|developers (technically called all-developers), doc-developers, doc-committers, ports-developers, ports-committers, src-developers, src-committers. (Each project repository has its own -developers and -committers mailing lists. Archives for these lists can be found in the files [.filename]#/local/mail/repository-name-developers-archive# and [.filename]#/local/mail/repository-name-committers-archive# on the `FreeBSD.org` cluster.)
|_Core Team monthly reports_
|[.filename]#/home/core/public/monthly-reports# on the `FreeBSD.org` cluster.
|_Ports Management Team monthly reports_
|[.filename]#/home/portmgr/public/monthly-reports# on the `FreeBSD.org` cluster.
Cryptographic keys conforming to the OpenPGP (__Pretty Good Privacy__) standard are used by the FreeBSD project to authenticate committers.
Messages carrying important information like public SSH keys can be signed with the OpenPGP key to prove that they are really from the committer.
See http://www.nostarch.com/pgp_ml.htm[PGP & GPG: Email for the Practical Paranoid by Michael Lucas] and http://en.wikipedia.org/wiki/Pretty_Good_Privacy[] for more information.
gpg (GnuPG) 2.1.8; Copyright (C) 2015 Free Software Foundation, Inc.
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law.
Warning: using insecure memory!
Please select what kind of key you want:
(1) RSA and RSA (default)
(2) DSA and Elgamal
(3) DSA (sign only)
(4) RSA (sign only)
Your selection? 1
RSA keys may be between 1024 and 4096 bits long.
What keysize do you want? (2048) 2048 <.>
Requested keysize is 2048 bits
Please specify how long the key should be valid.
0 = key does not expire
<n> = key expires in n days
<n>w = key expires in n weeks
<n>m = key expires in n months
<n>y = key expires in n years
Key is valid for? (0) 3y <.>
Key expires at Wed Nov 4 17:20:20 2015 MST
Is this correct? (y/N) y
GnuPG needs to construct a user ID to identify your key.
Real name: Chucky Daemon <.>
Email address: notreal@example.com
Comment:
You selected this USER-ID:
"Chucky Daemon <notreal@example.com>"
Change (N)ame, (C)omment, (E)mail or (O)kay/(Q)uit? o
You need a Passphrase to protect your secret key.
....
<.> 2048-bit keys with a three-year expiration provide adequate protection at present (2013-12). http://danielpocock.com/rsa-key-sizes-2048-or-4096-bits[] describes the situation in more detail.
<.> A three year key lifespan is short enough to obsolete keys weakened by advancing computer power, but long enough to reduce key management problems.
<.> Use your real name here, preferably matching that shown on government-issued ID to make it easier for others to verify your identity. Text that may help others identify you can be entered in the `Comment` section.
After the email address is entered, a passphrase is requested.
Methods of creating a secure passphrase are contentious.
Rather than suggest a single way, here are some links to sites that describe various methods: http://world.std.com/~reinhold/diceware.html[], http://www.iusmentis.com/security/passphrasefaq/[], http://xkcd.com/936/[], http://en.wikipedia.org/wiki/Passphrase[].
If either the private key or passphrase may have been compromised or disclosed, immediately notify mailto:accounts@FreeBSD.org[accounts@FreeBSD.org] and revoke the key.
The FreeBSD repository has a number of components which, when combined, support the basic operating system source, documentation, third party application ports infrastructure, and various maintained utilities.
When FreeBSD commit bits are allocated, the areas of the tree where the bit may be used are specified.
Generally, the areas associated with a bit reflect who authorized the allocation of the commit bit.
Additional areas of authority may be added at a later date: when this occurs, the committer should follow normal commit bit allocation procedures for that area of the tree, seeking approval from the appropriate entity and possibly getting a mentor for that area for some period of time.
Commit bits allocated prior to the development of the notion of areas of authority may be appropriate for use in many parts of the tree.
However, common sense dictates that a committer who has not previously worked in an area of the tree seek review prior to committing, seek approval from the appropriate responsible party, and/or work with a mentor.
Since the rules regarding code maintenance differ by area of the tree, this is as much for the benefit of the committer working in an area of less familiarity as it is for others working on the tree.
Committers are encouraged to seek review for their work as part of the normal development process, regardless of the area of the tree where the work is occurring.
* All committers may modify [.filename]#src/share/misc/committers-*.dot#, [.filename]#src/usr.bin/calendar/calendars/calendar.freebsd#, and [.filename]#ports/astro/xearth/files#.
* doc committers may commit documentation changes to [.filename]#src# files, such as man pages, READMEs, fortune databases, calendar files, and comment fixes without approval from a src committer, subject to the normal care and tending of commits.
* Any committer may make changes to any other tree with an "Approved by" from a non-mentored committer with the appropriate bit.
* Committers can acquire an additional bit by the usual process of finding a mentor who will propose them to core, doceng, or portmgr, as appropriate. When approved, they will be added to 'access' and the normal mentoring period will ensue, which will involve a continuing of "Approved by" for some period.
It also allows you to use Git's worktree feature to have all your active branches checked out into separate directories but with only one copy of the repository.
'branch' should be one of the branches listed in the previous section.
It is optional if it is the main branch.
'dir' is an optional directory to place it in (the default will be the name of the repo you are cloning (src, doc, etc)).
You will want a deep clone if you are interested in the history, plan on making local changes, or plan on working on more than one branch.
It is the easiest to keep up to date as well.
If you are interested in the history, but are working with only one branch and are short on space, you can also use --single-branch to only download the one branch
(though some merge commits will not reference the merged-from branch which may be important for some users who are interested in detailed versions of history).
===== Shallow Clone
A shallow clone copies just the most current code, but none or little of the history.
This can be useful when you need to build a specific revision of FreeBSD, or when you are just starting out and plan to track the tree more fully.
You can also use it to limit history to only so many revisions.
However, see below for a significant limitation of this approach.
If you want to build a custom kernel, link:{handbook}#kernelconfig[the kernel config section] of the FreeBSD Handbook recommends creating a file MYKERNEL under sys/${ARCH}/conf with your changes against GENERIC.
Git's versions are the long hashes rather than a sequential number.
When you checkout a specific version, just specify the hash you want on the command line (the git log command can help you decide which hash you might want):
[source,shell]
....
% git checkout 08b8197a74
....
and you have that checked out.
You will be greeted with a message similar to the following:
[source,shell]
....
Note: checking out '08b8197a742a96964d2924391bf9fdfeb788865d'.
For more information, you can view https://www.metaltoad.com/blog/beginners-guide-git-bisect-process-elimination or https://git-scm.com/docs/git-bisect for more details.
The man git-bisect page is good at describing what can go wrong, what to do when versions won't build, when you want to use terms other than 'good' and 'bad', etc, none of which will be covered here.
`git bisect start` will start the bisection process.
Next, you need to tell a range to go through.
'git bisect good XXXXXX' will tell it the working version and 'git bisect bad XXXXX' will tell it the bad version.
The bad version will almost always be HEAD (a special tag for what you have checked out).
The good version will be the last one you checked out.
As you can see from the output, HEAD@{1} also often works, but isn't foolproof if you have done other things to your Git tree after updating, but before you discover the need to bisect.
The production Git repository is at https://git.FreeBSD.org/ports.git and at ssh://anongit@git.FreeBSD.org/ports.git (or anongit@git.FreeBSD.org:ports.git).
A hook is available in the ports repository to help you write up your commit messages in https://cgit.freebsd.org/ports/tree/.hooks/prepare-commit-msg[.hooks/prepare-commit-message].
It can be enabled by running ``git config --add core.hooksPath .hooks``.
The main point being that a commit message should be formatted in the following way:
....
category/port: Summary.
Description of why the changes where made.
PR: 12345
....
[IMPORTANT]
====
The first line is the subject of the commit, it contains what port was changed, and a summary of the commit.
It should contain 50 characters or less.
A blank line should separate it from the rest of the commit message.
The rest of the commit message should be wrapped at the 72 characters boundary.
Another blank line should be added if there are any metadata fields, so that they are easily distinguishable from the commit message.
This is manageable, but can lead to a convoluted history that's hard to upstream should that ever be necessary, or hard to replicate if you need to do so.
Git also allows one to merge, along with the same problems.
That's one way to manage the branch, but it's the least flexible.
This is typically what you are doing while updating the baseline (though you also use the Git rebase command to curate the commits you have in the branch).
A pointer to a more complete treatment can be found at the end of this section.
Let's say the includes changes upstream in a radical shift to terminfo as well as a name change for the option.
When you updated, you might see something like this:
[source,shell]
....
Auto-merging bin/ls/ls.c
CONFLICT (content): Merge conflict in bin/ls/ls.c
error: could not apply 646e0f9cda11... no color ls
Resolve all conflicts manually, mark them as resolved with
"git add/rm <conflicted_files>", then run "git rebase --continue".
You can instead skip this commit: run "git rebase --skip".
To abort and get back to the state before "git rebase", run "git rebase --abort".
Could not apply 646e0f9cda11... no color ls
....
which looks scary.
If you bring up an editor, you will see it is a typical 3-way merge conflict resolution that you may be familiar with from other source code systems (the rest of ls.c has been omitted):
[source,shell]
....
<<<<<<< HEAD
#ifdef COLORLS_NEW
#include <terminfo.h>
=======
#undef COLORLS
#ifdef COLORLS
#include <termcap.h>
>>>>>>> 646e0f9cda11... no color ls
....
The new code is first, and your code is second.
The right fix here is to just add a #undef COLORLS_NEW before #ifdef and then delete the old changes:
[source,shell]
....
#undef COLORLS_NEW
#ifdef COLORLS_NEW
#include <terminfo.h>
....
save the file.
The rebase was interrupted, so you have to complete it:
Since there was a conflict, you will get kicked into the editor to update the commit message if necessary.
If the commit message is still accurate, just exit the editor.
If you get stuck during the rebase, do not panic.
git rebase --abort will take you back to a clean slate.
It is important, though, to start with an unmodified tree.
An aside: The above mentioned 'git reflog' comes in handy here, as it will have a list of all the (intermediate) commits that you can view or inspect or cherry-pick.
For more on this topic, https://www.freecodecamp.org/news/the-ultimate-guide-to-git-merge-and-git-rebase/ provides a rather extensive treatment.
It is a good resource for issues that arise occasionally but are too obscure for this guide.
===== Switching to a Different FreeBSD Branch
If you wish to shift from stable/12 to the current branch.
If you have a deep clone, the following will suffice:
[source,shell]
....
% git checkout main
% # build and install here...
....
If you have a local branch, though, there are one or two caveats.
First, rebase will rewrite history, so you will likely want to do something to save it.
If you have work based on a previous Git conversion or a locally running git-svn conversion, migrating to new repository can encounter problems because Git has no knowledge about the connection between the two.
% git merge -s ours -m "Mark old branch as merged" old_branch
....
With that, it's possible to merge your work branch or the main branch in any order without problem.
Eventually, when you are ready to commit your work back to main, you can perform a rebase to main, or do a squash commit by combining everything into one commit.
One general note: due to technical differences with Git, we will not be using Git "merge commits" (created via `git merge`) in stable or releng branches.
Instead, when this document refers to "merge commits", it means a commit originally made to `main` that is replicated or "landed" to a stable branch, or a commit from a stable branch that is replicated to a releng branch with some variation of `git cherry-pick`.
Git provides some built-in support for this via the `git cherry` and `git log --cherry` commands.
These commands compare the raw diffs of commits (but not other metadata such as log messages) to determine if two commits are identical.
This works well when each commit from head is landed as a single commit to a stable branch, but it falls over if multiple commits from main are squashed together as a single commit to a stable branch.
1. We could ban squashing of commits and instead require that committers stage all of the fixup / follow-up commits to stable into a single push.
This would still achieve the goal of stability in stable and releng branches since pushes are atomic and users doing a simple pull will never end up with a tree that has the main commit without the fixup(s).
`git bisect` is also able to cope with this model via `git bisect skip`.
2. We could adopt a consistent style for describing MFCs and write our own tooling to wrap around `git cherry` to determine the list of eligible commits.
A simple approach here might be to use the syntax from `git cherry-pick -x`, but require that a squashed commit list all of the hashes (one line per hash) at the end of the commit message.
Developers could do this by using `git cherry-pick -x` of each individual commit into a branch and then use `git rebase` to squash the commits down into a single commit, but collecting the `-x` annotations at the end of the landed commit log.
* Use the `-x` flag with `git cherry-pick`. This adds a line to the commit message that includes the hash of the original commit when merging. Since it is added by Git directly, committers do not have to manually edit the commit log when merging.
Should it include the metadata from the original commit unchanged, or should it be altered to reflect information about the MFC commit itself?
Historical practice has varied, though some of the variance is by field.
For example, MFCs that are relevant to a PR generally include the PR field in the MFC so that MFC commits are included in the bug tracker's audit trail.
Other fields are less clear.
For example, Phabricator shows the diff of the last commit tagged to a review, so including Phabricator URLs replaces the `main` commit with the landed commits.
The list of reviewers is also not clear.
If a reviewer has approved a change to `main`, does that mean they have approved the MFC commit? Is that true if it's identical code only, or with merely trivial reworkes? It's clearly not true for more extensive reworks.
Even for identical code what if the commit doesn't conflict but introduces an ABI change? A reviewer may have ok'd a commit for `main` due to the ABI breakage but may not approve of merging the same commit as-is.
One will have to use one's best judgement until clear guidelines can be agreed upon.
For MFCs regulated by re@, new metadata fields are added, such as the Approved by tag for approved commits.
This new metadata will have to be added via `git commit --amend` or similar after the original commit has been reviewed and approved.
We may also want to reserve some metadata fields in MFC commits such as Phabricator URLs for use by re@ in the future.
If instead we choose to adjust metadata in MFCs, developers will have to edit log messages explicitly via the use of `git cherry-pick --edit` or `git commit --amend`.
However, as compared to svn, at least the existing commit message can be pre-populated and metadata fields can be added or removed without having to re-enter the entire commit message.
Because the current policy recommends against using merges, if the upstream FreeBSD `main` moved forward before you get a chance to push, you would have to redo the merge.
While phabricator is good for content review, publishing the updated vendor branch and merge commits lets others check the details as they will eventually appear in the repository.
. The commit messages look <<commit-log-message,good>>. It should contain a summary of what's changed since the last merge to the FreeBSD main line and any caveats.
. UPDATING should be updated if there is anything of note, such as user visible changes, important upgrade concerns, etc.
If you are migrating from a tree that has changes you've not yet committed to FreeBSD, you'll need to follow the steps from the previous section first, and then follow these.
There is a common trap, that the combination command `git pull` will try to perform a merge, which would sometimes creates a merge commit that didn't exist before.
This will bring up an interactive screen to change the defaults.
For now, just exit the editor.
Everything should just apply.
If not, then you'll need to resolve the diffs.
https://docs.github.com/en/free-pro-team@latest/github/using-git/resolving-merge-conflicts-after-a-git-rebase[This github document] can help you navigate this process.
Note: as of this writing, https://github.com/freebsd/freebsd-src is mirroring all official branches, along with a `master` branch which is the legacy svn2git result.
The `master` branch will not be updated anymore, and the link:https://github.com/freebsd/freebsd-src/commit/de1aa3dab23c06fec962a14da3e7b4755c5880cf[last commit] contains the instructions for migrating to the new `main` branch.
We'll retain the `master` branch for a certain time, but in the future it will only be kept in the link:https://github.com/freebsd/freebsd-legacy[freebsd-legacy] repository.
The author recommends that your upstream GitHub repository remain the default push location so that you only push things into FreeBSD you intend to by making it explicit.
I recommend using `--ff-only` because it's safer and you avoid accidentally getting into a 'merge nightmare' where you have an extra change in your tree, forcing a complicated merge rather than a simple one.
**A:** The same technique above also works if you are wanting to 'land' parts of the branch you are working on into `main` before the rest of the branch is ready (say you noticed an unrelated typo, or fixed an incidental bug).
You can cherry pick those changes into main, then push to the parent repository.
Once you've done that, cleanup couldn't be simpler: just `git rebase -i`.
Git will notice you've done this and skip the common changes automatically (even if you had to change the commit message or tweak the commit slightly).
There's no need to switch back to wilma to adjust it: just rebase!
**A:** The more general answer would be the same as the previous.
You'd checkout/create the `fred` branch, cherry pick the changes you want from `wilma` one at a time, then rebase `wilma` to remove those changes you cherry picked.
`git rebase -i main wilma` will toss you into an editor, and remove the `pick` lines that correspond to the commits you copied to `fred`.
If all goes well, and there are no conflicts, you're done.
If not, you'll need to resolve the conflicts as you go.
The other way to do this would be to checkout `wilma` and then create the branch `fred` to point to the same point in the tree.
You can then `git rebase -i` both these branches, selecting the changes you want in `fred` or `wilma` by retaining the pick likes, and deleting the rest from the editor.
The 'checkout -B' with the hash combines checking out and creating a branch for it.
The -B instead of -b forces the movement of a pre-existing branch.
Either way works, which is what's great (and awful) about Git.
One reason I tend to use `git checkout -B xxxx hash` instead of checking out the hash, and then creating / moving the branch is purely to avoid the slightly distressing message about detached heads:
**Q:** I have a branch called `driver` and I'd like to break it up into `kernel` and `userland` so I can evolve them separately and commit each branch as it becomes ready.
and just include the changes you want (with a 'p' or 'pick' line) and just delete the commits you don't (this sounds scary, but if worse comes to worse, you can throw this all away and start over with the `driver` branch since you've not yet moved it).
Now, if you are lucky, the change needing to be split up falls entirely along file lines.
In that case you can just do the usual `git add` for the files in each group than do a `git commit`.
Note: when you do this, you'll lose the commit message when you do the reset, so if you need it for some reason, you should save a copy (though `git log $HASH` can recover it).
If you are not lucky, you'll need to split apart files.
There's another tool to do that which you can apply one file at a time.
The second disadvantage is that Git normally rewrites the refs (branch name, tags, etc) from upstream so that your local refs can evolve independently of upstream.
This means that you'll lose changes if you are committing to this repository on anything other than private project branches.
One of the keys to good software development on a project as large as FreeBSD is the ability to collaborate with others before you push your changes to the tree.
The FreeBSD project's Git repositories do not, yet, allow user created branches to be pushed to the repository, and therefore if you wish to share your changes with others you must use another mechanism, such as a hosted GitLab or GitHub, in order to share changes in a user generated branch.
The first step is to create a fork of https://github.com/freebsd/freebsd-src[FreeBSD] on GitHub following these https://docs.github.com/en/github/getting-started-with-github/fork-a-repo[guidelines].
Make whatever modifications you wish in your branch. Build, test, and once you're ready to collaborate with others it's time to push your changes into your hosted branch.
Those who have been given commit rights to the FreeBSD repositories must follow these steps.
* Get mentor approval before committing each of these changes!
* The [.filename]#.ent# and [.filename]#.xml# files mentioned below exist in the FreeBSD Documentation Project SVN repository at `svn+ssh://repo.FreeBSD.org/doc/`.
* All [.filename]#src# commits go to FreeBSD-CURRENT first before being merged to FreeBSD-STABLE. The FreeBSD-STABLE branch must maintain ABI and API compatibility with earlier versions of that branch. Do not merge changes that break this compatibility.
[.filename]#doc/shared/authors.adoc# - Add an author entity. Later steps depend on this entity, and missing this step will cause the [.filename]#doc/# build to fail. This is a relatively easy task, but remains a good first test of version control skills.
[.filename]#doc/en/articles/contributors/contrib-committers.adoc# - Add an entry to the "Developers" section of the link:{contributors}#staff-committers[Contributors List]. Entries are sorted by last name.
[.filename]#doc/en/articles/contributors/contrib-additional.adoc# - _Remove_ the entry from the "Additional Contributors" section. Entries are sorted by first name.
[.filename]#website/data/en/news/news.toml# - Add an entry. Look for the other entries that announce new committers and follow the format. Use the date from the commit bit approval email from mailto:core@FreeBSD.org[core@FreeBSD.org].
`{des}` has written a shell script ([.filename]#documentation/tools/addkey.sh#) to make this easier. See the https://cgit.freebsd.org/doc/plain/documentation/static/pgpkeys/README[README] file for more information.
After adding and checking a key, add both updated files to source control and then commit them. Entries in this file are sorted by last name.
+
[NOTE]
======
It is very important to have a current PGP/GnuPG key in the repository. The key may be required for positive identification of a committer. For example, the `{admins}` might need it for account recovery. A complete keyring of `FreeBSD.org` users is available for download from link:https://www.FreeBSD.org/doc/pgpkeyring.txt[https://www.FreeBSD.org/doc/pgpkeyring.txt].
[.filename]#base/head/share/misc/committers-repository.dot# - Add an entry to the current committers section, where _repository_ is `doc`, `ports`, or `src`, depending on the commit privileges granted.
Add an entry for each additional mentor/mentee relationship in the bottom section.
. Generate a Kerberos Password
+
See <<kerberos-ldap>> to generate or set a Kerberos for use with other FreeBSD services like the bug tracking database.
. Optional: Enable Wiki Account
+
https://wiki.freebsd.org[FreeBSD Wiki] Account - A wiki account allows sharing projects and ideas. Those who do not yet have an account can follow instructions on the https://wiki.freebsd.org/AboutWiki[AboutWiki Page] to obtain one. Contact mailto:wiki-admin@FreeBSD.org[wiki-admin@FreeBSD.org] if you need help with your Wiki account.
. Optional: Update Wiki Information
+
Wiki Information - After gaining access to the wiki, some people add entries to the https://wiki.freebsd.org/HowWeGotHere[How We Got Here], https://wiki.freebsd.org/IRC/Nicknames[IRC Nicks], and https://wiki.freebsd.org/Community/Dogs[Dogs of FreeBSD] pages.
. Optional: Update Ports with Personal Information
+
[.filename]#ports/astro/xearth/files/freebsd.committers.markers# and [.filename]#src/usr.bin/calendar/calendars/calendar.freebsd# - Some people add entries for themselves to these files to show where they are located or the date of their birthday.
Subscribers to {dev-commits-doc-all}, {dev-commits-ports-all} or {dev-commits-src-all} might wish to unsubscribe to avoid receiving duplicate copies of commit messages and followups.
. Introduce yourself to the other developers, otherwise no one will have any idea who you are or what you are working on. The introduction need not be a comprehensive biography, just write a paragraph or two about who you are, what you plan to be working on as a developer in FreeBSD, and who will be your mentor. Email this to the {developers-name} and you will be on your way!
. Log into `freefall.FreeBSD.org` and create a [.filename]#/var/forward/user# (where _user_ is your username) file containing the e-mail address where you want mail addressed to _yourusername_@FreeBSD.org to be forwarded. This includes all of the commit messages as well as any other mail addressed to the {committers-name} and the {developers-name}. Really large mailboxes which have taken up permanent residence on `freefall` may get truncated without warning if space needs to be freed, so forward it or save it elsewhere.
+
[NOTE]
======
If your e-mail system uses SPF with strict rules, you should whitelist `mx2.FreeBSD.org` from SPF checks.
======
+
Due to the severe load dealing with SPAM places on the central mail servers that do the mailing list processing, the front-end server does do some basic checks and will drop some messages based on these checks. At the moment proper DNS information for the connecting host is the only check in place but that may change. Some people blame these checks for bouncing valid email. To have these checks turned off for your email, create a file named [.filename]#~/.spam_lover# on `freefall.FreeBSD.org`.
+
[NOTE]
======
Those who are developers but not committers will not be subscribed to the committers or developers mailing lists. The subscriptions are derived from the access rights.
======
====
[[smtp-setup]]
==== SMTP Access Setup
For those willing to send e-mail messages through the FreeBSD.org infrastructure, follow the instructions below:
[.procedure]
====
. Point your mail client at `smtp.FreeBSD.org:587`.
. Enable STARTTLS.
. Ensure your `From:` address is set to `_yourusername_@FreeBSD.org`.
. For authentication, you can use your FreeBSD Kerberos username and password (see <<kerberos-ldap>>). The `_yourusername_/mail` principal is preferred, as it is only valid for authenticating to mail resources.
+
[NOTE]
======
Do not include `@FreeBSD.org` when entering in your username.
======
+
.Additional Notes
[NOTE]
======
* Will only accept mail from `_yourusername_@FreeBSD.org`. If you are authenticated as one user, you are not permitted to send mail from another.
* A header will be appended with the SASL username: (`Authenticated sender: _username_`).
* Host has various rate limits in place to cut down on brute force attempts.
======
====
[[smtp-setup-local-mta]]
===== Using a Local MTA to Forward Emails to the FreeBSD.org SMTP Service
It is also possible to use a local MTA to forward locally sent emails to the FreeBSD.org SMTP servers.
[[smtp-setup-local-postfix]]
.Using Postfix
[example]
====
To tell a local Postfix instance that anything from `_yourusername_@FreeBSD.org` should be forwarded to the FreeBSD.org servers, add this to your [.filename]#main.cf#:
Create [.filename]#/usr/local/etc/postfix/relayhost_maps# with the following content:
[.programlisting]
....
yourusername@FreeBSD.org [smtp.freebsd.org]:587
....
Create [.filename]#/usr/local/etc/postfix/sasl_passwd# with the following content:
[.programlisting]
....
[smtp.freebsd.org]:587 yourusername:yourpassword
....
If the email server is used by other people, you may want to prevent them from sending e-mails from your address. To achieve this, add this to your [.filename]#main.cf#:
To tell a local OpenSMTPD instance that anything from `_yourusername_@FreeBSD.org` should be forwarded to the FreeBSD.org servers, add this to your [.filename]#smtpd.conf#:
When the mentor decides that a mentee has learned the ropes and is ready to commit on their own, the mentor announces it with a commit to [.filename]#conf/mentors#.
This file is in the [.filename]#svnadmin# branch of each repository:
* All non-trivial changes should be reviewed before they are committed to the repository.
* Reviews may be conducted by email, in Bugzilla, in Phabricator, or by another mechanism. Where possible, reviews should be public.
* The developer responsible for a code change is also responsible for making all necessary review-related changes.
* Code review can be an iterative process, which continues until the patch is ready to be committed. Specifically, once a patch is sent out for review, it should receive an explicit "looks good" before it is committed. So long as it is explicit, this can take whatever form makes sense for the review method.
* Timeouts are not a substitute for review.
Sometimes code reviews will take longer than you would hope for, especially for larger features. Accepted ways to speed up review times for your patches are:
* Review other people's patches. If you help out, everybody will be more willing to do the same for you; goodwill is our currency.
* Ping the patch. If it is urgent, provide reasons why it is important to you to get this patch landed and ping it every couple of days. If it is not urgent, the common courtesy ping rate is one week. Remember that you are asking for valuable time from other professional developers.
* Ask for help on mailing lists, IRC, etc. Others may be able to either help you directly, or suggest a reviewer.
* Split your patch into multiple smaller patches that build on each other. The smaller your patch, the higher the probability that somebody will take a quick look at it.
+
When making large changes, it is helpful to keep this in mind from the beginning of the effort as breaking large changes into smaller ones is often difficult after the fact.
When you commit a change in Git, Subversion, or another version control system (VCS), you're prompted to write some text describing the commit -- a commit message.
How important is this commit message? Should you spend some significant effort writing it? Does it really matter if you write simply fixed a bug?
FreeBSD commits generate email to various mailing lists.
These include the commit message along with a copy of the patch itself.
Commit messages are also viewed through commands like git log.
These serve to make other developers aware of changes that are ongoing; that other developer may want to test the change, may have an interest in the topic and will want to review in more detail, or may have their own projects underway that would benefit from interaction.
Wrapping at 72 columns provides a matching margin on the right edge.
Limiting messages to 72 characters also keeps the commit message in formatted patches below RFC 2822's suggested email line length limit of 78 characters.
This limit works well with a variety of tools that may render commit messages; line wrapping might be inconsistent with longer line length.
This facilitates short subject lines and provides consistency, including with automatically generated commit messages (e.g., as generated by git revert).
This is important when reading a list of commit subjects.
Think of the subject as finishing the sentence "when applied, this change will ...".
Sometimes while writing a commit message you may find yourself writing a sentence or two explaining some tricky or confusing aspect of the change. When this happens consider whether it would be valuable to have that explanation as a comment in the code itself.
While writing the commit message for a change you have all of the context in mind - what prompted the change, alternate approaches that were considered and rejected, limitations of the change, and so on.
Imagine yourself revisiting the change a year or two in the future, and write the commit message in a way that would provide that necessary context.
As well as including an informative message with each commit, some additional information may be needed.
This information consists of one or more lines containing the key word or phrase, a colon, tabs for formatting, and then the additional information.
The key words or phrases are:
[.informaltable]
[cols="20%,80%", frame="none"]
|===
|`PR:`
|The problem report (if any) which is affected (typically, by being closed) by this commit. Multiple PRs may be specified on one line, separated by commas or spaces.
If the submitter is the maintainer of the port being committed, include "(maintainer)" after the email address.
Avoid obfuscating the email address of the submitter as this adds additional work when searching logs.
|`Reviewed by:`
|The name and e-mail address of the person or people that reviewed the change; for developers, just the username on the FreeBSD cluster. If a patch was submitted to a mailing list for review, and the review was favorable, then just include the list name.
|If the commit should be merged together with a previous one in a single MFC commit (for example, where this commit corrects a bug in the previous change), specify the corresponding Git hash.
|If the change is a candidate for inclusion in the release notes for the next release from the branch, set to `yes`.
|`Security:`
|If the change is related to a security vulnerability or security exposure, include one or more references or a description of the issue. If possible, include a VuXML URL or a CVE ID.
|`Event:`
|The description for the event where this commit was made. If this is a recurring event, add the year or even the month to it. For example, this could be `FooBSDcon 2019`. The idea behind this line is to put recognition to conferences, gatherings, and other types of meetups and to show that these are useful to have. Please do not use the `Sponsored by:` line for this as that is meant for organizations sponsoring certain features or developers working on them.
|Sponsoring organizations for this change, if any. Separate multiple organizations with commas. If only a portion of the work was sponsored, or different amounts of sponsorship were provided to different authors, please give appropriate credit in parentheses after each sponsor name. For example, `Example.com (alice, code refactoring), Wormulon (bob), Momcorp (cindy)` shows that Alice was sponsored by Example.com to do code refactoring, while Wormulon sponsored Bob's work and Momcorp sponsored Cindy's work. Other authors were either not sponsored or chose not to list sponsorship.
Where _2_ is the number of days, weeks, or months after which an MFC is planned. The _weeks_ option may be `day`, `days`, `week`, `weeks`, `month`, `months`.
Consider the situation where a user has submitted a PR containing code from the NetBSD project.
Looking at the PR, the developer sees it is not an area of the tree they normally work in, so they have the change reviewed by the `arch` mailing list.
Since the change is complex, the developer opts to MFC after one month to allow adequate testing.
The FreeBSD Project's full license policy can be found at link:https://www.FreeBSD.org/internal/software-license/[https://www.FreeBSD.org/internal/software-license].
The rest of this section is intended to help you get started.
As a rule, when in doubt, ask.
It is much easier to give advice than to fix the source tree.
The FreeBSD project discourages completely new licenses and variations on the standard licenses.
New licenses require the approval of the {core-email} to reside in the main repository.
The more different licenses that are used in the tree, the more problems that this causes to those wishing to utilize this code, typically from unintended consequences from a poorly worded license.
Project policy dictates that code under some non-BSD licenses must be placed only in specific sections of the repository, and in some cases, compilation must be conditional or even disabled by default.
For example, the GENERIC kernel must be compiled under only licenses identical to or substantially similar to the BSD license.
GPL, APSL, CDDL, etc, licensed software must not be compiled into GENERIC.
Developers are reminded that in open source, getting "open" right is just as important as getting "source" right, as improper handling of intellectual property has serious consequences.
Any questions or concerns should immediately be brought to the attention of the core team.
Various software or data exist in the repositories where the FreeBSD project has been granted a special licence to be able to use them.
A case in point are the Terminus fonts for use with man:vt[4].
Here the author Dimitar Zhekov has allowed us to use the "Terminus BSD Console" font under a 2-clause BSD license rather than the regular Open Font License he normally uses.
* Contact details for people or organizations granting the special license.
* What files, directories etc. in the repositories are covered by the license grant including the revision numbers where any specially licensed material was committed.
* The date the license comes into effect from. Unless otherwise agreed, this will be the date the license was issued by the authors of the software in question.
* The license text.
* A note of any restrictions, limitations or exceptions that apply specifically to FreeBSD's usage of the licensed material.
Once the {core-email} is satisfied that all the necessary details have been gathered and are correct, the secretary will send a PGP-signed acknowledgement of receipt including the license details.
This receipt will be persistently archived and serve as our permanent record of the license grant.
The project uses https://spdx.dev[SPDX] tags in our source base.
At present, these tags are indented to help automated tools reconstruct license requirements mechanically.
All _SPDX-License-Identifier_ tags in the tree should be considered to be informative.
All files in the FreeBSD source tree with these tags also have a copy of the license which governs use of that file.
In the event of a discrepency, the verbatim license is controlling.
The project tries to follow the https://spdx.github.io/spdx-spec/[SPDX Specification, Version 2.2].
How to mark source files and valid algebraic expressions are found in https://spdx.github.io/spdx-spec/appendix-IV-SPDX-license-expressions/[Appendix IV] and https://spdx.github.io/spdx-spec/appendix-V-using-SPDX-short-identifiers-in-source-files/[Appendix V].
The project draws identifiers from SPDX's list of valid https://spdx.org/licenses/[short license identifiers].
The project uses only the _SPDX-License-Identifier_ tag.
As of March 2021, approximately 25,000 out of 90,000 files in the tree have been marked.
When working directly on your own code or on code which is already well established as your responsibility, then there is probably little need to check with other committers before jumping in with a commit.
Working on a bug in an area of the system which is clearly orphaned (and there are a few such areas, to our shame), the same applies.
When modifying parts of the system which are maintained, formally, or informally, consider asking for review just as a developer would have before becoming a committer.
For ports, contact the listed `MAINTAINER` in the [.filename]#Makefile#.
To determine if an area of the tree is maintained, check the MAINTAINERS file at the root of the tree.
If nobody is listed, scan the revision history to see who has committed changes in the past.
An example script that lists each person who has committed to a given file along with the number of commits each person has made can be found at on `freefall` at [.filename]#~eadler/bin/whodid#.
If queries go unanswered or the committer otherwise indicates a lack of interest in the area affected, go ahead and commit it.
If they see a different solution to a problem, or even a different problem, it is probably not because they are stupid, because they have questionable parentage, or because they are trying to destroy hard work, personal image, or FreeBSD, but basically because they have a different outlook on the world.
Argue your position from its merits, be honest about any shortcomings it may have, and be open to seeing their solution, or even their vision of the problem, with an open mind.
For project specific or administrative questions ask, in order:
* Your mentor or former mentor.
* An experienced committer on IRC, email, etc.
* Any team with a "hat", as they can give you a definitive answer.
* If still not sure, ask on {developers-name}.
Once your question is answered, if no one pointed you to documentation that spelled out the answer to your question, document it, as others will have the same question.
Committers with non-``FreeBSD.org`` Bugzilla accounts can have the old account merged with the `FreeBSD.org` account by following these steps:
[.procedure]
====
. Log in using your old account.
. Open new bug. Choose `Services` as the Product, and `Bug Tracker` as the Component. In bug description list accounts you wish to be merged.
. Log in using `FreeBSD.org` account and post comment to newly opened bug to confirm ownership. See <<kerberos-ldap>> for more details on how to generate or set a password for your `FreeBSD.org` account.
. If there are more than two accounts to merge, post comments from each of them.
====
You can find out more about Bugzilla at:
* link:{pr-guidelines}[FreeBSD Problem Report Handling Guidelines]
Committers with non-``FreeBSD.org`` Phabricator accounts can have the old account renamed to the ``FreeBSD.org`` account by following these steps:
[.procedure]
====
. Change your Phabricator account email to your `FreeBSD.org` email.
. Open new bug on our bug tracker using your `FreeBSD.org` account, see <<bugzilla>> for more information. Choose `Services` as the Product, and `Code Review` as the Component. In bug description request that your Phabricator account be renamed, and provide a link to your Phabricator user. For example, `https://reviews.freebsd.org/p/bob_example.com/`
====
[IMPORTANT]
====
Phabricator accounts cannot be merged, please do not open a new account.
====
[[people]]
== Who's Who
Besides the repository meisters, there are other FreeBSD project members and teams whom you will probably get to know in your role as a committer. Briefly, and by no means all-inclusively, these are:
doceng is the group responsible for the documentation build infrastructure, approving new documentation committers, and ensuring that the FreeBSD website and documentation on the FTP site is up to date with respect to the Subversion tree.
This team is responsible for setting release deadlines and controlling the release process.
During code freezes, the release engineers have final authority on all changes to the system for whichever branch is pending release status.
If there is something you want merged from FreeBSD-CURRENT to FreeBSD-STABLE (whatever values those may have at any given time), these are the people to talk to about it.
If you need advice on obscure network internals or are not sure of some potential change to the networking subsystem you have in mind, Garrett is someone to talk to.
Garrett is also very knowledgeable on the various standards applicable to FreeBSD.
All FreeBSD committers are expected not to not publish or forward messages from the {developers-name} outside the list membership without permission of all of the authors.
Violators will be removed from the {developers-name}, resulting in a suspension of commit privileges.
Repeated or flagrant violations may result in permanent revocation of commit privileges.
This list is _not_ intended as a place for code reviews or for any technical discussion.
In fact using it as such hurts the FreeBSD Project as it gives a sense of a closed list where general decisions affecting all of the FreeBSD using community are made without being "open".
Last, but not least __never, never ever, email the {developers-name} and CC:/BCC: another FreeBSD list__.
Never, ever email another FreeBSD email list and CC:/BCC: the {developers-name}.
Doing so can greatly diminish the benefits of this list.
. If you do not wish to type your password in every time you use man:ssh[1], and you use keys to authenticate, man:ssh-agent[1] is there for your convenience. If you want to use man:ssh-agent[1], make sure that you run it before running other applications. X users, for example, usually do this from their [.filename]#.xsession# or [.filename]#.xinitrc#. See man:ssh-agent[1] for details.
. Generate a key pair using man:ssh-keygen[1]. The key pair will wind up in your [.filename]#$HOME/.ssh/# directory.
+
[IMPORTANT]
======
Only ECDSA, Ed25519 or RSA keys are supported.
======
. Send your public key ([.filename]#$HOME/.ssh/id_ecdsa.pub#, [.filename]#$HOME/.ssh/id_ed25519.pub#, or [.filename]#$HOME/.ssh/id_rsa.pub#) to the person setting you up as a committer so it can be put into [.filename]#yourlogin# in [.filename]#/etc/ssh-keys/# on `freefall`.
All FreeBSD developers can obtain access to Coverity analysis results of all FreeBSD Project software.
All who are interested in obtaining access to the analysis results of the automated Coverity runs, can sign up at http://scan.coverity.com/[Coverity Scan].
The FreeBSD wiki includes a mini-guide for developers who are interested in working with the Coverity(R) analysis reports: https://wiki.freebsd.org/CoverityPrevent[https://wiki.freebsd.org/CoverityPrevent].
Please note that this mini-guide is only readable by FreeBSD developers, so if you cannot access this page, you will have to ask someone to add you to the appropriate Wiki access list.
Finally, all FreeBSD developers who are going to use Coverity(R) are always encouraged to ask for more details and usage information, by posting any questions to the mailing list of the FreeBSD developers.
Everyone involved with the FreeBSD project is expected to abide by the _Code of Conduct_ available from link:https://www.FreeBSD.org/internal/code-of-conduct/[https://www.FreeBSD.org/internal/code-of-conduct].
As committers, you form the public face of the project, and how you behave has a vital impact on the public perception of it.
This guide expands on the parts of the _Code of Conduct_ specific to committers.
. Discuss any significant change _before_ committing.
. Respect existing maintainers (if listed in the `MAINTAINER` field in [.filename]#Makefile# or in [.filename]#MAINTAINER# in the top-level directory).
. Any disputed change must be backed out pending resolution of the dispute if requested by a maintainer. Security related changes may override a maintainer's wishes at the Security Officer's discretion.
. Changes go to FreeBSD-CURRENT before FreeBSD-STABLE unless specifically permitted by the release engineer or unless they are not applicable to FreeBSD-CURRENT. Any non-trivial or non-urgent change which is applicable should also be allowed to sit in FreeBSD-CURRENT for at least 3 days before merging so that it can be given sufficient testing. The release engineer has the same authority over the FreeBSD-STABLE branch as outlined for the maintainer in rule #5.
. Do not fight in public with other committers; it looks bad.
. Respect all code freezes and read the `committers` and `developers` mailing lists in a timely manner so you know when a code freeze is in effect.
. When in doubt on any procedure, ask first!
. Test your changes before committing them.
. Do not commit to contributed software without _explicit_ approval from the respective maintainers.
As noted, breaking some of these rules can be grounds for suspension or, upon repeated offense, permanent removal of commit privileges.
Individual members of core have the power to temporarily suspend commit privileges until core as a whole has the chance to review the issue.
In case of an "emergency" (a committer doing damage to the repository), a temporary suspension may also be done by the repository meisters.
Only a 2/3 majority of core has the authority to suspend commit privileges for longer than a week or to remove them permanently.
This rule does not exist to set core up as a bunch of cruel dictators who can dispose of committers as casually as empty soda cans, but to give the project a kind of safety fuse.
If someone is out of control, it is important to be able to deal with this immediately rather than be paralyzed by debate.
In all cases, a committer whose privileges are suspended or revoked is entitled to a "hearing" by core, the total duration of the suspension being determined at that time.
A committer whose privileges are suspended may also request a review of the decision after 30 days and every 30 days thereafter (unless the total suspension period is less than 30 days).
A committer whose privileges have been revoked entirely may request a review after a period of 6 months has elapsed.
This review policy is _strictly informal_ and, in all cases, core reserves the right to either act on or disregard requests for review if they feel their original decision to be the right one.
In all other aspects of project operation, core is a subset of committers and is bound by the __same rules__.
Just because someone is in core this does not mean that they have special dispensation to step outside any of the lines painted here; core's "special powers" only kick in when it acts as a group, not on an individual basis.
As individuals, the core team members are all committers first and core second.
This means that you need to treat other committers as the peer-group developers that they are.
Despite our occasional attempts to prove the contrary, one does not get to be a committer by being stupid and nothing rankles more than being treated that way by one of your peers.
Whether we always feel respect for one another or not (and everyone has off days), we still have to _treat_ other committers with respect at all times, on public forums and in private email.
Being able to work together long term is this project's greatest asset, one far more important than any set of changes to the code, and turning arguments about code into issues that affect our long-term ability to work harmoniously together is just not worth the trade-off by any conceivable stretch of the imagination.
To comply with this rule, do not send email when you are angry or otherwise behave in a manner which is likely to strike others as needlessly confrontational.
First calm down, then think about how to communicate in the most effective fashion for convincing the other persons that your side of the argument is correct, do not just blow off some steam so you can feel better in the short term at the cost of a long-term flame war.
Not only is this very bad "energy economics", but repeated displays of public aggression which impair our ability to work well together will be dealt with severely by the project leadership and may result in suspension or termination of your commit privileges.
The project leadership will take into account both public and private communications brought before it.
It will not seek the disclosure of private communications, but it will take it into account if it is volunteered by the committers involved in the complaint.
The repository is not where changes are initially submitted for correctness or argued over, that happens first in the mailing lists or by use of the Phabricator service.
The commit will only happen once something resembling consensus has been reached.
This does not mean that permission is required before correcting every obvious syntax error or manual page misspelling, just that it is good to develop a feel for when a proposed change is not quite such a no-brainer and requires some feedback first.
People really do not mind sweeping changes if the result is something clearly better than what they had before, they just do not like being _surprised_ by those changes.
The very best way of making sure that things are on the right track is to have code reviewed by one or more other committers.
Many parts of FreeBSD are not "owned" in the sense that any specific individual will jump up and yell if you commit a change to "their" area, but it still pays to check first.
One convention we use is to put a maintainer line in the [.filename]#Makefile# for any package or subtree which is being actively maintained by one or more people; see link:{developers-handbook}#policies[Source Tree Guidelines and Policies] for documentation on this.
Where sections of code have several maintainers, commits to affected areas by one maintainer need to be reviewed by at least one other maintainer.
In cases where the "maintainer-ship" of something is not clear, look at the repository logs for the files in question and see if someone has been working recently or predominantly in that area.
. Any disputed change must be backed out pending resolution of the dispute if requested by a maintainer. Security related changes may override a maintainer's wishes at the Security Officer's discretion.
This may be hard to swallow in times of conflict (when each side is convinced that they are in the right, of course) but a version control system makes it unnecessary to have an ongoing dispute raging when it is far easier to simply reverse the disputed change, get everyone calmed down again and then try to figure out what is the best way to proceed.
If the change turns out to be the best thing after all, it can be easily brought back.
If it turns out not to be, then the users did not have to live with the bogus change in the tree while everyone was busily debating its merits.
People _very_ rarely call for back-outs in the repository since discussion generally exposes bad or controversial changes before the commit even happens, but on such rare occasions the back-out should be done without argument so that we can get immediately on to the topic of figuring out whether it was bogus or not.
. Changes go to FreeBSD-CURRENT before FreeBSD-STABLE unless specifically permitted by the release engineer or unless they are not applicable to FreeBSD-CURRENT. Any non-trivial or non-urgent change which is applicable should also be allowed to sit in FreeBSD-CURRENT for at least 3 days before merging so that it can be given sufficient testing. The release engineer has the same authority over the FreeBSD-STABLE branch as outlined in rule #5.
This is another "do not argue about it" issue since it is the release engineer who is ultimately responsible (and gets beaten up) if a change turns out to be bad.
Please respect this and give the release engineer your full cooperation when it comes to the FreeBSD-STABLE branch.
The management of FreeBSD-STABLE may frequently seem to be overly conservative to the casual observer, but also bear in mind the fact that conservatism is supposed to be the hallmark of FreeBSD-STABLE and different rules apply there than in FreeBSD-CURRENT.
There is also really no point in having FreeBSD-CURRENT be a testing ground if changes are merged over to FreeBSD-STABLE immediately.
Changes need a chance to be tested by the FreeBSD-CURRENT developers, so allow some time to elapse before merging unless the FreeBSD-STABLE fix is critical, time sensitive or so obvious as to make further testing unnecessary (spelling fixes to manual pages, obvious bug/typo fixes, etc.) In other words, apply common sense.
Changes to the security branches (for example, `releng/9.3`) must be approved by a member of the `{security-officer}`, or in some cases, by a member of the `{re}`.
. Do not fight in public with other committers; it looks bad.
This project has a public image to uphold and that image is very important to all of us, especially if we are to continue to attract new members.
There will be occasions when, despite everyone's very best attempts at self-control, tempers are lost and angry words are exchanged.
The best thing that can be done in such cases is to minimize the effects of this until everyone has cooled back down.
Do not air angry words in public and do not forward private correspondence or other private communications to public mailing lists, mail aliases, instant messaging channels or social media sites.
What people say one-to-one is often much less sugar-coated than what they would say in public, and such communications therefore have no place there - they only serve to inflame an already bad situation.
If the person sending a flame-o-gram at least had the grace to send it privately, then have the grace to keep it private yourself.
If you feel you are being unfairly treated by another developer, and it is causing you anguish, bring the matter up with core rather than taking it public. Core will do its best to play peace makers and get things back to sanity.
In cases where the dispute involves a change to the codebase and the participants do not appear to be reaching an amicable agreement, core may appoint a mutually-agreeable third party to resolve the dispute.
All parties involved must then agree to be bound by the decision reached by this third party.
Committing unapproved changes during a code freeze is a really big mistake and committers are expected to keep up-to-date on what is going on before jumping in after a long absence and committing 10 megabytes worth of accumulated stuff.
People who abuse this on a regular basis will have their commit privileges suspended until they get back from the FreeBSD Happy Reeducation Camp we run in Greenland.
Many mistakes are made because someone is in a hurry and just assumes they know the right way of doing something.
If you have not done it before, chances are good that you do not actually know the way we do things and really need to ask first or you are going to completely embarrass yourself in public.
There is no shame in asking "how in the heck do I do this?" We already know you are an intelligent person; otherwise, you would not be a committer.
Reasons for modifying upstream software range from wanting strict control over a tightly coupled dependency to lack of portability in the canonical repository's distribution of their code.
Regardless of the reason, effort to minimize the maintenance burden of fork is helpful to fellow maintainers.
Avoid committing trivial or cosmetic changes to files since it makes every merge thereafter more difficult: such patches need to be manually re-verified every import.
Our 32-bit reference platform is i386, and our 64-bit reference platform is amd64.
Major design work (including major API and ABI changes) must prove itself on at least one 32-bit and at least one 64-bit platform, preferably the primary reference platforms, before it may be committed to the source tree.
The i386 and amd64 platforms were chosen due to being more readily available to developers and as representatives of more diverse processor and system designs - big versus little endian, register file versus register stack, different DMA and cache implementations, hardware page tables versus software TLB management etc.
We will continue to re-evaluate this policy as cost and availability of the 64-bit platforms change.
Developers should also be aware of our Tier Policy for the long term support of hardware architectures.
The rules here are intended to provide guidance during the development process, and are distinct from the requirements for features and architectures listed in that section.
The Tier rules for feature support on architectures at release-time are more strict than the rules for changes during the development process.
For manual pages, run package:sysutils/manck[] and package:textproc/igor[] over the manual page to verify all of the cross references and file references are correct and that the man page has all of the appropriate `MLINKS` installed.
When it is necessary to remove functionality from software in the base system, follow these guidelines whenever possible:
. Mention is made in the manual page and possibly the release notes that the option, utility, or interface is deprecated. Use of the deprecated feature generates a warning.
. The option, utility, or interface is preserved until the next major (point zero) release.
. The option, utility, or interface is removed and no longer documented. It is now obsolete. It is also generally a good idea to note its removal in the release notes.
Where there are security problems that affect many different operating systems, FreeBSD frequently depends on early access to be able to prepare advisories for coordinated release.
Unless FreeBSD developers can be trusted to maintain security, such early access will not be made available.
The Security Officer is responsible for controlling pre-release access to information about vulnerabilities, and for timing the release of all advisories.
He may request help under condition of confidentiality from any developer with relevant knowledge to prepare security fixes.
Beyond the specific requirements above there is a general expectation not to publish private communications between developers without the consent of all parties involved.
Ask permission before forwarding a message onto a public mailing list, or posting it to a forum or website that can be accessed by other than the original correspondents.
Similarly to personal communications, certain internal communications channels, including FreeBSD Committer only mailing lists and restricted access IRC channels are considered private communications.
Permission is required to publish material from these sources.
Where it is impractical to obtain permission due to the number of correspondents or where permission to publish is unreasonably withheld, Core may approve release of such private matters that merit more general publication.
FreeBSD is a highly portable operating system intended to function on many different types of hardware architectures.
Maintaining clean separation of Machine Dependent (MD) and Machine Independent (MI) code, as well as minimizing MD code, is an important part of our strategy to remain agile with regards to current hardware trends.
Each new hardware architecture supported by FreeBSD adds substantially to the cost of code maintenance, toolchain support, and release engineering.
It also dramatically increases the cost of effective testing of kernel changes.
As such, there is strong motivation to differentiate between classes of support for various architectures while remaining strong in a few key architectures that are seen as the FreeBSD "target audience".
The FreeBSD Project targets "production quality commercial off-the-shelf (COTS) workstation, server, and high-end embedded systems".
By retaining a focus on a narrow set of architectures of interest in these environments, the FreeBSD Project is able to maintain high levels of quality, stability, and performance, as well as minimize the load on various support teams on the project, such as the ports team, documentation team, security officer, and release engineering teams.
Diversity in hardware support broadens the options for FreeBSD consumers by offering new features and usage opportunities, but these benefits must always be carefully considered in terms of the real-world maintenance cost associated with additional platform support.
The FreeBSD Project differentiates platform targets into four tiers.
Each tier includes a list of guarantees consumers may rely on as well as obligations by the Project and developers to fulfill those guarantees.
These lists define the minimum guarantees for each tier.
The Project and developers may provide additional levels of support beyond the minimum guarantees for a given tier, but such additional support is not guaranteed.
Each platform target is assigned to a specific tier for each stable branch.
As a result, a platform target might be assigned to different tiers on concurrent stable branches.
Support for a hardware platform consists of two components: kernel support and userland Application Binary Interfaces (ABIs).
Kernel platform support includes things needed to run a FreeBSD kernel on a hardware platform such as machine-dependent virtual memory management and device drivers.
A userland ABI specifies an interface for user processes to interact with a FreeBSD kernel and base system libraries.
A userland ABI includes system call interfaces, the layout and semantics of public data structures, and the layout and semantics of arguments passed to subroutines.
Some components of an ABI may be defined by specifications such as the layout of C++ exception objects or calling conventions for C functions.
A FreeBSD kernel also uses an ABI (sometimes referred to as the Kernel Binary Interface (KBI)) which includes the semantics and layouts of public data structures and the layout and semantics of arguments to public functions within the kernel itself.
Tier 1 platforms are the most mature FreeBSD platforms.
They are supported by the security officer, release engineering, and port management teams.
Tier 1 architectures are expected to be Production Quality with respect to all aspects of the FreeBSD operating system, including installation and development environments.
The FreeBSD Project provides the following guarantees to consumers of Tier 1 platforms:
* Official FreeBSD release images will be provided by the release engineering team.
* Binary updates and source patches for Security Advisories and Errata Notices will be provided for supported releases.
* Source patches for Security Advisories will be provided for supported branches.
* Binary updates and source patches for cross-platform Security Advisories will typically be provided at the time of the announcement.
* Changes to userland ABIs will generally include compatibility shims to ensure correct operation of binaries compiled against any stable branch where the platform is Tier 1. These shims might not be enabled in the default install. If compatibility shims are not provided for an ABI change, the lack of shims will be clearly documented in the release notes.
* Changes to certain portions of the kernel ABI will include compatibility shims to ensure correct operation of kernel modules compiled against the oldest supported release on the branch. Note that not all parts of the kernel ABI are protected.
* Official binary packages for third party software will be provided by the ports team. For embedded architectures, these packages may be cross-built from a different architecture.
* Most relevant ports should either build or have the appropriate filters to prevent inappropriate ones from building.
* New features which are not inherently platform-specific will be fully functional on all Tier 1 architectures.
* Features and compatibility shims used by binaries compiled against older stable branches may be removed in newer major versions. Such removals will be clearly documented in the release notes.
* Tier 1 platforms should be fully documented. Basic operations will be documented in the FreeBSD Handbook.
* Tier 1 platforms will be included in the source tree.
* Tier 1 platforms should be self-hosting either via the in-tree toolchain or an external toolchain. If an external toolchain is required, official binary packages for an external toolchain will be provided.
To maintain maturity of Tier 1 platforms, the FreeBSD Project will maintain the following resources to support development:
* Build and test automation support either in the FreeBSD.org cluster or some other location easily available for all developers. Embedded platforms may substitute an emulator available in the FreeBSD.org cluster for actual hardware.
* Inclusion in the `make universe` and `make tinderbox` targets.
* Dedicated hardware in one of the FreeBSD clusters for package building (either natively or via qemu-user).
Collectively, developers are required to provide the following to maintain the Tier 1 status of a platform:
* Changes to the source tree should not knowingly break the build of a Tier 1 platform.
* Tier 1 architectures must have a mature, healthy ecosystem of users and active developers.
* Developers should be able to build packages on commonly available, non-embedded Tier 1 systems. This can mean either native builds if non-embedded systems are commonly available for the platform in question, or it can mean cross-builds hosted on some other Tier 1 architecture.
* Changes cannot break the userland ABI. If an ABI change is required, ABI compatibility for existing binaries should be provided via use of symbol versioning or shared library version bumps.
* Changes merged to stable branches cannot break the protected portions of the kernel ABI. If a kernel ABI change is required, the change should be modified to preserve functionality of existing kernel modules.
Tier 2 platforms may be Tier 1 platform candidates that are still under active development.
Architectures reaching end of life may also be moved from Tier 1 status to Tier 2 status as the availability of resources to continue to maintain the system in a Production Quality state diminishes.
Well-supported niche architectures may also be Tier 2.
The FreeBSD Project provides the following guarantees to consumers of Tier 2 platforms:
* The ports infrastructure should include basic support for Tier 2 architectures sufficient to support building ports and packages. This includes support for basic packages such as ports-mgmt/pkg, but there is no guarantee that arbitrary ports will be buildable or functional.
* New features which are not inherently platform-specific should be feasible on all Tier 2 architectures if not implemented.
* Tier 2 platforms will be included in the source tree.
* Tier 2 platforms should be self-hosting either via the in-tree toolchain or an external toolchain. If an external toolchain is required, official binary packages for an external toolchain will be provided.
* Tier 2 platforms should provide functional kernels and userlands even if an official release distribution is not provided.
To maintain maturity of Tier 2 platforms, the FreeBSD Project will maintain the following resources to support development:
* Inclusion in the `make universe` and `make tinderbox` targets.
Collectively, developers are required to provide the following to maintain the Tier 2 status of a platform:
* Changes to the source tree should not knowingly break the build of a Tier 2 platform.
* Tier 2 architectures must have an active ecosystem of users and developers.
* While changes are permitted to break the userland ABI, the ABI should not be broken gratuitously. Significant userland ABI changes should be restricted to major versions.
* New features that are not yet implemented on Tier 2 architectures should provide a means of disabling them on those architectures.
Tier 3 platforms are architectures in the early stages of development, for non-mainstream hardware platforms, or which are considered legacy systems unlikely to see broad future use.
Initial support for Tier 3 platforms may exist in a separate repository rather than the main source repository.
Systems may only be moved from one tier to another by approval of the FreeBSD Core Team, which shall make that decision in collaboration with the Security Officer, Release Engineering, and ports management teams.
For a platform to be promoted to a higher tier, any missing support guarantees must be satisfied before the promotion is completed.
If the port came from a submitter who has not contributed to the Project before, add that person's name to the link:{contributors}#contrib-additional[Additional Contributors] section of the FreeBSD Contributors List.
* Remove the `SUBDIR` listing of the port in the parent directory [.filename]#Makefile#.
* Add an entry to [.filename]#ports/MOVED#.
* Search for entries in [.filename]#ports/security/vuxml/vuln.xml# and adjust them accordingly. In particular, check for previous packages with the new name which version could include the new port.
* Remove the port from [.filename]#ports/LEGAL# if it is there.
. Perform a thorough check of the ports collection for any dependencies on the old port location/name, and update them. Running `grep` on [.filename]#INDEX# is not enough because some ports have dependencies enabled by compile-time options. A full `git grep` of the ports collection is recommended.
. Remove the `SUBDIR` entry from the old category Makefile and add a `SUBDIR` entry to the new category Makefile.
. Perform any needed moves. (This only applies to physical categories.)
. Update the `VALID_CATEGORIES` definition in [.filename]#ports/Mk/bsd.port.mk#.
. Assign the PR back to you.
====
[[ports-qa-new-category-physical]]
==== What do I need to do to implement a new physical category?
[.procedure]
====
. Upgrade each moved port's [.filename]#Makefile#. Do not connect the new category to the build yet.
+
To do this, you will need to:
+
[.procedure]
======
. Change the port's `CATEGORIES` (this was the point of the exercise, remember?) The new category is listed first. This will help to ensure that the PKGORIGIN is correct.
. Run a `make describe`. Since the top-level `make index` that you will be running in a few steps is an iteration of `make describe` over the entire ports hierarchy, catching any errors here will save you having to re-run that step later on.
. If you want to be really thorough, now might be a good time to run man:portlint[1].
======
+
. Check that the ``PKGORIGIN``s are correct. The ports system uses each port's `CATEGORIES` entry to create its `PKGORIGIN`, which is used to connect installed packages to the port directory they were built from. If this entry is wrong, common port tools like man:pkg_version[1] and man:portupgrade[1] fail.
+
To do this, use the [.filename]#chkorigin.sh# tool: `env PORTSDIR=/path/to/ports sh -e /path/to/ports/Tools/scripts/chkorigin.sh`. This will check every port in the ports tree, even those not connected to the build, so you can run it directly after the move operation. Hint: do not forget to look at the ``PKGORIGIN``s of any slave ports of the ports you just moved!
. On your own local system, test the proposed changes: first, comment out the SUBDIR entries in the old ports' categories' [.filename]##Makefile##s; then enable building the new category in [.filename]#ports/Makefile#. Run make checksubdirs in the affected category directories to check the SUBDIR entries. Next, in the [.filename]#ports/# directory, run make index. This can take over 40 minutes on even modern systems; however, it is a necessary step to prevent problems for other people.
. Once this is done, you can commit the updated [.filename]#ports/Makefile# to connect the new category to the build and also commit the [.filename]#Makefile# changes for the old category or categories.
. Add appropriate entries to [.filename]#ports/MOVED#.
. Update the documentation by modifying:
** the link:{porters-handbook}#PORTING-CATEGORIES[list of categories] in the Porter's Handbook
+
. Only once all the above have been done, and no one is any longer reporting problems with the new ports, should the old ports be deleted from their previous locations in the repository.
====
==== What do I need to do to implement a new virtual category?
This is much simpler than a physical category. Only a few modifications are needed:
* the link:{porters-handbook}#PORTING-CATEGORIES[list of categories] in the Porter's Handbook
[[ports-qa-misc-questions]]
=== Miscellaneous Questions
[[ports-qa-misc-blanket-approval]]
==== Are there changes that can be committed without asking the maintainer for approval?
Blanket approval for most ports applies to these types of fixes:
* Most infrastructure changes to a port (that is, modernizing, but not changing the functionality). For example, the blanket covers converting to new `USES` macros, enabling verbose builds, and switching to new ports system syntaxes.
* Trivial and _tested_ build and runtime fixes.
* Documentations or metadata changes to ports, like [.filename]#pkg-descr# or `COMMENT`.
Any file directly under [.filename]#ports/#, or any file under a subdirectory that starts with an uppercase letter ([.filename]#Mk/#, [.filename]#Tools/#, etc.).
In particular, the {portmgr} is very protective of [.filename]#ports/Mk/bsd.port*.mk# so do not commit changes to those files unless you want to face their wrath.
When the checksum for a distribution file is updated due to the author updating the file without changing the port revision, the commit message includes a summary of the relevant diffs between the original and new distfile to ensure that the distfile has not been corrupted or maliciously altered.
If the current version of the port has been in the ports tree for a while, a copy of the old distfile will usually be available on the ftp servers; otherwise the author or maintainer should be contacted to find out why the distfile has changed.
Full package builds will be done with the patches provided by the submitter, and the submitter is required to fix detected problems _(fallout)_ before commit.
[.procedure]
====
. Go to the link:https://bugs.freebsd.org/submit[Bugzilla new PR page].
. Select the product your patch is about.
. Fill in the bug report as normal. Remember to attach the patch.
. If at the top it says “Show Advanced Fields” click on it. It will now say “Hide Advanced Fields”. Many new fields will be available. If it already says “Hide Advanced Fields”, no need to do anything.
. In the “Flags” section, set the “exp-run” one to `?`. As for all other fields, hovering the mouse over any field shows more details.
. Submit. Wait for the build to run.
. {portmgr} will reply with a possible fallout.
. Depending on the fallout:
** If there is no fallout, the procedure stops here, and the change can be committed, pending any other approval required.
... If there is fallout, it _must_ be fixed, either by fixing the ports directly in the ports tree, or adding to the submitted patch.
... When this is done, go back to step 6 saying the fallout was fixed and wait for the exp-run to be run again. Repeat as long as there are broken ports.
A few people who have access to the FreeBSD machines do not have commit bits.
Almost all of this document will apply to these developers as well (except things specific to commits and the mailing list memberships that go with them).
Get your mentor to add you to the "Additional Contributors" ([.filename]#~/documentation/content/en/articles/contributors/contrib-additional.adoc#), if you are not already listed there.
As of December 12, 2012, Google Analytics was enabled on the FreeBSD Project website to collect anonymized usage statistics regarding usage of the site.
The information collected is valuable to the FreeBSD Documentation Project, to identify various problems on the FreeBSD website.
Requests for Google Analytics data must include a specific purpose.
For example, a valid reason for requesting access would be "to see the most frequently used web browsers when viewing FreeBSD web pages to ensure page rendering speeds are acceptable."
All requests must include the timeframe for which the data would be required.
For example, it must be explicitly stated if the requested data would be needed for a timeframe covering a span of 3 weeks, or if the request would be one-time only.
Any request for Google Analytics data without a clear, reasonable reason beneficial to the FreeBSD Project will be rejected.
[[google-analytics-data]]
=== Data Available Through Google Analytics
A few examples of the types of Google Analytics data available include:
* Commonly used web browsers
* Page load times
* Site access by language
[[misc]]
== Miscellaneous Questions
=== Are there changes that can be committed without asking the maintainer for approval?
Blanket approval for most ports applies to these types of fixes:
* Most infrastructure changes to a port (that is, modernizing, but not changing the functionality). For example, the blanket covers converting to new `USES` macros, enabling verbose builds, and switching to new ports system syntaxes.
* Trivial and _tested_ build and runtime fixes.
* Documentations or metadata changes to ports, like [.filename]#pkg-descr# or `COMMENT`.
=== How do I access people.FreeBSD.org to put up personal or project information?
`people.FreeBSD.org` is the same as `freefall.FreeBSD.org`.
Just create a [.filename]#public_html# directory. Anything you place in that directory will automatically be visible under https://people.FreeBSD.org/[https://people.FreeBSD.org/].
In addition, developers may request a cloaked hostmask for their account on the Freenode IRC network in the form of `freebsd/developer/<freefall username>` or `freebsd/developer/<FreeNode account>`.
https://rsync.net[rsync.net] provides cloud storage for offsite backup that is optimized for UNIX users. Their service runs entirely on FreeBSD and ZFS.
rsync.net offers a free-forever 500 GB account to FreeBSD developers. Simply sign up at https://www.rsync.net/freebsd.html[https://www.rsync.net/freebsd.html] using your `@freebsd.org` address to receive this free account.
