Re: New package managment (fbsd ports)

[Erik <br0ke@math.smsu.edu>]

okie, I got to play with fbsd's "ports" all today trying to get a system up and
running. It's very very similar to this 'autoweb' idea, so I guess I'll try to
summarize what it does and why I perceive as its deficiencies, as it may be
more logical to merge the fbsd ports collection into linux instead of
implementing a whole new scheme.

With the distro, there's a /usr/ports heirarchy built. there's a Makefile, a
directory called distfiles where the downloaded source is stored, and several
directories broken by catagory (graphics, devel, archivers, x11, x11-servers,
x11-wm, etc. a whole slew). inside of each directory is a directory for each
package. inside of that is a makefile, and md5 file, and some other neglegible
stuff which I'm not too terribly concerned with yet :) 

I went to install windowmaker, which depends on several packages. so I did 
cd /usr/ports/x11-wm/windowmaker
make
the makefile in the windowmaker directory contains info on where the main
source distro is, which version, what it depends upon, and where the
appropriate patches are. The makefile includes some other makefile that does
the magic (I haven't looked at it yet). okie, I run "make"
it says it can't find windowmaker-0.60.0.tar.gz on the system, so it proceeds
to download it, unpack it, and then check the dependancies.
it tells me I don't have libtiff installs, so it goes to
/usr/ports/graphics/libtiff and runs 'make' there, which proceeds to download
libtiff, patch it, and check dependancies of libtiff
it tells me I don't have libjpeg installed, so it does it again
then it builds libtiff, then it builds windowmaker (after other dependancies)
this was all done automagic, and if an md5sum fails, it stops the entire
process right there. Everything was installed into the /usr/local directory and
the permissions looked pretty tight. It's possable to over-ride md5sum checks
with a parm to make. running "make clean" in /usr/ports proceeds to walk all
the directories and clean things up.

The deficiencies that I perceived are

1. if uses a program called 'fetch' which craps out on some servers. I ended up
installing ncftp3 so I could get the files into /usr/ports/distfiles by hand.

2. Some packages were outdated. It wanted libgif 3.0, but libgif 4.1.0 is the
freshest and 3.0 was a little difficult to find (esr doesn't seem to have an
account where the fbsd ports thought he should). trying to kludge in 4.1.0 with
some makefile editing didn't work, the patch files were a bit sensative.

3. it downloaded the file before recursing into dependancies. This didn't seem
like a problem as I was doing it, but as was mentioned, if a low level
dependancy cannot be met, then that's a whole lot of download for nothing. 

Other than that, it's a really slick system. If we use a more robust ftp
client/script, recurse before downloading, and think about implementing
something to keep more current, that'd by nutty. Possably have it check for a
'current' link in the dir, and if that doesn't exist, then use the default? and
urge package distributers to use the 'current' link convention. Possably a
meta-ports package could be put somewhere (cvs?) so the entire ports package
can be updated, then "make world" or whatever in /usr/ports to do what's
appropriate? if the packages are trusted, then this'd be a really cool way to
do it. I'm assuming since there're package maintainers and md5 files in the
ports distro, that someone is at least giving the packages a once-over to make
sure they work and aren't outright malicious. I think it'd be more beneficial
to embrace and extends fbsd ports (in a very non-m$ way)? So far, ports have
been the one thing about fbsd that's impressed me :) mebbe cvsup will when I
get there. Definitly worth trying fbsd just to see ports in action :) 

        -Erik <br0ke@math.smsu.edu> [http://math.smsu.edu/~br0ke]

The opinions expressed by me are not necessarily opinions. In all
probability, they are random rambling, and to be ignored. Failure to ignore
may result in severe boredom or confusion. Shake well before opening. Keep
Refrigerated.