1 |
-----BEGIN PGP SIGNED MESSAGE----- |
2 |
Hash: SHA1 |
3 |
|
4 |
Robin H. Johnson wrote: |
5 |
> The existing state is: |
6 |
> - Force the user to install sources |
7 |
> |
8 |
> Our choices are: |
9 |
> - `uname -r` output. |
10 |
> - Create an override environment variable for all the checks. |
11 |
> |
12 |
> /proc/config.gz comes back here again, in that, we can use it as a |
13 |
> middle ground with `uname -r`, rather than having the environment |
14 |
> variable. |
15 |
|
16 |
Ok, that seems a very reasonable use. |
17 |
|
18 |
> So from our discussion, I propose the following: |
19 |
> Finding the kernel version: |
20 |
> --------------------------- |
21 |
> 0. (optional) give an env var to bypass entirely. |
22 |
> 1. Use existing logic of /usr/src/linux, KERNEL_DIR et al. |
23 |
> 2. Fall back to using the running version, with a warning. |
24 |
> |
25 |
> Checking a configuration option, for non-module use: |
26 |
> ---------------------------------------------------- |
27 |
> 0. (optional) give an env var to make all checks non-fatal. |
28 |
> 1. Use existing logic of .config from /usr/src/linux, KERNEL_DIR et al. |
29 |
> 2. Fall back to /proc/config.gz if available. |
30 |
|
31 |
Where 2 also issues a warning, presumably? I've had a think and can't |
32 |
see any repercussions in changing the default behaviour, but I'm |
33 |
assuming people would only generally hit 2 with virtual machines and/or |
34 |
hardened servers. Can you see either of these suffering from defaulting |
35 |
to the running kernel? Do you know of many circumstances where 2 might |
36 |
get hit by normal users other than those situations? |
37 |
|
38 |
Also (and potentially off-topic), if we're using linux-info to detect |
39 |
kernel sources, whether installed or not, should we also check the tree |
40 |
for ebuilds that require a package which PROVIDES="sources"? I |
41 |
personally use a single git checkout, since I think (possibly |
42 |
mistakenly, I honestly haven't checked) that it will leave different |
43 |
checkouts of the kernel all over my /usr/src directory, whenever a new |
44 |
version's emerged. I've had to create a fake-sources package to trick |
45 |
ebuilds that need *some* sources installed, and I'm wondering if that |
46 |
should be necessary? |
47 |
|
48 |
> Two different cases here: |
49 |
> 1. Portage knows their kernel is not setup correctly. |
50 |
> 2. Portage cannot find out enough info. |
51 |
> |
52 |
> It's #2 that bites on virtual machines and hardened servers, and is what |
53 |
> I'd like to fix. |
54 |
|
55 |
Ok, I'm all for it, and the solution you've suggested sounds fine. |
56 |
|
57 |
> It's a one-liner to give an override making all checks non-fatal, with |
58 |
> the downside that it can't differentiate why the checks are being made. |
59 |
> So yes, in the case we should simply fix all of the ebuilds (after the |
60 |
> kernel source check is fixed as well). |
61 |
|
62 |
I'd definitely try and do things the right way, and a global override |
63 |
(whilst easy) doesn't sound like it. Fixing all the ebuilds (and the |
64 |
kernel source check) sounds like the way to go. |
65 |
|
66 |
> So I propose this as resolutions from the above: |
67 |
> 1. USE=modules added to the base profile. |
68 |
> 2. Every package that builds kernel modules must offer USE=modules, |
69 |
> which can be used to disable building the kernel modules, leaving a |
70 |
> pure userspace build of that package. |
71 |
> |
72 |
> Most of the changes to the above can be done in the linux-mod eclass, so |
73 |
> I don't think we'll have to touch that many packages directly. |
74 |
> |
75 |
|
76 |
Yep, although if the changes are in linux-mod, then those packages that |
77 |
*only* provide kernel modules will need a way to not present that use |
78 |
flag (no point installing a package is USE="-modules" and nothing gets |
79 |
installed). Also, I'd assume +modules would be added as a default. |
80 |
|
81 |
The whole plan sounds extremely sensible in general! 5:) |
82 |
|
83 |
Mike 5:) |
84 |
-----BEGIN PGP SIGNATURE----- |
85 |
Version: GnuPG v2.0.11 (GNU/Linux) |
86 |
|
87 |
iEYEARECAAYFAkqbC3oACgkQu7rWomwgFXpwywCeKzcB0Znzuul3wq9U9ew5+SuX |
88 |
scQAnjShkQTVQQrFABb8u2t0RsP9K34z |
89 |
=LFlY |
90 |
-----END PGP SIGNATURE----- |