blame developers...
          PORTS != OS, Ports are a fucked up piece of 3rd party application you do drop any responsebility for (during the FAQ...)...

          So how are ports RELATED TO "maintaining an OS"? And now please come up with serious critic or explantations please..

          The ports are partly a real mess and it's not about the ports-system which works quiet well. It is about the ports directly.

          Comments
          1. By Anonymous Coward (67.171.157.251) on

            > > > patch OpenCVS to allow people to have COMMIT RIGHTS
            > >
            > > wow.
            > >
            > > that comment shows just how much you know about the process of
            > > making and maintaining an OS, and how relevant your remarks are.
            > >
            >
            > And that's the stuff I mean if I blame developers...
            > PORTS != OS, Ports are a fucked up piece of 3rd party application you do drop any responsebility for (during the FAQ...)...
            >
            > So how are ports RELATED TO "maintaining an OS"? And now please come up with serious critic or explantations please..

            OpenCVS is part of the base system. cvs commit access requires a
            local account. this is pretty basic.

            >
            > The ports are partly a real mess and it's not about the ports-system which works quiet well. It is about the ports directly.

            huh?

            I think this thread is about haters trying to convince others that
            OpenBSD sucks and failing miserably, because they simply don't
            understand what they are talking about.

            Comments
            1. By Arach (95.188.93.44) on

              > I think this thread is about haters trying to convince others that
              > OpenBSD sucks and failing miserably, because they simply don't
              > understand what they are talking about.

              So I think this thread is about Ego the Rude trying to make OpenBSD haters out of people who actually use OpenBSD, but somehow dared (!!!!!111) to criticise OpenBSD's packaging system.

        2. By Arach (95.188.93.44) on

          > wow.
          >
          > that comment shows just how much you know about the process of
          > making and maintaining an OS, and how relevant your remarks are.

          For God's sake... Theo, cut the anonymous crap and log the hell in.

          Comments
          1. By Anonymous Coward (67.171.157.251) on

            > > wow.
            > >
            > > that comment shows just how much you know about the process of
            > > making and maintaining an OS, and how relevant your remarks are.
            >
            > For God's sake... Theo, cut the anonymous crap and log the hell in.

            again, complete lack of effort. I've logged in for at least one
            reply. check the IP addresses.

            if you really want to make a point, please at least try.

            Comments
            1. By Arach (95.188.93.44) on

              > again, complete lack of effort. I've logged in for at least one

              Dude, even if I would show lack of effort in 99.999% of time, you still can't beat my statement that buying the CDs doesn't offer *any* protection from spoofing attacks during fetch of *any* updated package.

              > reply. check the IP addresses.

              You really think I care or should care?

              > if you really want to make a point, please at least try.

              Oh, I see. Theach me how I should try to make a point every time when I'm having fun. :)

              Comments
              1. By Anonymous Coward (67.171.157.251) on

                > > again, complete lack of effort. I've logged in for at least one
                >
                > Dude, even if I would show lack of effort in 99.999% of time, you still can't beat my statement that buying the CDs doesn't offer *any* protection from spoofing attacks during fetch of *any* updated package.
                >
                > > reply. check the IP addresses.
                >
                > You really think I care or should care?
                >
                > > if you really want to make a point, please at least try.
                >
                > Oh, I see. Theach me how I should try to make a point every time when I'm having fun. :)

                you don't care if anything you say is truthful or not? and you
                expect people to respect your "opinions"?

                Comments
                1. By Arach (95.188.93.44) on

                  > you don't care if anything you say is truthful or not? and you
                  > expect people to respect your "opinions"?

                  Where I said I don't care "if anything..."? Are you trying to make a fat troll of me?

      3. By han (66.130.36.145) on

        > Well there is a reason for this and I'll explain it shortly.
        >
        >
        > OpenBSD has fucked up proceedures trolled partly by "we are leet"-guys like Brad. In fact you DO REQUIRE a system account at Theo-Net to be able to MODIFY, UPDATE OR OTHERWISE DEAL WITH A PORT.
        >
        > Of course they tell you that you could send your modifications to the maintainer or post it to the mailinglist but I saw a lot stuff not getting applied because either the port had no maintainer or the maintainer maintains +40 other ports and IS a active developer.. which brings us to the time consuming part of a port.
        >
        > Updates for -STABLE where droped once because we where told that 2 things are missing:
        >
        > 1. manpower
        > 2. "build" mashines for packages
        >
        >
        > For 1:
        > Change to GIT or patch OpenCVS to allow people to have COMMIT RIGHTS for example just to a single port (like net/nmap) in the portstree in the CVS.
        >
        > For 2:
        > Simply improve the ports (btw: for john: dmesg | grep CPU <- look for sse and use sse except of mmx... such changes are easy to make just how to get them into the port itself?!)...
        >
        > I totaly angree with yout that the current status just sucks.
        > But it would require changes... and Theo would need to drop partly some control..
        >
        >
        > To make it even more short: Yes it sucks and yes nothing will change. All your submissions get forgotten and you post will, if you keep on, censored away like many others here..

        I'm sure you're right !
        Some ports(quite a few) are outdated and It's a concern for security.
        Actually who can run OpenBSD only with the base system ?
        Is it really fair to claim that we produce the most secure OS when regarding the ports update issue ?
        I sure that some people would be willing to work on the ports...but what can you expect from a "masturbating monkey" namely Theo ?

        Comments
        1. By Anonymous Coward (67.171.157.251) on

          > Some ports(quite a few) are outdated and It's a concern for security.

          then don't use ports and install everything from source, completely
          on your own. that would be more secure and better, right?

          > Actually who can run OpenBSD only with the base system ?

          I've run many such systems. I'd say it's common to have few or no
          ports installed on gateway systems.

          > Is it really fair to claim that we produce the most secure OS when regarding the ports update issue ?

          in reality, ports is extra goo on top of the OS. the faq clearly
          states that ports do not get the security checks the base system does.

          > I sure that some people would be willing to work on the ports...but what can you expect from a "masturbating monkey" namely Theo ?

          pretty much anyone who meets the OpenBSD standards for both competence
          and commitment to maintain their and others' work can get a developer's
          account. the standards are high, and that is why you are here and
          want to be part of "we". OpenBSD would just be a pile of garbage
          like most other OSes if the standards weren't kept, and just anybody
          could commit.

          Comments
          1. By Arach (95.188.93.44) on

            > then don't use ports and install everything from source, completely
            > on your own. that would be more secure and better, right?

            Dude, you wouldn't believe: right! :) At least for now and for me.

            > in reality, ports is extra goo on top of the OS. the faq clearly
            > states that ports do not get the security checks the base system does.

            In reality, even if ports is "extra goo", you rely upon them quite often and don't like when they make additional risks during package fetch, *beside* the already existing risks connected to unaudited state of the ports' source code.

            And I see efforts to make use of PKI in OpenBSD. That means OpenBSD guys finally admited some usefulness of signing the packages.

            Comments
            1. By Anonymous Coward (67.171.157.251) on

              > > then don't use ports and install everything from source, completely
              > > on your own. that would be more secure and better, right?
              >
              > Dude, you wouldn't believe: right! :) At least for now and for me.

              good, you have you solution then. why are you ranting again?

              > > in reality, ports is extra goo on top of the OS. the faq clearly
              > > states that ports do not get the security checks the base system does.
              >
              > In reality, even if ports is "extra goo", you rely upon them quite often and don't like when they make additional risks during package fetch, *beside* the already existing risks connected to unaudited state of the ports' source code.

              no, it's fine with *me*. *you* seem to be the one with issues.

              > And I see efforts to make use of PKI in OpenBSD. That means OpenBSD guys finally admited some usefulness of signing the packages.

              and I'm sure as with most things in OpenBSD, once some functionality
              does finally arrive, it is implemented better than most other
              previous implementations. but I guess you would rather have some
              slop that was put together as quickly as possible ...

              Comments
              1. By Arach (95.188.93.44) on

                > good, you have you solution then. why are you ranting again?

                Because you keep calling me pointless and so on, but didn't came up with any reasonable arguments though.

                > no, it's fine with *me*. *you* seem to be the one with issues.

                So go and use your packages. Maybe you would be comfortable with telnet instead of ssh then... I don't know and I don't care.

                But if it's fine with you to fetch the updates for production systems through untrusted channels, it doesn't make any other people's demands in cryptographic protection measures pointless.

                > and I'm sure as with most things in OpenBSD, once some functionality
                > does finally arrive, it is implemented better than most other
                > previous implementations. but I guess you would rather have some
                > slop that was put together as quickly as possible ...

                OpenBSD is great, anything else is crap... Good-old talks.

                And you guess wrong, btw. The fact I dislike your offending parroting doesn't make OpenBSD hater of me.

                Comments
                1. By Anonymous Coward (67.171.157.251) on

                  > > good, you have you solution then. why are you ranting again?
                  >
                  > Because you keep calling me pointless and so on, but didn't came up with any reasonable arguments though.

                  I never said you are pointless. your actions in this thread though,
                  are pointless. if your opinion is simply that signed packages would
                  be nice, then guess what, I agree with that.

                  > > no, it's fine with *me*. *you* seem to be the one with issues.
                  >
                  > So go and use your packages. Maybe you would be comfortable with telnet instead of ssh then... I don't know and I don't care.
                  >
                  > But if it's fine with you to fetch the updates for production systems through untrusted channels, it doesn't make any other people's demands in cryptographic protection measures pointless.

                  there are no updated -stable packages, so exactly what are you
                  talking about?

                  oh right, you are demanding something of people who give you
                  something for free. and this something that you are demanding is
                  even being worked on. what is your point again?

                  > > and I'm sure as with most things in OpenBSD, once some functionality
                  > > does finally arrive, it is implemented better than most other
                  > > previous implementations. but I guess you would rather have some
                  > > slop that was put together as quickly as possible ...
                  >
                  > OpenBSD is great, anything else is crap... Good-old talks.
                  >
                  > And you guess wrong, btw. The fact I dislike your offending parroting doesn't make OpenBSD hater of me.

                  it's being worked on and you are aware of that, but yet you are
                  ranting that it is not yet implemented. so, what then is your
                  purpose in this thread?

                  Comments
                  1. By Arach (95.188.93.44) on

                    > I never said you are pointless. your actions in this thread though,
                    > are pointless. if your opinion is simply that signed packages would
                    > be nice, then guess what, I agree with that.

                    My actions are pointless, and I am not... Big difference there must be. I see none. Maybe because of my bad English. But anyway... I was referring to exactly you words about my actions and so on being pointless.

                    > there are no updated -stable packages, so exactly what are you
                    > talking about?

                    About any untrusted packages. Some time ago I updated production systems out of -current ports, since there was no living -stable. There are snapshot packages that I decided to ignore.

                    > oh right, you are demanding something of people who give you
                    > something for free. and this something that you are demanding is
                    > even being worked on. what is your point again?

                    I'm not demanding. You just take my words out of context.

                    > it's being worked on and you are aware of that, but yet you are
                    > ranting that it is not yet implemented. so, what then is your
                    > purpose in this thread?

                    I'm starting to get tired to explain to you anything...

                    Since you like to accuse me in whining or something every time you don't understand my reasons and my opinion, I want to object.

                    Take this particular case. Now you're accusing me in ranting about PKI is not yet implemented. Where I was ranting about *that*? I rant about your rude statements about CDs and package are some kind of reasonable substitutuion to PKI for *me* (or everyone).

          2. By han (66.130.36.145) on

            > > Some ports(quite a few) are outdated and It's a concern for security.
            >
            > then don't use ports and install everything from source, completely
            > on your own. that would be more secure and better, right?
            >
            "Cope by yourself !"
            I understand that...but in this case why providing people with packages ?
            That doesn't make sense !

            > > Actually who can run OpenBSD only with the base system ?
            >
            > I've run many such systems. I'd say it's common to have few or no
            > ports installed on gateway systems.
            >
            As firewalls, and mail servers !
            If the target is just those...why not!...I understand this, as well !
            why working on wireless connexions, graphics interfaces or whatever related to a desktop ?
            Again that does not make sense !

            > > Is it really fair to claim that we produce the most secure OS when regarding the ports update issue ?
            >
            > in reality, ports is extra goo on top of the OS. the faq clearly
            > states that ports do not get the security checks the base system does.
            >
            That was fair warning...aka outdated softwares.

            > > I sure that some people would be willing to work on the ports...but what can you expect from a "masturbating monkey" namely Theo ?
            >
            > pretty much anyone who meets the OpenBSD standards for both competence
            > and commitment to maintain their and others' work can get a developer's
            > account. the standards are high, and that is why you are here and
            > want to be part of "we". OpenBSD would just be a pile of garbage
            > like most other OSes if the standards weren't kept, and just anybody
            > could commit.
            >
            To your knowledge, I do not want.
            I don't see OpenBSD developers as gods or supernatural people, therefore I've no reason to profit from what I don't believe in, It's not my frame of mind.
            I'm just a end user, willing to pay for a secure OS, indeed !

            Furthermore, where's the point regarding the packages, because only the base system is guaranteed !
            Does it make sense yet ?

            In addition, I can't swallow that only "supernatural" people can package softwares.
            I'm sure that other talented people could joint the packaging team without hurting either the stability either the OpenBSD reputation.
            I guess that only people who are close to the official member team are getting introduced in the circle.




            Comments
            1. By Anonymous Coward (67.171.157.251) on

              > > > Some ports(quite a few) are outdated and It's a concern for security.
              > >
              > > then don't use ports and install everything from source, completely
              > > on your own. that would be more secure and better, right?
              > >
              > "Cope by yourself !"
              > I understand that...but in this case why providing people with packages ?
              > That doesn't make sense !

              it's fine for many people. it might not make sense to you, but you
              don't make sense to me, so what can I say?

              > > > Actually who can run OpenBSD only with the base system ?
              > >
              > > I've run many such systems. I'd say it's common to have few or no
              > > ports installed on gateway systems.
              > >
              > As firewalls, and mail servers !
              > If the target is just those...why not!...I understand this, as well !
              > why working on wireless connexions, graphics interfaces or whatever related to a desktop ?
              > Again that does not make sense !

              I was merely answering, "who can run OpenBSD only with the base
              system?". lots of people do.

              and why is there desktop stuff? probably so the developers can
              use OpenBSD instead of some other OS as their desktop, so they
              can hack on OpenBSD even when they are watching youtube videos.

              > > > Is it really fair to claim that we produce the most secure OS when regarding the ports update issue ?
              > >
              > > in reality, ports is extra goo on top of the OS. the faq clearly
              > > states that ports do not get the security checks the base system does.
              > >
              > That was fair warning...aka outdated softwares.
              >
              > > > I sure that some people would be willing to work on the ports...but what can you expect from a "masturbating monkey" namely Theo ?
              > >
              > > pretty much anyone who meets the OpenBSD standards for both competence
              > > and commitment to maintain their and others' work can get a developer's
              > > account. the standards are high, and that is why you are here and
              > > want to be part of "we". OpenBSD would just be a pile of garbage
              > > like most other OSes if the standards weren't kept, and just anybody
              > > could commit.
              > >
              > To your knowledge, I do not want.

              then what's with the "we"?

              > I don't see OpenBSD developers as gods or supernatural people, therefore I've no reason to profit from what I don't believe in, It's not my frame of mind.
              > I'm just a end user, willing to pay for a secure OS, indeed !
              >
              > Furthermore, where's the point regarding the packages, because only the base system is guaranteed !
              > Does it make sense yet ?
              >
              > In addition, I can't swallow that only "supernatural" people can package softwares.
              > I'm sure that other talented people could joint the packaging team without hurting either the stability either the OpenBSD reputation.
              > I guess that only people who are close to the official member team are getting introduced in the circle.
              >
              >
              >
              >

              I have never met any other OpenBSD developer face to face, nor do
              I have any kind of social relation with any developer outside
              of the development channels, but I have an account.

              also, when I first came to OpenBSD I made all kind of silly suggestions
              and got flamed pretty hard. well, let me backtrack. I made suggestions
              *and showed code implementing the suggestions*. at any rate, I
              listened and learned. something some people here simply are not
              capable of, I suppose.

              Comments
              1. By han (66.130.36.145) on

                > also, when I first came to OpenBSD I made all kind of silly suggestions
                > and got flamed pretty hard. well, let me backtrack. I made suggestions
                > *and showed code implementing the suggestions*. at any rate, I
                > listened and learned. something some people here simply are not
                > capable of, I suppose.
                >
                When I pinpoint that some softwares are outdated, that Theo should allow other developers to pack some, that they could pack softwares only because anyway only the base system is certified as a stronghold...then you bark that the current situation is fine like this, is fine for you with everyone behind you of course or bark "do it yourself !" blabla...It's silly suggestions.

                Ok I surrender, you're definitely to clever for me !

                When you flame someone because he doesn't share your views that means just that you have no social behaviour, you're stubborn and narrow minded not that you're the one with cosmic thinking !

                For your sake, OpenBSD is more than a hobby or a play game for developers.
                In the past, this attitude has leaded it towards debts !
                The behaviour "show me the code, show me the code I'll masturbate myself..." is fruitless !

                When you buy CDs set, when you donate money on request for devices or to support development, when you report bugs, send dmesg, when you help people in forums, when you speak about OpenBSD to spread it...then you support the cause, you make OpenBSD what It is and you are a part of it; including if you don't pee any code, this despites what you think !

                You're likely contaminated with the "big head syndrome", you have my mercy, fairly !

                to put a end, I won't reply anymore, I've wasted to much time with you genius !



      4. By Matthias Kilian (91.3.13.231) on

        > [...] In fact you DO REQUIRE a system account at Theo-Net to be able to MODIFY, UPDATE OR OTHERWISE DEAL WITH A PORT.
        >
        > Of course they tell you that you could send your modifications to the maintainer or post it to the mailinglist but I saw a lot stuff not getting applied because either the port had no maintainer or the maintainer maintains +40 other ports and IS a active developer.. which brings us to the time consuming part of a port.

        This has nothing to do wether you're a developer or not. Often, even diffs from developers aren't committed because nobody tested them. Take the xpdf related diffs, for example (texlive, kdegraphics, something else I forgot). I didn't get any single test report, and since those ports aren't my area (I'm not even using this stuff), I didn't commit the diffs.

        People are always whining about outdated ports, but when you ask them to test diffs, you often end up with no feedback at all, regardless of wether you're a developer (have an account on cvs) or not.

        Comments
        1. By Anonymous Coward (206.205.112.34) on

          > > [...] In fact you DO REQUIRE a system account at Theo-Net to be able to MODIFY, UPDATE OR OTHERWISE DEAL WITH A PORT.
          > >
          > > Of course they tell you that you could send your modifications to the maintainer or post it to the mailinglist but I saw a lot stuff not getting applied because either the port had no maintainer or the maintainer maintains +40 other ports and IS a active developer.. which brings us to the time consuming part of a port.
          >
          > This has nothing to do wether you're a developer or not. Often, even diffs from developers aren't committed because nobody tested them. Take the xpdf related diffs, for example (texlive, kdegraphics, something else I forgot). I didn't get any single test report, and since those ports aren't my area (I'm not even using this stuff), I didn't commit the diffs.
          >
          > People are always whining about outdated ports, but when you ask them to test diffs, you often end up with no feedback at all, regardless of wether you're a developer (have an account on cvs) or not.

          And that is what I mean.
          YES testing is not perfectly organized in OpenBSD...
          BUT: You should COMMIT ANYWAY. If it works for YOU: COMMIT...
          Why "test" it... The OpenBSD FAQ is clear: Ports AINT OS RELATED AND DO NOT GET CHECKED FOR SECURITY AND CO THAT MUCH. Please keep that in mind...

          Of course you could risk side effects but those could get PATCHED later then. I'd would say it hard: If you receive NO testresults: Commit anyway and the userbase WILL test it some day... even if they wont.

          You can not trust on "TESTS" before you commit a port update.
          THis way nothing gets done and each port improvement is keept at some random OpenBSD-dev PC. :-)


          Would I risk the overall stability of the ports? YES, 'course it's the only way...

          Because if people tell you: OH NOW XPDF CRASHS you can tell them: I asked for people testing the update, none did. I patched it now.. do you dare to test it? If not please go elsewhere..

          Also asking at mailinglits ain't cool imho! You mail gets archived and you seriously don't think people o search for mails calling for a TEST?

          Make a website with those informations:

          PORT-NAME CURRENT-VERSION NEXT-VERSION COMMENT


          Like:

          nmap 4.78 4.99 needs testing, specialy the -O2 flag. Please report any bug to <address>

          But in the end even that website is pointless. It would just provoke users to comment back. Because the trouble you have if you deal with people is to force them doing what you want because you know the details but all this must happen without them feeling to get forced otherwise you push them away...

          A pretty neutral analyse but that's how it is for a developer...
          So be creative.. :-)

          Comments
          1. By Anonymous Coward (85.164.135.142) on

            > Of course you could risk side effects but those could get PATCHED later

            And this shows that you Just Don't Get It(tm)

            What happens when those untested pactches go in, and then patches are made to fix those side effects, but are then untested, and have side effects, which then get patches, which are untested...

            To paraphrase your argument:

            "It's untested patches all the way down!"

          2. By Matthias Kilian (91.3.38.31) on

            > > People are always whining about outdated ports, but when you ask them to test diffs, you often end up with no feedback at all, regardless of wether you're a developer (have an account on cvs) or not.
            >
            > And that is what I mean.
            > YES testing is not perfectly organized in OpenBSD...
            > BUT: You should COMMIT ANYWAY. If it works for YOU: COMMIT...

            I don't know wether it works for me, because I'm not using it.

            > Why "test" it... The OpenBSD FAQ is clear: Ports AINT OS RELATED AND DO NOT GET CHECKED FOR SECURITY AND CO THAT MUCH. Please keep that in mind...

            expect some major breakage after unlock. i've updates for about 14 ports in my tree that depend on guile, and there are additional 20 ports dependig on guile that don't need diffs but may break. I'll just commit that shit, because (in your opinion) it's ok to break stuff. If anyone complains, I'll point him to this thread.

            > You can not trust on "TESTS" before you commit a port update.
            > THis way nothing gets done and each port improvement is keept at some random OpenBSD-dev PC. :-)

            You're too stupid to use patch(1)? Very sad.

            > Would I risk the overall stability of the ports? YES, 'course it's the only way...

            No. If ports don't build for *porters*, it's a major issue. If (stable) ports don't build for people using build machines and then distribute packages to the work machines, it's a major issue. Breaking stuff can't be accepted.

            > Because if people tell you: OH NOW XPDF CRASHS you can tell them:

            xpdf didn't crash after the diffs had been applied. Go back and read. It's about all those stupid ports that include (modified) xpdf sources in their distfiles.

            > Also asking at mailinglits ain't cool imho! You mail gets archived and you seriously don't think people o search for mails calling for a TEST?

            Oh, we need wiki.openbsd.org! Just don't count me in.

        2. By Predrag Punosevac (76.4.221.243) punosevac72.AT.gmail on

          > This has nothing to do wether you're a developer or not. Often, even diffs from developers aren't committed because nobody tested them. Take the xpdf related diffs, for example (texlive, kdegraphics, something else I forgot). I didn't get any single test report, and since those ports aren't my area (I'm not even using this stuff), I didn't commit the diffs.
          >
          > People are always whining about outdated ports, but when you ask them to test diffs, you often end up with no feedback at all, regardless of wether you're a developer (have an account on cvs) or not.



          Kili,

          Do you have all those differences on one place? I will test them during
          the week. You can send them to me via private email if it is more convenient.

          Best,
          Predrag

          Comments
          1. By Matthias Kilian (91.3.38.31) on

            > Do you have all those differences on one place? I will test them during
            > the week. You can send them to me via private email if it is more convenient.

            I'll send new diffs in a few days (and upload them somewhere). For now, there are the mails on ports@ but there may be conflicts on plists or pkgnames:

            texlive:
            http://marc.info/?l=openbsd-ports&m=124045156826493&w=2

            kdegraphics:
            http://marc.info/?l=openbsd-ports&m=124039818409438&w=2

            koffice3: I won't fix it. But I could disable PDF support.
            http://marc.info/?l=openbsd-ports&m=124043816911490&w=2

      5. By tedu (udet) on


        > Change to GIT or patch OpenCVS to allow people to have COMMIT RIGHTS for example just to a single port (like net/nmap) in the portstree in the CVS.

        how hard is it to check the ports tree into github? have you done so? how's it working? how many users do you have?

    6. By Can Acar (129.46.76.189) canacar@ on

      > You know what's great about OpenBSD? The way you tell it to compile the MPlayer port, and you come back 5 hours later to see it compiling and installing CUPS, Glitz, Pango, and pretty much every other port in the tree... WTH does GTK2 depend on CUPS now? Of course you can't tell it to compile the MPlayer GUI with GTK-1, or disable the GUI without disabling all usable video output methods.
      >
      > Did I mention 3 different versions of autoconf, nasm AND yasm, and rtunes for my nonexistent Apple hardware.
      >
      > This is ridiculous, guys. Ports either need to default to the LEAST number of possible dependencies, or each port with multiple flavors needs to prompt the user, rather than continuing on and installing the entire port tree to support some trivial option in a tiny app, that next to NOBODY uses anyways...

      The 'build dependencies' are different from 'run dependencies'. That is, you almost always need a small subset of ports to actually install and run a package than to build it. If you want to build everything from source, you have to be prepared to invest a lot of time/disk/cpu for it. This usually pays off if you have a large number of machines that you want to build ports for.

      If you want to build a subset, FETCH_PACKAGES setting as mentioned elsewhere will allow you to install the dependencies from packages as where available during the build.


      > The same is true of packages. There's no reason you should have to install most-all of GNOME to use some trivial GTK app.

      GTK is hardly most-of GNOME. In fact, until a couple of releases ago, we did not even have most-of-GNOME at all. It is probably an issue with your trivial GTK app, that needs to be fixed.

      Usually the way to fix such cases is to talk to the maintainer, and suggest ways to improve the port.

      I have used a bunch of package management systems including Linux (apt, rpm) and FreeBSD. They all have their quirks and problems, especially when you want to move away from the recommended ways. I found the FreeBSD way of "You are in a maze of port management tools all alike" approach extremely confusing.

      Compared with the others, the OpenBSD ports system is very well organized, with a consistent goal of making building easy for packagers and not users. If you are a regular user, just use packages. If you want to build your own ports, be prepared to have resources and learn the framework.

      If you are not willing to put some effort to solve your own problems, do not expect others to do the work for you.

      Comments
      1. By Anonymous Coward (190.188.109.45) on

        > Compared with the others, the OpenBSD ports system is very well organized, with a consistent goal of making building easy for packagers and not users. If you are a regular user, just use packages. If you want to build your own ports, be prepared to have resources and learn the framework.
        >
        > If you are not willing to put some effort to solve your own problems, do not expect others to do the work for you.

        I don't think it is about the code which creates packages and compiles the stuff but about the PORTS itself in a major manner.
        And yes you are right: EFFORT is needed but OpenBSD and the devs don't make things easy I'd say.

        As I wrote earlier: You need a CVS account to seriously work actively. Otherwise you need to relay on others and this ain't productive at all. Or would Henning might care about nmap updates? Or theo might update the LUA port? Or propably Brad get's happy if I send him an update for amap or even a new port? *just random fictional examples*

        On the other hand I need a CVS account to bypass the situation from above...

        Comments
        1. By Loki2 (218.214.194.113) on

          >
          > On the other hand I need a CVS account to bypass the situation from above...

          And what the hell have YOU done to earn that?

          Fuck all. AFAICT

          My mother had it right when she told me as a child:
          "Self advertisement is no recommendation."

          Fork and go prove yourself, you are not happy here and never will be.
          Your head is too big.

        2. By tedu (udet) on


          > On the other hand I need a CVS account to bypass the situation from above...

          It's impossible to keep the trolls off undeadly, but you somehow think an open access cvs server would work better? what prevents someone from "upgrading" firefox to version 1.0?

          this is probably the dumbest solution to the problem I've ever heard.

      2. By RC (76.175.123.95) on

        > The 'build dependencies' are different from 'run dependencies'. That is, you almost always need a small subset of ports to actually install and run a package than to build it.

        Blah, blah, blah. I've been using OpneBSD since the early 2.Xs, and many other *nix flavors long before (and extensively ever since). I port, compile, and package software professionally. I'd bet I know this stuff better than you do... So let's just keep the "educational" lectures to a minimum, okay?

        > If you want to build everything from source, you have to be prepared to invest a lot of time/disk/cpu for it. This usually pays off if you have a large number of machines that you want to build ports for.

        I made no complaints about the machine-time/disk/cpu involved... I'm more than happen to spend lots of that. What I'm not willing to do, however, is go through a list of 20 dependencies, and manually audit the Makefiles for each one, to see which flavors and sub-ports are available, which (hard-coded) dependencies can likely be safely removed, which flags would best be modified, etc. And then individually compile all of them, just because OpenBSD ports doesn't have any way to 1) prompt the user, 2) save those settings 3) propagate settings through a tree of dependencies.

        > If you want to build a subset, FETCH_PACKAGES setting as mentioned elsewhere will allow you to install the dependencies from packages as where available during the build.

        Saving a small bit of time is not my objective. I AM building from ports for good reason... That reason, however, is NOT that I want to personally re-write every port and dependency, just to enable some sane defaults.

        > > The same is true of packages. There's no reason you should have to install most-all of GNOME to use some trivial GTK app.
        >
        > GTK is hardly most-of GNOME. In fact, until a couple of releases ago, we did not even have most-of-GNOME at all. It is probably an issue with your trivial GTK app, that needs to be fixed.

        This is just not true... Anything that depends on GTK builds all of CUPS (and all its dependencies) by default. The app can't do anything about it.

        And though my examples were mostly GTK2 related crap, there's far, far, far more.

        If you find yourself unable to think about anything other than GNOME, as you seem to be, feel free to tell me why Firefox needs to depend on DBUS, and the like...

        > I have used a bunch of package management systems including Linux (apt, rpm) and FreeBSD. They all have their quirks and problems, especially when you want to move away from the recommended ways.

        With most binaries (apt, yum/rpm, etc.), even though you're limited with what you can change, the maintainers at least go to SOME effort to minimize the most unnecessary dependencies. OpenBSD ports/packages is in such a sad state specifically because it does not.

        > I found the FreeBSD way of "You are in a maze of port management tools all alike" approach extremely confusing.

        I can't understand that at all... With FreeBSD, either you define (-D) a variable (much like FLAVORS, but FreeBSD includes far more), or you're prompted with a menu... It's hardly any more complex than OpenBSD's ports system... Just better maintained, with a lot more options (eg., I can still go use xfce3, Seamonkey, etc., I can disable the dependencies on DBUS with a switch, I can disable the horrible MPlayer GUI without disabling all of X and every useful video output method, etc., etc.)

        > If you want to build your own ports, be prepared to have resources and learn the framework.
        >
        > If you are not willing to put some effort to solve your own problems, do not expect others to do the work for you.

        I'm more than willing to fix a few ports. I'm not, however, going to put the effort into pushing the boulder uphill, and try to single-handedly change the way every port in the tree works.

        In fact, this was all part of my effort to get back into OpenBSD... I've been hearing ACPI support is coming along, SMP is available (if often worse than nothing), and decent, relatively modern apps are finally available (non-ancient Moz, OpenOffice, etc.). But the wrong-mindedness of the ports system only served to raise the pain level drastically, turning my little experiment into a Sisyphean task.

        I've been here before, and worked hard for years to try and use OpenBSD as my main system (both for desktops and severs I deploy), instead of just the occasional router/firewall (and other free *nix systems are getting more and more capable in that area, as well, leading to an increasing number of times when I just can't justify mandating the use of a different OS in a foreign environment, for the few features it provides over the systems already in-use in the environment).

        So, yeah, this just reminded me of much pain I've gone through in the not so distant past with OpenBSD, and served to convince me to give up the whole thing in pretty short order.

        So, I'm offering a bit of advice for those involved... This isn't my personal wish-list, this is how things need to be improved for ports to be useful, and to make OpenBSD useful (since there's barely any other option for installing software on the platform). Sure, you can harp on packages all you want, but damn near EVERYONE who uses OpenBSD for non-trivial purposes is going to find themselves needing to change a few options here and there. Making this a cumbersome mess benefits no-one. It was obviously just the path of least resistance, and lack of forethought.

        Comments
        1. By RC (76.175.123.95) on

          > I've been using OpneBSD since the early 2.Xs, and many other *nix flavors long before (and extensively ever since). I port, compile, and package software professionally.

          Not to harp on the issue any more than necessary (once this thread dies, you probably won't hear a peep from me for months...), but I think this might be a good time to point out that, in no small part, a big reason I'm so good at porting software professionally, is because of all the pain I went through in the OpenBSD 2.x - 3.x days, trying just to get a basic set of apps installed on my own systems...

          All the endless work, copying ports from FreeBSD, looking at the patches, flags, and config options used by OpenBSD ports to compile similar software, looking through system header files to determine why some app which builds on every other OS on the planet wants to puke on OpenBSD, figuring out why apps refuse to pickup the includes and libs in /usr/local, and eyeballing endless config.log files to see why I got nonsensical errors about being unable to compile binaries....

          In short, your little dig:

          > If you are not willing to put some effort to solve your own problems, do not expect others to do the work for you.

          ...couldn't be further off the mark if you were actually TRYING. I've been putting in vastly more effort than you can imagine, for many years, since probably long before you (and most on this board) even heard of OpenBSD. (With apologies to the few devs, who predate my involvement, and have contributed vastly more than I ever could)

          It's pretty sad that the OpenBSD community has turned into an echo of Linux fanboys, who write-off all legitimate criticisms as the individuals fault... it never used to be this way, folks. Deadly.org was awash with constructive discussions of the limitations of OpenBSD, and on a regular basis, suggestions of which OTHER operating system someone with certain needs should use, where OpenBSD was just simply, frankly, lacking. My own "Why I'm switching to FreeBSD at long last" post on deadly.org was met with plenty of constructive responses.

          This "dismiss all criticism out of hand" attitude is beneficial to no-one.

          Comments
          1. By Can Acar (72.130.182.114) canacar@ on

            > > I've been using OpneBSD since the early 2.Xs, and many other *nix flavors long before (and extensively ever since). I port, compile, and package software professionally.
            >
            > Not to harp on the issue any more than necessary (once this thread dies, you probably won't hear a peep from me for months...), but I think this might be a good time to point out that, in no small part, a big reason I'm so good at porting software professionally, is because of all the pain I went through in the OpenBSD 2.x - 3.x days, trying just to get a basic set of apps installed on my own systems...

            Yes, OpenBSD tends to make people learn the stuff and know what they are doing.


            > All the endless work, copying ports from FreeBSD, looking at the patches, flags, and config options used by OpenBSD ports to compile similar software, looking through system header files to determine why some app which builds on every other OS on the planet wants to puke on OpenBSD, figuring out why apps refuse to pickup the includes and libs in /usr/local, and eyeballing endless config.log files to see why I got nonsensical errors about being unable to compile binaries....
            >
            > In short, your little dig:
            >
            > > If you are not willing to put some effort to solve your own problems, do not expect others to do the work for you.
            >
            > ...couldn't be further off the mark if you were actually TRYING. I've been putting in vastly more effort than you can imagine, for many years, since probably long before you (and most on this board) even heard of OpenBSD. (With apologies to the few devs, who predate my involvement, and have contributed vastly more than I ever could)

            Am I supposed to be impressed?

            Go read your own initial post. It has nothing that would makes it different than a regular rant or troll. No problem statement, no recommendations, no solutions. Just a rant about how the ports system sucks. It is no surprise that you get the canned responses 'use the packages' and 'learn the stuff and solve your own problems'. Now your response is to say 'respect me I am older and wiser'. If so show it by making solid suggestions and improvements instead of listing your credentials.


            > It's pretty sad that the OpenBSD community has turned into an echo of Linux fanboys, who write-off all legitimate criticisms as the individuals fault... it never used to be this way, folks. Deadly.org was awash with constructive discussions of the limitations of OpenBSD, and on a regular basis, suggestions of which OTHER operating system someone with certain needs should use, where OpenBSD was just simply, frankly, lacking. My own "Why I'm switching to FreeBSD at long last" post on deadly.org was met with plenty of constructive responses.
            >
            > This "dismiss all criticism out of hand" attitude is beneficial to no-one.

            Dismiss all valid responses out of hand, and all that remains is the troll.

            You have been given quite a few legitimate responses.

            * Lack of resources. Both developer, infrastructure and testing.

            * Active effort to make usable general purpose packages.

            * Avoidance of knobs that you need turn to get a usable system.

            Yes, there is room for a lot of improvement. Most of your concerns require considerable ports infrastructure changes together with increased building testing and maintenance costs. If you want to give a hand, patches are always welcome.

            Comments
            1. By RC (76.175.123.95) on

              You're just flagrantly trolling here, so I'll keep this short...

              > Yes, OpenBSD tends to make people learn the stuff and know what they are doing.

              No, PROBLEMS force people to learn low-level system details.

              > Go read your own initial post. It has nothing that would makes it different than a regular rant or troll. No problem statement, no recommendations, no solutions.

              Problem Statement: "[Why] does GTK2 depend on CUPS now? [...] can't tell it to compile the MPlayer GUI with GTK-1, or disable the GUI without disabling all usable video output methods."

              Recomendations: "Ports either need to default to the LEAST number of possible dependencies, or each port with multiple flavors needs to prompt the user, rather than continuing on"


              > You have been given quite a few legitimate responses.

              All of whiche I've directly addressed. It seems you like to just hand-wave away anything I've said and pretend my points are invalid.

              > Most of your concerns require considerable ports infrastructure changes together with increased building testing and maintenance costs.

              Except that they don't...

              Comments
              1. By tedu (udet) on


                > Problem Statement: "[Why] does GTK2 depend on CUPS now? [...] can't tell it to compile the MPlayer GUI with GTK-1, or disable the GUI without disabling all usable video output methods."
                >
                > Recomendations: "Ports either need to default to the LEAST number of possible dependencies, or each port with multiple flavors needs to prompt the user, rather than continuing on"

                real solution: use packages, which will install all the dependencies in less time than it takes to compile mplayer without them.

                imaginary problem: having cups installed even though you don't use it.

                solution: ignore it.

                Comments
                1. By tedu (udet) on

                  > >
                  > > > Problem Statement: "[Why] does GTK2 depend on CUPS now? [...] can't tell it to compile the MPlayer GUI with GTK-1, or disable the GUI without disabling all usable video output methods."
                  > > >
                  > > > Recomendations: "Ports either need to default to the LEAST number of possible dependencies, or each port with multiple flavors needs to prompt the user, rather than continuing on"
                  > >
                  > > real solution: use packages, which will install all the dependencies in less time than it takes to compile mplayer without them.
                  > >
                  > > imaginary problem: having cups installed even though you don't use it.
                  > >
                  > > solution: ignore it.
                  >
                  > Tedd that's what I always critic....
                  > It seams YOU and all others just got old... or narrowminded.
                  > You recommendet right now the following: INSTALL SOFTWARE BUT DON'T USE IT AND GIVE A FUCK AND PRAY IT NEVER WILL HAVE ANY SIDE EFFECTS
                  >
                  > Was that seriously what you wanted to tell?

                  Yes.

                  > And USE PACKAGES?! Why? Because YOU compiled them? Because THEO DID?

                  Because they are faster and simpler. The packages are not compiled by myself or Theo.

                  > Go and improve the IP-Stack before you claim such stuff... or care for DHCP or serval logical issues in the DRM code..

                  If I fixed DRM I wouldn't have time to delete CUPS.

                  > Either it is a problem or not...

                  It is not a problem.

                  > There is nothing like a "imgainary" blafoo..

                  I have no idea what a real blafoo is.

                  > It seams you always take such stuff as personal critic...

                  Calling me old and narrow minded and and spelling my name wrong is not personal?

                  Comments
                  1. By Damien Miller (djm) on http://www.mindrot.org/~djm/

                    > > There is nothing like a "imgainary" blafoo..
                    >
                    > I have no idea what a real blafoo is.

                    The difference between real and imaginary blahfoo is complex.

              2. By Anonymous Coward (67.171.157.251) on

                > Problem Statement: "[Why] does GTK2 depend on CUPS now?

                the gtk+2 package does not depend on cups.

                > Recomendations: "Ports either need to default to the LEAST number of possible dependencies, or each port with multiple flavors needs to prompt the user, rather than continuing on"

                and it is clearly recommended to use packages.

                why are you recommending to change something, when you are not
                following recommendations yourself, and making false statements?

                really, what is your point? we know that building ports can cause
                a lot of other ports to be built. that's one reason it's recommended
                to use packages.

              3. By Matthias Kilian (91.3.38.31) on


                > Problem Statement: "[Why] does GTK2 depend on CUPS now? [...]

                It doesn't. gkt+2-cups does depend on cups. That's what MULTI_PACKAGES are for, and you've been already told so in this thread.

                > can't tell it to compile the MPlayer GUI with GTK-1, or disable the GUI without disabling all usable video output methods."

                Go add a no_gui FLAVOR, send a diff to ports@, together with some numbers of who no_gui shrinks the size of mplayer and its dependencies (and yes:gtk+2 is the largest dependency of mplayer, it uses about 30 MB of disk space -- very impressive). Even better: modify mplayer in a way that allows to split it up into subpackages so people can install mplayer without the gui and add the gui part by installing a separate package mplayer-gui.

          2. By Anonymous Coward (67.171.157.251) on


            > This "dismiss all criticism out of hand" attitude is beneficial to no-one.

            that's not what's going on here. there are a few people saying
            "OpenBSD sucks" and the large majority of the responses to those
            people explain why OpenBSD is the way it is, and why the
            people saying "OpenBSD sucks" are just making it hard on
            themselves.

            maybe in the early days of OpenBSD there were fewer decisions made
            and so discussion was relevant. but now the course is largely set,
            and it is working for most people.

            your suggestions, in particular, go against decisions that have
            been made and explained many times over. don't like it, too bad,
            you should have made better arguments in the past.

            Comments
            1. By Anonymous Coward (95.188.93.44) on

              > that's not what's going on here. there are a few people saying
              > "OpenBSD sucks" and the large majority of the responses to those

              Show me where I say OpenBSD sucks?

              Comments
              1. By Anonymous Coward (67.171.157.251) on

                > > that's not what's going on here. there are a few people saying
                > > "OpenBSD sucks" and the large majority of the responses to those
                >
                > Show me where I say OpenBSD sucks?
                And tell me more on how outdated packages, with vulnerabilities known to public, that can be fetched over insecure channels with no sign of identity, does not make a fools game to use OpenBSD.
                

                Comments
                1. By Arach (95.188.93.44) on

                  > Show me where I say OpenBSD sucks?
                  >
                  >
                  > And tell me more on how outdated packages, with vulnerabilities known to public, that can be fetched over insecure channels with no sign of identity, does not make a fools game to use OpenBSD.

                  So. Since when "OpenBSD sucks" equals "OpenBSD ports sucks"? Go and think about it.

                  P.S.
                  By the waaay, wasn't that *you* who stated that "ports is extra goo on top of the OS"? And now you pretend that OpenBSD ports and OpenBSD OS are the same. Why? Because that way you can accuse me in saying OpenBSD sucks. Ho-ho, dude. You're pointless. :)

        2. By Can Acar (72.130.182.114) canacar@ on

          > > The 'build dependencies' are different from 'run dependencies'. That is, you almost always need a small subset of ports to actually install and run a package than to build it.
          >
          > Blah, blah, blah. I've been using OpneBSD since the early 2.Xs, and many other *nix flavors long before (and extensively ever since). I port, compile, and package software professionally. I'd bet I know this stuff better than you do... So let's just keep the "educational" lectures to a minimum, okay?

          Good for you.


          > > If you want to build everything from source, you have to be prepared to invest a lot of time/disk/cpu for it. This usually pays off if you have a large number of machines that you want to build ports for.
          >
          > I made no complaints about the machine-time/disk/cpu involved... I'm more than happen to spend lots of that. What I'm not willing to do, however, is go through a list of 20 dependencies, and manually audit the Makefiles for each one, to see which flavors and sub-ports are available, which (hard-coded) dependencies can likely be safely removed, which flags would best be modified, etc. And then individually compile all of them, just because OpenBSD ports doesn't have any way to 1) prompt the user, 2) save those settings 3) propagate settings through a tree of dependencies.

          Why do you need to do all this stuff? I really find it hard to understand your motivation to go through all this work, just to create a system that you will have to maintain 'manually' through all the ports and system updates. I can understand your frustration but can not really understand your reasons.

          It is much easier to go with the default packages. Normally, I just install mplayer, without any GTK crap, and no GUI and it works just fine. All the other stuff gets pulled in only when you actually build it.

          Perhaps you do need to go through the initial lecture/orientation just the remind yourself of the present status of the OpenBSD ports system in 4.x. Things have been improving especially with regards to upgrades to the point that I rarely need to do any custom ports builds at all and following -current through snapshots is seamless. Thanks to the hard work of ports developers, I can spend my time posting at undeadly.org instead of tweaking ports Makefiles.



          > > If you want to build a subset, FETCH_PACKAGES setting as mentioned elsewhere will allow you to install the dependencies from packages as where available during the build.
          >
          > Saving a small bit of time is not my objective. I AM building from ports for good reason... That reason, however, is NOT that I want to personally re-write every port and dependency, just to enable some sane defaults.

          Define sane defaults please?


          > > > The same is true of packages. There's no reason you should have to install most-all of GNOME to use some trivial GTK app.
          > >
          > > GTK is hardly most-of GNOME. In fact, until a couple of releases ago, we did not even have most-of-GNOME at all. It is probably an issue with your trivial GTK app, that needs to be fixed.
          >
          > This is just not true... Anything that depends on GTK builds all of CUPS (and all its dependencies) by default. The app can't do anything about it.

          The key word here is *build*

          I have firefox* openoffice java etc all the crap *installed* from packages, but no CUPS.


          > And though my examples were mostly GTK2 related crap, there's far, far, far more.
          >
          > If you find yourself unable to think about anything other than GNOME, as you seem to be, feel free to tell me why Firefox needs to depend on DBUS, and the like...

          Why not? Really. Why would you care, since you said you do not have space or CPU issues. Is it some kind of compulsory drive to keep a clean system (which I can totally understand) but why?

          By the way, in my system, neither firefox, nor firefox35 packages or their dependent packages depend on any *dbus* package. pidgin, gimp and roxterm do depend on DBUS though.


          > > I have used a bunch of package management systems including Linux (apt, rpm) and FreeBSD. They all have their quirks and problems, especially when you want to move away from the recommended ways.
          >
          > With most binaries (apt, yum/rpm, etc.), even though you're limited with what you can change, the maintainers at least go to SOME effort to minimize the most unnecessary dependencies. OpenBSD ports/packages is in such a sad state specifically because it does not.
          >
          > > I found the FreeBSD way of "You are in a maze of port management tools all alike" approach extremely confusing.
          >
          > I can't understand that at all... With FreeBSD, either you define (-D) a variable (much like FLAVORS, but FreeBSD includes far more), or you're prompted with a menu... It's hardly any more complex than OpenBSD's ports system... Just better maintained, with a lot more options (eg., I can still go use xfce3, Seamonkey, etc., I can disable the dependencies on DBUS with a switch, I can disable the horrible MPlayer GUI without disabling all of X and every useful video output method, etc., etc.)

          <rant>
          I used FreeBSD on my work desktop for about five months. TI consider myself good at searching documentation/lists/web for solutions and the 'correct' way to do things, but within the time I had to get my desktop working, I was really frustrated. I just wanted to install the needed packages to get my work done not to know all possible dependencies

          When I had to use the ports tree (since packages are not available online) I hated when I arrived in the morning to find out that my ports build stopped just after I left to ask me some insignificant choice between this dependency or that.

          Finally, when I wanted enable an option I previously forgot to set, I had to spend more time figuring out a way to make the ports system forget the settings I made (or even show me the actual settings). A stateful ports tree can be very confusing.

          It was more than a year ago, and I do not remember any of the commands or magic I learned. I would probably have to go through that learning curve all over again if I end up using FreeBSD in the future, which is a shame.
          </rant>

          Yes, it is probably a good system for 'professional ports builders' with a lot of time on their hands and know by heart the implications of selecting various dependencies. But for a causal user who just wanted to get his work done, there are too many 'knobs' to turn to get a useful system.


          > > If you want to build your own ports, be prepared to have resources and learn the framework.
          > >
          > > If you are not willing to put some effort to solve your own problems, do not expect others to do the work for you.
          >
          > I'm more than willing to fix a few ports. I'm not, however, going to put the effort into pushing the boulder uphill, and try to single-handedly change the way every port in the tree works.
          >
          > In fact, this was all part of my effort to get back into OpenBSD... I've been hearing ACPI support is coming along, SMP is available (if often worse than nothing), and decent, relatively modern apps are finally available (non-ancient Moz, OpenOffice, etc.). But the wrong-mindedness of the ports system only served to raise the pain level drastically, turning my little experiment into a Sisyphean task.

          My advice to you is to forget about FreeBSD way of doing things, and even stuff you did back in OpenBSD 2.x or 3.x the end result will be much more enjoyable.


          > I've been here before, and worked hard for years to try and use OpenBSD as my main system (both for desktops and severs I deploy), instead of just the occasional router/firewall (and other free *nix systems are getting more and more capable in that area, as well, leading to an increasing number of times when I just can't justify mandating the use of a different OS in a foreign environment, for the few features it provides over the systems already in-use in the environment).

          I have been running OpenBSD on my servers since 2.7, and on my main desktop since 3.0. The experience keeps improving. The only time I built firefox was when it was first imported in the tree. Did not have to do it again. Had to build Java a lot more times (since we could not make packages available) but I do not even think about it anymore, thanks to Kurt and others who have spend a lot of effort on it everything just works.


          > So, yeah, this just reminded me of much pain I've gone through in the not so distant past with OpenBSD, and served to convince me to give up the whole thing in pretty short order.
          >
          > So, I'm offering a bit of advice for those involved... This isn't my personal wish-list, this is how things need to be improved for ports to be useful, and to make OpenBSD useful (since there's barely any other option for installing software on the platform). Sure, you can harp on packages all you want, but damn near EVERYONE who uses OpenBSD for non-trivial purposes is going to find themselves needing to change a few options here and there. Making this a cumbersome mess benefits no-one. It was obviously just the path of least resistance, and lack of forethought.

          I am a non-trivial everyday user of OpenBSD and I have been running with packages for a long time.

          Your suggestions and experience are definitely valuable, but if you go back and read your first post, none of this experience and insight is reflected there.

          Comments
          1. By Arach (95.188.93.44) on

            > When I had to use the ports tree (since packages are not available online) I hated when I arrived in the morning to find out that my ports build stopped just after I left to ask me some insignificant choice between this dependency or that.

            Excuse me for interventing in your conversation, but it is obvious that one should learn how to use the tools the one trying to use. 'make config-recursive' and 'make rmconfig-recursive' is not rocket science - it's in man pages. Besides, FreeBSD ports system is well documentet in the handbook.

            > Your suggestions and experience are definitely valuable, but if you go back and read your first post, none of this experience and insight is reflected there.

            I don't want to be rude, but your rant about FreeBSD ports experience is not any better. It seems like you did want to get what you need, but didn't want to learn a required minimum.

            Comments
            1. By Can Acar (72.130.182.114) canacar@ on

              > > When I had to use the ports tree (since packages are not available online) I hated when I arrived in the morning to find out that my ports build stopped just after I left to ask me some insignificant choice between this dependency or that.
              >
              > Excuse me for interventing in your conversation, but it is obvious that one should learn how to use the tools the one trying to use. 'make config-recursive' and 'make rmconfig-recursive' is not rocket science - it's in man pages. Besides, FreeBSD ports system is well documentet in the handbook.

              They are not really intuitive either (compared with make or make install or pkg_add). Having different tools (guess it was portupgrade I was using) that do not give you the option or point you to the correct place did not help. I did figure out the stuff I needed to get my work done eventually, but it was nothing like the 'it just works' feeling I usually get with OpenBSD. Guess I had high expectations.


              > > Your suggestions and experience are definitely valuable, but if you go back and read your first post, none of this experience and insight is reflected there.
              >
              > I don't want to be rude, but your rant about FreeBSD ports experience is not any better. It seems like you did want to get what you need, but didn't want to learn a required minimum.

              Yes, and that was the reason I marked it as a rant. It was intended to communicate the fact that you can feel frustrated or out of place even though you have X years of experience and know how to read manuals and search for solutions.

              Back then I did not feel the need to go rant and rave in FreeBSD forums about their perceived issues. I figured out the solutions and proceeded to more pressing tasks. My recollections from that period, however, is still not very pleasant.

        3. By Predrag Punosevac (76.4.221.243) on

          > So let's just keep the "educational" lectures to a minimum, okay?
          Agreed.

          > 1) prompt the user, 2) save those settings 3) propagate settings
          > through a tree of dependencies.

          You seems like FreeBSD ports very much and in particular those fancy blue screens with options. My experience have been quite opposite of yours. 65% of all FreeBSD users whom I know install FreeBSD ports in the batch mode. Other 30% do not know that batch mode exist so they babysit machines for days just to press enter when the blue dialog box appear. 5% of people actually do know what they are doing and like dialog boxes like you. Those 5% the same as you wouldn't have any
          problems hacking Makefile on OpenBSD anyway.

          > That reason, however, is NOT that I want to personally re-write
          > every port and dependency, just to enable some sane defaults.

          What are the sane defaults? I much like you like to have minimal system
          with minimal number of dependencies. However do you honestly expect
          people who port the software to spend days trying to trim down
          dependencies so that you and me can like them. That is full time job.
          Are you going to pay their wages?

          > It's hardly any more complex than OpenBSD's ports system... Just
          > better maintained, with a lot more options (eg., I can still go use
          > xfce3, Seamonkey, etc., I can disable the dependencies on DBUS with a > switch, I can disable the horrible MPlayer GUI without disabling all > of X and every useful video output method, etc., etc.)

          You are kidding right? Lets talk specifics. I am probably 70% of time
          Desktop user. I switched from FreeBSD to OpenBSD 4.0 exactly because of packages and ports.

          X is my book broken on FreeBSD since 7.0. Now (7.4) it needs HAL. Are you kidding me? HAL, please do not make me laugh!

          TeXLive is not ported. Hiroki Sato is porting it since 2004. It even prevented recently Romain Tartière from committing working port. I need TeXLive for work! Do you understand that? That is the show stopper for me, right there!

          What else? OO. Compiling Open Office has been always an experience on
          FreeBSD as well as getting Java working. You can talk about OO on FreeBSD to somebody else. I learn my lesson hard way.

          Sane-backends on FreeBSD are not updated. Look at the OpenBSD port.
          The port was updated week after the official release. Even worse the vendor ID must be specified in the scanner driver on FreeBSD for
          backends to pick up the scanner. Those has not been updated for 5 years.
          Good luck getting that scanner work on FreeBSD.

          Splix printer driver on FreeBSD is version 1.0. OpenBSD has version 2.0 which supports more devices.

          All ports related to printing on OpenBSD are updated to the latest version except HPLIP which will be updated soon to 3.93 or whatever.
          CUPS is patched. What does FreeBSD have? Oh, yes it does have LPRng tool for LPRng which nobody uses. It has also pdq which nobody uses.


          What else? Browsers. 3.11 is backported to 4.5 stable. Opera is 9.64. The current port does work on Stable branch. Opera 10 beta was posted on ports. Midori is 1.7. WebKit is the latest. Konqueror is up to date. What do you want? Internet Explorer?

          Mail clients. The latest Thunderbird is backported to stable. Mutt, Mailx, claws, sylpheed all are up to date. What do you want? I will
          give you for SquirrelMail. It should be ported to OpenBSD. Somebody
          posted WIP port on ports@. Needs to be finished.


          Editors? Up to date on OpenBSD. Sure, it would be nice to updated
          Auctex and few other ports. I am not going to bother. I use vi for
          TeX. The newest Auctex compiles without problems on OpenBSD.
          Whoever use that thing should update the damn port. That is the name of the game.

          FreeMat, Maxima, Gnu Octave. Everything is up to date. SciLab is not ported to OpenBSD. OK. You win that one even though I can assure you that FreeMat is 5 times better thing.

          Content Management Systems? Moodle is really outdated on OpenBSD. I will
          give you that one. I even talked to port maintainer. The guy was busy.

          cdrtool with latest DVD burning capabilities. The latest patch has been just posted. libburnia doesn't compile on OpenBSD. I talked to the guy
          who wrote the software. He happens to be my fellow countryman. He
          promise to me that he will make libburnia more portable. I will personally compile that damn code.

          MPlayer is up to date on OpenBSD and most other multimedia stuff I personally use. Tunapie is working progress on OpenBSD. Sure it would be nice to have it.

          I will give you PDFedit. It is not ported to OpenBSD but works on FreeBSD. Try and you will see why nobody bothers to port it to OpenBSD.

          Desktop environments on OpenBSD (Gnome, KDE, Xfce) are all up to date.
          Sorry, I do not count KDE 4.* as a stable software. You FreeBSD guys do. That is your problem.

          I am not going to go through server ports now. Bottom line you are not running more than 2-3 services per machine. If you are not able to install server from the source code without using FreeBSD or OpenBSD ports you should be asking yourself what are you doing as a system administrator. The same goes for applying patches directly from the
          upstream CVS repository. If I am running server, I am not relaying on port maintainer to do my job.

          Going back to your beloved FreeBSD. I bet $100 that 10 000 out of 20 000 ports should be pruned. I just have a headache of thinking about portupgrade and similar tools. Remember once waiting four day for the minor update of X server. I could do fresh installation 1000 over in that time.

          I mean, if you like FreeBSD ports you should use it by all means. If you want to criticize OpenBSD ports fine I am with you 100%. But lets do that constructively instead by shouting at the developers. People
          are doing that for free. Do you really thing that screaming at them will accomplish anything. Donations, however, can go very long way.

          > I've been hearing ACPI support is coming along, SMP is available (if > often worse than nothing), and decent, relatively modern apps are
          > finally available (non-ancient Moz, OpenOffice, etc.).
          >

          I am not happy with SMP support either. However, I do not have
          $80 000 to pay an OpenBSD developer to hack it on the full time base.
          So, I keep my mouth shut hopping that will be improved over time. If I need something that scales well on 32 processors, I will probably run Solaris.

          You are kidding about OpenOffice on FreeBSD? Right? You know the same
          as me that Open Office has been always broken on FreeBSD.

          > So, yeah, this just reminded me of much pain I've gone through in the > not so distant past with OpenBSD, and served to convince me to give
          > up the whole thing in pretty short order.
          >

          So why bother to post on undeadly? You want me to switch to something
          else? I have run FreeBSD for many years. It doesn't work for me. If it
          works for you great just please do not tell me what I need to do with my computers.

          > So, I'm offering a bit of advice for those involved...

          You were screaming and shouting at people even though you admit that
          you do not run OpenBSD anymore. I do not know how that can be helpful?
          You want them to drop the whole project so that I can not run OpenBSD as
          well.

          > Sure, but damn near EVERYONE who uses
          > OpenBSD for non-trivial purposes is going to find themselves needing > to change a few options here and there.

          Point taken. You are correct about that one. I do run mostly unsupported systems as most people who have idea what they are doing. I have my own ports. I have my own backports and all that kind a stuff. I just do not bitch to people from whom I expect to get something for free.

        4. By Anonymous Coward (67.171.157.251) on

          sounds like you're using the wrong tool for the job or using the
          tool in a way that it was not intended and asking for the tool
          to be changed.

    7. By Anonymous Coward (206.248.190.11) on

      > Ports either need to default to the LEAST number of possible dependencies

      No, ports needs to do what works best for the devs who have to use it to build the packages. You should be using packages.

Credits

Copyright © - Daniel Hartmeier. All rights reserved. Articles and comments are copyright their respective authors, submission implies license to publish on this web site. Contents of the archive prior to as well as images and HTML templates were copied from the fabulous original deadly.org with Jose's and Jim's kind permission. This journal runs as CGI with httpd(8) on OpenBSD, the source code is BSD licensed. undeadly \Un*dead"ly\, a. Not subject to death; immortal. [Obs.]