Created attachment 221467 [details] patch for net/chrony to be slave port friendly Since chrony 4.0 upstream implemented NTS (Network Time Security) which allows to authenticate NTP packets. This is definitely a good idea in todays internet but also pulls in many (22) runtime dependencies: * bash * bash-completion * ca_root_nss * gettext-runtime * glib * gmp * gnutls * indexinfo * libedit * libffi * libiconv * libidn2 * libtasn1 * libunistring * libxml2 * nettle * p11-kit * pcre * python37 * readline * tpm-emulator * trousers So I propose a net/chrony-lite port with all options off per default (except USER) then chrony-lite only needs 1 runtime dependency which is libedit.
Created attachment 221468 [details] patch for new net/chrony-lite
For the patch to net/chrony and the general idea I want to have some feedback from mandree@
Would this be a good example for using flavors?
Comment on attachment 221467 [details] patch for net/chrony to be slave port friendly Hi Bernhard, approved of.
Comment on attachment 221468 [details] patch for new net/chrony-lite Hi Bernhard, Is an OPTIONS_DEFAULT override what you want? Or do you need OPTIONS_EXCLUDE and/or OPTIONS_SLAVE instead? security/putty-nogtk is a practical example. Regarding the FLAVOURS proposal by Daniel, it appears not to be a typical use case for now.
It was introduced specifically for this use case https://www.freebsd.org/doc/en/books/porters-handbook/book.html#flavors
Created attachment 221673 [details] chrony with flavors It took a bit to get some hands on experience with our flavors. The patch now flavorizes chrony and adds a lite flavor. Default (=as is right now) is not affected.
(In reply to daniel.engberg.lists from comment #6) Yes, but the tool support situation is abysmal, and I will not pollute my port with premature features.
Comment on attachment 221673 [details] chrony with flavors Please make a traditional slave port for now, instead. FLAVORS are not fully integrated into our ports-mgmt toolchains yet.
Can you please elaborate regarding ports-mgmt toolchain(s)?
Daniel, for instance, you cannot have pkg(8) list the flavors on ports but need to retroactively re-add those pieces of information, for instance, with this hack to list all installed ports as origins with the @fla4 suffix: #!/usr/bin/env bash exec join -t " " -a1 <(pkg query %o |sort) <(pkg query '%o %At @%Av'|grep flavor|sort) | sed 's/ flavor @/@/' Until this is remedied, I am avoiding FLAVORing my ports.
Created attachment 221727 [details] Preparations for slave port Okay, based on the discussions we go back to the classic slave port approach.
Created attachment 221728 [details] New net/chrony-lite port This is the new net/chrony-lite slave port and it uses OPTIONS_EXCLUDE now. @mandree: I think it makes sense that you become the maintainer for the new port. If you don't want that I can also take it under my umbrella. What do you think?
Comment on attachment 221728 [details] New net/chrony-lite port Bernhard, it's a new port and your port, you don't require my approval. Please consider if you want to OPTIONS_EXCLUDE+=DOCS EXAMPLES: I'd think that if people don't want those they'll globally exclude them from /etc/make.conf or thereabouts. If I were to adopt the port, I'd go with OPTIONS_EXCLUDE=HTMLDOCS NETTLE NSS NTS or similar, need to look into their details before deciding on the final set, especially on HTMLDOCS; DOCS EXAMPLES are two framework standard options that everyone should know. About maintainership, I have no strong feelings either way, on one of my ports I took over temporarily from someone else, I had added a blanket approval for the former maintainer as a comment next to the MAINTAINER line and committed that change myself (so it's traceable via svn blame or further down the road via git blame).
Comment on attachment 221727 [details] Preparations for slave port Approved of, go ahead.
(In reply to Matthias Andree from comment #11) actually this batch file may produce duplicates. This is a corrected version for bash: #! /usr/local/bin/bash join -t " " -a1 -o 1.2,2.2,2.3 <(pkg query '%n-%v %o' |sort) <(pkg query '%n-%v %At @%Av'|grep flavor|sort) | sed 's/ flavor @/@/'
A commit references this bug: Author: decke Date: Tue Jan 19 20:24:46 UTC 2021 New revision: 562078 URL: https://svnweb.freebsd.org/changeset/ports/562078 Log: net/chrony: Preparations for a new slave port PR: 252584 Submitted by: myself Approved by: mandree@ Changes: head/net/chrony/Makefile
A commit references this bug: Author: decke Date: Tue Jan 19 20:33:27 UTC 2021 New revision: 562079 URL: https://svnweb.freebsd.org/changeset/ports/562079 Log: net/chrony-lite: Slimmed down chrony without NTS support chrony is a pair of programs which are used to maintain the accuracy of the system clock on a computer; the two programs are called chronyd and chronyc. chronyd is a daemon which runs in background on the system. It obtains measurements via the network of the system clock's offset relative to time servers on other systems and adjusts the system time accordingly. For isolated systems, the user can periodically enter the correct time by hand (using chronyc). In either case, chronyd determines the rate at which the computer gains or loses time, and compensates for this. chronyd implements the NTP protocol and can act as either a client or a server. chronyc provides a user interface to chronyd for monitoring its performance and configuring various settings. It can do so while running on the same computer as the chronyd instance it is controlling or a different computer. WWW: http://chrony.tuxfamily.org/ PR: 252584 Submitted by: myself Changes: head/net/Makefile head/net/chrony-lite/ head/net/chrony-lite/Makefile
(In reply to Matthias Andree from comment #14) I've followed your recommendation and removed DOCS and EXAMPLES from the exclude list since they don't pull in any runtime dependencies. Committed. Thanks!