1 |
160708 William Hubbs wrote: |
2 |
> On Fri, Jul 08, 2016 at 05:56:04PM +0300, Andrew Savchenko wrote: |
3 |
>> IMO the criteria should be whether they work or not, |
4 |
>> not whether upstream is more or less active. |
5 |
>> If they're blockers on other work, by all means cull them. |
6 |
>> However, if the biggest problem with them is |
7 |
>> that they're using a few inodes in the repo, they should probably stay. |
8 |
> There is an overlay for packages that are removed from the official tree |
9 |
> -- https://github.com/gentoo/graveyard -- |
10 |
> and that is where old software should go, |
11 |
> if it doesn't have an active maintainer. |
12 |
|
13 |
A lot of this lengthy discussion is missing some basic points, |
14 |
though a few people have mentioned them in passing. |
15 |
As someone who has used Gentoo exclusively since 2003 |
16 |
& who raised the objections to removal of Xcdroast + Nethack, |
17 |
let me try to get you all to focus on the real-life issues. |
18 |
|
19 |
(1) The fact that a pkg has little or no upstream support |
20 |
or that it doesn't have an active Gentoo maintainer |
21 |
is not a reason for removing it from the regular tree. |
22 |
|
23 |
One basic reason some software is no longer being actively developed |
24 |
is simply that they work perfectly well as they now are, |
25 |
eg the file manager Krusader & the desktop manager Fluxbox : |
26 |
both of these are very useful & have no drop-in replacements, |
27 |
but very little development has occurred for several years. |
28 |
The same is true of Xcdroast & Nethack, which have been threatened, |
29 |
but which have been rescued after some small patches have been applied. |
30 |
This is likely to be true of more + more pkgs, as time passes : |
31 |
even changes in the kernel these days rarely affect desktop users. |
32 |
|
33 |
(2) There are 3 basic categories of Gentoo user : |
34 |
(a) server-farm managers, (b) multi-user sysadmins, (c) single-users. |
35 |
Each of these have different security concerns : |
36 |
(a) need to be alert to the many threats from all over the Internet ; |
37 |
(b) need (among other things) to prevent privilege escalation ; |
38 |
(c) are largely immune to those types of threat, |
39 |
though a few of the Internet variety can affect them. |
40 |
|
41 |
The security objections raised against Xcdroast + Nethack |
42 |
were both problems which would arise only on multi-user systems, |
43 |
yet single-users were also to be deprived of access to them. |
44 |
Perhaps part of the problem is that many Gentoo developers |
45 |
also earn their livings as sysadmins with many users or many servers : |
46 |
the simpler happier world of single-users escapes their attention. |
47 |
|
48 |
(3) Users generally don't want to be developers : they're too busy or too old. |
49 |
Asking them "Are you willing to maintain it yourself ?" is a silly excuse ; |
50 |
offering them the chance to dig around in a graveyard is even worse ; |
51 |
even maintaining an overlay is a nuisance : I tried it with KDE Sunset. |
52 |
Neither Xcdroast nor Nethack belong in a graveyard of any kind : |
53 |
once the obscure security problems have been fixed, |
54 |
they belong in the regular tree marked 'stable', |
55 |
like many other pkgs whose development has been completed. |
56 |
|
57 |
Users all do -- or should -- appreciate the unpaid work of the developers, |
58 |
but developers also need to realise that without non-developer users |
59 |
Gentoo would very quickly die & their justified pride + satisfaction die too. |
60 |
|
61 |
(4) I have 3 simple recommendations to fix the everyday problems. |
62 |
|
63 |
(a) the justification for tree-cleaning should be explicitly |
64 |
that a pkg either (i) won't compile, (ii) crashes when run |
65 |
or (iii) has a serious security hole which affects all 3 types of user. |
66 |
|
67 |
(b) there needs to be a developer role 'General Maintainer', |
68 |
who should be available to look at pkgs which have no regular maintainer, |
69 |
but which compile, run properly & are generally secure : |
70 |
their job would be to step in, like Mr Savchenko -- thanks again -- , |
71 |
to fix small problems which would otherwise be neglected ; |
72 |
less formally, all developers might see it as part of their role |
73 |
to help out occasionally with such small problems. |
74 |
|
75 |
(c) Gentoo's rules + policies need explicitly to reflect the fact |
76 |
that there are 3 types of user, as described : |
77 |
eg some pkgs might be marked as 'not safe for multi-user systems' ; |
78 |
that would recognise real distinctions which are now being ignored. |
79 |
|
80 |
HTH & thanks as always to all of you for making Gentoo work since 2003. |
81 |
|
82 |
-- |
83 |
========================,,============================================ |
84 |
SUPPORT ___________//___, Philip Webb |
85 |
ELECTRIC /] [] [] [] [] []| Cities Centre, University of Toronto |
86 |
TRANSIT `-O----------O---' purslowatchassdotutorontodotca |