1 |
On Mon, Mar 07, 2011 at 09:44:47AM +0100, Michaaa GGGrny wrote: |
2 |
> On Sun, 6 Mar 2011 17:34:29 +0100 |
3 |
> Constanze Hausner <constanze@g.o> wrote: |
4 |
> |
5 |
> > On 17:44 Sat 05 Mar , Ciaran McCreesh wrote: |
6 |
> > > * some filesystems don't support xattrs at all, and the package |
7 |
> > > manager needs to support installing to them, even if the user is |
8 |
> > > building on a filesystem that does support it |
9 |
> > |
10 |
> > While GSoC I was not able to come up with a good fallback mechanism. |
11 |
> > I'm going to give the new ideas some thought over the week and |
12 |
> > hopefully come up with something good :). |
13 |
> |
14 |
> How about that: |
15 |
> 1) src_install() installs a file, like in: |
16 |
> /var/lib/gentoo/filecaps.d/${PF} |
17 |
> specifying which caps have to applied to which files, |
18 |
> |
19 |
> 2) the eclass depends on an ebuild, installing a kind |
20 |
> of 'filecaps-apply' tool, reading information from that file and trying |
21 |
> to apply filecaps as necessary (and flipping setuid bits), |
22 |
> |
23 |
> 3) the eclass calls that tool in pkg_postinst() to apply the caps |
24 |
> on the target filesystem. |
25 |
|
26 |
Exactly what benefit is derived from trying to step outside the PM for |
27 |
this, and trying to hack up what the PM already set for permissions? |
28 |
|
29 |
General rule of thumb, the more the PM knows the better things are |
30 |
going to be for people, and for long term compatibility. If |
31 |
in doubt consider the improvements to user experience via |
32 |
revdep-rebuild functionality making it into the PM; PM can actually |
33 |
plan for rebuilds as it goes rather than potentially blowing up a |
34 |
later build (or telling the user "go run xyz"). Consider: |
35 |
|
36 |
1) this tool will have to grow system/user configuration for |
37 |
overrides- something the PM could fold in easily enough into it's |
38 |
existing capbilities. If in doubt consider FEATURES=suidctl . |
39 |
|
40 |
2) has to be prefix aware, including understanding of deprived. This |
41 |
can be done mind you, but like #1, the bits are already there at the |
42 |
PM level. |
43 |
|
44 |
3) the information recorded there is ultimately redundant when/if a |
45 |
sane VDB format gets created; as is this info could just as easily be |
46 |
pushed in there as a new file per CPV in the existant VDB format. |
47 |
|
48 |
4) this requires further OOB handling for ID databases- handling that |
49 |
could've been pushed into the PM itself (admittedly a weak point since |
50 |
ID is already mildly screwed up here, but no point in making it |
51 |
worse). |
52 |
|
53 |
5) it opens up a window in every merge where setuid binaries are on |
54 |
disk, just prior to your proposed tool getting ran. This is annoying |
55 |
to say the least, and if the system has disabled setuid in full it's a |
56 |
window where the binaries aren't actually usable. |
57 |
|
58 |
6) it's slower than just having the PM do it. Specifically, the PM is |
59 |
already transfering the content to disk, and fiddling it's bits- |
60 |
adjusting the files modes and setting capability is something it can |
61 |
do on creation (eliminating #5) rather than having to shell out to |
62 |
some script. It's important to realize that the area this slows down |
63 |
is a critical section for parallelized binpkg merging- something the |
64 |
chrome-os folk have ran into. |
65 |
|
66 |
6) shifting it to an external tool means the format used by the tool |
67 |
needs standardization (rather than just being standardized via PMS) to |
68 |
allow interop when inevitably a PM author goes to fold the |
69 |
functionality into the PM. |
70 |
|
71 |
7) this tool, due to it being not part of the PM, the PM has to go out |
72 |
of it's way to protect the depgraph for- something it should already |
73 |
be doing for itself. External, it's another hardcoded constant (or |
74 |
addition to system set) the PM has to watch for- w/in the pm, it ought |
75 |
to pay attention to it as is. |
76 |
|
77 |
|
78 |
> This should help with all the issues mentioned, including binpkg |
79 |
> support. Moreover, user could use the tool manually to restore/reset |
80 |
> filecaps if they were lost or unapplied (e.g. due to incorrect kernel |
81 |
> config). |
82 |
|
83 |
Every issue you've raised is addressable at the PM level- generally |
84 |
speaking, done better at the PM level. |
85 |
|
86 |
Basically... please fix the problem at the correct location. |
87 |
Capabilities, xattrs, etc, are not a temporary fad- they're |
88 |
increasingly a core requirement of a linux system (thus the PM that |
89 |
manages it). The place for this functionality is in the PM- more |
90 |
importantly, trying to do it outside of it just makes a bigger mess |
91 |
for PM/format authors when inevtiably it has to be pulled in. |
92 |
|
93 |
~harring |