My personal pkgsrc FAQ
Dennis Melentyev
dennis.melentyev at gmail.com
Fri Dec 19 03:22:22 PST 2008
Hi!
2008/12/18 Justin C. Sherrill <justin at shiningsilence.com>:
> On Thu, December 18, 2008 2:16 am, Robert Luciani wrote:
>
>> The advantage of using a vkernel (or at least keeping your chroot around
>> for a long while) is that it allows you to keep rebuilding packages
>> that were tagged with vulnerabilities, from the same environment, for
>> the entire lifespan of the package set. Otherwise, security
>> updates render a stable package set obsolete very quickly. This was
>> also why I mentioned pkg_chk and that it needs to be fixed. Because
>> now, updating packages is so arduous that people just leave firefox-3
>> as an old version even though it might have multiple security problems.
>
> I'd say stick with a chroot; it'll accomplish the same thing without the
> overhead. I suppose trying and timing both strategies with the same
> pkgsrc release would provide an interesting benchmark on just how much
> overhead the virtualized kernel introduces...
/me wishes DFBSD has cluster support already. I'd be glad to share
some CPU cycles for package building. :)
Having a packed vkernel environment will let me to easily install a
little cluster block with limited access to other system stuff.
PS. Yes, I can imagine the amount of work to be done to achieve that
goal. Treat this as a dreaming-rumbling-mumbling aloud. :)
--
Dennis Melentyev
More information about the Users
mailing list