Setting up pkgsrc

Binaries

Warning: it seems not only the MAJOR release version matters, but ALSO THE MINOR. For example mail/alpine did not run on NetBSD 7.1.2 here, although it was built for 7.0 (libgssapi.so.10 not found). And it fits with uname -r|cut -f '1 2' -d..

If you want binary you may have to check online whether there are builds for your architecture and the latest release.

uname -rpm

In any case even for a branch or current, choose the latest repository link available e.g. amd64

cp -pi /etc/shrc /etc/shrc.dist
vi /etc/shrc

#export PASSIVE_FTP=yes
#export PKG_PATH="ftp://cdn.netbsd.org/pub/pkgsrc/packages/NetBSD/amd64/8.1/All/"
export PKG_PATH="http://cdn.netbsd.org/pub/pkgsrc/packages/NetBSD/amd64/8.1/All/"

Packages

for a router/gateway

echo $PKG_PATH
pkg_add \
    alpine \
    curl \
    iftop \
    iperf3 \
    mozilla-rootcerts \
    netcat \
    nmap \
    screen \
    trafshow \
    wget

    #tmux \
    #dsniff-nox11 \

as of today Apr 2019 glib2 dep is missing for dsniff, add it manually

cp -i /usr/share/examples/openssl/openssl.cnf /etc/openssl
ll /etc/openssl/certs/
mozilla-rootcerts install
ll /etc/openssl/certs/ca-certificates.crt
curl -I https://os3.su/

and for a rather full-featured server environment, add

pkg_add \
    e2fsprogs \
    git \
    lftp \
    lynx \
    mc \
    pwgen

    #vim \

Daily audits

ll /usr/pkg/etc/audit-packages.conf #does not exist
mkdir -p /usr/pkg/etc/
cat > /usr/pkg/etc/audit-packages.conf <<-EOF
VUL_SOURCE="ftp://ftp.fr.netbsd.org/pub/NetBSD/packages/distfiles/pkg-vulnerabilities"
EOF

/usr/sbin/pkg_admin fetch-pkg-vulnerabilities
/usr/sbin/pkg_admin check-pkg-vulnerabilities /var/db/pkg/pkg-vulnerabilities
/usr/sbin/pkg_admin audit
#/usr/pkg/sbin/pkg_admin #gnu/linux

grep run_security /etc/defaults/daily.conf
grep vulnerabilities /etc/daily.conf
cat >> /etc/daily.conf <<-EOF
fetch_pkg_vulnerabilities=YES
check_pkg_vulnerabilities=YES
EOF

there is no need for this as we have enabled it in daily.conf already

#0 3 * * * /usr/sbin/pkg_admin fetch-pkg-vulnerabilities && /usr/sbin/pkg_admin audit

From source

setup your build env

ls -lF /usr/pkgsrc/mk/defaults/mk.conf
vi /etc/mk.conf

MAKE_JOBS=8
ALLOW_VULNERABLE_PACKAGES=+nmap
X11_TYPE=modular
SSLBASE=/usr/local/ssl

grab the latest tarball

cd /usr/
ls -lhF | grep pkgsrc

ftp -a http://cdn.netbsd.org/pub/pkgsrc/current/pkgsrc.tar.gz
nice progress -zf pkgsrc.tar.gz tar xf -

#gnu/linux
#wget http://cdn.netbsd.org/pub/pkgsrc/current/pkgsrc.tar.gz
#nice tar xzf pkgsrc.tar.gz

In case you are on gnu/linux or the pkgsrc-current tree is too recent compared to your NetBSD release

unset PKG_PATH
cd /usr/pkgsrc/bootstrap/
./bootstrap

Fix a package’s deps by rebuilding it and look at your options

unset PKG_PATH
cd /usr/pkgsrc/mail/alpine/
cd /usr/pkgsrc/net/wget/
make show-depends
make show-options
make clean clean-depends
/usr/bin/make help topic=make_jobs

vi /etc/mk.conf #bootstrapped
vi /usr/pkg/etc/mk.conf #natural

MAKE_JOBS=8 

make
make package
#make install

Maintenance

clean up the tree

find /usr/pkgsrc -name work -maxdepth 3 | xargs rm -rf

get rid of recently installed packages

ls -ltr /var/db/pkg/
ls -1tr /var/db/pkg/ | sed -rn '/py27-expat-2.7.16/,$p' | sed '$d'
pkg_delete `ls -1tr /var/db/pkg/ | sed -rn '/py27-expat-2.7.16/,$p' | sed '$d'`
ls -ltr /var/db/pkg/

start from scratch the soft way

echo `pkg_info | awk '{print $1}'`
pkg_delete `pkg_info | awk '{print $1}'`
pkg_info
find /usr/pkg/
find /var/db/pkg/

the brutal way

rm -rf /usr/pkg/
rm -rf /var/db/pkg/*

Troubelshooting

===> Building for gmake-4.2.1nb1
CDPATH="${ZSH_VERSION+.}:" && cd . && /bin/sh /usr/pkgsrc/devel/gmake/work/make-4.2.1/config/missing aclocal-1.15 -I config
/usr/pkgsrc/devel/gmake/work/make-4.2.1/config/missing: aclocal-1.15: not found
WARNING: 'aclocal-1.15' is missing on your system.
         You should only need it if you modified 'acinclude.m4' or
         'configure.ac' or m4 files included by 'configure.ac'.
         The 'aclocal' program is part of the GNU Automake package:
         <http://www.gnu.org/software/automake>
         It also requires GNU Autoconf, GNU m4 and Perl in order to run:
         <http://www.gnu.org/software/autoconf>
         <http://www.gnu.org/software/m4/>
         <http://www.perl.org/>

==> use binaries for automake autoconf gmake and build alpine and wget

and then for alpine one gets

undefined reference to `tputs'

References

pkgsrc http://pkgsrc.org/

daily audits

Security and NetBSD http://www.netbsd.org/support/security/

5.1.5. Checking for security vulnerabilities in installed packages https://www.netbsd.org/docs/pkgsrc/using.html#vulnerabilities

from source

4.2. Bootstrapping pkgsrc https://www.netbsd.org/docs/pkgsrc/platforms.html#bootstrapping-pkgsrc

5.2. Building packages from source https://www.netbsd.org/docs/pkgsrc/using.html#building-packages-from-source

mk.conf – make configuration file http://netbsd.gw.com/cgi-bin/man-cgi?mk.conf++NetBSD-current

Have pkgsrc building make use of SMP? https://tech-pkg.netbsd.narkive.com/eBKNLzk0/have-pkgsrc-building-make-use-of-smp


Nethence | Pub | Lab | Pbraun | SNE Russia | xhtml