| 1 |
W dniu czw, 25.01.2018 o godzinie 21∶30 -0800, użytkownik Zac Medico |
| 2 |
napisał: |
| 3 |
> On 01/25/2018 01:11 AM, Michał Górny wrote: |
| 4 |
> > W dniu czw, 25.01.2018 o godzinie 10∶07 +0100, użytkownik Michael |
| 5 |
> > Haubenwallner napisał: |
| 6 |
> > > Hi, |
| 7 |
> > > |
| 8 |
> > > ${Subject} ringing a bell here: |
| 9 |
> > > |
| 10 |
> > > dev-db/oracle-instantclient is fetch restricted. As a binary package with |
| 11 |
> > > multiple USE options there's a bunch of files to download - even for |
| 12 |
> > > multiple archs when multilib is active. |
| 13 |
> > > |
| 14 |
> > > So in pkg_nofetch() I'm telling the user whether a file to download is |
| 15 |
> > > "already here" or "still absent", by testing if $A exists in $DISTDIR. |
| 16 |
> > > |
| 17 |
> > > With ${Subject}, I'm wondering if DISTDIR is created for pkg_nofetch too. |
| 18 |
> > > |
| 19 |
> > |
| 20 |
> > You're doing the wrong thing then. DISTDIR is not allowed |
| 21 |
> > in pkg_nofetch(). |
| 22 |
> |
| 23 |
> It seems to be a common assumption that it's allowed, this command |
| 24 |
> currently shows 163 results in the gentoo repo: |
| 25 |
> |
| 26 |
> git grep -l pkg_nofetch | xargs grep 'e\(log\|info\).*DISTDIR' | wc -l |
| 27 |
> |
| 28 |
> We should double check with the PMS maintainers to see if they think |
| 29 |
> it's worthy of an exception. Otherwise, we need to announce the issue on |
| 30 |
> the gentoo-dev mailing list. |
| 31 |
|
| 32 |
PMS maintainers already verified that back during the first run of those |
| 33 |
patches. However, we believe the only reasonable way to get this out of |
| 34 |
pkg_nofetch() is to actually stop it from working, so people would stop |
| 35 |
using it. |
| 36 |
|
| 37 |
> Furthermore, you're touching files whose hashes have |
| 38 |
> > not been verified which is twice wrong. |
| 39 |
> |
| 40 |
> Checking if files exist is not really a security risk, but yes, we |
| 41 |
> should conform to the spec. |
| 42 |
|
| 43 |
There's no technical reason why the ebuild wouldn't have done more than |
| 44 |
checking if they exist. |
| 45 |
|
| 46 |
-- |
| 47 |
Best regards, |
| 48 |
Michał Górny |
Archives