M. Warner Losh wrote: > It would be very convenient to have this particular thing in the > base, and we shouldn't be too dogmatic about never having any new 3rd > party things in the base. Please no, don't add optional servers to the base. I already don't like sendmail, bind, ntpd and inetd in the base. These are *optional* software--not required for the normal operation of the OS. They aren't even enabled by default except sendmail. Adding sendmail_enable="NONE" to /etc/rc.conf is one of the first things I do on all new systems. I only barely tolerate openssl in the base because it's needed for openssh; however, I'd rather both of those be in ports as well. There's also the issue of updating: It's very annoying to have to update the OS just to fix a BIND or OpenSSL vulnerability and, let's be honest, we'll likely never see the last of those. Rebooting a production server is non-trivial. By-hand partial installworlds on live systems are a disturbing prospect. If it was a port, just update the port. Its far easier justifying updating a port than modifying the OS on a production server. The Ports System makes updating a port so fast and painless I can do many of the non-user-facing ones without an announced downtime. It's trivial installing ports and utterly so installing packages. I'd love to see us use the awesomeness that is the Ports System to manage these things.Received on Sat Sep 25 2010 - 18:35:23 UTC
This archive was generated by hypermail 2.4.0 : Wed May 19 2021 - 11:40:07 UTC