Re: Import of DragonFly Mail Agent

From: Lyndon Nerenberg <lyndon_at_orthanc.ca>
Date: Mon, 24 Feb 2014 08:39:25 -0800
On Feb 24, 2014, at 7:56 AM, Poul-Henning Kamp <phk_at_phk.freebsd.dk> wrote:

> Bullshit.

Sounds like your week didn't get off to a good start.

> You got FreeBSD in there in the first place, there clearly
> is some kind of aperture through which software can migrate.

Yes, we walk in a DVD-ROM with a FreeBSD installation image on it.  This works because there is a self-contained installer that contains a very complete system.  Certainly enough to build things like file servers and network infrastructure machines (dhcp, ntp, other general network services).

Installing ports/pkgs, on the other hand, is a real pain.  For pre-built packages, you can build a list of dependencies, download the packages to an external machine, copy them to a portable drive, and walk them over to a shared filesystem.  This works, provided there are pre-built images of the package and its recursive dependency tree (and that they are configured in a way that works for your environment).

If the above doesn't work, you have to fall back to ports.  And this is where things get really hairy.  Just generating the list of required distfiles is problematic.  'make fetch-recursive-list' will give you a script to run to pull down the direct build dependencies, but this misses run-time dependencies.  Generating that list takes a lot of manual work, and is *very* time consuming.

The increasing focus on securing systems from network attacks in only increasing the number of air-gapped environments (and I know this from first hand experience).  The sort of massive unbundling that a few people are tossing around here has the potential to exponentially increase the workload of people operating in the environments I have witnessed (and worked in).  I want them to realize that there are ramifications to those sort of changes that need to be taken into consideration.

These days UNIX tends to be single-user environment, for the most part.  Because of that it is very easy for people to get into the mindset that "if I don't use it, nobody else uses it," and thus losing sight of the whole being so much greater than the sum of its parts.

That said, I can understand wanting to unbundle some of the very complex but lesser used components (e.g. bind).  But there's always a balancing act to be performed here.  Making every command in /usr/bin its own package serves nobody.  (Yes, I exaggerate to make a point.)

--lyndon


Received on Mon Feb 24 2014 - 15:39:30 UTC

This archive was generated by hypermail 2.4.0 : Wed May 19 2021 - 11:40:47 UTC