Re: [gentoo-dev] usr merge - gentoo-dev - Gentoo Mailing List Archives

From:	Joshua Kinard <kumba@g.o>
To:	gentoo-dev@l.g.o
Subject:	Re: [gentoo-dev] usr merge
Date:	Mon, 11 Apr 2016 01:59:53
Message-Id:	`570B050C.9070709@gentoo.org`
In Reply to:	Re: [gentoo-dev] usr merge by Rich Freeman

1

On 04/10/2016 08:14, Rich Freeman wrote:

2

> On Sun, Apr 10, 2016 at 7:55 AM, Joshua Kinard <kumba@g.o> wrote:

3

>>

4

>> Create like, a table on the Wiki or some kind of metadata property per-package

5

>> that can contain a boolean or tri-state flag indicating whether it works or

6

>> doesn't work (or kinda works) on split-usr.  Or a tracker on Bugzie.  Something.

7

>>

8

>

9

> I'm sure there will be a tracker for packages that don't work on a

10

> merged /usr.  (We are already on a split /usr.)

11

>

12

> Honestly, I'm still not quite sure why we're even having this

13

> discussion.  I don't think anybody actually intends to make any

14

> changes at all.  If they do, they should issue some kind of plan and

15

> indicate what they're looking for from everybody else.

16

17

Agreed.  A plan is most definitely needed if we ever choose to pursue a policy

18

of only supporting non-split-/usr installs, especially if we want to handle

19

cases like mine where we try to make migration of existing installs possible or

20

not.

21

22

23

[snip]

24

25

> It seems to me that we're just having a general discussion about the

26

> pros/cons of a /usr merge.  That is nice, but people are getting

27

> worked up because they think that somehow whoever "loses" this

28

> "discussion" will get something shoved down their throats or won't be

29

> able to have something nice.

30

31

"General discussion" -- hah!  Maybe it's the way Thunderbird is displaying it,

32

but I have five distinct, top-level threads in my gentoo-dev folder for this

33

discussion.  I think we left "general" back there after we broke through the

34

plaid barrier.

35

36

That said, I don't really think there are any pros or cons of split or merged.

37

 Largely, what's being discussed is the after-effects of what once was a common

38

approach to filesystem layout.  Myself, I only went the split-usr route because

39

of habit, itself which started because when I set up my first Gentoo system.  I

40

studied both the then-Gentoo Security and Debian Security manuals, which

41

indicated a split-/usr layout had certain advantages in that you could limit

42

capabilities via mount options.  Mainly, /usr didn't need devices, so "nodev"

43

was common there.  Along with /var having "noexec" and "nodev".

44

45

I've pretty much stuck to that layout approach since then out of habit.

46

Certainly, I've got a few VMs where I have just /, /boot, and /tmp as my only

47

partitions, and there's no real noticeable difference except what's in /etc/fstab.

48

49

---

50

51

I think where the problem ultimately arises is a subtle conflict between

52

filesystem semantics and system-design philosophy against the Linux kernel's

53

device architecture and management.  It's long regarded that /bin and /sbin

54

contain system-level binaries, and /usr/bin and /usr/sbin being for almost

55

everything else.  A.k.a., a two-level binary installation hierarchy (and the

56

BSD's extend this with a third level under /usr/local).

57

58

From the kernel angle, you have a monolithic kernel design where device drivers

59

run in kernel space most of the time.  This worked okay with traditional,

60

static devices that didn't change a whole lot and whose resources could be

61

determined at boot-time, before userspace is brought up.  But once the Linux

62

ecosystem needed devices that can come online from userspace or need their

63

resource determination to be dynamic (e.g., for hotplugging), we went to the

64

approach that the kernel needs to get out of managing devices altogether, and

65

thus came up with udev for device management from userspace.

66

67

Since udev is supposed to run from userspace, but kinda needs to interface with

68

the kernel a lot, the split between what's system-specific and what's not

69

clashes with the two-level file system layout.  This wasn't anything new...this

70

conflict has existed elsewhere for a long time (namely in X11), but it came to

71

a head when udev maintainers (and later, systemd maintainers) questioned the

72

approach, and largely decided it wasn't worth it, and a merged filesystem, with

73

/usr not separate, was simpler and more elegant.

74

75

---

76

77

But really, does it matter where the binaries all live?  It's just a design

78

decision.  Every OS had a different approach, such as NetWare running virtually

79

everything out of SYS:SYSTEM, and Windows out of C:\WINDOWS.  Heck, for the

80

longest time, you could *not* install Windows on anything other than the first

81

partition of the first drive, because software literally hardcoded filespec

82

strings as "C:\WINDOWS\...".  And even why C:, the third letter of the

83

alphabet, for the first fixed disk?  Because A: and B: were reserved for

84

systems that needed two floppy drives.  Yay MS-DOS!

85

86

If it were possible to give every binary and file out there a unique name, you

87

wouldn't even need directories.  You could have a totally-flat namespace with

88

all files of any kind under /, and let security models handle who sees/accesses

89

what.  But in that setup, would you even need "/"?

90

91

92

> Almost every big change that has become popular in Gentoo just started

93

> out as another alternative, and support grew organically.  I don't

94

> really see the need to reach some kind of consensus here.  I'd love to

95

> have an option of a /usr merge and a migration path.  I'd love to see

96

> it as the default, but that is a different discussion, and if it is

97

> optional then it is also a less contentious discussion whichever way

98

> it goes.

99

100

I don't think there is a viable migration path that can cover all scenarios.  I

101

have one of the simpler disk layouts, with MD-RAID to merge separate physical

102

disks into /dev/md* and then my unencrypted filesystems live there.  Certainly,

103

my /usr partition on those systems is big enough that I could cp /* into /usr,

104

then change my root= parameter to the kernel to have it treat my /usr partition

105

as /.  That'd be the simplest method for me, but it would leave me with a ~3GB

106

block of dead diskspace on those systems.

107

108

The only real way forward for migration would literally be to back the / and

109

/usr filesystems up (minimum), blow away the filesystem (and RAID or whatever

110

else) layouts, redesign it, then restore.  For some people, this would only

111

take a few hours.  Others, it'd be days, if not longer.  Some probably wouldn't

112

mind the time investment.  Others (like me), just don't have the time (or

113

motivation) to do such a task right now.  That is really my only issue here.

114

115

I guess the saving grace is UNIX filesystems in general are trivially easy to

116

backup/restore (or migrate, etc).  I migrated a Windows install once and

117

discovered that Windows records disk serial numbers in the Registry, which it

118

used to quickly find the disk with C:.  Took me several hours to figure that

119

out, then to build a BartPE disk that I could use to edit the specific registry

120

hive and delete those serials.  Then, unsurprisingly, Windows just shrugs and

121

uses the new disk serials as defaults and records them in place of the old ones.

122

123

--

124

Joshua Kinard

125

Gentoo/MIPS

126

kumba@g.o

127

6144R/F5C6C943 2015-04-27

128

177C 1972 1FB8 F254 BAD0 3E72 5C63 F4E3 F5C6 C943

129

130

"The past tempts us, the present confuses us, the future frightens us.  And our

131

lives slip away, moment by moment, lost in that vast, terrible in-between."

132

133

--Emperor Turhan, Centauri Republic

1	On 04/10/2016 08:14, Rich Freeman wrote:
2	> On Sun, Apr 10, 2016 at 7:55 AM, Joshua Kinard <kumba@g.o> wrote:
3	>>
4	>> Create like, a table on the Wiki or some kind of metadata property per-package
5	>> that can contain a boolean or tri-state flag indicating whether it works or
6	>> doesn't work (or kinda works) on split-usr. Or a tracker on Bugzie. Something.
7	>>
8	>
9	> I'm sure there will be a tracker for packages that don't work on a
10	> merged /usr. (We are already on a split /usr.)
11	>
12	> Honestly, I'm still not quite sure why we're even having this
13	> discussion. I don't think anybody actually intends to make any
14	> changes at all. If they do, they should issue some kind of plan and
15	> indicate what they're looking for from everybody else.
16
17	Agreed. A plan is most definitely needed if we ever choose to pursue a policy
18	of only supporting non-split-/usr installs, especially if we want to handle
19	cases like mine where we try to make migration of existing installs possible or
20	not.
21
22
23	[snip]
24
25	> It seems to me that we're just having a general discussion about the
26	> pros/cons of a /usr merge. That is nice, but people are getting
27	> worked up because they think that somehow whoever "loses" this
28	> "discussion" will get something shoved down their throats or won't be
29	> able to have something nice.
30
31	"General discussion" -- hah! Maybe it's the way Thunderbird is displaying it,
32	but I have five distinct, top-level threads in my gentoo-dev folder for this
33	discussion. I think we left "general" back there after we broke through the
34	plaid barrier.
35
36	That said, I don't really think there are any pros or cons of split or merged.
37	Largely, what's being discussed is the after-effects of what once was a common
38	approach to filesystem layout. Myself, I only went the split-usr route because
39	of habit, itself which started because when I set up my first Gentoo system. I
40	studied both the then-Gentoo Security and Debian Security manuals, which
41	indicated a split-/usr layout had certain advantages in that you could limit
42	capabilities via mount options. Mainly, /usr didn't need devices, so "nodev"
43	was common there. Along with /var having "noexec" and "nodev".
44
45	I've pretty much stuck to that layout approach since then out of habit.
46	Certainly, I've got a few VMs where I have just /, /boot, and /tmp as my only
47	partitions, and there's no real noticeable difference except what's in /etc/fstab.
48
49	---
50
51	I think where the problem ultimately arises is a subtle conflict between
52	filesystem semantics and system-design philosophy against the Linux kernel's
53	device architecture and management. It's long regarded that /bin and /sbin
54	contain system-level binaries, and /usr/bin and /usr/sbin being for almost
55	everything else. A.k.a., a two-level binary installation hierarchy (and the
56	BSD's extend this with a third level under /usr/local).
57
58	From the kernel angle, you have a monolithic kernel design where device drivers
59	run in kernel space most of the time. This worked okay with traditional,
60	static devices that didn't change a whole lot and whose resources could be
61	determined at boot-time, before userspace is brought up. But once the Linux
62	ecosystem needed devices that can come online from userspace or need their
63	resource determination to be dynamic (e.g., for hotplugging), we went to the
64	approach that the kernel needs to get out of managing devices altogether, and
65	thus came up with udev for device management from userspace.
66
67	Since udev is supposed to run from userspace, but kinda needs to interface with
68	the kernel a lot, the split between what's system-specific and what's not
69	clashes with the two-level file system layout. This wasn't anything new...this
70	conflict has existed elsewhere for a long time (namely in X11), but it came to
71	a head when udev maintainers (and later, systemd maintainers) questioned the
72	approach, and largely decided it wasn't worth it, and a merged filesystem, with
73	/usr not separate, was simpler and more elegant.
74
75	---
76
77	But really, does it matter where the binaries all live? It's just a design
78	decision. Every OS had a different approach, such as NetWare running virtually
79	everything out of SYS:SYSTEM, and Windows out of C:\WINDOWS. Heck, for the
80	longest time, you could not install Windows on anything other than the first
81	partition of the first drive, because software literally hardcoded filespec
82	strings as "C:\WINDOWS\...". And even why C:, the third letter of the
83	alphabet, for the first fixed disk? Because A: and B: were reserved for
84	systems that needed two floppy drives. Yay MS-DOS!
85
86	If it were possible to give every binary and file out there a unique name, you
87	wouldn't even need directories. You could have a totally-flat namespace with
88	all files of any kind under /, and let security models handle who sees/accesses
89	what. But in that setup, would you even need "/"?
90
91
92	> Almost every big change that has become popular in Gentoo just started
93	> out as another alternative, and support grew organically. I don't
94	> really see the need to reach some kind of consensus here. I'd love to
95	> have an option of a /usr merge and a migration path. I'd love to see
96	> it as the default, but that is a different discussion, and if it is
97	> optional then it is also a less contentious discussion whichever way
98	> it goes.
99
100	I don't think there is a viable migration path that can cover all scenarios. I
101	have one of the simpler disk layouts, with MD-RAID to merge separate physical
102	disks into /dev/md* and then my unencrypted filesystems live there. Certainly,
103	my /usr partition on those systems is big enough that I could cp /* into /usr,
104	then change my root= parameter to the kernel to have it treat my /usr partition
105	as /. That'd be the simplest method for me, but it would leave me with a ~3GB
106	block of dead diskspace on those systems.
107
108	The only real way forward for migration would literally be to back the / and
109	/usr filesystems up (minimum), blow away the filesystem (and RAID or whatever
110	else) layouts, redesign it, then restore. For some people, this would only
111	take a few hours. Others, it'd be days, if not longer. Some probably wouldn't
112	mind the time investment. Others (like me), just don't have the time (or
113	motivation) to do such a task right now. That is really my only issue here.
114
115	I guess the saving grace is UNIX filesystems in general are trivially easy to
116	backup/restore (or migrate, etc). I migrated a Windows install once and
117	discovered that Windows records disk serial numbers in the Registry, which it
118	used to quickly find the disk with C:. Took me several hours to figure that
119	out, then to build a BartPE disk that I could use to edit the specific registry
120	hive and delete those serials. Then, unsurprisingly, Windows just shrugs and
121	uses the new disk serials as defaults and records them in place of the old ones.
122
123	--
124	Joshua Kinard
125	Gentoo/MIPS
126	kumba@g.o
127	6144R/F5C6C943 2015-04-27
128	177C 1972 1FB8 F254 BAD0 3E72 5C63 F4E3 F5C6 C943
129
130	"The past tempts us, the present confuses us, the future frightens us. And our
131	lives slip away, moment by moment, lost in that vast, terrible in-between."
132
133	--Emperor Turhan, Centauri Republic

Gentoo Archives: gentoo-dev