| 1 |
On Thu, 23 Mar 2017 22:37:49 +0100 |
| 2 |
Alexis Ballier <aballier@g.o> wrote: |
| 3 |
> On Thu, 23 Mar 2017 20:30:40 +0000 |
| 4 |
> Ciaran McCreesh <ciaran.mccreesh@××××××××××.com> wrote: |
| 5 |
> > On Thu, 23 Mar 2017 21:22:54 +0100 |
| 6 |
> > Alexis Ballier <aballier@g.o> wrote: |
| 7 |
> > > Indeed, according to pms.git commit log, the rule was laxed |
| 8 |
> > > because it was clearly an oversight in EAPI6 [1] and was the |
| 9 |
> > > standard behavior in previous EAPIs. But in the same commit, an |
| 10 |
> > > "harmless note" was added that "Ebuilds must not access the |
| 11 |
> > > directory in global scope." in addition to the "May or may not |
| 12 |
> > > exist" statement and "Not necessarily present when installing |
| 13 |
> > > from a binary package" footnote. Please explain how this last |
| 14 |
> > > addition is not a backwards-breaking change. PMS is not a tool to |
| 15 |
> > > push your personal agenda of cleaning up the deve^^err tree. |
| 16 |
> > |
| 17 |
> > The original wording should probably have been something like "may |
| 18 |
> > or may not exist, so ebuilds MUST NOT go poking around for it", but |
| 19 |
> > the original wording was written assuming reasonable behaviour from |
| 20 |
> > developers, and we deliberately chose not to go the SHALL, MUST NOT |
| 21 |
> > route because of the added cost of developing a specification that's |
| 22 |
> > safe from hostile implementers. |
| 23 |
> |
| 24 |
> "reasonable" is not something that can be reasonably defined :) |
| 25 |
|
| 26 |
There's a fairly good rule of thumb: is anyone else already doing this |
| 27 |
horrible new thing you're about to add to the tree? If not, it's |
| 28 |
probably not reasonable. |
| 29 |
|
| 30 |
> after a few dozens of emails, what i understand of the issue is: |
| 31 |
> autoconf assumes either the eblit stuff is in the environment, or |
| 32 |
> FILESDIR variable is empty or points to its files dir; this might be |
| 33 |
> borderline but definitely not hostile. |
| 34 |
|
| 35 |
No, the issue is that eblits are a dodgy mechanism that go beyond what |
| 36 |
ebuilds are supposed to do and that cause problems for package |
| 37 |
manglers. When we're working with a general purpose shell underneath, |
| 38 |
it's very hard to write a specification that can preemptively forbid |
| 39 |
every kind of perverse mess any developer can come up with, |
| 40 |
particularly when the developer starts looking for loopholes like |
| 41 |
claiming it's OK to try to access a directory which is defined as |
| 42 |
potentially not existing when the clear intent of the specification is |
| 43 |
that "the directory isn't guaranteed to be there so don't try to use |
| 44 |
it for anything". |
| 45 |
|
| 46 |
> this breaks in the (hypothetical?) case where the package is installed |
| 47 |
> from a binpkg *and* the binpkg format does not include the whole |
| 48 |
> environment but rather a verbatim copy of the ebuild and its |
| 49 |
> eclasses(*). |
| 50 |
> |
| 51 |
> (*) not sure how that can even work with env saving between phases but |
| 52 |
> that's not the point |
| 53 |
|
| 54 |
It can't, so that weird hypothetical is irrelevant. But more to the |
| 55 |
point, we're only wondering about these weird hypothetical situations |
| 56 |
because someone felt the need to make everyone's life a misery by |
| 57 |
putting some special snowflake code in the tree. |
| 58 |
|
| 59 |
-- |
| 60 |
Ciaran McCreesh |
Archives