# $NetBSD: Packages.txt,v 1.187 2001/09/09 20:36:08 agc Exp $ ########################################################################### ========================== Documentation on the NetBSD Package System ========================== Hubert Feyrer, Alistair Crooks Table of contents: ================== Run this command to produce a table of contents: grep -B1 '^.====' Packages.txt | egrep -v '^.[-=]' 0 Intro ======= There is a lot of software freely available for Unix based systems, which usually runs on NetBSD, too, sometimes with some modifications. The NetBSD packages collection incorporates any such changes necessary to make that software run on NetBSD, and makes the installation (and reinstallation) of the software package easy by means of a single command. The NetBSD package system is used to enable such freely available third-party software to be built easily on NetBSD hosts. Once the software has been built, it is manipulated with the pkg_* tools so that installation and de-installation, printing of an inventory of all installed packages and retrieval of one-line comments or more verbose descriptions are all simple. Both the NetBSD packages collection and the NetBSD package system are derived from FreeBSD. 0.1 Overview ============ This document is divided into two parts. The first, "User's Guide", describes how one can use one of the packages in the Package Collection, either by installing a precompiled binary package, or by building your own copy using the NetBSD package system. The second part, "Package Constructor's Guide", explains how to prepare a package so it can be easily built by other NetBSD users without knowing about the package's building details. 0.2 Terminology =============== There has been a lot of talk about "ports", "packages", etc. so far. Here is a description of all the terminology used within this document: * Package: A set of files and building instructions that describe what's necessary to build a certain piece of software using the NetBSD package system. Packages are traditionally stored under /usr/pkgsrc. * The NetBSD package system: This is the part of the NetBSD operating system handling building (compiling), installing, and removing of packages. * Distfile: This term describes the file or files that are provided by the author of the piece of freely available software to distribute his work. All the changes necessary to build on NetBSD are reflected in the corresponding package. Usually the distfile is in the form of a compressed tar-archive, but other types are possible, too. Distfiles are stored below /usr/pkgsrc/distfiles. * Port: This is the term used by FreeBSD people for what we call a package. In NetBSD terminology, "port" refers to a different architecture. * Precompiled (binary) package: A set of binaries built by the NetBSD package system from a distfile using the NetBSD package system and stuffed together in a single .tgz file so it can be installed on machines of the same machine architecture without the need to recompile. Packages are generated in /usr/pkgsrc/packages by the NetBSD package system; there is also an archive on ftp.netbsd.org. Sometimes, this is referred to by the term "package" too, especially in the context of precompiled packages. * Program: The piece of software to be installed which will be constructed from all the files in the Distfile by the actions defined in the corresponding package. * NetBSD RCS IDs: Some files in a package contain RCS IDs to reflect which version of that file this is (inserted automatically by cvs). These IDs are used in several examples within this document, but as this document itself is managed by CVS, it can't list the RCS IDs in plaintext. Instead, the $s are written as <$>, resulting in <$>NetBSD<$> and <$>Id<$>. 0.3 Typography ============== Right now this document is written in plain ASCII text, and there's not much typography applied here. Future versions may move to something like HTML or DocBook, which have better ways theres. When giving examples for comands, shell prompts are used to show if the command should/can be issued as root, or if "normal" user privileges are sufficient. We use a "#" for root's shell prompt, and a "%" for users' shell prompt, assuming they use the C-shell or tcsh. ==================== Part I: User's Guide ==================== 1 Installing a precompiled binary package ========================================= This section describes how to find, retrieve and install a precompiled binary package that someone else already prepared for your type of machine. 1.1 Where to get ================ Precompiled packages are stored on ftp.netbsd.org and its mirrors in the directory /pub/NetBSD/packages for anon FTP access. Please pick the right subdirectory there as indicated by "sysctl hw.machine_arch". In that directory, there is a subdirectory for each category plus a subdirectory "All" which includes the actual binaries in .tgz-files. The category subdirectories use symbolic links to those files. (This is the same directory layout as in /usr/pkgsrc/packages). This same directory layout applies for CDROM distributions, only that the directory may be rooted somewhere else, probably somewhere below /cdrom. Please consult your CDROM's documentation for the exact location! 1.2 How to use ============== If you have the files on a CDROM or downloaded them to your hard disk, you can install them with the following command (be sure to su to root first): # pkg_add /path/to/package.tgz If you have FTP access and you don't want to download the packages via FTP prior to installation, you can do this automatically by giving pkg_add an ftp-URL: # pkg_add ftp://ftp.netbsd.org/pub/NetBSD/packages///All/package.tgz If there is any doubt, the sysctl utility can be used to determine the , and by running "sysctl kern.osrelease hw.machine_arch". Also note that any prerequisite packages needed to run the package in question will be installed, too, assuming they are present where you install from. After you've installed packages, be sure to have /usr/pkg/bin in your $PATH so you can actually start the just installed program. 1.3 A word of warning ===================== Please pay very careful attention to the warnings expressed in that manual page about the inherent dangers of installing binary packages which you did not create yourself, and the security holes that can be introduced onto your system by indiscriminate adding of such files. 2 Installing by Building ======================== This assumes that the package is already part of the NetBSD package system. If it is not, then you are advised to read part II of this document, "Package Constructor's Guide". 2.1 Requirements ================ To build packages from source on a NetBSD system the "comp" and the "text" distribution sets must be installed. If you want to build X11 related packages the "xbase" and "xcomp" distribution sets are required, too. 2.2 Where to get pkgsrc ======================= There are three ways to get pkgsrc. Either as a tar file, via SUP, or via CVS. All three ways are described here. To get the package source going, you need to get the pkgsrc.tar.gz file from ftp://ftp.netbsd.org/pub/NetBSD-current/tar_files/pkgsrc.tar.gz and unpack it into /usr/pkgsrc. As an alternative, you can get pkgsrc via the Software Update Protocol, SUP. To do so, make sure your supfile has a line saying "release=pkgsrc" in it, see the examples in /usr/share/examples/supfiles, and that the directory /usr/pkgsrc does exist. Then, simply start "sup -v /path/to/your/supfile". To get pkgsrc via CVS, make sure you have cvs installed. If not present on your system, it can be found as precompiled binary on ftp.netbsd.org. To do an initial (full) checkout of pkgsrc, do the following steps: % setenv CVSROOT anoncvs@anoncvs.netbsd.org:/cvsroot % setenv CVS_RSH ssh % cd /usr % cvs checkout -P pkgsrc This will create the "pkgsrc" directory in your /usr, and all the package source will be stored under /usr/pkgsrc. To update pkgsrc after the initial checkout, make sure you have CVS_RSH set as above, then do: % cd /usr/pkgsrc % cvs -q update -dP 2.3 Fetching distfiles ====================== There is one gotcha: The distribution file (i.e. the unmodified source) must exist on your system for the packages system to be able to build it. If it does not, then ftp(1) is used to fetch the distribution files automatically. You can overwrite some of the major distribution sites to fit to sites that are close to your own. Have a look at /usr/pkgsrc/mk/mk.conf.example to find some examples. This may save some of your bandwidth and time. When you have selected your settings, install your configuration into /etc/mk.conf If you don't have a permanent Internet connection and you want to know which files to download, "make fetch-list" will tell you what you'll need. Put these distfiles into /usr/pkgsrc/distfiles. 2.4 How to build and install ============================ Assuming that the distfile has been fetched (see previous section), become root and change into the relevant directory. Then you can type % make at the shell prompt to build the various components of the package, and # make install at the shell prompt to install the various components into the correct places on your system. Taking the top system utility as an example, we can install it on our system by building as shown in appendix A.1. The program is installed under the default root of the packages tree - /usr/pkg. Should this not conform to your tastes, simply set the LOCALBASE variable in your environment, and it will use that value as the root of your packages tree. So, to use /usr/local, set LOCALBASE=/usr/local in your environment. Please note that you should use a root which is dedicated to packages and not shared with other programs (ie, do not try and use LOCALBASE=/usr). This is to prevent possible conflicts between programs and other files installed by the package system and whatever else may have been installed there. There is, of course, one exception to this - X11 packages are traditionally installed in the X11 tree. The definition used to identify the root of the X11 tree is the X11BASE definition. It is possible to install X11 packages in the LOCALBASE tree, for which you must install the xpkgwedge package (pkgsrc/pkgtools/xpkgwedge) - see section 7.1 for further details. Some packages look in /etc/mk.conf to alter some configuration options at build time. Have a look at /usr/pkgsrc/mk/mk.conf.example to get an overview of what you can set there. Environment variables such as LOCALBASE, and X11BASE can also be set in /etc/mk.conf to save having to remember to set them each time you want to use pkgsrc. If you want to deinstall and re-install a binary package that you've created (see next section), that you put into pkgsrc/packages manually or that's located on a remote FTP server, you can use the the "bin-install" target. This target will install a binary package - if available - via pkg_add, and do a "make package" else. The list of remote FTP sites searched is kept in the variable BINPKG_SITE, which defaults to ftp.netbsd.org. Any flags that should be added to pkg_add(8) can be put into BIN_INSTALL_FLAGS. See pkgsrc/mk/mk.conf.example for more details. A final word of warning: If you setup a system that has a non-standard setting for LOCALBASE (or X11BASE, for that matter), be sure to set that before any packages are installed, as you can not use several directories for the same purpose. Doing so will result in pkgsrc not being able to properly detect your installed packages, and fail miserably. Note also that precompiled binary packages are usually built with the default LOCALBASE of /usr/pkg, and that you should *not* install any if you use a non-standard LOCALBASE. 3 Making precompiled packages ============================= 3.1 Packaging a single package ============================== Once you have built and installed the package as mentioned above, you can build it into a "binary package" - you might want to do this so that you can use the binaries you have just built on another NetBSD system, or to provide a simple means for others to use your binary package instead of wasting CPU time - this is done by changing to the appropriate directory in the pkgsrc tree, and typing the command # make package at the shell prompt. This will build and install your package (if not already done), and then construct a binary package out of the results so that you can use the pkg_* tools to manipulate this. The binary package is stored under /usr/pkgsrc/packages, it's in the form of a gzipped file at the present time. See appendix A.2 for a continuation of the above top example. Please see the "submitting" section later in this document on how to submit such a binary package. 3.2 Doing a bulk build of all packages ====================================== If you want to get a full set of precompiled binary packages, this section describes how to get them. Beware that the bulk build will remove all currently installed packages from your your system! Having a FTP server configured either on the machine doing the bulk builds or on a nearby NFS server can help to make the packages available to everyone. See ftpd(8) for more information. If you use a remote NFS server's storage, be sure to not actually compile on NFS storage, as this slows things down a lot. 3.2.1 Configuration =================== 3.2.1.1 /etc/mk.conf ==================== You may want to set things in /etc/mk.conf. Look at pkgsrc/mk/mk.conf.example for details. You will want to make sure that ACCEPTABLE_LICENSES meet your local policy: BATCH= yes # required for bulk builds DEPENDS_TARGET?= bulk-install PACKAGES?= ${PKGSRCDIR}/packages/${MACHINE_ARCH} OBJMACHINE?= 1 # use work.${MACHINE_ARCH} WRKOBJDIR?= /usr/tmp/pkgsrc # build here instead of in pkgsrc FAILOVER_FETCH= yes # insist on the correct checksum PKG_DEVELOPER?= yes ACCEPTABLE_LICENSES= shareware \ fee-based-commercial-use \ no-profit \ no-commercial-use \ non-commercial-use \ limited-redistribution \ kermit-license \ sun-swing-license \ sun-jsdk20-license If you wish to use xpkgwedge for the entire build, then add: BULK_PREREQ+= pkgtools/xpkgwedge Other packages which must be installed during the bulk build to modify the build behaviour may be added to the BULK_PREREQ variable. Note that currently the only package for which BULK_PREREQ makes sense is xpkgwedge. 3.2.1.2 build.conf ================== In pkgsrc/mk/bulk, copy ``build.conf-example'' to ``build.conf'' and edit it, following the comments in that file. This is the config file that determines where logfiles are generated after the build, where to mail the build report, where your pkgsrc is located and which user to su(8) to to do a 'cvs update'. 3.2.1.3 pre-build.local ======================= It is possible to configure the bulk build to perform certain site specific tasks at the end of the pre-build stage. If the file ``pre-build.local'' exists in pkgsrc/mk/bulk it will be executed (as a sh(1) script) at the end of the usual pre-build stage. An example use of pre-build.local is to have the line: # echo "I do not have enough disk space to build this pig." \ > pkgsrc/games/crafty-book-enormous/$BROKENF to prevent the system from trying to build a particular package which requires nearly 3 Gb of disk space. 3.2.2 Other environmental considerations ======================================== As /usr/pkg wil be completely deleted at the start of bulk builds, make sure your login shell is placed somewhere else. Either drop it into /usr/local/bin (and adjust your login shell in the password file), or (re-)install it via pkg_add from /etc/rc.local, so you can login after a reboot (remember that your current process won't die if the package is removed, you just can't start any new instances of the shell any more). Also, if you use a OS version below 1.5 or you still want to use the pkgsrc version of ssh for some reason, be sure to install ssh before starting it from rc.local: ( cd /usr/pkgsrc/security/ssh ; make bulk-install ) if [ -f /usr/pkg/etc/rc.d/sshd ]; then /usr/pkg/etc/rc.d/sshd fi Not doing so will result in you being not able to log in via ssh after the bulk build is finished or if the machine gets rebooted or crashes. You have been warned! :) 3.2.3 Operation =============== Make sure you don't need any of the packages still installed. BEWARE: During the bulk build, ALL packages will be removed!!! Be sure to remove all other things that might interfer with builds, like some libs installed in /usr/local, etc. then become root and type: # cd /usr/pkgsrc # sh mk/bulk/build If for some reason your last build didn't complete (power failure, system panic, ...), you can continue it by running: # sh mk/bulk/build restart At the end of the bulk run, you will get a summary via mail, and find build logs in the directory specified by "FTP" in the "build.conf" file. 3.2.4 What it does ================== The bulk builds consist of three steps: 1. pre-build: The script updates your pkgsrc via (anon)cvs, then cleans out any broken distfiles, and removes all packages installed. 2. the bulk build: This is basically 'make bulk-package' with an optimized order in which packages will be built. Packages that don't require other packages will be built first, and packages with many depends will be built later. 3. post-build: Generates a report that's placed in the directory specified in the build.conf file named ``broken.html'', a short version of that report will also be mailed to the build's admin. During the build, a list of broken packages will be compiled in /usr/pkgsrc/.broken (or .../.broken.${MACHINE} if OBJMACHINE is set), individual build logs of broken builds can be found in the package's directory. These files are used by the bulk-targets to mark broken builds to not waste time trying to rebuild them, and they can be used to debug these broken package builds later. 3.2.5 Disk space requirements ============================= Currently, roughly the following requirements are valid for 1.5/i386: * Distfiles: 1500MB (NFS ok) * Full set of all binaries: 1000MB (NFS ok) * Temp space for compiling: 1500MB (local disk recommended) For 1.5/alpha: * Full set of all binaries: 1300MB (NFS ok) Note that all pkgs will be deinstalled as soon as they are turned into a binary package, and that work-sources are removed, so there is no huge demand to disk space. Afterwards, if the package is needed again, it will be installed via pkg_add instead of building again, so there are no cycles wasted by recompiling. 3.3 Creating a multiple CD-ROM packages collection ================================================== After your bulk pkgsrc build has completed, you may wish to create a CD-ROM set of the resulting binary packages to assist in installing packages on other machines. The package pkgsrc/pkgtools/cdpack provides a simple tool for creating the ISO 9660 images. `cdpack' arranges the packages on the CD-ROM's in a way that keeps all the dependencies for given package on the same CD as that package. 3.3.1 Example of cdpack ======================= Complete documentation for cdpack is found in cdpack(1). The following short example assumes that the binary packages are left in /usr/pkgsrc/packages/All and that sufficient disk space exists in /u2 to hold the ISO 9660 images. # mkdir /u2/image # pkg_add /usr/pkgsrc/packages/All/cdpack # cdpack /usr/pkgsrc/packages/All /u2/images If you wish to include a common set of files (COPYRIGHT, README, etc) on each CD in the collection, then you need to create a directory which contains these files. For example # mkdir /tmp/common # echo "This is a README" > /tmp/commmon/README # echo "Another file" > /tmp/common/COPYING # mkdir /tmp/common/bin # echo "#!/bin/sh" > /tmp/common/bin/myscript # echo "echo Hello world" >> /tmp/common/bin/myscript # chmod 755 /tmp/common/bin/myscript Now create the images with # cdpack -x /tmp/common /usr/pkgsrc/packages/All /u2/images and each image will contain "README", "COPYING", and "bin/myscript" in their root directories. ==================================== Part II: Package Constructor's Guide ==================================== 4 Package components - files, directories and contents ====================================================== Whenever you're preparing a package from the FreeBSD ports collection or doing it from scratch, there are a number of files involved which are described in the following sections. Special directions are given for what differs from FreeBSD ports for each file. 4.1 Makefile ============ Building, installation and creation of a binary package are all controlled by the package's Makefile. There is a Makefile for each package. This file includes the standard bsd.pkg.mk file (referenced as "../../mk/bsd.pkg.mk"), which sets all the definitions and actions necessary for the package to compile and install itself. The mandatory fields are the DISTNAME which specifies the base name of the distribution file to be downloaded from the site on the Internet, MASTER_SITES which specifies that site, CATEGORIES which denotes the categories into which the package falls, PKGNAME which is the name of the package, the MAINTAINER name, and the COMMENT variable, which should contain a one-line description of the package (the package name should not appear, it will be added automatically). The maintainer variable is there so that anyone who quibbles with the (always completely correct) decisions taken by the guy who maintains the port can complain vigorously. The MASTER_SITES may be set to one of the predefined sites: ${MASTER_SITE_XCONTRIB} ${MASTER_SITE_GNU} ${MASTER_SITE_PERL_CPAN} ${MASTER_SITE_TEX_CTAN} ${MASTER_SITE_SUNSITE} ${MASTER_SITE_GNOME} ${MASTER_SITE_SOURCEFORGE} If one of these predefined sites is chosen, you may require the ability to specify a subdirectory of that site. Since these macros may expand to more than one actual site, you MUST use the following construct to specify a subdirectory: ${MASTER_SITE_GNU:=subdirectory/name/} (Note the trailing slash after the subdirectory name.) Use of the deprecated MASTER_SITE_SUBDIR will not work. Currently the following values are available for CATEGORIES. If more than one is used, they need to be separated by spaces: archivers audio benchmarks biology cad chat comms converters cross databases devel editors emulators finance fonts games graphics ham japanese lang mail math mbone misc net news parallel print security shells sysutils textproc time wm www x11 See the NetBSD packages(7) manual page for a description of all available options and variables. Please pay attention to the following gotchas, especially when preparing a package from the FreeBSD ports collection: - Remove all MANx and CATx definitions from the package Makefile - NetBSD has implemented automatic manual page handling, and these definitions are now obsolete. - Add MANCOMPRESSED (if not already there) if manpages are installed in compressed form by the package; see comment in bsd.pkg.mk - Replace /usr/local by ${PREFIX} in all files (see patches below) - Delete any ldconfig commands - this will be done automatically for you if the NetBSD platform supports ldconfig, and other measures will be taken on platforms which do not support ldconfig (e.g. NetBSD/Alpha) - If modifying a package from the FreeBSD ports collection, preserve their RCS ID: remove the '$'s around the FreeBSD RCS Id, and insert the word FreeBSD, then add a <$>NetBSD<$> (Without the <>s, please remember the Terminology section), i.e.: before: # <$>Id: Makefile,v 1.17 1997/06/16 06:39:51 max Exp <$> after: # <$>NetBSD<$> # FreeBSD Id: Makefile,v 1.17 1997/06/16 06:39:51 max Exp - If the package installs any info files, the main info directory file needs to be updated to reflect this fact. NetBSD now has an INFO_FILES definition, which is used to do this. For example, to install the indent.info entry into the info directory file, simply use the INFO_FILES= indent.info definition in the package Makefile. If the package does this insertion for you, you should specify USE_GTEXINFO in the package Makefile, to ensure that the pre-requisite GNU texinfo package is installed on your system. - Adjust MAINTAINER to be either yourself, if you plan to maintain the package for future updates, or set it to the default MAINTAINER packages@netbsd.org, as it is unlikely that the FreeBSD people will care about NetBSD packages. - If there exists a home page for the software in question, please add the variable HOMEPAGE right after MAINTAINER. The value of this variable should be the URL for the home page. - Please also set the COMMENT variable to a short description of the package. port2pkg (pkgsrc/pkgtools/port2pkg) does many of the mentioned steps for you -- operator discretion is advised, though. 4.2 distinfo ============ Most important, the mandatory message digest, or checksum, of all the distfiles needed for the package to compile, confirming they match the original file distributed by the author. This ensures that the distfile retrieved from the Internet has not been corrupted during transfer or altered by a malign force to introduce a security hole. It is best generated using the "make makesum" command. The digest algorithm used was, at one stage, md5, but that was felt lacking compared to sha1, and so sha1 is now the default algorithm. The distfile size is also generated and stored in new distinfo files. The pkgsrc/pkgtools/digest utility calculates all of the digests in the distinfo file, and it provides various different algorithms. At the current time, the algorithms provided are: md5, rmd160, sha1, sha256, sha384 and sha512 Some packages have different sets of distfiles on a per architecture basis. (A good example is pkgsrc/www/navigator). These are kept in the same distinfo file and care should be taken when upgrading such a package to ensure distfile information is not lost. The message digest/checksum for all the official patches found in the patches/ directory (see section 4.3) for the package is also stored in the distinfo file. This is a message digest/checksum of all lines in the patch file except the NetBSD RCS Id. This file is generated by invoking "make makepatchsum". 4.3 patches/* ============= This directory contains files that are used by the patch(1) command to modify the sources as distributed in the distribution file into a form that will compile and run perfectly on NetBSD. The files are applied successively in alphabetic order (as returned by a shell "patches/patch-*" glob expansion), so patch-aa is applied before patch-ab etc. The patch-?? files should be in diff -bu format, and apply without a fuzz to avoid problems (To force patches to apply with fuzz you can set PATCH_FUZZ_FACTOR=-F2). Furthermore, do not put changes for more than one file into a single patch-file, as this will make future modifications more difficult. Similar, a file should be patched at most once, not several times by several different patches. If a file needs several patches, they should be combined into one file. One important thing to mention is to pay attention that no RCS IDs get stored in the patch files, as these will cause problems when later checked into the NetBSD CVS tree. To avoid this, use either the "-U 2" or "-U 1" option to diff, or let the 'pkgdiff' command from pkgsrc/pkgtools/pkgdiff help you. If you don't want to worry about the problems in the last two paragraphs yourself, use pkgdiff from the pkgsrc/pkgtools/pkgdiff package, which takes care of any RCS Ids by itself. For even more automation, we recommend using mkpatches from the same package to make a whole set of patches. You just have to backup files before you edit them to "filename.orig", e.g. with "cp -p filename filename.orig". If you upgrade a package this way, you can easily compare the new set of patches with the previously existing one with patchdiff. When preparing a FreeBSD port for the NetBSD packages system, it's likely that the FreeBSD port will work on NetBSD. However, check that the person who ported the software to FreeBSD has not played fast and loose with the __FreeBSD__ cpp definition without good cause - a simple way to do this is to do % grep -i freebsd patches/patch-?? in the package directory. Besides taking care of any FreeBSDisms, be sure to provide patches to replace any occurrence of /usr/local in any "Makefile"s in the original package with ${PREFIX}. When you have finished a package, remember to generate the checksums for the patch files by using the "make makepatchsum" command, see section 4.2. If it is desired to store any patches that should not be committed into pkgsrc, they can be kept outside the pkgsrc tree in the $LOCALPATCHES directory. The directory tree there is expected to have the same "category/package" structure as pkgsrc, and patches are expected to be stored inside these dirs (also known as $LOCALPATCHES/$PKGPATH). For example if you want to keep a private patch for pkgsrc/graphics/png, keep it in $LOCALPATCHES/graphics/png/mypatch. All files in the named directory are expected to be patch files, and they are applied after the "normal" pkgsrc patches are applied. 4.4 pkg/* ========= This directory contains several files used to manage the creation of binary packages. Files from this directory are used in the binary package itself, and will thus be installed on other machines, so you should be aware that there is a wider audience than you might think for your comments and witticisms. 4.4.1 Mandatory files ===================== * pkg/DESCR: A multi-line description of the piece of software. This should include any credits where they are due. Please bear in mind that others do not share your sense of humour (or spelling idiosyncrasies), and that others will read everything that you write here. * pkg/PLIST: This file governs the files that are installed on your system: all the binaries, manual pages, etc. There are other directives which may be entered in this file, to control the creation and deletion of directories, and the location of inserted files. If you're updating a FreeBSD package to work for NetBSD, please pay special attention to the following things in pkg/PLIST: - If there are any "@exec ldconfig ..." statements, or any "@unexec ldconfig ...", delete them. NetBSD works out automatically whether to call ldconfig, since some NetBSD architectures do not have ldconfig. - Add any missing @dirrm statements - Remove any MANx= definitions in the package Makefile You could also investigate the port2pkg package (pkgsrc/pkgtools/port2pkg), which does a lot of the donkey work for you. 4.4.2 Optional files ==================== * pkg/INSTALL: Shell script invoked twice during pkg_add. First time after package extraction and before files are moved in place, the second time after the files to install are moved in place. This can be used to do any custom procedures not possible with @exec commands in PLIST. See pkg_add(1) and pkg_create(1) for more information. * pkg/DEINSTALL: This script is executed before and after any files are removed. It is this script's responsibility to clean up any additional messy details around the package's installation, since all pkg_delete knows is how to delete the files created in the original distribution. See pkg_delete(1) and pkg_create(1) for more information. * pkg/MESSAGE: Display this file after installation of the package. Useful for things like legal notices on almost-free software, etc. Please note that you can modify variables in it easily by using MESSAGE_SUBST in the package's Makefile: MESSAGE_SUBST+= SOMEVAR="somevalue" replaces ${SOMEVAR} in pkg/MESSAGE with "somevalue" before displaying the message. 4.5 scripts/* ============= This directory contains any files that are necessary for configuration of your software, etc. If a script with any of the following names is present, it will be executed at the appropriate time during the build process: pre-fetch post-fetch pre-extract post-extract pre-patch post-patch pre-configure post-configure configure pre-build post-build pre-install post-install pre-package post-package Note that you should NOT define a pre-* or post-* target in the Makefile which executes the matching scripts/[pre|post]-* script. bsd.pkg.mk runs any existing Makefile target first, then searches for scripts/* and runs it using sh(1). Running the script from the Makefile would cause it to be run twice. See section 7 for a description of the build process. 4.6 work/* ========== When you type "make" the distribution files are unpacked into this directory. It can be removed by typing # make clean at the shell prompt. Also, this directory is used to keep various timestamp files. 4.6 files/* =========== If you have any files that you wish to be placed in the package prior to configuration or building, you could place these files here and use a ${CP} command in the pre-configure target to achieve this. Alternatively, you could simply diff the file against /dev/null and use the patch mechanism to manage the creation of this file. 5 PLIST* issues =============== This section addresses some special issues that one needs to pay attention to when dealing with the PLIST file (or files, see below!). 5.1 Miscellaneous ================= * NetBSD RCS Id: Be sure to add a RCS ID line as the first thing in any PLIST file you write: @comment <$>NetBSD<$> * ranlib: Don't put any ranlib commands into your PLIST files, as they will cause troubles when the package is removed. Just make sure the build-process does run ranlib - it usually does - and you can leave this out. This is usually only a problem when using ports from FreeBSD. * ldconfig: Don't put any ldconfig commands into your PLIST files, as they will cause problems. All shared object caching is done automatically in NetBSD (this takes place when you see the "Automatic shared object handling" message), and so you can leave this out. If any shared objects are found in the package, they will be dealt with automatically, running ldconfig on platforms which need it, and not otherwise. This is usually only a problem when using ports from FreeBSD. To prevent this automatic handling from taking place, set SHLIB_HANDLING to NO in the package Makefile. * ${MACHINE_ARCH}, ${MACHINE_GNU_ARCH}: Some packages like emacs and perl embed information about which architecture they were built on into the pathnames where they install their file. To handle this case, PLIST will be preprocessed before actually used, and the symbol "${MACHINE_ARCH}" will be replaced by what "sysctl -n hw.machine_arch" gives. The same is done if the string ${MACHINE_GNU_ARCH} is embedded in PLIST somewhere - use this on packages that use GNU autoconfigure. Legacy note: There used to be a symbol "<$ARCH>" that was replaced by the output of "uname -m", but that's no longer supported and has been removed. * ${OPSYS}, ${OS_VERSION}: Some packages want to embed the OS name and version into some paths. to do this, use these two variables in PLIST. ${OPSYS} will be replaced by output from "uname -s", ${OS_VERSION} will be set to what "uname -r" gives. * ${PKGLOCALEDIR}: Packages that install locale files should list them in the PLIST as "${PKGLOCALEDIR}/locale/de/LC_MESSAGES/..." instead of "share/locale/de/LC_MESSAGES/...". This properly handles the fact that different OSes expect locale files to be either in "share" or "lib" by default. * Manpage-compression: Manpages should be installed in compressed form if MANZ is set (in bsd.own.mk), and uncompressed otherwise. To handle this in the PLIST file, the suffix ".gz" is appended/removed automatically for manpages according to MANZ and MANCOMPRESSED being set or not, see above for details. This modification of the PLIST file is done on a copy of it, not pkg/PLIST itself. * Semi-automatic PLIST generation: You can use the "make print-PLIST" command to output a PLIST that matches any new files since the package was extracted. See below for more information on this target. 5.2 ${PLIST_SRC} ================ To use one or more files as source for the PLIST used in generating the binary package, set the variable PLIST_SRC to the names of that file(s). The files are later concatenated using cat(1), and order of things is important. 5.3 ${PLIST_SUBST} ================== Similar to MESSAGE_SUBST (see above), you can add variables and their expansions to this variable in the following way: PLIST_SUBST+= SOMEVAR="somevalue" which replaces all occurances of ${SOMEVAR} in the PLIST with "somevalue". For the values which are replaced by default, please look in bsd.pkg.mk (and search for PLIST_SUBST). 5.4 Perl5 modules ================= Perl5 modules will install into different places depending on the version of perl used during the build process. To address this, the NetBSD packages system will append lines to the PLIST corresponding to the files listed in the installed .packlist file generated by most perl5 modules. This is invoked by defining PERL5_PACKLIST to a space-separated list of paths to packlist files: PERL5_PACKLIST= ${PERL5_SITEARCH}/auto/Pg/.packlist The variables PERL5_SITELIB, PERL5_SITEARCH, and PERL5_ARCHLIB represent the three locations in which perl5 modules may be installed, and may be used by perl5 packages that don't have a packlist. These three variables are also substituted for in the PLIST. 6 Notes on fixes for packages ============================= 6.1 CPP defines =============== To port an application to NetBSD, it's usually necessary for the compiler to be able to judge the system on which it's compiling, and we use definitions so that the C pre-processor can do this. The really impatient should just note that a number of the FreeBSD ports (which are called packages in the NetBSD world) rely on the CPP definition __FreeBSD__. This should be used sparingly, for FreeBSD-specific features, but unfortunately this is not always the case. A number also rely on the fact that the CPU type is an Intel-based little-endian CPU. To test whether you are working on a 4.4 BSD-derived system, you should use the BSD definition, which is defined in on said systems. #include and then you can surround the BSD-specific parts of your port using the conditional: #if (defined(BSD) && BSD >= 199306) ... #endif Please use the __NetBSD__ definition sparingly - it should only apply to features of NetBSD that are not present in other 4.4-lite derived BSDs. You should also avoid defining __FreeBSD__=1 and then simply using the FreeBSD port, if only from an aesthetic viewpoint. 6.2 Shared libraries - libtool ============================== NetBSD supports many different machines, with different object formats like a.out and ELF, and varying abilities to do shared library and dynamic loading at all. To accompany this, varying commands and options have to be passed to the compiler, linker etc. to get the Right Thing, which can be pretty annoying especially if you don't have all the machines at your hand to test things. The "libtool" pkg can help here, as it just "knows" how to build both static and dynamic libraries from a set our source files, thus being platform independent. Here's how to use libtool in a pkg in seven simple steps: 1. Add USE_LIBTOOL= yes to the package Makefile. 2. For library objects, use "${LIBTOOL} --mode=compile ${CC}" in place of ${CC}. You could even add it to the definition of CC, if only libraries are being built in a given Makefile. This one command will build both PIC and non-PIC library objects, so you need not have separate shared and non-shared library rules. 3. For the linking of the library, remove any "ar", "ranlib", and "ld -Bshareable" commands, and use instead: ${LIBTOOL} --mode=link ${CC} -o ${.TARGET:.a=.la} ${OBJS:.o=.lo} -rpath ${PREFIX}/lib -version-info major:minor Note that the library is changed to have a .la extension, and the objects are changed to have a .lo extension. Change OBJS as necessary. This automatically creates all of the .a, .so.major.minor, and ELF symlinks (if necessary) in the build directory. Be sure to include the -version-info especially when major and minor are zero, as libtool will otherwise strip off the shared library version. The "-release" option will produce different results for a.out and ELF (excluding symlinks) in only one case. An ELF library of the form libfoo-release.so.x.y will have a symlink of libfoo.so.x.y on an a.out platform. This is handled automatically. The -rpath argument is the install directory of the library being built. PLIST should include all of the .a, .la and so, .so.major and .so.major.minor entries. 4. When linking shared object (.so) files, i.e. files that are loaded via dlopen(3), NOT shared libraries, use "-module -avoid-version" to prevent them getting version tacked on. PLIST gets the foo.so entry. 5. When linking programs that depend on these libraries _before_ they are installed, preface the cc or ld line with "${LIBTOOL} --mode=link", and it will find the correct libraries (static or shared), but please be aware that libtool will not allow you to specify a relative path in -L (such as -L../somelib), because it expects you to change that argument to be the .la file. For example: ${LIBTOOL} --mode=link ${CC} -o someprog -L../somelib -lsomelib should be changed to: ${LIBTOOL} --mode=link ${CC} -o someprog ../somelib/somelib.la and it will DTRT with the libraries. 6. When installing libraries, preface the install or cp command with "${LIBTOOL} --mode=install", and change the library name to .la. For example: ${LIBTOOL} --mode=install ${BSD_INSTALL_DATA} ${SOMELIB:.a=.la} ${PREFIX}/lib This will install the static .a, shared library, any needed symlinks, and run "ldconfig." 7. In your PLIST, include all of the .a, .la, and so, .so.major and .so.major.minor files (this is a change from the previous behaviour). 6.3 Using libtool on GNU packages that already support libtool ============================================================== Add USE_LIBTOOL=yes and LTCONFIG_OVERRIDE=${WRKSRC}/ltconfig to the package Makefile as the quick way to bypass the pkg's own libtool. The pkg's own libtool is made by ltconfig script at do-configure target. If USE_LIBTOOL and LTCONFIG_OVERRIDE are defined, the specified ltconfig is overridden, using the pkgsrc/devel/libtool instead of the pkg's own libtool. If your package makes use of the platform independant library for loading dynamic shared objects, that comes with libtool (libltdl), you should add USE_LTDL= yes to the Makefile. Some packages use libtool incorrectly so that the package may not work or build in some circumstances. Some common errors are * The inclusion of a shared object (-module) as a dependent library in an executable or library. This in itself isn't a problem if one of two things has been done. 1. The shared object is named correctly, i.e. libfoo.la and not foo.la 2. The -dlopen option is used when linking an executable. * The use of libltdl without the correct calls to initialisation routines. The function lt_dlinit() should be called and the macro LTDL_SET_PRELOADED_SYMBOLS included in executables. 6.4 Gotchas of FreeBSD ports ============================ See section 4.1 for Makefile issues (MANx, CATx, MANCOMPRESSED, ldconfig, RCS IDs) and section 4.3 for gotchas on using patches from FreeBSD ports. One of the biggest problems with FreeBSD ports is that too many of them assume they will install into /usr/local, instead of honouring any ${PREFIX} setting properly. To change this, add something like the following into your package Makefile: pre-configure: for f in `find ${WRKDIR} -type f -print|xargs grep -l '/usr/local'`; do \ ${SED} -e 's:/usr/local:'${PREFIX}':g' < $$f > $$f.pdone && ${MV} $$f.pdone $$f; \ done This is taken from the pkgsrc/sysutils/rtty package; be sure this works for your package - it may actually make sense to look for some things in /usr/local, for example. So don't blindly replace all occurrences of /usr/local! FreeBSD has decided to list manual pages in the package Makefile, with no corresponding entry in the PLIST. You will thus need to add any MAN[1-8ln] files to the PLIST, before deleting the MAN[1-8ln] definition. Similarly with MLINKS and CAT[1-8ln] entries. Side note on manpages in PLIST: we don't take any notice of any .gz suffix there, as many FreeBSD ports seem to have .gz pages in PLIST even when they install manpages without compressing them; rather, we add our own .gz suffix there according to MANZ. In short, it does not matter whether the manual page name in the PLIST has a .gz suffix or not - if it needs one which is not already there, it will be appended automatically, and if there is a .gz suffix which is not needed, it will be deleted automatically. Some packages use bsd-style .mk files when building, and so any manual pages that are installed will be gzip-compressed, if MANZ is set, or not if MANZ is not set. If the package uses bsd-style .mk files, the variable MANCOMPRESSED_IF_MANZ should be set to a value of "yes" in the package Makefile. 6.5 Feedback to the author ========================== If you have found any bugs in the package you make available, if you had to do special steps to make it run under NetBSD or if you enhanced the software in various other ways, be sure to report these changes back to the original author of the program! With that kind of support, the next release of the program can incorporate these fixes, and people not using the NetBSD packages system can win from your efforts. Support the idea of free software! 7 The build process =================== The basic steps for building a program are always the same. First the program's source (distfile) must be brought to the local system and then extracted. After any patches to compile properly on NetBSD are applied, the software can be configured, then built (usually by compiling), and finally the generated binaries etc. can be put into place on the system. These are exactly the steps performed by the NetBSD package system, which is implemented as a series of targets in a central Makefile, /usr/pkgsrc/mk/bsd.pkg.mk. 7.1 Program location ==================== Before outlining the process performed by the NetBSD package system in the next section, here's a brief discussion on where programs are installed, and which variables influence this. The automatic variable PREFIX indicates where all files of the final program shall be installed. It is usually set to $LOCALBASE (/usr/pkg), or $CROSSBASE for pkgs in the "cross" category, though its value becomes that of $X11BASE if USE_IMAKE, USE_MOTIF, or USE_X11BASE is set. The value ${PREFIX} needs to be put into the various places in the program's source where paths to these files are encoded; see sections 4.3 and 6.2 for details on this. When choosing which of these variables to use, follow the following rules: * ${PREFIX} always points to the location where the current pkg will be installed. When referring to a pkg's own installation path, use ${PREFIX}. * ${LOCALBASE} is where all non-X11 pkgs are installed. If you need to construct a -I or -L argument to the compiler to find includes and libraries installed by another non-X11 pkg, use ${LOCALBASE}. * ${X11BASE} is where the actual X11 distribution (from xsrc etc.) is installed. When looking for _standard_ X11 includes (not those installed by a pkg), use ${X11BASE}. * X11 based pkgs are special in that they may be installed in either X11BASE or LOCALBASE. To install X11 packages in LOCALBASE, simply install the xpkgwedge package (pkgsrc/pkgtools/xpkgwedge). If you need to find includes or libraries installed by a pkg that has USE_IMAKE, USE_MOTIF, or USE_X11BASE in its pkg Makefile, you need to use _both_ ${X11BASE} and ${LOCALBASE}. * ${X11PREFIX} should be used to refer to the installed location of an X11 package. X11PREFIX will be set to ${X11BASE} if xpkgwedge is not installed, and to ${LOCALBASE} if xpkgwedge is installed. * If xpkgwedge is installed, it is possible to have some packages installed in X11BASE and some in LOCALBASE. To determine the prefix of an installed package, the EVAL_PREFIX definition can be used. It takes pairs in the format DIRNAME=, and the make(1) variable DIRNAME will be set to the prefix of the installed package , or ${X11PREFIX} if the package is not installed. This is best illustrated by example. The following lines are taken from pkgsrc/wm/scwm/Makefile: EVAL_PREFIX+= GTKDIR=gtk+ CONFIGURE_ARGS+= --with-guile-prefix=${LOCALBASE} \ --with-gtk-prefix="${GTKDIR}" \ --enable-multibyte Specific defaults can be defined for the packages evaluated using EVAL_PREFIX, by using a definition of the form: GTKDIR_DEFAULT= ${LOCALBASE} where "GTKDIR" corresponds to the first definition in the EVAL_PREFIX pair. 7.2 Main targets ================ The main targets used during the build process defined in bsd.pkg.mk are: * fetch: This will check if the file(s) given in the variables DISTFILES and PATCHFILES (as defined in the package's Makefile) are present on the local system in /usr/pkgsrc/distfiles. If they are not present, they will be fetched using ftp(1) from the site(s) given in the variable PATCH_SITES. The location(s) in PATCH_SITES are in the form of URLs and can be ftp://- and http://-URLs, as ftp(1) understands both of them. * checksum: After the distfile(s) are fetched, their checksum is generated and compared with the checksums stored in the distinfo file. If the checksums don't match, the build is aborted. This is to ensure the same distfile is used for building, and that the distfile wasn't changed, e.g. by some malign force, deliberately changed distfiles on the master distribution site or network lossage. * extract: When the distfiles are present on the local system, they need to be extracted, as they are usually in the form of some compressed archive format, most commonly .tar.gz. If only some of the distfiles need to be uncompressed, the files to be uncompressed should be put into EXTRACT_ONLY. If the distfiles are not in .tar.gz format, they can be extracted by setting EXTRACT_CMD, EXTRACT_BEFORE_ARGS and/or EXTRACT_AFTER_ARGS. * patch: After extraction, all the patches named by the PATCHFILES, those present in the patches subdirectory of the package as well as in $LOCALPATCHES/$PKGPATH (e.g. /usr/local/patches/graphics/png) are applied. Patchfiles ending in .Z or .gz are uncompressed before they are applied, files ending in .orig or .rej are ignored. Any special options to patch(1) can be handed in PATCH_DIST_ARGS. See section 4.3 for more details. By default patch is given special args to make it fail if the patches with some lines of fuzz. Please fix (regen) the patches so that they apply cleanly. The rationale behind this is that patches that apply cleanly may end up being applied in the wrong place, and cause severe harm there. * configure: Most pieces of software need information on the header files, system calls, and library routines which are available in NetBSD. This is the process known as configuration, and is usually automated. In most cases, a script is supplied with the source, and its invocation results in generation of header files, Makefiles, etc. If the program doesn't come with its own configure script, one can be placed in the package's scripts directory, called "configure". If so, it is executed using sh(1). If the program's distfile contains its own configure script, this can be invoked by setting HAS_CONFIGURE. If the configure script is a GNU autoconf script, GNU_CONFIGURE should be specified instead. In either case, any arguments to the configure script can be specified in the CONFIGURE_ARGS variable, and the configure script's name can be set in CONFIGURE_SCRIPT if it differs from the default "configure". If the program uses an Imakefile for configuration, the appropriate steps can be invoked by setting USE_IMAKE to YES. (If you only want the package installed in $X11PREFIX but xmkmf not being run, set USE_X11BASE instead!) * build: Once configuration has taken place, the software can be built on NetBSD by invoking $MAKE_PROGRAM on $MAKEFILE with $ALL_TARGET as the target to build. The default MAKE_PROGRAM is "gmake" if USE_GMAKE is set, "make" otherwise. MAKEFILE is set to "Makefile" by default, and ALL_TARGET defaults to "all". Any of these variables can be set to change the default build process. * install: Once the build stage has completed, the final step is to install the software in public directories, for users. As in the build-target, $MAKE_PROGRAM is invoked on $MAKEFILE here, but with the $INSTALL_TARGET instead, the latter defaulting to "install" (plus "install.man", if USE_IMAKE is set). If no target is specified, the default is "build". If a subsequent stage is requested, all prior stages are made: e.g. "make build" will also perform the equivalent of: make fetch make checksum make extract make patch make configure make build 7.3 Other helpful targets ========================= * pre/post-* For any of the main targets described in the previous section, two auxiliary targets exist with "pre-" and "post-" used as a prefix for the main target's name. These targets are invoked before and after the main target is called, allowing extra configuration or installation steps, for example, which program's configure script or install target omitted. For any of these auxiliary targets, scripts of the same name can be placed in the package's scripts-subdirectory that will be executed at the given time, see section 4.5. * do-*: Should one of the main targets do the wrong thing, and should there be no variable to fix this, you can redefine it with the do-* target. (Note that redefining the target itself instead of the do-* target is a bad idea, as the pre-* and post-* targets won't be called anymore, etc.) You will not usually need to do this. * reinstall: If you did a "make install" and you noticed some file was not installed properly, you can repeat the installation with this target, which will ignore the "already installed" flag. * deinstall: This target does a pkg_delete(1) in the current directory, effectively de-installing the package. The following variables can be used either on the command line or in /etc/mk.conf to tune the behaviour: - PKG_VERBOSE: Add a "-v" to the pkg_delete(1) command. - DEINSTALLDEPENDS: Remove all packages that require (depend on) the given package. This can be used to remove any packages that may have been pulled in by a given package, e.g. if "make deinstall DEINSTALLDEPENDS=1" is done in pkgsrc/x11/kde, this is likely to remove whole KDE. Works by adding a "-R" to the pkg_delete command line. * update: This target causes the current package to be updated to the latest version. The package and all depending packages first get deinstalled, then current versions of the corresponding packages get compiled and installed. This is similar to manually noting which packages are currently installed, then performing a series of "make deinstall" and "make install" (or whatever DEPENDS_TARGET is set to) for these packages. You can use the "update" target to resume package updating in case a previous "make update" was interrupted for some reason. However, in this case, make sure you don't call "make clean" or otherwise remove the list of dependent packages in ${WRKDIR}. Otherwise you lose the ability to automatically update the current package along with the dependent packages you have installed. Resuming an interrupted "make update" will only work as long as the package tree remains unchanged. If the source code for one of the packages to be updated has been changed, resuming "make update" will most certainly fail! The following variables can be used either on the command line or in /etc/mk.conf to alter the behaviour of "make update": - DEPENDS_TARGET: Install target to use for the updated package and the dependent packages. Defaults to "install". E.g. "make update DEPENDS_TARGET=package" - NOCLEAN: Don't clean up after updating. Useful if you want to leave the work sources of the updated packages around for inspection or other purposes. Be sure you eventually clean up the source tree (see the "clean-update" target below) or you may run into troubles with old source code still lying around on your next "make" or "make update". - REINSTALL: Deinstall each package before installing (making ${DEPENDS_TARGET}). This may be necessary if the "clean-update" target (see below) was called after interrupting a running "make update". * clean-update: Clean the source tree for all packages that would get updated if "make update" was called from the current directory. This target should not be used if the current package (or any of its depending packages) have already been deinstalled (e.g., after calling "make update") or you may lose some packages you intended to update. As a rule of thumb: only use this target _before_ the first time you call "make update" and only if you have a dirty package tree (e.g., if you used NOCLEAN). The following variables can be used either on the command line or in /etc/mk.conf to alter the behaviour of "make clean-update": - CLEAR_DIRLIST: After "make clean", do not reconstruct the list of directories to update for this package. Only use this if "make update" successfully installed all packages you wanted to update. Normally, this is done automatically on "make update", but may have been suppressed by the NOCLEAN variable (see above). * info: This target invokes "pkg_info" for the current package. You can use this e.g. to check which version of a package is installed. * readme: This target generates a README.html file, which can be viewed using a browser such as navigator (pkgsrc/www/navigator) or lynx (pkgsrc/www/lynx). The generated files contain references to any packages which are in the ${PACKAGES} directory on the local host. The generated files can be made to refer to URLs based on FTP_PKG_URL_HOST and FTP_PKG_URL_DIR. For example, if I wanted to generate README.html files which pointed to binary packages on the local machine, in the directory /usr/packages, set FTP_PKG_URL_HOST=file://localhost and FTP_PKG_URL_DIR=/usr/packages. The ${PACKAGES} directory and its subdirectories will be searched for all the binary packages. * readme-all: Use this target to create a file README-all.html which contains a list of all packages currently available in the NetBSD Packages Collection, together with the category they belong to and a short description. This file is compiled from the pkgsrc/*/README.html files, so be sure to run this _after_ a "make readme". * cdrom-readme: This is very much the same as the readme: target (see above), but is to be used when generating a pkgsrc tree to be written to a CD-ROM. This target also produces README.html files, and can be made to refer to URLs based on CDROM_PKG_URL_HOST and CDROM_PKG_URL_DIR. * show-distfiles: This target shows which distfiles and patchfiles are needed to build the package. (DISTFILES and PATCHFILES, but not patches/*) * show-downlevel: This target shows nothing if the package is not installed. If a version of this package is installed, but is not the version provided in this version of pkgsrc, then a warning message is displayed. This target can be used to show which of your installed packages are downlevel, and so the old versions can be deleted, and the current ones added. * show-pkgsrc-dir: This target shows the directory in the pkgsrc hierarchy from which the package can be built and installed. This may not be the same directory as the one from which the package was installed. This target is intended to be used by people who may wish to upgrade many packages on a single host, and can be invoked from the top-level pkgsrc Makefile by using the target "show-host-specific-pkgs" * check-shlibs: After a package is installed, check all it's binaries and (on ELF platforms) shared libraries if they find the shared libs they need. Run by default if PKG_DEVELOPER is set in /etc/mk.conf. * print-PLIST: After a 'make install' from a new or upgraded pkg, this prints out an attempt to generate a new PLIST from a 'find -newer work/.extract_done'. An attempt is made to care for shared libs etc., but it is STRONGLY recommended to review the result before putting it into pkg/PLIST. On upgrades, it's useful to diff the output of this command against an already existing pkg/PLIST file. If the package installs files via tar(1) or other methods that don't update file access times, be sure to add these files manually to your pkg/PLIST, as 'find -newer' won't catch them! * bulk-package: Used to do bulk builds. If an appropriate binary package already exists, no action is taken. If not, this target will compile, install and package it (and it's depends, if PKG_DEPENDS is set properly, see section 3.2.1). After creating the binary package, the sources, the just-installed package and it's required packages are removed, preserving free disk space. * bulk-install: Used during bulk-installs to install required packages. If an appropriate binary package is available, it will be installed via pkg_add. If not, "make bulk-package" will be executed, but the installed binary not be removed. A binary package is "appropriate" to be installed via pkg_add if: - None of the package's files (Makefile, ...) were modified since it was built - None of the package's required (binary) packages were modified since it was built 8 buildlink.mk methodology ========================== Many packages that install libraries and headers for use in other packages now have buildlink.mk files in their pkgsrc subdirectory. The purpose of these files is two-fold: (1) Cause all headers and libraries used by a particular package to be found in a known location during the configure and build process. These packages are said to be "weakly-buildlinked". (2) Cause _only_ those headers and libraries used by a particular package to be found during the configure and build process. These packages are said to be "strongly-buildlinked". 8.1 Using buildlink.mk files ============================ Goal (1) is accomplished by simply including a package dependency's buildlink.mk file in a package's Makefile, which does the following: (1a) Adds a DEPENDS or BUILD_DEPENDS line for the package; (1b) Creates a directory ${BUILDLINK_DIR}, by default set to a subdirectory of ${WRKDIR}; (1c) Links all the headers and libraries for that dependency into ${BUILDLINK_DIR}/include and ${BUILDLINK_DIR}/lib, respectively; (1d) Prepends -I${BUILDLINK_DIR}/include to CPPFLAGS, CFLAGS, CXXFLAGS, and -L${BUILDLINK_DIR}/lib to LDFLAGS; (1e) Creates a wrapper script for GTK+-style config scripts, often found in GNOME software, that translates -I${LOCALBASE}/include and -L${LOCALBASE}/lib into references into ${BUILDLINK_DIR}. Some packages are for software libraries whose functionality is a part of recent released versions of NetBSD, e.g. readline, OpenSSL, and ncurses. For those packages, the buildlink.mk files link the appropriate system headers and libraries into ${BUILDLINK_DIR} so that goal (1) is still met. Where possible, the system headers and libraries are renamed when linked into ${BUILDLINK_DIR} to match the names of their pkgsrc counterparts so that the files may be referenced under a consistent name. Goal (2) requires some work on the part of the package builder. As all headers and libraries used by a package may be found in ${BUILDLINK_DIR}, and -I${BUILDLINK_DIR}/include and -L${BUILDLINK_DIR}/lib are already passed to the compiler, it is no longer necessary to pass -I${LOCALBASE}/include or -L${LOCABASE}/lib to the compiler. Therefore, those lines should be removed from package Makefiles, and where necessary, the package sources should be patched to do the same. Also, if a package uses X11, then by including mk/x11.buildlink.mk, -I${BUILDLINK_X11_DIR}/include and -L${BUILDLINK_X11_DIR}/lib are also passed to the compiler instead of the corresponding directories in ${X11BASE}. Also, if USE_BUILDLINK_ONLY is defined, then -L${LOCALBASE}/lib is not automatically added to LDFLAGS in bsd.pkg.mk. 8.2 Writing buildlink.mk files ============================== Most of the work done by buildlink.mk files is encapsulated and shared through bsd.buildlink.mk, which is included by packages' buildlink.mk files. Please see the comments at the top of bsd.buildlink.mk for complete documentation on how to use the file. A simple example of a buildlink.mk for a mythical package foo follows: .include "../../mk/bsd.buildlink.mk" BUILDLINK_DEPENDS.foo?= foo>=1.0 DEPENDS+= ${BUILDLINK_DEPENDS.foo}:../../category/foo EVAL_PREFIX+= BUILDLINK_PREFIX.foo=foo BUILDLINK_FILES.foo= include/foo.h BUILDLINK_FILES.foo+= include/bar.h BUILDLINK_FILES.foo+= lib/libfoo.* # We need the libraries to be called "libbar.*". BUILDLINK_TRANSFORM.foo= -e "s|libfoo|libbar|g" BUILDLINK_TARGETS+= foo-buildlink pre-configure: foo-buildlink foo-buildlink: _BUILDLINK_USE 8.3 Converting packages to use buildlink.mk files ================================================= The process of converting existing packages to use the buildlink.mk infrastructure is fairly straightforward. If a dependency on a particular package is required for its libraries and headers, then rather than directly adding a dependency on that package, include that package's buildlink.mk instead. The following variables may also be replaced with buildlink.mk files: USE_CURSES --> .include "../../devel/ncurses/buildlink.mk" USE_LIBINTL --> .include "../../devel/gettext-lib/buildlink.mk" USE_LTDL --> .include "../../devel/libtool/buildlink.mk" USE_MESA --> .include "../../graphics/Mesa/buildlink.mk" USE_MOTIF --> .include "../../mk/motif.buildlink.mk" USE_MOTIF12 --> .include "../../x11/lesstif12/buildlink.mk" USE_SSL --> .include "../../security/openssl/buildlink.mk" USE_X11 --> .include "../../mk/x11.buildlink.mk" USE_XAW --> .include "../../mk/xaw.buildlink.mk" USE_XPM --> .include "../../graphics/xpm/buildlink.mk" Packages that have an explicit dependency on ncurses should set USE_NCURSES to the reason why the system curses is insufficient, and include "../../devel/ncurses/buildlink.mk" afterwards. This helps to identify where the system curses differs from ncurses, and when the development of the system curses catches up in functionality, the USE_NCURSES setting may be removed. Packages that use OpenSSL that require a specific version of OpenSSL should define USE_OPENSSL_VERSION to the minimum version number required prior to including "../../security/openssl/buildlink.mk". The version number is the hexadecimal number found in , or the variables OPENSSL_VERSION_{095A,096,096A,096B} may be used. The use of EVAL_PREFIX to find the installation prefix for packages may be removed since references to package library and header files are found through ${BUILDLINK_DIR}. If the required dependency pattern for a package differs from the default specified in the package's buildlink.mk file, then it may be set by defining BUILDLINK_DEPENDS. in the Makefile to the dependency pattern required. Packages will still need LDFLAGS to be set to include the appropriate rpath settings in order for built packages to find libraries. LDFLAGS should still contain -Wl,-R${LOCALBASE}/lib, and -Wl,-R${X11BASE}/lib if the package requires the X11 libraries. -Wl,-R should never refer to a ${BUILDLINK_DIR} library directory, and all such references should be purged from the build. A package that builds correctly with USE_BUILDLINK_ONLY set should have that setting added to its Makefile to note that it doesn't use any libraries or headers in ${LOCALBASE} directly, but rather references them only through ${BUILDLINK_DIR}. Note that you MUST check the build output to verify that no references to ${LOCALBASE} directories occurred during the configure or build process, or else the package cannot be marked as USE_BUILDLINK_ONLY. 9 Debugging =========== To check out all the gotchas when building a package (wither from a FreeBSD port, or from scratch), here are the steps that I do in order to get a package working. Please note this is basically the same as what was explained in the previous sections, only with some debugging aids. * Make sure PKG_DEVELOPER=1 is in /etc/mk.conf * Retrieve port from FreeBSD collection * Fix RCS-ID in the package's Makefile, see section 4.1. * Import unchanged FreeBSD source (ONLY if you have cvs access, not needed otherwise): % (cd .../pkgsrc/category/pkgname ; cvs import pkgsrc/category/pkgname \ FREEBSD FreeBSD-current-yyyy-mm-dd) * If you did a CVS import, check it out to apply the following fixes (not needed if you don't have CVS access!) * Look at Makefile, fix if necessary; see section 4.1. * Look at patches, remember if not appropriate * Have a look at pkg/PLIST, add a "@comment <$>NetBSD<$>" line at the beginning of any PLIST file (see section 5). * Build the package: % make Doing as non-root user will assure that no files are modified that shouldn't, esp. not during the build phase. * If something is not ok, fix; for patches: fix the file, then re-generate the diff: 'diff -bu foo.orig foo >../../patches/patch-xx' (mv patch-xx patch-xx.orig before); If there's no foo.orig from a previous patch, be sure to have an old version of the file somewhere; re-iterate :) * If all builds OK: touch /tmp/bla * Install the package: # make install You usually need to be root to do this. * Find all files installed by the package: # find /usr/pkg/ /usr/X11R6/ -newer /tmp/bla >/tmp/x If you have set LOCALBASE and X11BASE in /etc/mk.conf, use the values from there instead. As an alternative to this find command, you can run "make print-PLIST". * Deinstall the package: # pkg_delete blub * Look if there are any files left: # find /usr/pkg/ /usr/X11R6/ -newer /tmp/bla If this brings up any files, that are missing in pkg/PLIST*, add them. * Compare pkg/PLIST* against /tmp/x, fix the former one. You can use some magic like: % ( sort /tmp/x >/tmp/x2 ; sort pkg/PLIST >/tmp/P ; sdiff /tmp/x2 /tmp/P ) * Now that the PLIST is ok, install the package again and make a binary package: # make reinstall && make package * Delete the installed package: # pkg_delete blub * Repeat the above find command, which shouldn't find anything now: # find /usr/pkg/ /usr/X11R6/ -type f -newer /tmp/bla * Reinstall the binary package: # pkg_add .../blub.tgz * Play with it. Make sure everything works. * Deinstall the package again using pkg_delete(8). Still no file should be left. Re-run the above find(1) command to make sure. * make clean && touch /tmp/bla && make install && make clean && make deinstall then run the find again. Yes, some software authors write Makefiles that install files during the build target. Sigh. Re-run the find, and fix the PLIST. Repeat until certain the software does not install any files that aren't in PLIST. * submit (or commit, if you have cvs access); see section 10. 10 FAQs & features of the package system ======================================== 10.1 Packages using GNU autoconfig ================================== If your package uses GNU autoconf, add the following to your package's Makefile: GNU_CONFIGURE= yes Note that this appends --prefix=${PREFIX} to CONFIGURE_ARGS, so you don't have to do that yourself, and this may not be what you want. 10.2 Other distrib methods than .tar.gz ======================================= If your package uses a different distribution method from .tar.gz, take a look at the package for pkgsrc/editors/sam, which uses a gzipped shell archive (shar), but the quick solution is to set EXTRACT_SUFX to the name after the DISTNAME field, and add the following to your package's Makefile: EXTRACT_SUFX= .msg.gz EXTRACT_CMD= zcat EXTRACT_BEFORE_ARGS= EXTRACT_AFTER_ARGS= |sh 10.3 Packages not creating their own subdirectory ================================================= Your package doesn't create a subdirectory for itself (like GNU software does, for instance), but extracts itself in the current directory: see pkgsrc/editors/sam again, but the quick answer is: WRKSRC= ${WRKDIR} Please note that the old NO_WRKSUBDIR= yes has been deprecated and should not be used. 10.4 Custom configuration process ================================= Your package uses a weird Configure script: See the top package, but the quick answer is: HAS_CONFIGURE= yes CONFIGURE_SCRIPT= Configure CONFIGURE_ARGS+= netbsd13 10.5 Packages not building in their DISTNAME directory ====================================================== Your package builds in a different directory from its base DISTNAME - see tcl and tk packages: WRKSRC= ${WRKDIR}/${DISTNAME}/unix 10.6 How to fetch all distfiles at once ======================================= You would like to download all the distfiles in a single batch from work or university, where you can't run a "make fetch". But there's no archive of the distfiles on ftp.netbsd.org and the one on ftp.freebsd.org contains many distfiles for which there are no ports (yet). The answer here is to do a "make fetch-list" in /usr/pkgsrc, carry the resulting list to your machine at work/school and use it there If you don't have a NetBSD-compatible ftp(1) (like lukemftp) at work, don't forget to set FETCH_CMD to something that fetches an URL: At home: % cd /usr/pkgsrc % make fetch-list FETCH_CMD=wget DISTDIR=/tmp/distfiles >/tmp/fetch.sh % scp /tmp/fetch.sh work:/tmp At work: % sh /tmp/fetch.sh % tar up /tmp/distfiles and take it home If you have a machine running NetBSD, and you want to get *all* distfiles (even ones that aren't for your machine architecture), you can do so by using the above-mentioned 'make fetch-list'-approach, or fetch the distfiles directly by typing: % make mirror-distfiles If you even decide to ignore NO_{SRC,BIN}_ON_{FTP,CDROM}, then you can get all & everything by typing % make fetch NO_IGNORE=yes 10.7 How to fetch files from behind a firewall ============================================== If you are sitting behind a firewall which does not allow direct connections to Internet hosts (i.e. non-NAT), you may specify the relevant proxy hosts. This is done using an environment variable in the form of a URL e.g. in Amdahl, the machine orpheus.amdahl.com is one of the firewalls, and it uses port 80 as the proxy port number. So the proxy environment variables look like: ftp_proxy=ftp://orpheus.amdahl.com:80/ http_proxy=http://orpheus.amdahl.com:80/ 10.8 If your patch contains an RCS ID ===================================== See section 4.3 on how to remove RCS IDs from patch files. 10.9 How to pull in variables from /etc/mk.conf =============================================== The problem with package-defined variables that can be overridden via MAKECONF or /etc/mk.conf is that make(1) expands a variable as it is used, but evaluates preprocessor like statements (.if, .ifdef and .ifndef) as they are read. So, to use any variable (which may be set in /etc/mk.conf) in one of the .if* statements, the file /etc/mk.conf must be included before that .if* statement. Rather than have a number of ad-hoc ways of including /etc/mk.conf, should it exist, or MAKECONF, should it exist, include the pkgsrc/mk/bsd.prefs.mk file in the package Makefile before any preprocessor-like .if, .ifdef, or .ifndef statements: .include "../../mk/bsd.prefs.mk" .if defined(USE_MENUS) ... .endif 10.10 Is there a mailing list for pkg-related discussion? ========================================================= Yes. We are using tech-pkg@netbsd.org for discussing package related issues. To subscribe do: % echo subscribe tech-pkg | mail majordomo@netbsd.org 10.11 How do i tell "make fetch" to do passive FTP? =================================================== This depends on which utility is used to retrieve distfiles. From bsd.pkg.mk, FETCH_CMD is assigned the first available command from the following list: /usr/bin/fetch ${LOCALBASE}/bsd/bin/ftp /usr/bin/ftp On a default NetBSD install, this will be /usr/bin/ftp, which automatically tries passive connections first, and falls back to active connections if the server refuses to do passive. For the other tools, add the following to your /etc/mk.conf file: PASSIVE_FETCH=1 Having that option present will prevent /usr/bin/ftp from falling back to active transfers. 10.12 Dependencies on other packages ==================================== Your package may depend on some other package being present - and there are various ways of expressing this dependency. NetBSD supports the BUILD_DEPENDS and DEPENDS definitions (beware: the DEPENDS definition is not the same as FreeBSD's deprecated one, and NetBSD does not use the FreeBSD LIB_DEPENDS definition any more - it proved problematic on ELF NetBSD platforms). The basic difference between the two definitions is as follows: the DEPENDS definition registers that pre-requisite in the binary package, whilst the BUILD_DEPENDS definition does not. This means that if you only need a package present whilst you are building, it should be noted as a BUILD_DEPENDS. The format for a BUILD_DEPENDS and a DEPENDS definition is: :../..// Please note that the "pre-req-package-name" may include any of the wildcard version numbers recognised by pkg_info(1). (a) If your package needs to use another package to build itself, this is specified using the BUILD_DEPENDS definition. BUILD_DEPENDS+= autoconf-2.13:../../devel/autoconf (b) If your package needs a library with which to link, this is specified using the DEPENDS definition. An example of this is the pkgsrc/print/lyx package, which uses the xpm library, version 3.4j to build. DEPENDS+= xpm-3.4j:../../graphics/xpm You can also use wildcards in package dependences: DEPENDS+= xpm-*:../../graphics/xpm Note that such wildcard dependencies are retained when creating binary packages. The dependency is checked when installing the binary package and any package which matches the pattern will be used. Wildard dependencies should be used with care. For example, if a package needs any version of Tk installed, but does not require an explicit version of Tk: DEPENDS+= tk-*:../../x11/tk80 would also match e.g. tk-postgresql-6.5.3, which is not what was needed. ALWAYS ensure that the wildcard doesn't match more than it should, and perhaps use version numbers to make certain: BUILD_DEPENDS+= perl-5.*:../../lang/perl (c) If your package needs some executable to be able to run correctly, this is specified using the DEPENDS definition. The pkgsrc/print/lyx package needs to be able to execute the latex binary from the teTex package when it runs, and that is specified: DEPENDS+= teTex-*:../../print/teTeX The comment about wildcard dependencies from previous paragraph applies here, too. If your package needs files from another package to build, see the first part of the "do-configure" target pkgsrc/print/ghostscript5 package (it relies on the jpeg sources being present in source form during the build): if [ ! -e ${BUILD_ROOT}/graphics/jpeg/${WRKDIR:T}/jpeg-6b ]; then \ cd ../../graphics/jpeg && ${MAKE} extract; \ fi Please also note the BUILD_USES_MSGFMT and BUILD_USES_GETTEXT_M4 definitions, which are provided as convenience definitions. The former works out whether msgfmt(1) is part of the base system, and, if it isn't, installs the pkgsrc/devel/gettext package. The latter adds a build dependency on either an installed version of an older gettext package, or if it isn't, installs the pkgsrc/devel/gettext-m4 package. 10.13 Conflicts with other packages =================================== Your package may conflict with other packages a user might already have installed on his system, e.g. if your package installs the same set of files like another package in our pkgsrc tree. In this case you can set CONFLICTS to a space separated list of packages (including version string) your package conflicts with. For example pkgsrc/x11/Xaw3d and pkgsrc/x11/Xaw-Xpm install provide the same shared library, thus you set in pkgsrc/x11/Xaw3d/Makefile: CONFLICTS= Xaw-Xpm-* and in pkgsrc/x11/Xaw-Xpm/Makefile: CONFLICTS= Xaw3d-* Packages will automatically conflict with other packages with the name prefix and a different version string. "Xaw3d-1.5" e.g. will automatically conflict with the older version "Xaw3d-1.3". 10.14 Software which has a WWW Home Page ======================================== The NetBSD packages system now supports a variable called HOMEPAGE. If the software being packaged has a home page, the Makefile should include the URL for that page in the HOMEPAGE variable. The definition of the variable should be placed immediately after the MAINTAINER variable. 10.15 How to handle modified distfiles with the 'old' name ========================================================== Sometimes authors of a software package make some modifications after the software was released, and they put up a new distfile without changing the package's version number. If a package is already in pkgsrc at that time, the md5 checksum will no longer match. The correct way to work around this is to update the package's md5 checksum to match the package on the master site (beware, any mirrors may not be up to date yet!), and to remove the old distfile from ftp.netbsd.org's /pub/NetBSD/packages/distfiles directory. Furthermore, a mail to the package's author seems appropriate making sure the distfile was really updated on purpose, and that no trojan horse or so crept in. 10.16 What does "Don't know how to make /usr/share/tmac/tmac.andoc" mean? ========================================================================= When compiling the pkgsrc/pkgtools/pkg_install package, you get the error from make that it doesn't know how to make /usr/share/tmac/tmac.andoc? This indicates that you don't have installed the "text" set on your machine (nroff, ...). It is recommended to do that. In the case of the pkg_install package, you can get away with setting NOMAN=YES either in the environment or in /etc/mk.conf. 10.17 How to handle incrementing versions when fixing an existing package ========================================================================= When making fixes to an existing package it can be useful to change the version number in PKGNAME. To avoid conflicting with future versions by the original author, use a 'nb1' suffix (later versions should increment this to give 'nb2' and so on). 10.18 "Could not find bsd.own.mk" - what's wrong? ================================================= You didn't install the compiler set, comp.tgz, when you installed your NetBSD machine. Please get it and install it, by extracting it in /: # tar --unlink -pvxf .../comp.tgz comp.tgz is part of every NetBSD release, please get the one matching the release you have installed (determine via "uname -r"). 10.19 Restricted packages ========================= Some licenses restrict how software may be re-distributed. In order to satisfy these restrictions, the package system defines five make variables that can be set to note these restrictions: * RESTRICTED: This variable should be set whenever a restriction exists (regardless of its kind). Set this variable to a string containing the reason for the restriction. * NO_BIN_ON_CDROM: Binaries may not be placed on CD-ROM. Set this variable to ${RESTRICTED} whenever a binary package may not be included on a CD-ROM. * NO_BIN_ON_FTP: Binaries may not be placed on an ftp server. Set this variable to ${RESTRICTED} whenever a binary package may not not be made available on the internet. * NO_SRC_ON_CDROM: Distfiles may not be placed on CD-ROM. Set this variable to ${RESTRICTED} if re-distribution of the source code or other distfile(s) is not allowed on CD-ROMs. * NO_SRC_ON_FTP: Distfiles may not be placed on FTP. Set this variable to ${RESTRICTED} if re-distribution of the source code or other distfile(s) via the internet is not allowed. Please note that the use of NO_PACKAGE, IGNORE, NO_CDROM, or other generic make variables to denote restrictions is deprecated, because they unconditionally prevent users from generating binary packages! 10.20 Packages using (n)curses ============================== Some packages need curses functionality that wasn't present in NetBSD's own curses prior to 1.4Y. For packages using such functionality there are two options, setting USE_CURSES or including ../../devel/ncurses/buildlink.mk in the package's Makefile. 10.20.1 USE_CURSES =================== If USE_CURSES is set in a package's Makefile, NEED_NCURSES is set automatically to YES or NO, depending on whether a dependency on ncurses is needed on this system. You can use this variable to e.g. add arguments to configure to tell the package whether to use ncurses. Additionally, you can set REPLACE_NCURSES to some filenames; in each of these files, each occurrence of 'ncurses' is replaced by 'curses' if the package doesn't need ncurses. You may need this in some cases if ncurses are installed, and the package's configure script prefers ncurses. For example, in pkgsrc/mail/mutt, the relevant lines are: USE_CURSES= YES REPLACE_NCURSES= configure configure.in ... .include "../../mk/bsd.prefs.mk" .if defined(NEED_NCURSES) && ${NEED_NCURSES} == "YES" CONFIGURE_ARGS+= --with-curses=${LOCALBASE} .endif Please note that the check for NEED_NCURSES has to be below the inclusion of bsd.prefs.mk, since the variable is set there. 10.20.2 devel/ncurses/buildlink.mk ================================== If ../../devel/ncurses/buildlink.mk is included in a package's Makefile, then a curses library and headers with ncurses functionality are linked into ${BUILDLINK_DIR} at pre-configure time. If ncurses is needed, then a dependency on ncurses is added to the package, otherwise, if the system curses is sufficient, then the library and headers are linked into ${BUILDLINK_DIR} with ncurses names. If ncurses is actually required, then define USE_NCURSES in the package's Makefile. 10.21 Automated security check ============================== Please be aware that there can often be bugs in third-party software, and some of these bugs can leave a machine vulnerable to exploitation by attackers. In an effort to lessen the exposure, the NetBSD packages team maintains a database of known-exploits to packages which have at one time been included in pkgsrc. The database can be downloaded automatically, and a security audit of all packages installed on a system can take place. To do this, install the pkgsrc/security/audit-packages package. It has two components: (1) download-vulnerability-list, an easy way to download a list of the security vulnerabilities information. This list is kept up to date by the NetBSD security officer and the NetBSD packages team, and is distributed from the NetBSD ftp server: ftp://ftp.netbsd.org/pub/NetBSD/packages/distfiles/vulnerabilities (2) audit-packages, an easy way to audit the current machine, checking each vulnerability which is known. If a vulnerable package is installed, it will be shown by output to stdout, including a description of the type of vulnerability, and a URL containing more information. Use of the audit-packages package is strongly recommended. The following message is displayed as part of the audit-packages installation procedure: ====================================================================== You may wish to have the vulnerabilities file downloaded daily so that it remains current. This may be done by adding an appropriate entry to the root users crontab(5) entry. For example the entry # download vulnerabilities file 0 3 * * * ${PREFIX}/sbin/download-vulnerability-list >/dev/null 2>&1 will update the vulnerability list every day at 3AM. In addition, you may wish to run the package audit from the daily security script. This may be accomplished by adding the following lines to /etc/security.local if [ -x ${PREFIX}/sbin/audit-packages ]; then ${PREFIX}/sbin/audit-packages fi ====================================================================== Note to package developers: When a vulnerability is found, this should be noted in localsrc/security/advisories/pkg-vulnerabilities, and after the commit of that file, it should be copied to /pub/NetBSD/packages/distfiles/vulnerabilities on ftp.netbsd.org. 10.22 What's the proper way to create an account from a package? ================================================================ Look at what e.g. pkgsrc/sysutils/amanda-common/{Makefile,pkg/INSTALL} do. 11 Submitting & Committing ========================== 11.1 Submitting your packages ============================= You have to separate between binary and "normale" (source) packages here: * precompiled binary packages: Our policy is that we accept binaries only from NetBSD developers to guarantee that the packages don't contain any trojan horses etc. This is not to piss anyone off but rather to protect our users! You're still free to put up your home-made binary packages and tell the world where to get them. * packages: First, check that your package is complete, compiles and runs well; see section 8 and the rest of this document. Next, generate a gzipped tar-file of all the files needed for the package, preferably with all files in a single directory. Place this tar-file to a place where the package maintainers can fetch it using FTP or HTTP (WWW). Finally, send-pr with category "pkg", a synopsis which includes the package name and version number, a short description of your package (contents of the COMMENT variable are OK) and the URL of your tar-file. You will be notified if your send-pr has been addressed so you can remove the tar-file. If you want to submit several packages, please send a separate PR for each one, it's easier for us to track things that way. 11.2 Committing: Importing the package into CVS =============================================== This section is only of interest for NetBSD developers with write access to the NetBSD pkgsrc repository. Please remember that cvs imports files relative to the cwd, and that the pathname that you give the "cvs import" command is so that it knows where to place the files in the repository. Newly created packages should be imported with a vendor tag of "TNF" and a release tag of "pkgsrc-base", e.g: % cd .../pkgsrc// % cvs import pkgsrc// TNF pkgsrc-base and remember to move the directory from which you imported out of the way, or cvs will complain the next time you "cvs update" your source tree. Packages derived from a FreeBSD port should be imported with a vendor tag of "FREEBSD" and a release tag of "FreeBSD-current-YYYY-MM-DD" (YYYY-MM-DD being the date when the snapshot of the port were taken form the FreeBSD tree), and then doing the necessary modifications by normal CVS operations. E.g: % cd .../pkgsrc// % cvs import pkgsrc// FREEBSD FreeBSD-current-1998-04-01 % cvs rm patches/patch-a % cvs add patches/patch-aa % cvs ci Please note all package updates/additions in doc/pkg-CHANGES! It's very important to keep this file up to date and conforming to the existing format, because it will be used by scripts to automatically update pages on www.netbsd.org and other sites. 12 A simple example of a package: bison ======================================= I checked to find a piece of software that isn't in the FreeBSD ports collection, and picked GNU bison. Quite why someone would want to have bison when Berkeley yacc is already present in the tree is beyond me, but it's useful for the purposes of this exercise. 12.1 files ========== The file contents in this section must be used without the "> " prefix. 12.1.1 Makefile =============== # <$>NetBSD<$> DISTNAME= bison-1.25 CATEGORIES= devel MASTER_SITES= ${MASTER_SITE_GNU} > MAINTAINER= thorpej@netbsd.org HOMEPAGE= http://www.gnu.org/software/bison/bison.html COMMENT= GNU yacc clone GNU_CONFIGURE= yes INFO_FILES= bison.info .include "../../mk/bsd.pkg.mk" 12.1.2 pkg/DESCR ================ GNU version of yacc. Can make re-entrant parsers, and numerous other improvements. Why you would want this when Berkeley yacc(1) is part of the NetBSD source tree is beyond me. 12.1.3 pkg/PLIST ================ @comment <$>NetBSD<$> bin/bison man/man1/bison.1.gz @unexec install-info --delete %D/info/bison.info %D/info/dir info/bison.info info/bison.info-1 info/bison.info-2 info/bison.info-3 info/bison.info-4 info/bison.info-5 @exec install-info %D/info/bison.info %D/info/dir share/bison.simple share/bison.hairy 12.1.4 Checking a package "pkglint" =================================== The NetBSD package system comes with a tool called "pkglint" (located in the directory "pkgsrc/pkgtools/pkglint") which helps to check the contents of these files. After installation it is quite easy to use, just change to the directory of the package you wish to examine and execute "pkglint": % pkglint OK: checking pkg/DESCR. OK: checking Makefile. OK: checking distinfo. OK: checking patches/patch-aa. looks fine. Depending on the supplied command line arguments (see "man pkglint") more verbose checks will be performed. Use e.g. "pkglint -v" for a very verbose check. 12.2 Steps for building, installing, packaging ============================================== Create the directory where the package lives, plus any auxiliary directories: # cd /usr/pkgsrc/lang # mkdir bison # cd bison # mkdir files patches pkg Create Makefile, pkg/DESCR and pkg/PLIST as in section 11.1, then continue with fetching the distfile: # make fetch >> bison-1.25.tar.gz doesn't seem to exist on this system. >> Attempting to fetch from ftp://prep.ai.mit.edu/pub/gnu//. Requesting ftp://prep.ai.mit.edu/pub/gnu//bison-1.25.tar.gz (via ftp://orpheus.amdahl.com:80/) ftp: Error retrieving file: 500 Internal error >> Attempting to fetch from ftp://wuarchive.wustl.edu/systems/gnu//. Requesting ftp://wuarchive.wustl.edu/systems/gnu//bison-1.25.tar.gz (via ftp://orpheus.amdahl.com:80/) ftp: Error retrieving file: 500 Internal error >> Attempting to fetch from ftp://ftp.freebsd.org/pub/FreeBSD/distfiles//. Requesting ftp://ftp.freebsd.org/pub/FreeBSD/distfiles//bison-1.25.tar.gz (via ftp://orpheus.amdahl.com:80/) Successfully retrieved file. Generate the checksum of the distfile into distinfo: # make makesum Now compile: # make >> Checksum OK for bison-1.25.tar.gz. ===> Extracting for bison-1.25 ===> Patching for bison-1.25 ===> Ignoring empty patch directory ===> Configuring for bison-1.25 creating cache ./config.cache checking for gcc... cc checking whether we are using GNU C... yes checking for a BSD compatible install... /usr/bin/install -c -o bin -g bin checking how to run the C preprocessor... cc -E checking for minix/config.h... no checking for POSIXized ISC... no checking whether cross-compiling... no checking for ANSI C header files... yes checking for string.h... yes checking for stdlib.h... yes checking for memory.h... yes checking for working const... yes checking for working alloca.h... no checking for alloca... yes checking for strerror... yes updating cache ./config.cache creating ./config.status creating Makefile ===> Building for bison-1.25 cc -c -DSTDC_HEADERS=1 -DHAVE_STRING_H=1 -DHAVE_STDLIB_H=1 -DHAVE_MEMORY_H=1 -DHAVE_ALLOCA=1 -DHAVE_STRERROR=1 -I./../include -g LR0.c cc -c -DSTDC_HEADERS=1 -DHAVE_STRING_H=1 -DHAVE_STDLIB_H=1 -DHAVE_MEMORY_H=1 -DHAVE_ALLOCA=1 -DHAVE_STRERROR=1 -I./../include -g allocate.c cc -c -DSTDC_HEADERS=1 -DHAVE_STRING_H=1 -DHAVE_STDLIB_H=1 -DHAVE_MEMORY_H=1 -DHAVE_ALLOCA=1 -DHAVE_STRERROR=1 -I./../include -g closure.c cc -c -DSTDC_HEADERS=1 -DHAVE_STRING_H=1 -DHAVE_STDLIB_H=1 -DHAVE_MEMORY_H=1 -DHAVE_ALLOCA=1 -DHAVE_STRERROR=1 -I./../include -g conflicts.c cc -c -DSTDC_HEADERS=1 -DHAVE_STRING_H=1 -DHAVE_STDLIB_H=1 -DHAVE_MEMORY_H=1 -DHAVE_ALLOCA=1 -DHAVE_STRERROR=1 -I./../include -g derives.c cc -c -DXPFILE=\"/usr/pkg/share/bison.simple\" -DXPFILE1=\"/usr/pkg/share/bison.hairy\" -DSTDC_HEADERS=1 -DHAVE_STRING_H=1 -DHAVE_STDLIB_H=1 -DHAVE_MEMORY_H=1 -DHAVE_ALLOCA=1 -DHAVE_STRERROR=1 -g ./files.c cc -c -DSTDC_HEADERS=1 -DHAVE_STRING_H=1 -DHAVE_STDLIB_H=1 -DHAVE_MEMORY_H=1 -DHAVE_ALLOCA=1 -DHAVE_STRERROR=1 -I./../include -g getargs.c cc -c -DSTDC_HEADERS=1 -DHAVE_STRING_H=1 -DHAVE_STDLIB_H=1 -DHAVE_MEMORY_H=1 -DHAVE_ALLOCA=1 -DHAVE_STRERROR=1 -I./../include -g gram.c cc -c -DSTDC_HEADERS=1 -DHAVE_STRING_H=1 -DHAVE_STDLIB_H=1 -DHAVE_MEMORY_H=1 -DHAVE_ALLOCA=1 -DHAVE_STRERROR=1 -I./../include -g lalr.c cc -c -DSTDC_HEADERS=1 -DHAVE_STRING_H=1 -DHAVE_STDLIB_H=1 -DHAVE_MEMORY_H=1 -DHAVE_ALLOCA=1 -DHAVE_STRERROR=1 -I./../include -g lex.c cc -c -DSTDC_HEADERS=1 -DHAVE_STRING_H=1 -DHAVE_STDLIB_H=1 -DHAVE_MEMORY_H=1 -DHAVE_ALLOCA=1 -DHAVE_STRERROR=1 -I./../include -g main.c cc -c -DSTDC_HEADERS=1 -DHAVE_STRING_H=1 -DHAVE_STDLIB_H=1 -DHAVE_MEMORY_H=1 -DHAVE_ALLOCA=1 -DHAVE_STRERROR=1 -I./../include -g nullable.c cc -c -DSTDC_HEADERS=1 -DHAVE_STRING_H=1 -DHAVE_STDLIB_H=1 -DHAVE_MEMORY_H=1 -DHAVE_ALLOCA=1 -DHAVE_STRERROR=1 -I./../include -g output.c cc -c -DSTDC_HEADERS=1 -DHAVE_STRING_H=1 -DHAVE_STDLIB_H=1 -DHAVE_MEMORY_H=1 -DHAVE_ALLOCA=1 -DHAVE_STRERROR=1 -I./../include -g print.c cc -c -DSTDC_HEADERS=1 -DHAVE_STRING_H=1 -DHAVE_STDLIB_H=1 -DHAVE_MEMORY_H=1 -DHAVE_ALLOCA=1 -DHAVE_STRERROR=1 -I./../include -g reader.c cc -c -DSTDC_HEADERS=1 -DHAVE_STRING_H=1 -DHAVE_STDLIB_H=1 -DHAVE_MEMORY_H=1 -DHAVE_ALLOCA=1 -DHAVE_STRERROR=1 -I./../include -g reduce.c cc -c -DSTDC_HEADERS=1 -DHAVE_STRING_H=1 -DHAVE_STDLIB_H=1 -DHAVE_MEMORY_H=1 -DHAVE_ALLOCA=1 -DHAVE_STRERROR=1 -I./../include -g symtab.c cc -c -DSTDC_HEADERS=1 -DHAVE_STRING_H=1 -DHAVE_STDLIB_H=1 -DHAVE_MEMORY_H=1 -DHAVE_ALLOCA=1 -DHAVE_STRERROR=1 -I./../include -g warshall.c cc -c -DSTDC_HEADERS=1 -DHAVE_STRING_H=1 -DHAVE_STDLIB_H=1 -DHAVE_MEMORY_H=1 -DHAVE_ALLOCA=1 -DHAVE_STRERROR=1 -I./../include -g version.c cc -c -DSTDC_HEADERS=1 -DHAVE_STRING_H=1 -DHAVE_STDLIB_H=1 -DHAVE_MEMORY_H=1 -DHAVE_ALLOCA=1 -DHAVE_STRERROR=1 -I./../include -g getopt.c cc -c -DSTDC_HEADERS=1 -DHAVE_STRING_H=1 -DHAVE_STDLIB_H=1 -DHAVE_MEMORY_H=1 -DHAVE_ALLOCA=1 -DHAVE_STRERROR=1 -I./../include -g getopt1.c cc -g -o bison LR0.o allocate.o closure.o conflicts.o derives.o files.o getargs.o gram.o lalr.o lex.o main.o nullable.o output.o print.o reader.o reduce.o symtab.o warshall.o version.o getopt.o getopt1.o ./files.c:240: warning: mktemp() possibly used unsafely, consider using mkstemp() rm -f bison.s1 sed -e "/^#line/ s|bison|/usr/pkg/share/bison|" < ./bison.simple > bison.s1 Everything seems OK, so install the files: # make install >> Checksum OK for bison-1.25.tar.gz. ===> Installing for bison-1.25 sh ./mkinstalldirs /usr/pkg/bin /usr/pkg/share /usr/pkg/info /usr/pkg/man/man1 rm -f /usr/pkg/bin/bison cd /usr/pkg/share; rm -f bison.simple bison.hairy rm -f /usr/pkg/man/man1/bison.1 /usr/pkg/info/bison.info* install -c -o bin -g bin -m 555 bison /usr/pkg/bin/bison /usr/bin/install -c -o bin -g bin -m 644 bison.s1 /usr/pkg/share/bison.simple /usr/bin/install -c -o bin -g bin -m 644 ./bison.hairy /usr/pkg/share/bison.hairy cd .; for f in bison.info*; do /usr/bin/install -c -o bin -g bin -m 644 $f /usr/pkg/info/$f; done /usr/bin/install -c -o bin -g bin -m 644 ./bison.1 /usr/pkg/man/man1/bison.1 ===> Registering installation for bison-1.25 You can now use bison, and also - if you decide so - remove it with "pkg_delete bison-1.25". Should you decide that you want a binary package, do this now: # make package >> Checksum OK for bison-1.25.tar.gz. ===> Building package for bison-1.25 Creating package bison-1.25.tgz Registering depends:. Creating gzip'd tar ball in '/u/pkgsrc/lang/bison/bison-1.25.tgz' Now that you don't need the source and object files any more, clean up: # make clean ===> Cleaning for bison-1.25 ====================== Appendix A: build logs ====================== A.1 Building top ================ # make >> top-3.5beta5.tar.gz doesn't seem to exist on this system. >> Attempting to fetch from ftp://ftp.groupsys.com/pub/top/. Requesting ftp://ftp.groupsys.com/pub/top/top-3.5beta5.tar.gz (via ftp://orpheus.amdahl.com:80/) Successfully retrieved file. >> Checksum OK for top-3.5beta5.tar.gz. ===> Extracting for top-3.5beta5 ===> Patching for top-3.5beta5 ===> Applying NetBSD patches for top-3.5beta5 ===> Configuring for top-3.5beta5 /bin/cp /u/pkgsrc/sysutils/top/files/defaults /u/pkgsrc/sysutils/top/work/top-3.5beta5/.defaults chmod a-x /u/pkgsrc/sysutils/top/work/top-3.5beta5/install Reading configuration from last time... Using these settings: Bourne Shell /bin/sh C compiler cc Compiler options -DHAVE_GETOPT -O Awk command awk Install command /usr/bin/install Module netbsd13 LoadMax 5.0 Default TOPN -1 Nominal TOPN 18 Default Delay 2 Random passwd access yes Table Size 47 Owner root Group Owner kmem Mode 2755 bin directory $(PREFIX)/bin man directory $(PREFIX)/man/man1 man extension 1 man style man Building Makefile... Building top.local.h... Building top.1... Doing a "make clean". rm -f *.o top core core.* sigdesc.h To create the executable, type "make". To install the executable, type "make install". ===> Building for top-3.5beta5 cc -DHAVE_GETOPT -DORDER -DHAVE_GETOPT -O -c top.c awk -f sigconv.awk /usr/include/sys/signal.h >sigdesc.h cc -DHAVE_GETOPT -DORDER -DHAVE_GETOPT -O -c commands.c cc -DHAVE_GETOPT -DORDER -DHAVE_GETOPT -O -c display.c cc -DHAVE_GETOPT -DORDER -DHAVE_GETOPT -O -c screen.c cc -DHAVE_GETOPT -DORDER -DHAVE_GETOPT -O -c username.c cc -DHAVE_GETOPT -DORDER -DHAVE_GETOPT -O -c utils.c utils.c: In function `errmsg': utils.c:348: warning: return discards `const' from pointer target type cc -DHAVE_GETOPT -DORDER -DHAVE_GETOPT -O -c version.c cc -DHAVE_GETOPT -DORDER -DHAVE_GETOPT -O -c getopt.c cc "-DOSREV=12G" -DHAVE_GETOPT -DORDER -DHAVE_GETOPT -O -c machine.c rm -f top cc -o top top.o commands.o display.o screen.o username.o utils.o version.o getopt.o machine.o -ltermcap -lm -lkvm # # # # # make install >> Checksum OK for top-3.5beta5.tar.gz. ===> Installing for top-3.5beta5 /usr/bin/install -o root -m 2755 -g kmem top /usr/pkg/bin /usr/bin/install top.1 /usr/pkg/man/man1/top.1 strip /usr/pkg/bin/top ===> Registering installation for top-3.5beta5 # A.2 Packaging top ================= # make package >> Checksum OK for top-3.5beta5.tar.gz. ===> Building package for top-3.5beta5 Creating package top-3.5beta5.tgz Registering depends:. Creating gzip'd tar ball in '/u/pkgsrc/sysutils/top/top-3.5beta5.tgz' ====================================================== Appendix B: Layout of the FTP server's package archive ====================================================== Layout for precompiled binary packages on ftp.netbsd.org: /pub/NetBSD/packages/ README distfiles/ pkgsrc -> /pub/NetBSD/NetBSD-current/pkgsrc 1.5/ i386/ All/ archivers/ foo -> ../All/foo ... m68k/ All/ archivers/ foo -> ../All/foo ... amiga -> m68k atari -> m68k ... To create: - cd /usr/pkgsrc ; make install ; make package - upload /usr/pkgsrc/packages to ftp://ftp.netbsd.org/pub/NetBSD/packages/\ `uname -r | sed 's@\.\([0-9]*\)[\._].*@\.\1@'`/`sysctl -n hw.machine_arch` - if necessary ln -s `sysctl -n hw.machine` `sysctl -n hw.machine_arch` Disk space needed: unknown. Packages for a release version of NetBSD should be uploaded to the directory major.minor corresponding to the appropriate release. Packages for NetBSD with versions such as "1.5.1" should be uploaded to the "1.5" directory, stripping the tiny number off the directory name. For packages that need to be tightly coupled with the OS Version, such as LKM's, you may create a major.minor.tiny release directory, and place those packages therein. Such packages should be marked with the variable "OSVERSION_SPECIFIC=yes" to mark them in some way for binary package builders. ########################################################################### # Local Variables: # mode: Text # fill-column: 75 # sentence-end-double-space: nil # End: