gettext/GPLv4 virus infects FreeBSD - BSD

This is a discussion on gettext/GPLv4 virus infects FreeBSD - BSD ; Ran cvsup today and was blown away be the number of ports needing to be upgraded, over 100! Looking in UPDATING's entry for 20080605 finds "Given the scope and sheer number of dependent ports, it may be more advisable to ...

+ Reply to Thread
Page 1 of 5 1 2 3 ... LastLast
Results 1 to 20 of 87

Thread: gettext/GPLv4 virus infects FreeBSD

  1. gettext/GPLv4 virus infects FreeBSD

    Ran cvsup today and was blown away be the number of ports needing to be
    upgraded, over 100! Looking in UPDATING's entry for 20080605 finds "Given
    the scope and sheer number of dependent ports, it may be more advisable
    to simply blow away all existing install ports (after keeping any local
    configuration changes), and rebuilding from scratch."! Say what?

    "blow away all existing install ports"

    "rebuilding from scratch"

    Clearly someone with a profound lack of systems administration experience
    committed this change, but how the hell did it get through QA? Is there
    no one running this ship any more?

    So, with 100+ ports needing to be upgraded before versioning once
    again works, I expect to have a hard time convincing my boss that there
    are good reasons for not "blowing away FreeBSD and installing Linus".

    Question is, what's so critical about this new gettext that might be worth
    the effort. What is the gain in functionality? What is the gain
    in security? That's the crux, there is nothing in gettext that needs
    to be patched. No security improvement, no compatibility improvements,
    no improvements whatsoever. Just some package maintainer who thinks that
    systems administrators have nothing better to do than perform upgrades
    in-between release cycles.

    Actually, truth be known, there likely is a lot more to it than poor QA and
    inexperienced port maintainers. What's behind this is the GPL, GPLv4
    specifically, and GNU's hatred of BSD licensing. To the point: gettext's
    license recently changed from v2 to v3. What this means is that if you
    have a commercial app that links to gettext in any way, you can be sued.

    Stallman couldn't have planted a better virus in the heart of FreeBSD
    if he had planned it. This kind of gratuitous library skew is exactly
    what FreeBSD's source-based package system was designed to avoid.

    So before I'm forced give up the FreeBSD dream:

    A) how do you "unbump" these port versions,

    B) how can we get a GPLV3_FREE=YES flag in make.conf, and

    C) what happened to this once sold OS?

    Paco

  2. Re: gettext/GPLv4 virus infects FreeBSD

    Paco wrote:
    > Ran cvsup today and was blown away be the number of ports needing to be
    > upgraded, over 100! Looking in UPDATING's entry for 20080605 finds "Given
    > the scope and sheer number of dependent ports, it may be more advisable to
    > simply blow away all existing install ports (after keeping any local
    > configuration changes), and rebuilding from scratch."! Say what?


    This is the case every time gettext updates. It's nothing new. The problem
    is so many things pulling in gettext. An even more real problem is things
    pulling in gettext surreptitiously just because it's on the system. I ranted
    about this on my blog:

    http://www.paeps.cx/weblog/FreeBSD/t...ly_police.html

    Repeat after me: the problem is not in the ports tree. The problem is
    gettext. The real problem is autotools.

    In fact, the ports tree deals with it rather elegantly - offering you to
    update very cleanly. You can also keep the old libintl.so.7 somewhere like
    /usr/local/lib/compat/pkg and update things at your leisure. You don't *have*
    to blast away everything if you don't want to. If you can live with some
    things running with libintl.so.7 and some with libintl.so.8, you can use that
    approach.

    > So, with 100+ ports needing to be upgraded before versioning once again
    > works, I expect to have a hard time convincing my boss that there are good
    > reasons for not "blowing away FreeBSD and installing Linus".


    I can't quite see the connection? I guess this is just flamebait?

    > Question is, what's so critical about this new gettext that might be worth
    > the effort. What is the gain in functionality? What is the gain in
    > security?


    You would have to ask the gettext developers these questions. The FreeBSD
    ports tree merely tracks the upstream version. That's what the ports tree is
    for. As far as I'm concerned, gettext is perfectly useless. I like my
    computers to speak English to me. Unfortunately, some ports will pull it in
    unconditionally because the software they port just doesn't work without.

    > Actually, truth be known, there likely is a lot more to it than poor QA and
    > inexperienced port maintainers.


    Have you looked at who maintains this port? Have you asked on the -ports@
    list if an -exp run has been done before this was committed? The commit
    touches a ridiculous amount of ports. Do you think that was allowed to go in
    before it was at least tested and validated on the cluster?

    > What's behind this is the GPL, GPLv4 specifically, and GNU's hatred of BSD
    > licensing. To the point: gettext's license recently changed from v2 to v3.
    > What this means is that if you have a commercial app that links to gettext
    > in any way, you can be sued.


    I think you're seeing black helicopters. The ports tree allows you to build
    software. It is your responsibility to make sure that you are allowed to run
    this software and that you agree with the licences of the software you use.

    The FreeBSD operating system -- that is the kernel and the supporting userland
    bits like libc and the stuff in /bin and /sbin (and most of the stuff in
    /usr/bin and /usr/sbin) -- is BSD-licensed. There are ways to infect the
    kernel with non-free GPL code too, should you so choose. By default, this
    does not happen though. You can infect your kernel with the non-free CDDL
    licence too, if you want to use some of the CDDL-licensed bits. Again, by
    default this is not done.

    What you build from the ports tree is entirely your business and your own
    responsibility.

    > So before I'm forced give up the FreeBSD dream:
    >
    > A) how do you "unbump" these port versions,


    You use a version of the ports tree before the date this was committed.

    > B) how can we get a GPLV3_FREE=YES flag in make.conf, and


    You cannot. But I'm sure patches to that effect will be welcomed for review
    and perhaps even committing. Note, again, that the base-system does not
    currently contain any GPLv3-infected software. There is some GPLv2-infected
    software (toolchain), which you can choose not to build by setting a
    WITHOUT_GNU= flag in make.conf. This flag is mainly intended for distributors
    of FreeBSD who will only supply their customers with binaries.

    > C) what happened to this once sold OS?


    I don't think anything happened. I think you just jumped to a completely
    wrong conclusion and accidentally equated the contents of the FreeBSD ports
    tree to the rock-solid FreeBSD operating system. Such things happen. Try to
    be more careful though.

    - Philip

    --
    Philip Paeps Please don't email any replies
    philip@paeps.cx I follow the newsgroup.

    The primary function of the design engineer is to make
    things difficult for the fabricator and impossible
    for the serviceman.

  3. Re: gettext/GPLv4 virus infects FreeBSD

    Paco wrote:
    > Ran cvsup today and was blown away be the number of ports needing to be
    > upgraded, over 100! Looking in UPDATING's entry for 20080605 finds "Given
    > the scope and sheer number of dependent ports, it may be more advisable to
    > simply blow away all existing install ports (after keeping any local
    > configuration changes), and rebuilding from scratch."! Say what?


    This is the case every time gettext updates. It's nothing new. The problem
    is so many things pulling in gettext. An even more real problem is things
    pulling in gettext surreptitiously just because it's on the system. I ranted
    about this on my blog:

    http://www.paeps.cx/weblog/FreeBSD/t...ly_police.html

    Repeat after me: the problem is not in the ports tree. The problem is
    gettext. The real problem is autotools.

    In fact, the ports tree deals with it rather elegantly - offering you to
    update very cleanly. You can also keep the old libintl.so.7 somewhere like
    /usr/local/lib/compat/pkg and update things at your leisure. You don't *have*
    to blast away everything if you don't want to. If you can live with some
    things running with libintl.so.7 and some with libintl.so.8, you can use that
    approach.

    > So, with 100+ ports needing to be upgraded before versioning once again
    > works, I expect to have a hard time convincing my boss that there are good
    > reasons for not "blowing away FreeBSD and installing Linus".


    I can't quite see the connection? I guess this is just flamebait?

    > Question is, what's so critical about this new gettext that might be worth
    > the effort. What is the gain in functionality? What is the gain in
    > security?


    You would have to ask the gettext developers these questions. The FreeBSD
    ports tree merely tracks the upstream version. That's what the ports tree is
    for. As far as I'm concerned, gettext is perfectly useless. I like my
    computers to speak English to me. Unfortunately, some ports will pull it in
    unconditionally because the software they port just doesn't work without.

    > Actually, truth be known, there likely is a lot more to it than poor QA and
    > inexperienced port maintainers.


    Have you looked at who maintains this port? Have you asked on the -ports@
    list if an -exp run has been done before this was committed? The commit
    touches a ridiculous amount of ports. Do you think that was allowed to go in
    before it was at least tested and validated on the cluster?

    > What's behind this is the GPL, GPLv4 specifically, and GNU's hatred of BSD
    > licensing. To the point: gettext's license recently changed from v2 to v3.
    > What this means is that if you have a commercial app that links to gettext
    > in any way, you can be sued.


    I think you're seeing black helicopters. The ports tree allows you to build
    software. It is your responsibility to make sure that you are allowed to run
    this software and that you agree with the licences of the software you use.

    The FreeBSD operating system -- that is the kernel and the supporting userland
    bits like libc and the stuff in /bin and /sbin (and most of the stuff in
    /usr/bin and /usr/sbin) -- is BSD-licensed. There are ways to infect the
    kernel with non-free GPL code too, should you so choose. By default, this
    does not happen though. You can infect your kernel with the non-free CDDL
    licence too, if you want to use some of the CDDL-licensed bits. Again, by
    default this is not done.

    What you build from the ports tree is entirely your business and your own
    responsibility.

    > So before I'm forced give up the FreeBSD dream:
    >
    > A) how do you "unbump" these port versions,


    You use a version of the ports tree before the date this was committed.

    > B) how can we get a GPLV3_FREE=YES flag in make.conf, and


    You cannot. But I'm sure patches to that effect will be welcomed for review
    and perhaps even committing. Note, again, that the base-system does not
    currently contain any GPLv3-infected software. There is some GPLv2-infected
    software (toolchain), which you can choose not to build by setting a
    WITHOUT_GNU= flag in make.conf. This flag is mainly intended for distributors
    of FreeBSD who will only supply their customers with binaries.

    > C) what happened to this once sold OS?


    I don't think anything happened. I think you just jumped to a completely
    wrong conclusion and accidentally equated the contents of the FreeBSD ports
    tree to the rock-solid FreeBSD operating system. Such things happen. Try to
    be more careful though.

    - Philip

    --
    Philip Paeps Please don't email any replies
    philip@paeps.cx I follow the newsgroup.

    The primary function of the design engineer is to make
    things difficult for the fabricator and impossible
    for the serviceman.

  4. Re: gettext/GPLv4 virus infects FreeBSD

    On 2008-06-09, Philip Paeps wrote:
    > Paco wrote:

    [...]
    >> What's behind this is the GPL, GPLv4 specifically, and GNU's hatred of BSD
    >> licensing. To the point: gettext's license recently changed from v2 to v3.
    >> What this means is that if you have a commercial app that links to gettext
    >> in any way, you can be sued.

    >
    > I think you're seeing black helicopters. The ports tree allows you to build
    > software. It is your responsibility to make sure that you are allowed to run
    > this software and that you agree with the licences of the software you use.


    Furthermore it's simply a half-truth; from the ChangeLog:

    The gettext related programs and tools are now licensed under the GPL
    version 3, instead of the GPL version 2. The libintl library continues
    to be licensed under LGPL.

    >
    > - Philip
    >


    -Anton

  5. Re: gettext/GPLv4 virus infects FreeBSD

    Le 9 Jun 2008 20:36:43 GMT,
    Philip Paeps a écrit :

    > Paco wrote:
    > > Ran cvsup today and was blown away be the number of ports needing
    > > to be upgraded, over 100! Looking in UPDATING's entry for 20080605
    > > finds "Given the scope and sheer number of dependent ports, it may
    > > be more advisable to simply blow away all existing install ports
    > > (after keeping any local configuration changes), and rebuilding
    > > from scratch."! Say what?

    >
    > This is the case every time gettext updates. It's nothing new. The
    > problem is so many things pulling in gettext. An even more real
    > problem is things pulling in gettext surreptitiously just because
    > it's on the system. I ranted about this on my blog:


    Yes, I remember funny upgrade of libtool or perl too.

  6. Re: gettext/GPLv4 virus infects FreeBSD

    Patrick Lamaizière wrote:
    > Le 9 Jun 2008 20:36:43 GMT,
    > Philip Paeps a écrit :
    >
    >> This is the case every time gettext updates. It's nothing new. The
    >> problem is so many things pulling in gettext. An even more real
    >> problem is things pulling in gettext surreptitiously just because
    >> it's on the system. I ranted about this on my blog:

    >
    > Yes, I remember funny upgrade of libtool or perl too.


    You're sure about the libtool part?


    Martin
    --
    "For the Snark's a peculiar creature, that won't
    Be caught in a commonplace way.
    Do all that you know, and try all that you don't;
    Not a chance must be wasted to-day!"

  7. Re: gettext/GPLv4 virus infects FreeBSD

    Paco wrote:

    > To the point: gettext's license recently changed from v2 to v3.
    > What this means is that if you have a commercial app that links to
    > gettext in any way, you can be sued.


    Nonsense. libintl remains under the LGPL. Only the message catalog
    processing tools are GPLv3.

    --
    Christian "naddy" Weisgerber naddy@mips.inka.de

  8. Re: gettext/GPLv4 virus infects FreeBSD

    Paco wrote:

    > To the point: gettext's license recently changed from v2 to v3.
    > What this means is that if you have a commercial app that links to
    > gettext in any way, you can be sued.


    Nonsense. libintl remains under the LGPL. Only the message catalog
    processing tools are GPLv3.

    --
    Christian "naddy" Weisgerber naddy@mips.inka.de

  9. Re: gettext/GPLv4 virus infects FreeBSD

    Le Tue, 10 Jun 2008 17:16:52 +0000 (UTC),
    Martin Etteldorf a écrit :

    > >> This is the case every time gettext updates. It's nothing new.
    > >> The problem is so many things pulling in gettext. An even more
    > >> real problem is things pulling in gettext surreptitiously just
    > >> because it's on the system. I ranted about this on my blog:

    > >
    > > Yes, I remember funny upgrade of libtool or perl too.

    >
    > You're sure about the libtool part?


    Sure. I spent days to update all my boxes

    ports/UPDATING
    20060223:
    AFFECTS: all ports using libtool as part of the build process

    And few days before an upgrade of perl 5.8.7(?) to 5.8.8
    20060220:
    AFFECTS: users of lang/perl5.8


  10. Re: gettext/GPLv4 virus infects FreeBSD

    Patrick Lamaizière wrote:
    > Le Tue, 10 Jun 2008 17:16:52 +0000 (UTC),
    > Martin Etteldorf a écrit :
    >
    >> >> This is the case every time gettext updates. It's nothing new.
    >> >> The problem is so many things pulling in gettext. An even more
    >> >> real problem is things pulling in gettext surreptitiously just
    >> >> because it's on the system. I ranted about this on my blog:
    >> >
    >> > Yes, I remember funny upgrade of libtool or perl too.

    >>
    >> You're sure about the libtool part?

    >
    > Sure. I spent days to update all my boxes


    Days? Here it was merely a matter of 1 or 2 hours and I didn't
    notice any bigger problems during that upgrade. But then again,
    that may be because I'm avoiding Pest and Cholera^W^W^W KDE and
    Gnome at any cost. Helps a lot keeping the number of installed
    ports down at a reasonable size.


    Martin

    --
    "For the Snark's a peculiar creature, that won't
    Be caught in a commonplace way.
    Do all that you know, and try all that you don't;
    Not a chance must be wasted to-day!"

  11. Re: gettext/GPLv4 virus infects FreeBSD

    Paco wrote:
    >
    > C) what happened to this once sold OS?


    The os is still solid (I guessed you meant "solid" - yes?)
    The ports tree is separate from the os -it is not an integral part of
    the os.

    The only constant is change.
    --
    Torfinn Ingolfsen,
    Norway

  12. Re: gettext/GPLv4 virus infects FreeBSD

    In article ,
    Martin Etteldorf writes:
    > Patrick Lamaizière wrote:
    >> Le Tue, 10 Jun 2008 17:16:52 +0000 (UTC),
    >> Martin Etteldorf a écrit :
    >>
    >>> >> This is the case every time gettext updates. It's nothing new.
    >>> >> The problem is so many things pulling in gettext. An even more
    >>> >> real problem is things pulling in gettext surreptitiously just
    >>> >> because it's on the system. I ranted about this on my blog:
    >>> >
    >>> > Yes, I remember funny upgrade of libtool or perl too.
    >>>
    >>> You're sure about the libtool part?

    >>
    >> Sure. I spent days to update all my boxes

    >
    > Days? Here it was merely a matter of 1 or 2 hours and I didn't
    > notice any bigger problems during that upgrade. But then again,
    > that may be because I'm avoiding Pest and Cholera^W^W^W KDE and
    > Gnome at any cost. Helps a lot keeping the number of installed
    > ports down at a reasonable size.
    >
    >
    > Martin
    >

    I'm not the OP here, but ...

    Days. Yeah, I know, it's a function of what you have installed.
    I have chosen to use my system as a workstation, which drags in
    a lot of stuff not found on a system used strictly as a server.
    However, without adding any new applications, my "inventory"
    has gone from ~500 discrete ports/packages to > 1000 in less
    than a year. Part of that is the new granularity in, e.g.
    php and its modules, but a large part of it is what seems to me
    to be a kind of shotgun approach to packaging, where something
    that's not explicitly needed is included "just in case".

    So, yeah, days. Not hours, but days to upgrade the ports on my
    system.

    Bob Melson

    --
    Robert G. Melson | Rio Grande MicroSolutions | El Paso, Texas
    -----
    Thinking is the hardest work there is, which is the probable
    reason so few engage in it. -- Henry Ford


  13. Re: gettext/GPLv4 virus infects FreeBSD

    In our last episode, <484d8873$0$17176$742ec2ed@news.sonic.net>, the lovely
    and talented Paco broadcast on comp.unix.bsd.freebsd.misc:

    > Ran cvsup today and was blown away be the number of ports needing to be
    > upgraded, over 100!


    No doubt when the gettext upgrade finishes there will be another Gnome
    Upgrade Adventure! Nothing really quite compares with the X upgrade
    unleashed about 5 mins. after some 6.x release, so everyone's release discs
    were coasters.

    --
    Lars Eighner usenet@larseighner.com
    Countdown: 223 days to go.

  14. Re: gettext/GPLv4 virus infects FreeBSD

    In our last episode, <484d8873$0$17176$742ec2ed@news.sonic.net>, the lovely
    and talented Paco broadcast on comp.unix.bsd.freebsd.misc:

    > Ran cvsup today and was blown away be the number of ports needing to be
    > upgraded, over 100!


    No doubt when the gettext upgrade finishes there will be another Gnome
    Upgrade Adventure! Nothing really quite compares with the X upgrade
    unleashed about 5 mins. after some 6.x release, so everyone's release discs
    were coasters.

    --
    Lars Eighner usenet@larseighner.com
    Countdown: 223 days to go.

  15. Re: gettext/GPLv4 virus infects FreeBSD

    In article ,
    Lars Eighner wrote:
    >
    >
    >In our last episode, <484d8873$0$17176$742ec2ed@news.sonic.net>, the lovely
    >and talented Paco broadcast on comp.unix.bsd.freebsd.misc:
    >
    >> Ran cvsup today and was blown away be the number of ports needing to be
    >> upgraded, over 100!

    >
    >No doubt when the gettext upgrade finishes there will be another Gnome
    >Upgrade Adventure! Nothing really quite compares with the X upgrade
    >unleashed about 5 mins. after some 6.x release, so everyone's release discs
    >were coasters.
    >

    Hmm.

    I guess I'm not typical, but I just keep the ports tree that comes with
    the release ISOs, and everything generally works fine. Yes, I won't
    have the very latest 'foo' if I decide to install 'foo', but in general,
    who cares?

    (Though I *was* astounded when I tried to install gnome on Solaris
    8 once [before it came from Sun], and found that I had to compile
    and install every open-source program ever written to have a shot
    at it. IIRC, it took me over two weeks).

    Ted
    --
    ------
    columbiaclosings.com
    What's not in Columbia anymore..

  16. Re: gettext/GPLv4 virus infects FreeBSD

    In article ,
    Lars Eighner wrote:
    >
    >
    >In our last episode, <484d8873$0$17176$742ec2ed@news.sonic.net>, the lovely
    >and talented Paco broadcast on comp.unix.bsd.freebsd.misc:
    >
    >> Ran cvsup today and was blown away be the number of ports needing to be
    >> upgraded, over 100!

    >
    >No doubt when the gettext upgrade finishes there will be another Gnome
    >Upgrade Adventure! Nothing really quite compares with the X upgrade
    >unleashed about 5 mins. after some 6.x release, so everyone's release discs
    >were coasters.
    >

    Hmm.

    I guess I'm not typical, but I just keep the ports tree that comes with
    the release ISOs, and everything generally works fine. Yes, I won't
    have the very latest 'foo' if I decide to install 'foo', but in general,
    who cares?

    (Though I *was* astounded when I tried to install gnome on Solaris
    8 once [before it came from Sun], and found that I had to compile
    and install every open-source program ever written to have a shot
    at it. IIRC, it took me over two weeks).

    Ted
    --
    ------
    columbiaclosings.com
    What's not in Columbia anymore..

  17. Re: gettext/GPLv4 virus infects FreeBSD

    On Tue, 10 Jun 2008 18:18:55 -0500, Robert Melson wrote:

    > So, yeah, days. Not hours, but days to upgrade the ports on my
    > system.


    In these cases, just wait some days, and then use the packages built on
    the compilation farm; just upgrade from ports when you have some
    customized options.
    --
    Th. Thomas.

  18. Re: gettext/GPLv4 virus infects FreeBSD

    In article ,
    Thierry Thomas writes:
    > On Tue, 10 Jun 2008 18:18:55 -0500, Robert Melson wrote:
    >
    >> So, yeah, days. Not hours, but days to upgrade the ports on my
    >> system.

    >
    > In these cases, just wait some days, and then use the packages built on
    > the compilation farm; just upgrade from ports when you have some
    > customized options.


    Believe it or not, I prefer the ability to "roll my own". It's
    not entirely rational, I know, but there it is, despite my
    griping about the increase in "inventory" and the time needed
    to do an upgrade. Other side of the coin is, of course, that
    such upgrade everything events don't happen all that often,
    although their frequency HAS increased over the course of the
    past couple of years.

    In my case, I have a single machine and plenty of time to invest.
    But it sounds to me like the OP is in a production environment
    with a number of machines involved. I can understand and mostly
    sympathize with his complaint, even while recognizing that there
    are mechanisms, such as what you suggest, that will reduce the
    pain. But if management will not accept either the delay
    involved or precompiled packages, then he has no real alternative
    and is, I think, justified in his anger and frustration.

    There really does have to be a better way. I don't know what
    it might be or how to arrive at it, but I think the ports/packages
    system has become unwieldy and is close to collapse.

    Bob Melson

    --
    Robert G. Melson | Rio Grande MicroSolutions | El Paso, Texas
    -----
    Thinking is the hardest work there is, which is the probable
    reason so few engage in it. -- Henry Ford


  19. Re: gettext/GPLv4 virus infects FreeBSD


    "Robert Melson" wrote in message
    news:8KKdnYw-FN9269LVnZ2dnUVZ_t_inZ2d@earthlink.com...
    > In article ,
    > Thierry Thomas writes:
    > > On Tue, 10 Jun 2008 18:18:55 -0500, Robert Melson wrote:
    > >

    >
    > In my case, I have a single machine and plenty of time to invest.
    > But it sounds to me like the OP is in a production environment
    > with a number of machines involved. I can understand and mostly
    > sympathize with his complaint, even while recognizing that there
    > are mechanisms, such as what you suggest, that will reduce the
    > pain. But if management will not accept either the delay
    > involved or precompiled packages, then he has no real alternative
    > and is, I think, justified in his anger and frustration.
    >
    > There really does have to be a better way.


    There IS a better way. I run plenty of FreeBSD in production.
    No servers get software upgrades in between version updates.
    Period. If a security notification comes out that affects a server
    (ie: a new apache version) then I move the old binaries to backups
    and compile the newer version by hand, not using the ports
    tree.

    Every couple of FreeBSD versions or couple of years, whenever
    I feel like it, then I rebuild the server. From scratch, none of this
    in-place upgrade bullcrap. Sometimes it puts some new feature
    in that is useful. Usually not, though. And often I'll take the
    opportunity to just scrap the server hardware and use newer
    and faster hardware.

    FreeBSD isn't Windows. When MS says jump, you upgrade
    Windows. The FreeBSD project doesen't say jump.

    Ted



  20. Re: gettext/GPLv4 virus infects FreeBSD

    On Wed, 11 Jun 2008 01:55:39 -0500,
    Robert Melson wrote:
    > But it sounds to me like the OP is in a production environment
    > with a number of machines involved.


    In that case it'll be somewhat more work as there are more, more-or-less
    independent, package sets to re-build. But one still really should do
    that on a single machine then distribute the package sets.


    > I can understand and mostly sympathize with his complaint,


    As do I to an extent, but as others have noted, the problem is pretty
    much independent from the base system. That distinction is important.

    Part of the problem is the horrible dependency trees of much open
    source software, especially anything even remotely related to the gnu
    project (and we've discussed this here before a number of times). This
    is in part a problem of developers with not enough release engineering
    experience, who are as a result often a bit too free with creating new
    dependencies. (Even the mozilla project is interesting.cn WRT this.)

    Though one could argue that the ports maintainers could be a bit more
    careful about updates of things that touch a lot of other things, and
    especially their timing. I think I'll agree with that.


    > But if management will not accept either the delay
    > involved or precompiled packages, then he has no real alternative
    > and is, I think, justified in his anger and frustration.


    Management will just have to cope. If they don't understand that,
    they're not fit for management. As they say, adding more pregnant women
    will not get you the kids faster[1]. Of course, management also needs
    the minions to communicate this well upstream.


    > There really does have to be a better way. I don't know what
    > it might be or how to arrive at it, but I think the ports/packages
    > system has become unwieldy and is close to collapse.


    I think that, eg. the X explosion was at least in an attempt to help fix
    this, if maybe so far not terribly effective. Ports works pretty well,
    really, and it isn't the framework itself that is the problem.

    Other distributions have much of the same problem, but are harder to
    setup to do your own builds.


    I think that I somewhat sympathise, if not with the OP's tone, but with
    the sentiment that the FreeBSD project overall, base and ports both,
    has coasted somewhat into a ``well it works for me'' mindset, which is
    rather unhelpful if your setup is valid but somewhat different. I have
    no numbers or proof except my own experiences[2] and what I see float by
    here, but I think that this is something the project needs to work on.


    [1] Also ``adding more people to a late project makes it later''.
    See also Fred Brooks' excellent explanation of why this is so in
    _The Mythical Man-Month_.
    [2] The fbsd7 ata trouble with my ultra5 was passed off to elsewhere
    and nothing more was heard about it. I might try again with 7.1,
    but I'm not optimistic.

    --
    j p d (at) d s b (dot) t u d e l f t (dot) n l .
    This message was originally posted on Usenet in plain text.
    Any other representation, additions, or changes do not have my
    consent and may be a violation of international copyright law.

+ Reply to Thread
Page 1 of 5 1 2 3 ... LastLast