On Sun, Jul 16, 2006 at 22:07:52 +0200, Mark Rosenstand wrote: > > On Sun, Jul 16, 2006 at 07:10:02PM +0200, Mark Rosenstand wrote: [...] > > > Johannes and I already discussed the usefulness of something like the > > > "trusted" feature, only with post-install scripts in mind :) > [...] I think we'd be better > off changing the config file format completely, like: > > [core] > directory /usr/ports/core > run-scripts yes > > [contrib] > directory /usr/ports/contrib > run-scripts no > > Since it scales so much better (when we want feature Z, we won't have to > add yet another weird, non-logical character.)
Note that while the syntax definitely looks sane, it introduces a tight coupling between the location in the ports tree and the package installation, and would therefore require us to include the repository information as meta data. Furthermore, when thinking of binary package management, this is easily spoofed (i.e. pretending to be a core package); to establish real trust, something like gnupg signatures might be better, although it would add quite a bit of additional complexity. Just my two cents here, Johannes -- Johannes Winkelmann mailto:[EMAIL PROTECTED] Zurich, Switzerland http://jw.smts.ch _______________________________________________ crux-devel mailing list [email protected] http://lists.crux.nu/mailman/listinfo/crux-devel
