Impressions on DFly and other questions

Dmitri Nikulin dnikulin at gmail.com
Fri Jun 2 19:01:55 PDT 2006


On 6/3/06, Saverio Iacovelli <iacovelli_mail at xxxxxxxx> wrote:
>
> ipfw and pf work differently.
>
Don't is it better to maintenant only the support for
the better firewall framework, making the system
essential and clean.
Ideally, a base system would only have the 'most useful' and 'most
high quality' software. But since people expect things to work like
they used to, and not all things are in pkgsrc, and not all things are
convenient to have to wait for pkgsrc to use (since not everyone
carries a pkgsrc tree with distfiles around on a USB bar, and it's not
always possible to have a network link from first boot). Of course
even then some people find certain programs incredibly useful while
others are more than happy to use something different (e.g. YP/NIS
versus LDAP)
I wouldn't miss ipfw or ipfilter, but somebody will, and unless a
script is written to generate a functionally equivalent pf config set
(of pf.conf and inetd.conf, because pf uses ftp-proxy and no natd)
from ipfw configs, it pretty much has to stay. Of course for a lot of
people it'd be trivial to do this by hand... yet there are some who
insist on keeping a thousand-rules file by hand. I suppose removing
ipfw would then be a form of natural selection.
There are a lot of less useful things in the base than OpenSSL and
ipfw, which still stay for worse reasons. These and their dependencies
(sometimes GPL'd libraries like GMP) must remain and be maintained so
that they always build and sometimes even work. This *does* burden
developers, not as much as actual code or documentation work, but in
as much as it's extra to maintain and a LOT of extra weight during a
buildworld, not to mention the livecds and source distributions. I
doubt these packages will be removed though, even if a saving of 30%
could be made (which is not unreasonable).
It's not at all bad, though. Compare to a typical Linux distribution.
They're all somehow larger and include less software in the true
'base' system. I pin this on the impressive level of bloat in the GNU
toolchain, which cannot be considered clean by any stretch of the
imagination. DragonFly contains a lot more than is needed for many
types of server and code machines, all in <80MB. A few binary packages
later and you're at whatever kind of system you could want. Even the
size of the BSD libcs versus glibc means any BSD system will be a
minor fraction as bloated, especially when running, since then *every*
libc consumer factors this in. Linux doesn't even have resident
application support like DragonFly does, so their dynamic loading
times are bound to be tragically higher, especially those
distributions which insist on dynamically linking everything possible.
In conclusion, it's not perfect, but it's a lot better than what
you'll find in the Linux world :)
And.. yes, you can just elect not to build the stuff, but that only
reduces the burden on you, not the developers. They don't seem to
mind. DragonFly already builds in abnormally short times so I don't
mind either.
 -- Dmitri Nikulin





More information about the Users mailing list