| @@ -1,464 +1,467 @@ | | | @@ -1,464 +1,467 @@ |
1 | <!-- $NetBSD: using.xml,v 1.51 2020/05/22 20:57:15 rillig Exp $ --> | | 1 | <!-- $NetBSD: using.xml,v 1.52 2021/06/11 14:45:08 nia Exp $ --> |
2 | | | 2 | |
3 | <chapter id="using"> <?dbhtml filename="using.html"?> | | 3 | <chapter id="using"> <?dbhtml filename="using.html"?> |
4 | <title>Using pkgsrc</title> | | 4 | <title>Using pkgsrc</title> |
5 | | | 5 | |
6 | <para>Basically, there are two ways of using pkgsrc. The first | | 6 | <para>Basically, there are two ways of using pkgsrc. The first |
7 | is to only install the package tools and to use binary packages | | 7 | is to only install the package tools and to use binary packages |
8 | that someone else has prepared. This is the <quote>pkg</quote> | | 8 | that someone else has prepared. This is the <quote>pkg</quote> |
9 | in pkgsrc. The second way is to install the <quote>src</quote> | | 9 | in pkgsrc. The second way is to install the <quote>src</quote> |
10 | of pkgsrc, too. Then you are able to build your own packages, | | 10 | of pkgsrc, too. Then you are able to build your own packages, |
11 | and you can still use binary packages from someone else.</para> | | 11 | and you can still use binary packages from someone else.</para> |
12 | | | 12 | |
13 | <sect1 id="using-pkg"> | | 13 | <sect1 id="using-pkg"> |
14 | <title>Using binary packages</title> | | 14 | <title>Using binary packages</title> |
15 | | | 15 | |
16 | <!-- this URL needs to be kept at http, not https, since pkg_add cannot use https. --> | | 16 | <para>On the <ulink url="https://cdn.NetBSD.org/">cdn.NetBSD.org</ulink> |
17 | <para>On the <ulink url="http://cdn.NetBSD.org/">cdn.NetBSD.org</ulink> | | | |
18 | site and mirrors, there are collections of binary packages, | | 17 | site and mirrors, there are collections of binary packages, |
19 | ready to be installed. These binary packages have been built using the | | 18 | ready to be installed. These binary packages have been built using the |
20 | default settings for the directories, that is:</para> | | 19 | default settings for the directories, that is:</para> |
21 | | | 20 | |
22 | <itemizedlist> | | 21 | <itemizedlist> |
23 | <listitem><para><filename>/usr/pkg</filename> for <varname>LOCALBASE</varname>, where most of the files are installed,</para></listitem> | | 22 | <listitem><para><filename>/usr/pkg</filename> for <varname>LOCALBASE</varname>, where most of the files are installed,</para></listitem> |
24 | <listitem><para><filename>/usr/pkg/etc</filename> for configuration files,</para></listitem> | | 23 | <listitem><para><filename>/usr/pkg/etc</filename> for configuration files,</para></listitem> |
25 | <listitem><para><filename>/var</filename> for <varname>VARBASE</varname>, where those files are installed that may change after installation.</para></listitem> | | 24 | <listitem><para><filename>/var</filename> for <varname>VARBASE</varname>, where those files are installed that may change after installation.</para></listitem> |
26 | </itemizedlist> | | 25 | </itemizedlist> |
27 | | | 26 | |
28 | <para>If you cannot use these directories for whatever reasons (maybe | | 27 | <para>If you cannot use these directories for whatever reasons (maybe |
29 | because you're not root), you cannot use these binary packages, but | | 28 | because you're not root), you cannot use these binary packages, but |
30 | have to build the packages yourself, which is explained in <xref | | 29 | have to build the packages yourself, which is explained in <xref |
31 | linkend="bootstrapping-pkgsrc" />.</para> | | 30 | linkend="bootstrapping-pkgsrc" />.</para> |
32 | | | 31 | |
33 | <sect2 id="finding-binary-packages"> | | 32 | <sect2 id="finding-binary-packages"> |
34 | <title>Finding binary packages</title> | | 33 | <title>Finding binary packages</title> |
35 | | | 34 | |
36 | <para>To install binary packages, you first need to know from where | | 35 | <para>To install binary packages, you first need to know from where |
37 | to get them. The first place where you should look is on the main | | 36 | to get them. The first place where you should look is on the main |
38 | <!-- this URL needs to be kept at http, not https, since pkg_add cannot use https. --> | | 37 | pkgsrc CDN in the directory <ulink |
39 | pkgsrc FTP server in the directory <ulink | | 38 | url="https://cdn.NetBSD.org/pub/pkgsrc/packages/"><filename>/pub/pkgsrc/packages</filename></ulink>.</para> |
40 | url="http://cdn.NetBSD.org/pub/pkgsrc/packages/"><filename>/pub/pkgsrc/packages</filename></ulink>.</para> | | | |
41 | | | 39 | |
42 | <para>This directory contains binary packages for multiple | | 40 | <para>This directory contains binary packages for multiple |
43 | platforms. First, select your operating system. (Ignore the | | 41 | platforms. First, select your operating system. (Ignore the |
44 | directories with version numbers attached to it, they just exist for | | 42 | directories with version numbers attached to it, they just exist for |
45 | legacy reasons.) Then, select your hardware architecture, and in the | | 43 | legacy reasons.) Then, select your hardware architecture, and in the |
46 | third step, the OS version and the <quote>version</quote> of pkgsrc.</para> | | 44 | third step, the OS version and the <quote>version</quote> of pkgsrc.</para> |
47 | | | 45 | |
48 | <para>In this directory, you often find a file called | | 46 | <para>In this directory, you often find a file called |
49 | <filename>bootstrap.tar.gz</filename> which contains the package | | 47 | <filename>bootstrap.tar.gz</filename> which contains the package |
50 | management tools. If the file is missing, it is likely that your | | 48 | management tools. If the file is missing, it is likely that your |
51 | operating system already provides those tools. Download the file and | | 49 | operating system already provides those tools. Download the file and |
52 | extract it in the <filename>/</filename> directory. It will create | | 50 | extract it in the <filename>/</filename> directory. It will create |
53 | the directories <filename>/usr/pkg</filename> (containing the tools | | 51 | the directories <filename>/usr/pkg</filename> (containing the tools |
54 | for managing binary packages and the database of installed packages).</para> | | 52 | for managing binary packages and the database of installed packages).</para> |
55 | </sect2> | | 53 | </sect2> |
56 | | | 54 | |
57 | <sect2 id="installing-binary-packages"> | | 55 | <sect2 id="installing-binary-packages"> |
58 | <title>Installing binary packages</title> | | 56 | <title>Installing binary packages</title> |
59 | | | 57 | |
60 | <para>In the directory from the last section, there is a | | 58 | <para>In the directory from the last section, there is a |
61 | subdirectory called <filename>All/</filename>, which contains all the | | 59 | subdirectory called <filename>All/</filename>, which contains all the |
62 | binary packages that are available for the platform, excluding those | | 60 | binary packages that are available for the platform, excluding those |
63 | that may not be distributed via FTP or CDROM (depending on which | | 61 | that may not be distributed via HTTP or FTP.</para> |
64 | medium you are using).</para> | | | |
65 | | | 62 | |
66 | <para>To install packages directly from an FTP or HTTP server, run | | 63 | <para>To install packages directly from an FTP or HTTP server, run |
67 | the following commands in a Bourne-compatible shell (be sure to | | 64 | the following commands in a Bourne-compatible shell (be sure to |
68 | <command>su</command> to root first):</para> | | 65 | <command>su</command> to root first):</para> |
69 | | | 66 | |
70 | <screen> | | 67 | <screen> |
71 | &rprompt; <userinput>PATH="/usr/pkg/sbin:$PATH"</userinput> | | 68 | &rprompt; <userinput>PATH="/usr/pkg/sbin:/usr/pkg/bin:$PATH"</userinput> |
72 | <!-- this URL needs to be kept at http, not https, since pkg_add cannot use https. --> | | 69 | &rprompt; <userinput>PKG_PATH="https://cdn.NetBSD.org/pub/pkgsrc/packages"</userinput> |
73 | &rprompt; <userinput>PKG_PATH="http://cdn.NetBSD.org/pub/pkgsrc/packages"</userinput> | | | |
74 | &rprompt; <userinput>PKG_PATH="$PKG_PATH/<replaceable>OPSYS</replaceable>/<replaceable>ARCH</replaceable>/<replaceable>VERSIONS</replaceable>/All/"</userinput> | | 70 | &rprompt; <userinput>PKG_PATH="$PKG_PATH/<replaceable>OPSYS</replaceable>/<replaceable>ARCH</replaceable>/<replaceable>VERSIONS</replaceable>/All/"</userinput> |
75 | &rprompt; <userinput>export PATH PKG_PATH</userinput> | | 71 | &rprompt; <userinput>export PATH PKG_PATH</userinput> |
| | | 72 | &rprompt; <userinput>pkg_add pkgin</userinput> |
76 | </screen> | | 73 | </screen> |
77 | | | 74 | |
78 | <para>Instead of URLs, you can also use local paths, for example if | | 75 | <para>Instead of URLs, you can also use local paths, for example if |
79 | you are installing from a set of CDROMs, DVDs or an NFS-mounted | | 76 | you are installing from a set of CDROMs, DVDs or an NFS-mounted |
80 | repository. If you want to install packages from multiple sources, | | 77 | repository. If you want to install packages from multiple sources, |
81 | you can separate them by a semicolon in | | 78 | you can separate them by a semicolon in |
82 | <varname>PKG_PATH</varname>.</para> | | 79 | <varname>PKG_PATH</varname>.</para> |
83 | | | 80 | |
84 | <para>After these preparations, installing a package is very | | 81 | <para>After these preparations, installing a package is very |
85 | easy:</para> | | 82 | easy:</para> |
86 | | | 83 | |
87 | <screen> | | 84 | <screen> |
88 | &rprompt; <userinput>pkg_add libreoffice</userinput> | | 85 | &rprompt; <userinput>pkgin search nginx</userinput> |
89 | &rprompt; <userinput>pkg_add ap24-php71-*</userinput> | | 86 | nginx-1.19.6 Lightweight HTTP server and mail proxy server |
| | | 87 | nginx-1.18.0nb8 Lightweight HTTP server and mail proxy server |
| | | 88 | &rprompt; <userinput>pkgin install zsh nginx-1.19.6 vim</userinput> |
90 | </screen> | | 89 | </screen> |
91 | | | 90 | |
92 | <para>Note that any prerequisite packages needed to run the | | 91 | <para>Note that <command>pkgin</command> is a user-friendly frontend |
93 | package in question will be installed, too, assuming they are | | 92 | to the <command>pkg_*</command> tools.</para> |
94 | present where you install from.</para> | | | |
95 | | | 93 | |
96 | <para>Adding packages might install vulnerable packages. | | 94 | <para>Any prerequisite packages needed to run the |
97 | Thus you should run <command>pkg_admin audit</command> | | 95 | package in question will be installed, too, assuming they are |
98 | regularly, especially after installing new packages, and verify | | 96 | present in the repository.</para> |
99 | that the vulnerabilities are acceptable for your configuration.</para> | | | |
100 | | | 97 | |
101 | <para>After you've installed packages, be sure to have | | 98 | <para>After you've installed packages, be sure to have |
102 | <filename>/usr/pkg/bin</filename> and <filename>/usr/pkg/sbin</filename> in your | | 99 | <filename>/usr/pkg/bin</filename> and <filename>/usr/pkg/sbin</filename> in your |
103 | <varname>PATH</varname> so you can actually start the just | | 100 | <varname>PATH</varname> so you can actually start the just |
104 | installed program.</para> | | 101 | installed program.</para> |
105 | </sect2> | | 102 | </sect2> |
106 | | | 103 | |
| | | 104 | <sect2 id="using.pkgin_update"> |
| | | 105 | <title>Updating packages</title> |
| | | 106 | |
| | | 107 | <para>To update binary packages, it is recommended that you use |
| | | 108 | <command>pkgin upgrade</command>. This will compare the remote |
| | | 109 | package repository to your locally installed packages and safely |
| | | 110 | replace any older packages.</para> |
| | | 111 | |
| | | 112 | <para>Note that pkgsrc is released as quarterly branches. |
| | | 113 | If you are updating to a newer quarterly branch of pkgsrc, you may |
| | | 114 | need to adjust the repository in |
| | | 115 | <filename>/usr/pkg/etc/pkgin/repositories.conf</filename>.</para> |
| | | 116 | </sect2> |
| | | 117 | |
107 | <sect2 id="using.pkg_delete"> | | 118 | <sect2 id="using.pkg_delete"> |
108 | <title>Deinstalling packages</title> | | 119 | <title>Deinstalling packages</title> |
109 | | | 120 | |
110 | <para>To deinstall a package, it does not matter whether it was | | 121 | <para>To deinstall a package, it does not matter whether it was |
111 | installed from source code or from a binary package. The | | 122 | installed from source code or from a binary package. Neither the |
112 | <command>pkg_delete</command> command does not know it anyway. | | 123 | <command>pkgin</command> or the <command>pkg_delete</command> |
113 | To delete a package, you can just run <command>pkg_delete | | 124 | command need to know.</para> |
114 | <replaceable>package-name</replaceable></command>. The package | | | |
115 | name can be given with or without version number. Wildcards can | | | |
116 | also be used to deinstall a set of packages, for example | | | |
117 | <literal>*emacs*</literal>. Be sure to include them in quotes, | | | |
118 | so that the shell does not expand them before | | | |
119 | <literal>pkg_delete</literal> sees them.</para> | | | |
120 | | | | |
121 | <para>The <option>-r</option> option is very powerful: it | | | |
122 | removes all the packages that require the package in question | | | |
123 | and then removes the package itself. For example: | | | |
124 | | | | |
125 | <screen> | | | |
126 | &rprompt; <userinput>pkg_delete -r jpeg</userinput> | | | |
127 | </screen> | | | |
128 | | | | |
129 | will remove jpeg and all the packages that used it; this allows | | | |
130 | upgrading the jpeg package.</para> | | | |
131 | | | 125 | |
| | | 126 | <para>To delete a package, you can just run <command>pkgin remove |
| | | 127 | <replaceable>package-name</replaceable></command>. The package |
| | | 128 | name can be given with or without version number.</para> |
132 | </sect2> | | 129 | </sect2> |
133 | | | 130 | |
134 | <sect2 id="using.pkg_info"> | | 131 | <sect2 id="using.pkg_info"> |
135 | <title>Getting information about installed packages</title> | | 132 | <title>Getting information about installed packages</title> |
136 | | | 133 | |
137 | <para>The <command>pkg_info</command> shows information about | | 134 | <para>The <command>pkg_info</command> shows information about |
138 | installed packages or binary package files.</para> | | 135 | installed packages or binary package files. |
| | | 136 | As with other management tools, it works with packages installed |
| | | 137 | from source or binaries.</para> |
139 | | | 138 | |
140 | </sect2> | | 139 | </sect2> |
141 | | | 140 | |
142 | <sect2 id="vulnerabilities"> | | 141 | <sect2 id="vulnerabilities"> |
143 | <title>Checking for security vulnerabilities in installed packages</title> | | 142 | <title>Checking for security vulnerabilities in installed packages</title> |
144 | | | 143 | |
145 | <para> | | 144 | <para> |
146 | The pkgsrc Security Team and Packages Groups maintain a list of | | 145 | The pkgsrc Security Team and Packages Groups maintain a list of |
147 | known security vulnerabilities to packages which are (or have been) | | 146 | known vulnerabilities to packages which are (or have been) |
148 | included in pkgsrc. The list is available from the NetBSD | | 147 | included in pkgsrc. The list is available from the NetBSD |
149 | <!-- this URL needs to be kept at http, not https, since pkg_add cannot use https. --> | | 148 | CDN at <ulink url="https://cdn.NetBSD.org/pub/NetBSD/packages/vulns/pkg-vulnerabilities"/>. |
150 | FTP site at <ulink url="http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/pkg-vulnerabilities"/>. | | 149 | </para> |
| | | 150 | |
| | | 151 | <para> |
| | | 152 | Please note that not every "vulnerability" with a CVE assignment is |
| | | 153 | exploitable in every configuration. |
| | | 154 | Some bugs are marked as active simply because an fix was not |
| | | 155 | marked as such. |
| | | 156 | Operating system specific hardening and mitigation features may also |
| | | 157 | reduce the impact of bugs. |
151 | </para> | | 158 | </para> |
152 | | | 159 | |
153 | <para> | | 160 | <para> |
154 | Through <command>pkg_admin fetch-pkg-vulnerabilities</command>, | | 161 | Through <command>pkg_admin fetch-pkg-vulnerabilities</command>, |
155 | this list can be downloaded | | 162 | this list can be downloaded |
156 | automatically, and a security audit of all packages installed on a system | | 163 | automatically, and a security audit of all packages installed on a system |
157 | can take place. | | 164 | can take place. |
158 | </para> | | 165 | </para> |
159 | | | 166 | |
160 | <para> | | 167 | <para> |
161 | There are two components to auditing. The first | | 168 | There are two components to auditing. The first |
162 | step, <command>pkg_admin fetch-pkg-vulnerabilities</command>, | | 169 | step, <command>pkg_admin fetch-pkg-vulnerabilities</command>, |
163 | is for downloading | | 170 | is for downloading |
164 | the list of vulnerabilities from the NetBSD FTP site. The second | | 171 | the list of vulnerabilities from the NetBSD FTP site. The second |
165 | step, <command>pkg_admin audit</command>, checks to see if any of your | | 172 | step, <command>pkg_admin audit</command>, checks to see if any of your |
166 | installed packages are vulnerable. If a package is vulnerable, you | | 173 | installed packages are vulnerable. If a package is vulnerable, you |
167 | will see output similar to the following: | | 174 | will see output similar to the following: |
168 | </para> | | 175 | </para> |
169 | | | 176 | |
170 | <screen>Package samba-2.0.9 has a local-root-shell vulnerability, see | | 177 | <screen>Package samba-2.0.9 has a local-root-shell vulnerability, see |
171 | https://www.samba.org/samba/whatsnew/macroexploit.html</screen> | | 178 | https://www.samba.org/samba/whatsnew/macroexploit.html</screen> |
172 | | | 179 | |
173 | <para> | | 180 | <para> |
174 | You may wish to have the | | 181 | You may wish to have the |
175 | <!-- this URL needs to be kept at http, not https, since pkg_add cannot use https. --> | | 182 | <ulink url="https://cdn.NetBSD.org/pub/pkgsrc/distfiles/vulnerabilities">vulnerabilities</ulink> |
176 | <ulink url="http://ftp.NetBSD.org/pub/pkgsrc/distfiles/vulnerabilities">vulnerabilities</ulink> | | | |
177 | file downloaded daily so that | | 183 | file downloaded daily so that |
178 | it remains current. This may be done by adding an appropriate entry | | 184 | it remains current. This may be done by adding an appropriate entry |
179 | to the root users &man.crontab.5; entry. For example the entry | | 185 | to the root users &man.crontab.5; entry. For example the entry |
180 | <screen> | | 186 | <screen> |
181 | # Download vulnerabilities file | | 187 | # Download vulnerabilities file |
182 | 0 3 * * * /usr/pkg/sbin/pkg_admin fetch-pkg-vulnerabilities >/dev/null 2>&1 | | 188 | 0 3 * * * /usr/pkg/sbin/pkg_admin fetch-pkg-vulnerabilities >/dev/null 2>&1 |
183 | # Audit the installed packages and email results to root | | 189 | # Audit the installed packages and email results to root |
184 | 9 3 * * * /usr/pkg/sbin/pkg_admin audit |mail -s "Installed package audit result" \ | | 190 | 9 3 * * * /usr/pkg/sbin/pkg_admin audit |mail -s "Installed package audit result" \ |
185 | root >/dev/null 2>&1 | | 191 | root >/dev/null 2>&1 |
186 | </screen> | | 192 | </screen> |
187 | will update the vulnerability list every day at 3AM, followed by an audit | | 193 | will update the vulnerability list every day at 3AM, followed by an audit |
188 | at 3:09AM. The result of the audit are then emailed to root. | | 194 | at 3:09AM. The result of the audit are then emailed to root. |
189 | | | 195 | |
190 | On NetBSD this may be accomplished instead by adding the following | | 196 | On NetBSD this may be accomplished instead by adding the following |
191 | line to <filename>/etc/daily.conf</filename>: | | 197 | line to <filename>/etc/daily.conf</filename>: |
192 | <screen> | | 198 | <screen> |
193 | fetch_pkg_vulnerabilities=YES | | 199 | fetch_pkg_vulnerabilities=YES |
194 | </screen> | | 200 | </screen> |
195 | to fetch the vulnerability list from the daily security script. The system | | 201 | to fetch the vulnerability list from the daily security script. The system |
196 | is set to audit the packages by default but can be set explicitly, if | | 202 | is set to audit the packages by default but can be set explicitly, if |
197 | desired (not required), by adding the following line to | | 203 | desired (not required), by adding the following line to |
198 | <filename>/etc/security.conf</filename>: | | 204 | <filename>/etc/security.conf</filename>: |
199 | <screen> | | 205 | <screen> |
200 | check_pkg_vulnerabilities=YES | | 206 | check_pkg_vulnerabilities=YES |
201 | </screen> | | 207 | </screen> |
202 | see &man.daily.conf.5; and &man.security.conf.5; for more details. | | 208 | see &man.daily.conf.5; and &man.security.conf.5; for more details. |
203 | </para> | | 209 | </para> |
204 | </sect2> | | 210 | </sect2> |
205 | | | 211 | |
206 | <sect2 id="pkg_versions"> | | 212 | <sect2 id="pkg_versions"> |
207 | <title>Finding if newer versions of your installed packages are in pkgsrc</title> | | 213 | <title>Finding if newer versions of your installed packages are in pkgsrc</title> |
208 | <para> | | 214 | <para> |
209 | Install <filename role="pkg">pkgtools/lintpkgsrc</filename> and run | | 215 | Install <filename role="pkg">pkgtools/lintpkgsrc</filename> and run |
210 | <command>lintpkgsrc</command> with the <quote>-i</quote> | | 216 | <command>lintpkgsrc</command> with the <quote>-i</quote> |
211 | argument to check if your packages are up-to-date, e.g. | | 217 | argument to check if any packages are stale, e.g. |
212 | </para> | | 218 | </para> |
213 | <screen> | | 219 | <screen> |
214 | &cprompt; <userinput>lintpkgsrc -i</userinput> | | 220 | &cprompt; <userinput>lintpkgsrc -i</userinput> |
215 | ... | | 221 | ... |
216 | Version mismatch: 'tcsh' 6.09.00 vs 6.10.00 | | 222 | Version mismatch: 'tcsh' 6.09.00 vs 6.10.00 |
217 | </screen> | | 223 | </screen> |
218 | <para>You can then use <command>make update</command> to update the | | | |
219 | package on your system and rebuild any dependencies. | | | |
220 | </para> | | | |
221 | </sect2> | | 224 | </sect2> |
222 | | | 225 | |
223 | <sect2 id="using.pkg_admin"> | | 226 | <sect2 id="using.pkg_admin"> |
224 | <title>Other administrative functions</title> | | 227 | <title>Other administrative functions</title> |
225 | | | 228 | |
226 | <para>The <command>pkg_admin</command> executes various | | 229 | <para>The <command>pkg_admin</command> executes various |
227 | administrative functions on the package system.</para> | | 230 | administrative functions on the package system.</para> |
228 | | | 231 | |
229 | </sect2> | | 232 | </sect2> |
230 | </sect1> | | 233 | </sect1> |
231 | | | 234 | |
232 | <sect1 id="building-packages-from-source"> | | 235 | <sect1 id="building-packages-from-source"> |
233 | <title>Building packages from source</title> | | 236 | <title>Building packages from source</title> |
234 | | | 237 | |
235 | <para>After obtaining pkgsrc, the <filename>pkgsrc</filename> | | 238 | <para>After obtaining pkgsrc, the <filename>pkgsrc</filename> |
236 | directory now contains a set of packages, organized into | | 239 | directory now contains a set of packages, organized into |
237 | categories. You can browse the online index of packages, or run | | 240 | categories. You can browse the online index of packages, or run |
238 | <command>make readme</command> from the <filename>pkgsrc</filename> | | 241 | <command>make readme</command> from the <filename>pkgsrc</filename> |
239 | directory to build local <filename>README.html</filename> files for | | 242 | directory to build local <filename>README.html</filename> files for |
240 | all packages, viewable with any web browser such as <filename | | 243 | all packages, viewable with any web browser such as <filename |
241 | role="pkg">www/lynx</filename> or <filename | | 244 | role="pkg">www/lynx</filename> or <filename |
242 | role="pkg">www/firefox</filename>.</para> | | 245 | role="pkg">www/firefox</filename>.</para> |
243 | | | 246 | |
244 | <para>The default <emphasis>prefix</emphasis> for installed packages | | 247 | <para>The default <emphasis>prefix</emphasis> for installed packages |
245 | is <filename>/usr/pkg</filename>. If you wish to change this, you | | 248 | is <filename>/usr/pkg</filename>. If you wish to change this, you |
246 | should do so by setting <varname>LOCALBASE</varname> in | | 249 | should do so by setting <varname>LOCALBASE</varname> in |
247 | &mk.conf;. You should not try to use multiple | | 250 | &mk.conf;. You should not try to use multiple |
248 | different <varname>LOCALBASE</varname> definitions on the same | | 251 | different <varname>LOCALBASE</varname> definitions on the same |
249 | system (inside a chroot is an exception). </para> | | 252 | system (inside a chroot is an exception). </para> |
250 | | | 253 | |
251 | <para>The rest of this chapter assumes that the package is already | | 254 | <para>The rest of this chapter assumes that the package is already |
252 | in pkgsrc. If it is not, see <xref linkend="developers-guide"/> for | | 255 | in pkgsrc. If it is not, see <xref linkend="developers-guide"/> for |
253 | instructions how to create your own packages.</para> | | 256 | instructions how to create your own packages.</para> |
254 | | | 257 | |
255 | <sect2 id="requirements"> | | 258 | <sect2 id="requirements"> |
256 | <title>Requirements</title> | | 259 | <title>Requirements</title> |
257 | | | 260 | |
258 | <para>To build packages from source, you need a working C | | 261 | <para>To build packages from source, you need a working C |
259 | compiler. On NetBSD, you need to install the | | 262 | compiler. On NetBSD, you need to install the |
260 | <quote>comp</quote> and the <quote>text</quote> distribution | | 263 | <quote>comp</quote> and the <quote>text</quote> distribution |
261 | sets. If you want to build X11-related packages, the | | 264 | sets. If you want to build X11-related packages, the |
262 | <quote>xbase</quote> and <quote>xcomp</quote> distribution | | 265 | <quote>xbase</quote> and <quote>xcomp</quote> distribution |
263 | sets are required, too.</para> | | 266 | sets are required, too.</para> |
264 | <!-- FIXME: what about installing x11/XFree86-*? --> | | 267 | <!-- FIXME: what about installing x11/XFree86-*? --> |
265 | </sect2> | | 268 | </sect2> |
266 | | | 269 | |
267 | | | 270 | |
268 | <sect2 id="fetching-distfiles"> | | 271 | <sect2 id="fetching-distfiles"> |
269 | <title>Fetching distfiles</title> | | 272 | <title>Fetching distfiles</title> |
270 | | | 273 | |
271 | <para>The first step for building a package is downloading the | | 274 | <para>The first step for building a package is downloading the |
272 | distfiles (i.e. the unmodified source). If they have not yet been | | 275 | distfiles (i.e. the unmodified source). If they have not yet been |
273 | downloaded, pkgsrc will fetch them automatically.</para> | | 276 | downloaded, pkgsrc will fetch them automatically.</para> |
274 | | | 277 | |
275 | <para>If you have all files that you need in the | | 278 | <para>If you have all files that you need in the |
276 | <filename>distfiles</filename> directory, | | 279 | <filename>distfiles</filename> directory, |
277 | you don't need to connect. If the distfiles are on CD-ROM, you can | | 280 | you don't need to connect. If the distfiles are on CD-ROM, you can |
278 | mount the CD-ROM on <filename>/cdrom</filename> and add: | | 281 | mount the CD-ROM on <filename>/cdrom</filename> and add: |
279 | <screen>DISTDIR=/cdrom/pkgsrc/distfiles</screen> | | 282 | <screen>DISTDIR=/cdrom/pkgsrc/distfiles</screen> |
280 | to your &mk.conf;.</para> | | 283 | to your &mk.conf;.</para> |
281 | | | 284 | |
282 | <para>By default a list of distribution sites will be randomly | | 285 | <para>By default a list of distribution sites will be randomly |
283 | intermixed to prevent huge load on servers which holding popular | | 286 | intermixed to prevent huge load on servers which holding popular |
284 | packages (for example, SourceForge.net mirrors). Thus, every | | 287 | packages (for example, SourceForge.net mirrors). Thus, every |
285 | time when you need to fetch yet another distfile all the mirrors | | 288 | time when you need to fetch yet another distfile all the mirrors |
286 | will be tried in new (random) order. You can turn this feature | | 289 | will be tried in new (random) order. You can turn this feature |
287 | off by setting <varname>MASTER_SORT_RANDOM=NO</varname> (for | | 290 | off by setting <varname>MASTER_SORT_RANDOM=NO</varname> (for |
288 | <varname>PKG_DEVELOPER</varname>s it's already disabled).</para> | | 291 | <varname>PKG_DEVELOPER</varname>s it's already disabled).</para> |
289 | | | 292 | |
290 | <para>You can overwrite some of the major distribution sites to | | 293 | <para>You can overwrite some of the major distribution sites to |
291 | fit to sites that are close to your own. By setting one or two | | 294 | fit to sites that are close to your own. By setting one or two |
292 | variables you can modify the order in which the master sites are | | 295 | variables you can modify the order in which the master sites are |
293 | accessed. <varname>MASTER_SORT</varname> contains a whitespace | | 296 | accessed. <varname>MASTER_SORT</varname> contains a whitespace |
294 | delimited list of domain suffixes. | | 297 | delimited list of domain suffixes. |
295 | <varname>MASTER_SORT_REGEX</varname> is even more flexible, it | | 298 | <varname>MASTER_SORT_REGEX</varname> is even more flexible, it |
296 | contains a whitespace delimited list of regular expressions. It | | 299 | contains a whitespace delimited list of regular expressions. It |
297 | has higher priority than <varname>MASTER_SORT</varname>. Have a | | 300 | has higher priority than <varname>MASTER_SORT</varname>. Have a |
298 | look at <filename>pkgsrc/mk/defaults/mk.conf</filename> to find | | 301 | look at <filename>pkgsrc/mk/defaults/mk.conf</filename> to find |
299 | some examples. This may save some of your bandwidth and | | 302 | some examples. This may save some of your bandwidth and |
300 | time.</para> | | 303 | time.</para> |
301 | | | 304 | |
302 | <para>You can change these settings either in your shell's environment, or, | | 305 | <para>You can change these settings either in your shell's environment, or, |
303 | if you want to keep the settings, by editing the | | 306 | if you want to keep the settings, by editing the |
304 | &mk.conf; file, | | 307 | &mk.conf; file, |
305 | and adding the definitions there.</para> | | 308 | and adding the definitions there.</para> |
306 | | | 309 | |
307 | <para> | | 310 | <para> |
308 | If a package depends on many other packages (such as | | 311 | If a package depends on many other packages (such as |
309 | <filename role="pkg">meta-pkgs/kde4</filename>), the build process may | | 312 | <filename role="pkg">meta-pkgs/kde4</filename>), the build process may |
310 | alternate between periods of | | 313 | alternate between periods of |
311 | downloading source, and compiling. To ensure you have all the source | | 314 | downloading source, and compiling. To ensure you have all the source |
312 | downloaded initially you can run the command: | | 315 | downloaded initially you can run the command: |
313 | <screen>&cprompt; <userinput>make fetch-list | sh</userinput></screen> | | 316 | <screen>&cprompt; <userinput>make fetch-list | sh</userinput></screen> |
314 | which will output and run a set of shell commands to fetch the | | 317 | which will output and run a set of shell commands to fetch the |
315 | necessary files into the <filename>distfiles</filename> directory. You can | | 318 | necessary files into the <filename>distfiles</filename> directory. You can |
316 | also choose to download the files manually. | | 319 | also choose to download the files manually. |
317 | </para> | | 320 | </para> |
318 | | | 321 | |
319 | </sect2> | | 322 | </sect2> |
320 | | | 323 | |
321 | <sect2 id="how-to-build-and-install"> | | 324 | <sect2 id="how-to-build-and-install"> |
322 | <title>How to build and install</title> | | 325 | <title>How to build and install</title> |
323 | | | 326 | |
324 | <para> | | 327 | <para> |
325 | Once the software has downloaded, any patches will be applied, then it | | 328 | Once the software has downloaded, any patches will be applied, then it |
326 | will be compiled for you. This may take some time depending on your | | 329 | will be compiled for you. This may take some time depending on your |
327 | computer, and how many other packages the software depends on and their | | 330 | computer, and how many other packages the software depends on and their |
328 | compile time. | | 331 | compile time. |
329 | </para> | | 332 | </para> |
330 | | | 333 | |
331 | <note><para>If using bootstrap or pkgsrc on a non-NetBSD system, | | 334 | <note><para>If using bootstrap or pkgsrc on a non-NetBSD system, |
332 | use the pkgsrc <command>bmake</command> command instead of | | 335 | use the pkgsrc <command>bmake</command> command instead of |
333 | <quote>make</quote> in the examples in this guide.</para></note> | | 336 | <quote>make</quote> in the examples in this guide.</para></note> |
334 | | | 337 | |
335 | <para>For example, type</para> | | 338 | <para>For example, type</para> |
336 | | | 339 | |
337 | <screen> | | 340 | <screen> |
338 | &cprompt; <userinput>cd misc/figlet</userinput> | | 341 | &cprompt; <userinput>cd misc/figlet</userinput> |
339 | &cprompt; <userinput>make</userinput> | | 342 | &cprompt; <userinput>make</userinput> |
340 | </screen> | | 343 | </screen> |
341 | | | 344 | |
342 | <para>at the shell prompt to build the various components of the | | 345 | <para>at the shell prompt to build the various components of the |
343 | package.</para> | | 346 | package.</para> |
344 | | | 347 | |
345 | <para>The next stage is to actually install the newly compiled | | 348 | <para>The next stage is to actually install the newly compiled |
346 | program onto your system. Do this by entering: | | 349 | program onto your system. Do this by entering: |
347 | | | 350 | |
348 | <screen> | | 351 | <screen> |
349 | &cprompt; <userinput>make install</userinput> | | 352 | &cprompt; <userinput>make install</userinput> |
350 | </screen> | | 353 | </screen> |
351 | | | 354 | |
352 | while you are still in the directory for whatever package you | | 355 | while you are still in the directory for whatever package you |
353 | are installing.</para> | | 356 | are installing.</para> |
354 | | | 357 | |
355 | <para>Installing the package on your system may require you to | | 358 | <para>Installing the package on your system may require you to |
356 | be root. However, pkgsrc has a | | 359 | be root. However, pkgsrc has a |
357 | <emphasis>just-in-time-su</emphasis> feature, which allows you | | 360 | <emphasis>just-in-time-su</emphasis> feature, which allows you |
358 | to only become root for the actual installation step.</para> | | 361 | to only become root for the actual installation step.</para> |
359 | | | 362 | |
360 | <para>That's it, the software should now be installed and setup for use. | | 363 | <para>That's it, the software should now be installed and setup for use. |
361 | You can now enter: | | 364 | You can now enter: |
362 | | | 365 | |
363 | <screen> | | 366 | <screen> |
364 | &cprompt; <userinput>make clean</userinput> | | 367 | &cprompt; <userinput>make clean</userinput> |
365 | </screen> | | 368 | </screen> |
366 | | | 369 | |
367 | to remove the compiled files in the work directory, as you shouldn't need | | 370 | to remove the compiled files in the work directory, as you shouldn't need |
368 | them any more. If other packages were also added to your system | | 371 | them any more. If other packages were also added to your system |
369 | (dependencies) to allow your program to compile, you can tidy these up | | 372 | (dependencies) to allow your program to compile, you can tidy these up |
370 | also with the command:</para> | | 373 | also with the command:</para> |
371 | | | 374 | |
372 | <screen> | | 375 | <screen> |
373 | &cprompt; <userinput>make clean-depends</userinput> | | 376 | &cprompt; <userinput>make clean-depends</userinput> |
374 | </screen> | | 377 | </screen> |
375 | | | 378 | |
376 | <para>Taking the figlet utility as an example, we can install it on our | | 379 | <para>Taking the figlet utility as an example, we can install it on our |
377 | system by building as shown in <xref linkend="logs"/>.</para> | | 380 | system by building as shown in <xref linkend="logs"/>.</para> |
378 | | | 381 | |
379 | <para>The program is installed under the default root of the | | 382 | <para>The program is installed under the default root of the |
380 | packages tree - <filename>/usr/pkg</filename>. Should this not | | 383 | packages tree - <filename>/usr/pkg</filename>. Should this not |
381 | conform to your tastes, set the <varname>LOCALBASE</varname> | | 384 | conform to your tastes, set the <varname>LOCALBASE</varname> |
382 | variable in your environment, and it will use that value as the | | 385 | variable in your environment, and it will use that value as the |
383 | root of your packages tree. So, to use | | 386 | root of your packages tree. So, to use |
384 | <filename>/usr/local</filename>, set | | 387 | <filename>/usr/local</filename>, set |
385 | <varname>LOCALBASE=/usr/local</varname> in your environment. | | 388 | <varname>LOCALBASE=/usr/local</varname> in your environment. |
386 | Please note that you should use a directory which is dedicated to | | 389 | Please note that you should use a directory which is dedicated to |
387 | packages and not shared with other programs (i.e., do not try and | | 390 | packages and not shared with other programs (i.e., do not try and |
388 | use <varname>LOCALBASE=/usr</varname>). Also, you should not try | | 391 | use <varname>LOCALBASE=/usr</varname>). Also, you should not try |
389 | to add any of your own files or directories (such as | | 392 | to add any of your own files or directories (such as |
390 | <filename>src/</filename>, <filename>obj/</filename>, or | | 393 | <filename>src/</filename>, <filename>obj/</filename>, or |
391 | <filename>pkgsrc/</filename>) below the | | 394 | <filename>pkgsrc/</filename>) below the |
392 | <varname>LOCALBASE</varname> tree. This is to prevent possible | | 395 | <varname>LOCALBASE</varname> tree. This is to prevent possible |
393 | conflicts between programs and other files installed by the | | 396 | conflicts between programs and other files installed by the |
394 | package system and whatever else may have been installed | | 397 | package system and whatever else may have been installed |
395 | there.</para> | | 398 | there.</para> |
396 | | | 399 | |
397 | <para>Some packages look in &mk.conf; to | | 400 | <para>Some packages look in &mk.conf; to |
398 | alter some configuration options at build time. Have a look at | | 401 | alter some configuration options at build time. Have a look at |
399 | <filename>pkgsrc/mk/defaults/mk.conf</filename> to get an overview | | 402 | <filename>pkgsrc/mk/defaults/mk.conf</filename> to get an overview |
400 | of what will be set there by default. Environment variables such | | 403 | of what will be set there by default. Environment variables such |
401 | as <varname>LOCALBASE</varname> can be set in | | 404 | as <varname>LOCALBASE</varname> can be set in |
402 | &mk.conf; to save having to remember to | | 405 | &mk.conf; to save having to remember to |
403 | set them each time you want to use pkgsrc.</para> | | 406 | set them each time you want to use pkgsrc.</para> |
404 | | | 407 | |
405 | <para>Occasionally, people want to <quote>look under the | | 408 | <para>Occasionally, people want to <quote>look under the |
406 | covers</quote> to see what is going on when a package is building | | 409 | covers</quote> to see what is going on when a package is building |
407 | or being installed. This may be for debugging purposes, or out of | | 410 | or being installed. This may be for debugging purposes, or out of |
408 | simple curiosity. A number of utility values have been added to | | 411 | simple curiosity. A number of utility values have been added to |
409 | help with this.</para> | | 412 | help with this.</para> |
410 | | | 413 | |
411 | <orderedlist> | | 414 | <orderedlist> |
412 | <listitem> | | 415 | <listitem> |
413 | <para>If you invoke the &man.make.1; command with | | 416 | <para>If you invoke the &man.make.1; command with |
414 | <varname>PKG_DEBUG_LEVEL=2</varname>, then a huge amount of | | 417 | <varname>PKG_DEBUG_LEVEL=2</varname>, then a huge amount of |
415 | information will be displayed. For example,</para> | | 418 | information will be displayed. For example,</para> |
416 | | | 419 | |
417 | <screen><userinput>make patch PKG_DEBUG_LEVEL=2</userinput></screen> | | 420 | <screen><userinput>make patch PKG_DEBUG_LEVEL=2</userinput></screen> |
418 | | | 421 | |
419 | <para>will show all the commands that are invoked, up to and | | 422 | <para>will show all the commands that are invoked, up to and |
420 | including the <quote>patch</quote> stage.</para> | | 423 | including the <quote>patch</quote> stage.</para> |
421 | </listitem> | | 424 | </listitem> |
422 | | | 425 | |
423 | <listitem> | | 426 | <listitem> |
424 | <para>If you want to know the value of a certain &man.make.1; | | 427 | <para>If you want to know the value of a certain &man.make.1; |
425 | definition, then the <varname>VARNAME</varname> definition | | 428 | definition, then the <varname>VARNAME</varname> definition |
426 | should be used, in conjunction with the show-var | | 429 | should be used, in conjunction with the show-var |
427 | target. e.g. to show the expansion of the &man.make.1; | | 430 | target. e.g. to show the expansion of the &man.make.1; |
428 | variable <varname>LOCALBASE</varname>:</para> | | 431 | variable <varname>LOCALBASE</varname>:</para> |
429 | | | 432 | |
430 | <screen> | | 433 | <screen> |
431 | &cprompt; <userinput>make show-var VARNAME=LOCALBASE</userinput> | | 434 | &cprompt; <userinput>make show-var VARNAME=LOCALBASE</userinput> |
432 | /usr/pkg | | 435 | /usr/pkg |
433 | &cprompt; | | 436 | &cprompt; |
434 | </screen> | | 437 | </screen> |
435 | | | 438 | |
436 | </listitem> | | 439 | </listitem> |
437 | </orderedlist> | | 440 | </orderedlist> |
438 | | | 441 | |
439 | <para>If you want to install a binary package that you've either | | 442 | <para>If you want to install a binary package that you've either |
440 | created yourself (see next section), that you put into | | 443 | created yourself (see next section), that you put into |
441 | pkgsrc/packages manually or that is located on a remote FTP | | 444 | pkgsrc/packages manually or that is located on a remote FTP |
442 | server, you can use the "bin-install" target. This target will | | 445 | server, you can use the "bin-install" target. This target will |
443 | install a binary package - if available - via &man.pkg.add.1;, | | 446 | install a binary package - if available - via &man.pkg.add.1;, |
444 | else do a <command>make package</command>. The list of remote FTP | | 447 | else do a <command>make package</command>. The list of remote FTP |
445 | sites searched is kept in the variable | | 448 | sites searched is kept in the variable |
446 | <varname>BINPKG_SITES</varname>, which defaults to | | 449 | <varname>BINPKG_SITES</varname>, which defaults to |
447 | ftp.NetBSD.org. Any flags that should be added to &man.pkg.add.1; | | 450 | ftp.NetBSD.org. Any flags that should be added to &man.pkg.add.1; |
448 | can be put into <varname>BIN_INSTALL_FLAGS</varname>. See | | 451 | can be put into <varname>BIN_INSTALL_FLAGS</varname>. See |
449 | <filename>pkgsrc/mk/defaults/mk.conf</filename> for more | | 452 | <filename>pkgsrc/mk/defaults/mk.conf</filename> for more |
450 | details.</para> | | 453 | details.</para> |
451 | | | 454 | |
452 | <para>A final word of warning: If you set up a system that has a | | 455 | <para>A final word of warning: If you set up a system that has a |
453 | non-standard setting for <varname>LOCALBASE</varname>, be sure to | | 456 | non-standard setting for <varname>LOCALBASE</varname>, be sure to |
454 | set that before any packages are installed, as you cannot use | | 457 | set that before any packages are installed, as you cannot use |
455 | several directories for the same purpose. Doing so will result in | | 458 | several directories for the same purpose. Doing so will result in |
456 | pkgsrc not being able to properly detect your installed packages, | | 459 | pkgsrc not being able to properly detect your installed packages, |
457 | and fail miserably. Note also that precompiled binary packages are | | 460 | and fail miserably. Note also that precompiled binary packages are |
458 | usually built with the default <varname>LOCALBASE</varname> of | | 461 | usually built with the default <varname>LOCALBASE</varname> of |
459 | <filename>/usr/pkg</filename>, and that you should | | 462 | <filename>/usr/pkg</filename>, and that you should |
460 | <emphasis>not</emphasis> install any if you use a non-standard | | 463 | <emphasis>not</emphasis> install any if you use a non-standard |
461 | <varname>LOCALBASE</varname>.</para> | | 464 | <varname>LOCALBASE</varname>.</para> |
462 | </sect2> | | 465 | </sect2> |
463 | </sect1> | | 466 | </sect1> |
464 | </chapter> | | 467 | </chapter> |