# Getting things like xorg in /usr/local



## kpedersen (Oct 11, 2010)

Hello,

Whilst I like the idea of having Xorg as a port rather than part of the base install (like OpenBSD) would it not be a good idea to get this thing to install where other ports go?

If all ports went in /usr/local then it would be possible to create a 'portroot' account which can only write in /usr/local and thus *should* be more secure. i.e dodgy packages that get added cannot affect anything outside the ports area.

Is this a problem with the kernel modules because as far as I can tell, virtualbox-kmod also spams itself outside /usr/local as well.

It would be quite awesome if it was possible to

```
rm -r -f /usr/local
```
And this would return the system back to a completely standard base install (minus configuration of base stuff of course)
This would be good in cases of ports / packages that don't uninstall correctly (although I have yet to run into this (other than my own ))

Would this be a good idea or are there any problems preventing this?

Best Regards,


----------



## SirDice (Oct 11, 2010)

kpedersen said:
			
		

> Whilst I like the idea of having Xorg as a port rather than part of the base install (like OpenBSD) would it not be a good idea to get this thing to install where other ports go?


It does.


----------



## kpedersen (Oct 11, 2010)

But does it not create a folder '/etc/X11'?


----------



## SirDice (Oct 11, 2010)

kpedersen said:
			
		

> But does it not create a folder '/etc/X11'?



No, that gets created by the base install. And strictly speaking it's not needed either. It will happily get it's configuration from /usr/local/etc/.


----------



## Beastie (Oct 11, 2010)

/etc/X11 is, as far as I know, the only part related to a third-party port that is present in the base system. And you can as well use /usr/local/etc/X11/ for xorg.conf if you want.


----------



## gordon@ (Oct 11, 2010)

There are a number of things that affect the base system in the ports system. Servers install log files into /var/log (apache for example). Servers store database files in /var/db (mysql). Also, there are utilities that manipulate files in /etc (/etc/manpath.config and /etc/make.conf by use.perl).

So, no it really isn't as clean as it should be.

That said, I'm trying to extend the base system utilities to source configuration information from /usr/local/etc as well as /etc. I've got man(1) ported; newsyslog(8) is next. I guess I'll look at make(1) after that.


----------



## kpedersen (Oct 11, 2010)

Ah cool.

So I guess /etc/X11 is just a legacy or compatibility thing.

Also, perhaps the packages database should be in /usr/local so it also gets obliterated along with all the packages if needed.

I wonder if I did create a packages account (that can only write to /usr/local), how far I would get installing (parhaps not running) some of the more common ports.


----------



## Blackbird (Oct 11, 2010)

Anyway, I think that idea to make things clearer is a pretty nice one.

Should be more standardized, *all* executable files here, *all* configs there, and only some symbolic links for backward compatibility.


----------



## gordon@ (Oct 11, 2010)

kpedersen said:
			
		

> Ah cool.
> 
> So I guess /etc/X11 is just a legacy or compatibility thing.
> 
> ...



The problem also comes with setuid permissions (sudo and screen to name two off the top of my head). A non-root account installing them wouldn't be able to do much.


----------



## kpedersen (Oct 12, 2010)

Ah of course.


----------

