Re: pkgng suggestion: renaming /usr/sbin/pkg to /usr/sbin/pkg-bootstrap

From: Warren Block <wblock_at_wonkity.com>
Date: Sun, 26 Aug 2012 14:35:03 -0600 (MDT)
On Sun, 26 Aug 2012, Ian Lepore wrote:

> On Sun, 2012-08-26 at 20:58 +0200, Baptiste Daroussin wrote:
>> On Sun, Aug 26, 2012 at 11:39:07AM -0700, Doug Barton wrote:
>>> On 08/26/2012 05:58, Baptiste Daroussin wrote:
>>> This isn't the security issue I was talking about by having sbin/pkg
>>> pass every command line to local/sbin/pkg.
>>>
>>> You keep saying that you have no objections to changing the name. I am
>>> asking you to do that. I don't care if it is pkg-bootstrap or something
>>> else you like better. But please change the name to not be pkg, and
>>> limit the functionality of the tool to bootstrapping the pkg package.
>>>
>>
>> I received more feedback about keep pkg and changing it to
>> pkg-bootstrap, so what should I do, changing it because you are asking for it?
>
> Would this get better if the bootstrap tool were named pkg and were
> installed on a fresh system at /usr/local/sbin, so that it in effect
> replaces itself with the real thing, and has no need to leave a
> forwarding stub in /usr/sbin ?
>
> Maybe it could rename itself to /usr/local/sbin/pkg-bootstrap as part of
> replacing itself, so that you could re-bootstrap your way out of a
> problem later.

Ew.  But on a similar note, an idea I just had in IRC is to have pkgng 
overwrite the base /usr/bin/pkg with a link to /usr/local/bin/pkg.
That effectively removes that binary.  We do have precedent for ports 
overwriting base with sendmail and openssl.

> Hmmm, might have to be careful that future updates don't replace the
> real thing with a newer bootstrap program.

Yes.  A link could be detected by installworld and not 
overwritten... although that's a hack.
Received on Sun Aug 26 2012 - 18:39:14 UTC

This archive was generated by hypermail 2.4.0 : Wed May 19 2021 - 11:40:30 UTC