| 1 |
-----BEGIN PGP SIGNED MESSAGE----- |
| 2 |
Hash: SHA1 |
| 3 |
|
| 4 |
Robin H. Johnson wrote: |
| 5 |
> The existing state is: |
| 6 |
> - Force the user to install sources |
| 7 |
> |
| 8 |
> Our choices are: |
| 9 |
> - `uname -r` output. |
| 10 |
> - Create an override environment variable for all the checks. |
| 11 |
> |
| 12 |
> /proc/config.gz comes back here again, in that, we can use it as a |
| 13 |
> middle ground with `uname -r`, rather than having the environment |
| 14 |
> variable. |
| 15 |
|
| 16 |
Ok, that seems a very reasonable use. |
| 17 |
|
| 18 |
> So from our discussion, I propose the following: |
| 19 |
> Finding the kernel version: |
| 20 |
> --------------------------- |
| 21 |
> 0. (optional) give an env var to bypass entirely. |
| 22 |
> 1. Use existing logic of /usr/src/linux, KERNEL_DIR et al. |
| 23 |
> 2. Fall back to using the running version, with a warning. |
| 24 |
> |
| 25 |
> Checking a configuration option, for non-module use: |
| 26 |
> ---------------------------------------------------- |
| 27 |
> 0. (optional) give an env var to make all checks non-fatal. |
| 28 |
> 1. Use existing logic of .config from /usr/src/linux, KERNEL_DIR et al. |
| 29 |
> 2. Fall back to /proc/config.gz if available. |
| 30 |
|
| 31 |
Where 2 also issues a warning, presumably? I've had a think and can't |
| 32 |
see any repercussions in changing the default behaviour, but I'm |
| 33 |
assuming people would only generally hit 2 with virtual machines and/or |
| 34 |
hardened servers. Can you see either of these suffering from defaulting |
| 35 |
to the running kernel? Do you know of many circumstances where 2 might |
| 36 |
get hit by normal users other than those situations? |
| 37 |
|
| 38 |
Also (and potentially off-topic), if we're using linux-info to detect |
| 39 |
kernel sources, whether installed or not, should we also check the tree |
| 40 |
for ebuilds that require a package which PROVIDES="sources"? I |
| 41 |
personally use a single git checkout, since I think (possibly |
| 42 |
mistakenly, I honestly haven't checked) that it will leave different |
| 43 |
checkouts of the kernel all over my /usr/src directory, whenever a new |
| 44 |
version's emerged. I've had to create a fake-sources package to trick |
| 45 |
ebuilds that need *some* sources installed, and I'm wondering if that |
| 46 |
should be necessary? |
| 47 |
|
| 48 |
> Two different cases here: |
| 49 |
> 1. Portage knows their kernel is not setup correctly. |
| 50 |
> 2. Portage cannot find out enough info. |
| 51 |
> |
| 52 |
> It's #2 that bites on virtual machines and hardened servers, and is what |
| 53 |
> I'd like to fix. |
| 54 |
|
| 55 |
Ok, I'm all for it, and the solution you've suggested sounds fine. |
| 56 |
|
| 57 |
> It's a one-liner to give an override making all checks non-fatal, with |
| 58 |
> the downside that it can't differentiate why the checks are being made. |
| 59 |
> So yes, in the case we should simply fix all of the ebuilds (after the |
| 60 |
> kernel source check is fixed as well). |
| 61 |
|
| 62 |
I'd definitely try and do things the right way, and a global override |
| 63 |
(whilst easy) doesn't sound like it. Fixing all the ebuilds (and the |
| 64 |
kernel source check) sounds like the way to go. |
| 65 |
|
| 66 |
> So I propose this as resolutions from the above: |
| 67 |
> 1. USE=modules added to the base profile. |
| 68 |
> 2. Every package that builds kernel modules must offer USE=modules, |
| 69 |
> which can be used to disable building the kernel modules, leaving a |
| 70 |
> pure userspace build of that package. |
| 71 |
> |
| 72 |
> Most of the changes to the above can be done in the linux-mod eclass, so |
| 73 |
> I don't think we'll have to touch that many packages directly. |
| 74 |
> |
| 75 |
|
| 76 |
Yep, although if the changes are in linux-mod, then those packages that |
| 77 |
*only* provide kernel modules will need a way to not present that use |
| 78 |
flag (no point installing a package is USE="-modules" and nothing gets |
| 79 |
installed). Also, I'd assume +modules would be added as a default. |
| 80 |
|
| 81 |
The whole plan sounds extremely sensible in general! 5:) |
| 82 |
|
| 83 |
Mike 5:) |
| 84 |
-----BEGIN PGP SIGNATURE----- |
| 85 |
Version: GnuPG v2.0.11 (GNU/Linux) |
| 86 |
|
| 87 |
iEYEARECAAYFAkqbC3oACgkQu7rWomwgFXpwywCeKzcB0Znzuul3wq9U9ew5+SuX |
| 88 |
scQAnjShkQTVQQrFABb8u2t0RsP9K34z |
| 89 |
=LFlY |
| 90 |
-----END PGP SIGNATURE----- |
Archives