Re: harden distribution
On Mon, Jul 02, 2001 at 12:54:33PM -0700, Nick Jennings wrote:
> On Mon, Jul 02, 2001 at 07:14:20PM +0200, Richard Atterer wrote:
> >
> > I agree. Fortunately, the solution is simple: Extend the package
> > system to make auto-building of packages as simple and automatic as
> > installation of binary packages.
>
> I very much like the idea of being able to easily compile my packages
> from source, in an automated and seamless way (so that security updates
> are just as easy). Basically you provide an /etc/makefile with a bunch
> of compiler optimizations etc. and each package gets compiled with those
> rulesets. When doing and update/upgrade the patches are applied to the
> source and re-compiled with the same optimizations.
Optimally, packages would support things like:
- Passing in a custom CC, CFLAGS, etc.
- Passing arbitrary flags to a ./configure script
but a primitive system could be built that simply applied a set of patches to
the tree before building. If these patches were kept in a logical place, they
could easily be fetched and used to build updated packages as they came in.
The hardest part of this, I think, would be automating the actual build
process. Perhaps the autobuilder code could be split off and shared.
> Having all of this automated would really add alot of power to debians
> package management system. Basically incorporating the power of the
> BSD ports architecture into it.
I've heard a lot of praise of BSD's ports tree and its "make world", but I've
only built simple programs with it. How does it handle build dependencies?
--
- mdz
Reply to: