Re: Ports should provide knobs disabling unwanted network services
On Wed, Mar 27, 2013 at 04:03:09AM -0700, Beeblebrox wrote: > Sorry for the late reply, everyone - I was distracted with some other things > for a while. > > PATCHING: > I'll probably have to look through the syntax of "OPTIONS" in the Makefiles > of other KDE / CMAKE ports to get a handle on how to implement. > > Bapt >> you can have it installed on your system but not actually starting > it. > Yes, once it's installed, you can elect to not start the service - That's > obvious. > The problem is, source-file downloads are quite large and I really do not > want to spend my bandwidth or compile time / cpu power on something I have > no intention to use. As an example, the samba-client port downloads the > entire samba tarball which is around 30MB. Add Avahi-mdsn stuff and you will > probably get about 100MB worth of unwanted downloads. Plus, the download > will not be a one-time problem, it will repeat for every update of those > ports. > > Thanks. > I'm speaking about the default because the default will lead to package creation, and binary packages does not have the large tarballs :). regards, Bapt pgpmUQpUdAkmQ.pgp Description: PGP signature
Ports should provide knobs disabling unwanted network services
Sorry for the late reply, everyone - I was distracted with some other things for a while. PATCHING: I'll probably have to look through the syntax of "OPTIONS" in the Makefiles of other KDE / CMAKE ports to get a handle on how to implement. Bapt >> you can have it installed on your system but not actually starting it. Yes, once it's installed, you can elect to not start the service - That's obvious. The problem is, source-file downloads are quite large and I really do not want to spend my bandwidth or compile time / cpu power on something I have no intention to use. As an example, the samba-client port downloads the entire samba tarball which is around 30MB. Add Avahi-mdsn stuff and you will probably get about 100MB worth of unwanted downloads. Plus, the download will not be a one-time problem, it will repeat for every update of those ports. Thanks. -- View this message in context: http://freebsd.1045724.n5.nabble.com/Ports-should-provide-knobs-disabling-unwanted-network-services-tp5798581p5799340.html Sent from the freebsd-ports mailing list archive at Nabble.com. ___ freebsd-ports@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-ports To unsubscribe, send any mail to "freebsd-ports-unsubscr...@freebsd.org"
Re: Ports should provide knobs disabling unwanted network services
On Tue, Mar 26, 2013 at 07:15:24PM +0100, Wojciech Puchar wrote: > On Sun, 24 Mar 2013, Beeblebrox wrote: > > > Many ports, (specially the KDE-related ones) provide no option to disable > > network-related options. Usually these are things like samba-client, > > Avahi-mDNS* (with variants), and the like. Gnome usually provides a choice > > to disable gnome-vfs. > > > > I really don't understand why such ports enable those services by default, > me too. I don't think KDE is for anything serious but still it should just > be disabled by default and enabled at user choice. > > No special knobs for disabling should exist, but for enabling. It is not because a program is linked against a library that it uses it for real. I don't know much kde, but I'm pretty sure I have a checkbox somewhere saying "activate mdns" or "deactivate mdns" you can have it installed on your system but not actually starting it. I general I do think ports/packages should offer as default what may fits the general needs easily. in this case if you are free to use/not use it via a checkbox, then the default right now is sane because another user with different needs will just have to click to activate it without having to build his own packages. regards, Bapt pgpB5y0UUnFLk.pgp Description: PGP signature
Re: Ports should provide knobs disabling unwanted network services
On Sun, 24 Mar 2013, Beeblebrox wrote: Many ports, (specially the KDE-related ones) provide no option to disable network-related options. Usually these are things like samba-client, Avahi-mDNS* (with variants), and the like. Gnome usually provides a choice to disable gnome-vfs. I really don't understand why such ports enable those services by default, me too. I don't think KDE is for anything serious but still it should just be disabled by default and enabled at user choice. No special knobs for disabling should exist, but for enabling. ___ freebsd-ports@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-ports To unsubscribe, send any mail to "freebsd-ports-unsubscr...@freebsd.org"
Re: Ports should provide knobs disabling unwanted network services
Le 26/03/2013 10:00, Peter Pentchev a écrit : > On Tue, Mar 26, 2013 at 09:13:38AM +0100, Florent Peterschmitt wrote: >> Le 25/03/2013 04:40, Scot Hetzel a écrit : >>> On Sun, Mar 24, 2013 at 10:33 PM, Florent Peterschmitt >>> wrote: Le 24/03/2013 17:34, Scot Hetzel a écrit : > On Sun, Mar 24, 2013 at 7:00 AM, Beeblebrox wrote: >> I would be very happy to submit a patch, if I actually knew how to write >> one... >> > > It is quite simple to create the patch. > > If you have a working copy checked out with svn, then it would be: > > cd /usr/ports/[category]/[port] > - Make the necessary changes to the port > - After testing the port make sure to do a 'make clean' > svn diff > port.diff > > Otherwise make a copy of the port: > > cd /usr/ports/[catagory] > cp port port-orig > cd port > - Make the necessary changes to port > - After testing port make sure to do a 'make clean' > cd .. > diff -ruN port-orig port > port.diff > > Then just submit the port.diff in a PR using either send-pr or > http://www.freebsd.org/send-pr.html. > Is there a way to manually make a patch that will say : --- MyFile +++ MyFile Even if these files are in two distinct trees ? >>> There is always a way to do that: >>> >>> diff -u /path/to/original/port/MyFile /path/to/modified/port/MyFile > >>> /place/to/save/patch/port.diff >>> >>> or if you modifed several files: >>> >>> diff -ruN /path/to/original/port /path/to/modified/port > >>> /place/to/save/patch/port.diff >>> >> Hum yes but what I mean is that we'll have, for example: >> >> --- /home/florent-gentoo/patch/old/one 2013-03-24 14:04:20.757200724 >> +0100 >> +++ /home/florent-gentoo/patch/new/one 2013-03-24 14:04:08.541201548 >> +0100 >> […] >> >> And what I want is: >> >> --- /home/florent-gentoo/patch/old/one 2013-03-24 14:04:20.757200724 >> +0100 >> +++ /home/florent-gentoo/patch/old/one 2013-03-24 14:04:08.541201548 >> +0100 >> […] >> >> SCM make patches like the second one and I'm no sure it is possible to >> do without modifying by hand the patch generated. > > Well, one way to do it would be to actually *use* an SCM :) My > preferred way would be a Git copy of the Subversion repository - then > you do your changes in your local Git tree and periodically pull down > the changes from the FreeBSD Subversion repo and merge them into yours. > > But really, is there actually a reason why you don't want two separate > directories? To be honest, before the advent of Subversion and Git > everyone did their patches that way (well, there *were* local CVS > repositories and checkouts from there, but most of the patches were > diffs between two side-by-side directories) - and I don't think anyone > ever complained. Are there any problems you are seeing with two paths > in the diff headers, or is it just aesthetic? > > G'luck, > Peter > Hum. I'm definitively misunderstanding patching process and I just discovered that even if the header is not with the two same subdirs, it works anyway. For the moment I've no time for porting but I'll study it as soon as possible :) Thanks ;) -- Florent Peterschmitt +33 (0)6 64 33 97 92 flor...@peterschmitt.fr signature.asc Description: OpenPGP digital signature
Re: Ports should provide knobs disabling unwanted network services
On Tue, Mar 26, 2013 at 09:13:38AM +0100, Florent Peterschmitt wrote: > Le 25/03/2013 04:40, Scot Hetzel a écrit : > > On Sun, Mar 24, 2013 at 10:33 PM, Florent Peterschmitt > > wrote: > >> Le 24/03/2013 17:34, Scot Hetzel a écrit : > >>> On Sun, Mar 24, 2013 at 7:00 AM, Beeblebrox wrote: > I would be very happy to submit a patch, if I actually knew how to write > one... > > >>> > >>> It is quite simple to create the patch. > >>> > >>> If you have a working copy checked out with svn, then it would be: > >>> > >>> cd /usr/ports/[category]/[port] > >>> - Make the necessary changes to the port > >>> - After testing the port make sure to do a 'make clean' > >>> svn diff > port.diff > >>> > >>> Otherwise make a copy of the port: > >>> > >>> cd /usr/ports/[catagory] > >>> cp port port-orig > >>> cd port > >>> - Make the necessary changes to port > >>> - After testing port make sure to do a 'make clean' > >>> cd .. > >>> diff -ruN port-orig port > port.diff > >>> > >>> Then just submit the port.diff in a PR using either send-pr or > >>> http://www.freebsd.org/send-pr.html. > >>> > >> > >> Is there a way to manually make a patch that will say : > >> > >> --- MyFile > >> +++ MyFile > >> > >> Even if these files are in two distinct trees ? > >> > > There is always a way to do that: > > > > diff -u /path/to/original/port/MyFile /path/to/modified/port/MyFile > > > /place/to/save/patch/port.diff > > > > or if you modifed several files: > > > > diff -ruN /path/to/original/port /path/to/modified/port > > > /place/to/save/patch/port.diff > > > Hum yes but what I mean is that we'll have, for example: > > --- /home/florent-gentoo/patch/old/one2013-03-24 14:04:20.757200724 > +0100 > +++ /home/florent-gentoo/patch/new/one2013-03-24 14:04:08.541201548 > +0100 > […] > > And what I want is: > > --- /home/florent-gentoo/patch/old/one2013-03-24 14:04:20.757200724 > +0100 > +++ /home/florent-gentoo/patch/old/one2013-03-24 14:04:08.541201548 > +0100 > […] > > SCM make patches like the second one and I'm no sure it is possible to > do without modifying by hand the patch generated. Well, one way to do it would be to actually *use* an SCM :) My preferred way would be a Git copy of the Subversion repository - then you do your changes in your local Git tree and periodically pull down the changes from the FreeBSD Subversion repo and merge them into yours. But really, is there actually a reason why you don't want two separate directories? To be honest, before the advent of Subversion and Git everyone did their patches that way (well, there *were* local CVS repositories and checkouts from there, but most of the patches were diffs between two side-by-side directories) - and I don't think anyone ever complained. Are there any problems you are seeing with two paths in the diff headers, or is it just aesthetic? G'luck, Peter -- Peter Pentchev r...@ringlet.net r...@freebsd.org p.penc...@storpool.com PGP key:http://people.FreeBSD.org/~roam/roam.key.asc Key fingerprint 2EE7 A7A5 17FC 124C F115 C354 651E EFB0 2527 DF13 I am jealous of the first word in this sentence. signature.asc Description: Digital signature
Re: Ports should provide knobs disabling unwanted network services
Le 25/03/2013 04:40, Scot Hetzel a écrit : > On Sun, Mar 24, 2013 at 10:33 PM, Florent Peterschmitt > wrote: >> Le 24/03/2013 17:34, Scot Hetzel a écrit : >>> On Sun, Mar 24, 2013 at 7:00 AM, Beeblebrox wrote: I would be very happy to submit a patch, if I actually knew how to write one... >>> >>> It is quite simple to create the patch. >>> >>> If you have a working copy checked out with svn, then it would be: >>> >>> cd /usr/ports/[category]/[port] >>> - Make the necessary changes to the port >>> - After testing the port make sure to do a 'make clean' >>> svn diff > port.diff >>> >>> Otherwise make a copy of the port: >>> >>> cd /usr/ports/[catagory] >>> cp port port-orig >>> cd port >>> - Make the necessary changes to port >>> - After testing port make sure to do a 'make clean' >>> cd .. >>> diff -ruN port-orig port > port.diff >>> >>> Then just submit the port.diff in a PR using either send-pr or >>> http://www.freebsd.org/send-pr.html. >>> >> >> Is there a way to manually make a patch that will say : >> >> --- MyFile >> +++ MyFile >> >> Even if these files are in two distinct trees ? >> > There is always a way to do that: > > diff -u /path/to/original/port/MyFile /path/to/modified/port/MyFile > > /place/to/save/patch/port.diff > > or if you modifed several files: > > diff -ruN /path/to/original/port /path/to/modified/port > > /place/to/save/patch/port.diff > Hum yes but what I mean is that we'll have, for example: --- /home/florent-gentoo/patch/old/one 2013-03-24 14:04:20.757200724 +0100 +++ /home/florent-gentoo/patch/new/one 2013-03-24 14:04:08.541201548 +0100 […] And what I want is: --- /home/florent-gentoo/patch/old/one 2013-03-24 14:04:20.757200724 +0100 +++ /home/florent-gentoo/patch/old/one 2013-03-24 14:04:08.541201548 +0100 […] SCM make patches like the second one and I'm no sure it is possible to do without modifying by hand the patch generated. -- Florent Peterschmitt +33 (0)6 64 33 97 92 flor...@peterschmitt.fr signature.asc Description: OpenPGP digital signature
Re: Ports should provide knobs disabling unwanted network services
On Sun, Mar 24, 2013 at 10:33 PM, Florent Peterschmitt wrote: > Le 24/03/2013 17:34, Scot Hetzel a écrit : >> On Sun, Mar 24, 2013 at 7:00 AM, Beeblebrox wrote: >>> I would be very happy to submit a patch, if I actually knew how to write >>> one... >>> >> >> It is quite simple to create the patch. >> >> If you have a working copy checked out with svn, then it would be: >> >> cd /usr/ports/[category]/[port] >> - Make the necessary changes to the port >> - After testing the port make sure to do a 'make clean' >> svn diff > port.diff >> >> Otherwise make a copy of the port: >> >> cd /usr/ports/[catagory] >> cp port port-orig >> cd port >> - Make the necessary changes to port >> - After testing port make sure to do a 'make clean' >> cd .. >> diff -ruN port-orig port > port.diff >> >> Then just submit the port.diff in a PR using either send-pr or >> http://www.freebsd.org/send-pr.html. >> > > Is there a way to manually make a patch that will say : > > --- MyFile > +++ MyFile > > Even if these files are in two distinct trees ? > There is always a way to do that: diff -u /path/to/original/port/MyFile /path/to/modified/port/MyFile > /place/to/save/patch/port.diff or if you modifed several files: diff -ruN /path/to/original/port /path/to/modified/port > /place/to/save/patch/port.diff -- DISCLAIMER: No electrons were maimed while sending this message. Only slightly bruised. ___ freebsd-ports@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-ports To unsubscribe, send any mail to "freebsd-ports-unsubscr...@freebsd.org"
Re: Ports should provide knobs disabling unwanted network services
Le 24/03/2013 17:34, Scot Hetzel a écrit : > On Sun, Mar 24, 2013 at 7:00 AM, Beeblebrox wrote: >> I would be very happy to submit a patch, if I actually knew how to write >> one... >> > > It is quite simple to create the patch. > > If you have a working copy checked out with svn, then it would be: > > cd /usr/ports/[category]/[port] > - Make the necessary changes to the port > - After testing the port make sure to do a 'make clean' > svn diff > port.diff > > Otherwise make a copy of the port: > > cd /usr/ports/[catagory] > cp port port-orig > cd port > - Make the necessary changes to port > - After testing port make sure to do a 'make clean' > cd .. > diff -ruN port-orig port > port.diff > > Then just submit the port.diff in a PR using either send-pr or > http://www.freebsd.org/send-pr.html. > Is there a way to manually make a patch that will say : --- MyFile +++ MyFile Even if these files are in two distinct trees ? -- Florent Peterschmitt +33 (0)6 64 33 97 92 flor...@peterschmitt.fr signature.asc Description: OpenPGP digital signature
Re: Ports should provide knobs disabling unwanted network services
On Sun, Mar 24, 2013 at 7:00 AM, Beeblebrox wrote: > I would be very happy to submit a patch, if I actually knew how to write > one... > It is quite simple to create the patch. If you have a working copy checked out with svn, then it would be: cd /usr/ports/[category]/[port] - Make the necessary changes to the port - After testing the port make sure to do a 'make clean' svn diff > port.diff Otherwise make a copy of the port: cd /usr/ports/[catagory] cp port port-orig cd port - Make the necessary changes to port - After testing port make sure to do a 'make clean' cd .. diff -ruN port-orig port > port.diff Then just submit the port.diff in a PR using either send-pr or http://www.freebsd.org/send-pr.html. -- DISCLAIMER: No electrons were maimed while sending this message. Only slightly bruised. ___ freebsd-ports@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-ports To unsubscribe, send any mail to "freebsd-ports-unsubscr...@freebsd.org"
Re: Ports should provide knobs disabling unwanted network services
It's no something difficult. Rewrite the Makefile port (based on the one already here of course) and use diff util. Or if you want, submit the whole file ;) Le 24/03/2013 12:00, Beeblebrox a écrit : > I would be very happy to submit a patch, if I actually knew how to write > one... > > > > -- > View this message in context: > http://freebsd.1045724.n5.nabble.com/Ports-should-provide-knobs-disabling-unwanted-network-services-tp5798581p5798594.html > Sent from the freebsd-ports mailing list archive at Nabble.com. > ___ > freebsd-ports@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-ports > To unsubscribe, send any mail to "freebsd-ports-unsubscr...@freebsd.org" > -- Florent Peterschmitt +33 (0)6 64 33 97 92 flor...@peterschmitt.fr signature.asc Description: OpenPGP digital signature
Re: Ports should provide knobs disabling unwanted network services
I would be very happy to submit a patch, if I actually knew how to write one... -- View this message in context: http://freebsd.1045724.n5.nabble.com/Ports-should-provide-knobs-disabling-unwanted-network-services-tp5798581p5798594.html Sent from the freebsd-ports mailing list archive at Nabble.com. ___ freebsd-ports@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-ports To unsubscribe, send any mail to "freebsd-ports-unsubscr...@freebsd.org"
Re: Ports should provide knobs disabling unwanted network services
If you want, you can submit a little patch adding choice to disable these options. You'll see if it is adopted or not, but you have more chance to get your request done with something than without. Le 24/03/2013 11:09, Beeblebrox a écrit : > Many ports, (specially the KDE-related ones) provide no option to disable > network-related options. Usually these are things like samba-client, > Avahi-mDNS* (with variants), and the like. Gnome usually provides a choice > to disable gnome-vfs. > > I really don't understand why such ports enable those services by default, > then provide a warning along the lines of "if you are unhappy with the > security risk present through this service, uninstall the port... etc." > > I usually end up hacking the Makefile and disabling the cr*p that I don't > want, then build. I understand the purpose of those services, but as an > example, is net/mDNSResponder REALLY mandatory for everyone who intends to > use graphics/okular? > > > > > -- > View this message in context: > http://freebsd.1045724.n5.nabble.com/Ports-should-provide-knobs-disabling-unwanted-network-services-tp5798581.html > Sent from the freebsd-ports mailing list archive at Nabble.com. > ___ > freebsd-ports@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-ports > To unsubscribe, send any mail to "freebsd-ports-unsubscr...@freebsd.org" > -- Florent Peterschmitt +33 (0)6 64 33 97 92 flor...@peterschmitt.fr signature.asc Description: OpenPGP digital signature
Ports should provide knobs disabling unwanted network services
Many ports, (specially the KDE-related ones) provide no option to disable network-related options. Usually these are things like samba-client, Avahi-mDNS* (with variants), and the like. Gnome usually provides a choice to disable gnome-vfs. I really don't understand why such ports enable those services by default, then provide a warning along the lines of "if you are unhappy with the security risk present through this service, uninstall the port... etc." I usually end up hacking the Makefile and disabling the cr*p that I don't want, then build. I understand the purpose of those services, but as an example, is net/mDNSResponder REALLY mandatory for everyone who intends to use graphics/okular? -- View this message in context: http://freebsd.1045724.n5.nabble.com/Ports-should-provide-knobs-disabling-unwanted-network-services-tp5798581.html Sent from the freebsd-ports mailing list archive at Nabble.com. ___ freebsd-ports@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-ports To unsubscribe, send any mail to "freebsd-ports-unsubscr...@freebsd.org"