Subject: Re: Firewall packages
To: John Rowan Littell <email@example.com>
From: David Brownlee <firstname.lastname@example.org>
Date: 09/14/2000 08:57:26
Some of the hpcmips/PocketBSD people may have similar requirements
for packages due to the extreme space limitations on those
platforms. I believe they may be looking at a PKG_SMALL or similar
variable to adjust the behaviour of packages - its quite possible
the same approach would work well for the dubbele project.
I don't have a contact address for them at the moment - you might
want to ask on port-hpcmips...
-- www.netbsd.org: A pmap for every occasion --
On Wed, 13 Sep 2000, John Rowan Littell wrote:
> I suspect most here may know something about the NetBSD Firewall
> Project (www.dubbele.com). It's a pretty bare-bones system, meant
> to run on a minimum of hardware, and also meant to be run by
> non-specialists in *nix. I bring this up here because I have created
> a couple of packages for it that are derived from the official
> NetBSD packages. At this point, I've done openssh and openssl.
> My question is: as derived packages, what sorts of things should I
> do to avoid treading on other people's toes if I want to distribute
> these packages? The details of the derivation can be summed up as
> (1) delete any development files (header files, etc.)
> (2) delete much of the documentation to save space (and since
> man(1) is not installed on the firewall project)
> (3) delete files that cause major dependancy problems and we can
> live without (e.g., openssl depends on perl, but only for its
> documentation and a couple of certificate management scripts)
> (4) modify the package control files to reflect these changes.
> I've done this by hand for both of the packages mentioned, and I've
> also created a couple of perl scripts that repackage a package based
> on a list of removed files and diffs for changed files (I'd be happy
> to make these scripts available).
> I'm not trying to replace any packages, merely strip some down so
> that they're better suited to the firewall project's environment.
> Also, as such, I shouldn't think they'd get integrated at all into
> the standard package tree -- they'd make their distribution home
> either at my site or the firewall project's site. Finally, I'm not
> envisioning doing a lot of packages (although ssh-ip-tunnel and
> pty-redir come to mind as possibilities); frankly, if people are
> needing a lot more than what the firewall project has to offer, I
> think they'd be better off with a standard install of NetBSD (or
> whatever they so choose). The folks at the firewall project are
> open to the idea, subject, of course, to the approval of the official
> package maintainers.
> So -- what do people think?
> John "Rowan" Littell