| 1 |
On Mon, Mar 07, 2011 at 09:44:47AM +0100, Michaaa GGGrny wrote: |
| 2 |
> On Sun, 6 Mar 2011 17:34:29 +0100 |
| 3 |
> Constanze Hausner <constanze@g.o> wrote: |
| 4 |
> |
| 5 |
> > On 17:44 Sat 05 Mar , Ciaran McCreesh wrote: |
| 6 |
> > > * some filesystems don't support xattrs at all, and the package |
| 7 |
> > > manager needs to support installing to them, even if the user is |
| 8 |
> > > building on a filesystem that does support it |
| 9 |
> > |
| 10 |
> > While GSoC I was not able to come up with a good fallback mechanism. |
| 11 |
> > I'm going to give the new ideas some thought over the week and |
| 12 |
> > hopefully come up with something good :). |
| 13 |
> |
| 14 |
> How about that: |
| 15 |
> 1) src_install() installs a file, like in: |
| 16 |
> /var/lib/gentoo/filecaps.d/${PF} |
| 17 |
> specifying which caps have to applied to which files, |
| 18 |
> |
| 19 |
> 2) the eclass depends on an ebuild, installing a kind |
| 20 |
> of 'filecaps-apply' tool, reading information from that file and trying |
| 21 |
> to apply filecaps as necessary (and flipping setuid bits), |
| 22 |
> |
| 23 |
> 3) the eclass calls that tool in pkg_postinst() to apply the caps |
| 24 |
> on the target filesystem. |
| 25 |
|
| 26 |
Exactly what benefit is derived from trying to step outside the PM for |
| 27 |
this, and trying to hack up what the PM already set for permissions? |
| 28 |
|
| 29 |
General rule of thumb, the more the PM knows the better things are |
| 30 |
going to be for people, and for long term compatibility. If |
| 31 |
in doubt consider the improvements to user experience via |
| 32 |
revdep-rebuild functionality making it into the PM; PM can actually |
| 33 |
plan for rebuilds as it goes rather than potentially blowing up a |
| 34 |
later build (or telling the user "go run xyz"). Consider: |
| 35 |
|
| 36 |
1) this tool will have to grow system/user configuration for |
| 37 |
overrides- something the PM could fold in easily enough into it's |
| 38 |
existing capbilities. If in doubt consider FEATURES=suidctl . |
| 39 |
|
| 40 |
2) has to be prefix aware, including understanding of deprived. This |
| 41 |
can be done mind you, but like #1, the bits are already there at the |
| 42 |
PM level. |
| 43 |
|
| 44 |
3) the information recorded there is ultimately redundant when/if a |
| 45 |
sane VDB format gets created; as is this info could just as easily be |
| 46 |
pushed in there as a new file per CPV in the existant VDB format. |
| 47 |
|
| 48 |
4) this requires further OOB handling for ID databases- handling that |
| 49 |
could've been pushed into the PM itself (admittedly a weak point since |
| 50 |
ID is already mildly screwed up here, but no point in making it |
| 51 |
worse). |
| 52 |
|
| 53 |
5) it opens up a window in every merge where setuid binaries are on |
| 54 |
disk, just prior to your proposed tool getting ran. This is annoying |
| 55 |
to say the least, and if the system has disabled setuid in full it's a |
| 56 |
window where the binaries aren't actually usable. |
| 57 |
|
| 58 |
6) it's slower than just having the PM do it. Specifically, the PM is |
| 59 |
already transfering the content to disk, and fiddling it's bits- |
| 60 |
adjusting the files modes and setting capability is something it can |
| 61 |
do on creation (eliminating #5) rather than having to shell out to |
| 62 |
some script. It's important to realize that the area this slows down |
| 63 |
is a critical section for parallelized binpkg merging- something the |
| 64 |
chrome-os folk have ran into. |
| 65 |
|
| 66 |
6) shifting it to an external tool means the format used by the tool |
| 67 |
needs standardization (rather than just being standardized via PMS) to |
| 68 |
allow interop when inevitably a PM author goes to fold the |
| 69 |
functionality into the PM. |
| 70 |
|
| 71 |
7) this tool, due to it being not part of the PM, the PM has to go out |
| 72 |
of it's way to protect the depgraph for- something it should already |
| 73 |
be doing for itself. External, it's another hardcoded constant (or |
| 74 |
addition to system set) the PM has to watch for- w/in the pm, it ought |
| 75 |
to pay attention to it as is. |
| 76 |
|
| 77 |
|
| 78 |
> This should help with all the issues mentioned, including binpkg |
| 79 |
> support. Moreover, user could use the tool manually to restore/reset |
| 80 |
> filecaps if they were lost or unapplied (e.g. due to incorrect kernel |
| 81 |
> config). |
| 82 |
|
| 83 |
Every issue you've raised is addressable at the PM level- generally |
| 84 |
speaking, done better at the PM level. |
| 85 |
|
| 86 |
Basically... please fix the problem at the correct location. |
| 87 |
Capabilities, xattrs, etc, are not a temporary fad- they're |
| 88 |
increasingly a core requirement of a linux system (thus the PM that |
| 89 |
manages it). The place for this functionality is in the PM- more |
| 90 |
importantly, trying to do it outside of it just makes a bigger mess |
| 91 |
for PM/format authors when inevtiably it has to be pulled in. |
| 92 |
|
| 93 |
~harring |
Archives