1 |
On Mon, 2003-09-08 at 07:33, Jan Krueger wrote: |
2 |
> On Monday 08 September 2003 03:03, Jon Portnoy wrote: |
3 |
> |
4 |
> > You haven't shared many of your views |
5 |
> Here they are again summed up for the interested reader: |
6 |
> |
7 |
> -prevent ebuilds from modifying the life filesystem (from pkg_postinst for |
8 |
> example), portage is the only one allowed to do so. that means a real sandbox |
9 |
> over full ebuild time. the image is ready after src_install. portage than |
10 |
> puts the files at the right place. The ebuild itself can in no way touch the |
11 |
> live filesystem. there is no need for the ebuild to do so. |
12 |
> (putting the build system into UML would be a considerable option for this. |
13 |
> maybe oversized) |
14 |
> |
15 |
|
16 |
This is not always possible as I have said before. Mozilla for instance |
17 |
have many issues if you do not remove the old chrome files and registry |
18 |
to name one. Another is baselayout that is in general a pita. |
19 |
|
20 |
> -allow the actual package install process only to add files to the filesystem |
21 |
> or to only modify/remove files that belong to an revision of the same ebuild |
22 |
> (qa would benefit from this suggestions too.). Portage, before putting all the |
23 |
> files from the image into the life filesystem, scans the image for all files |
24 |
> in there. now it has a list of files it is going to install. So it |
25 |
> scans now the live filesystem if thes files, or some of them exist. If they |
26 |
> exist in the live filesystem, portage checks if they belong to a revision of |
27 |
> the same ebuild. |
28 |
> -if they dont belong to a revision of the same ebuild and are not found in |
29 |
> the live filesystem it would be an addition of new software so the files are |
30 |
> put into action |
31 |
> -if they are found in the filesystem and belong to a revision of the same |
32 |
> ebuild it would be an upgrade or downgrade and are put into action |
33 |
> -if they are found in the filesystem and do not belong to a revision of the |
34 |
> same ebuild -> something is wrong (might be init going to be overwritten) -> |
35 |
> inform the user and fail |
36 |
> |
37 |
|
38 |
This might be an good idea, but it will slow down things a lot. This is |
39 |
Nick's (carpaski) domain, so we will have to check with him. |
40 |
|
41 |
> -provide an secure abtraction for things, like adding values to global config |
42 |
> files, depmod -a, that may be required to do after installing the files to |
43 |
> the life filesystem. |
44 |
> |
45 |
|
46 |
Its not often that this is really done. The only places, this was done |
47 |
with some care (look at pshadow and pam-login for examples), and a |
48 |
backup, etc was made ... |
49 |
|
50 |
> >From my answer to Jon: |
51 |
> > So we should never be able to tweak config files et al in an ebuild? |
52 |
> an ebuild may freely modify its own config files. |
53 |
> modification of config files not belonging to the ebuild should be done via an |
54 |
> already suggested, secure abstraction, lets say a function like: |
55 |
> changeconf phph.ini "line to add to phpini" |
56 |
> portage could then intercept, respecting the suggested CONFIG_EXCLUDE or other |
57 |
> user settings, or, if no user setting is the way, go to apply the change. |
58 |
> This way it would be impossible for the ebuild to wipe php.ini. |
59 |
> Also the user, via CONFIG_EXCLUDE, may completely switch of editing of php.ini |
60 |
> by ebuilds. On the other hand, if the user doesnt care, the ebuild is free to |
61 |
> add this line to php.ini. |
62 |
> - |
63 |
|
64 |
As said above .. its not often that you really need to hack the config |
65 |
files. The docbook/xml/sgml stuff may be another not so common example |
66 |
where it is best to do it without user interaction. |
67 |
|
68 |
> another one was the above mentioned |
69 |
> CONFIG_EXCLUDE in /etc/make.conf: |
70 |
> This variable would accept a list of directories/files for which the behaviour |
71 |
> of portage would be like follows: |
72 |
> whenever portage has the image of the to install software ready it scans this |
73 |
> image for the values in CONFIG_EXCLUDE. |
74 |
> whenever it finds such a directory/file in the image it moves the |
75 |
> directory/file to the doc-directory (eg: |
76 |
> /usr/share/doc/${PF}/excluded_config/ ) of the image (and maybe writes a |
77 |
> message to the user/log) |
78 |
> after that portage continues normally. |
79 |
> |
80 |
|
81 |
As I said in a previous mail, the CONFIG_EXCLUDE feature may |
82 |
come in handy, and will solve the make.conf issue for one. |
83 |
|
84 |
> > repeated yourself without elaborating or expressing |
85 |
> > specific concepts. |
86 |
> If, in your eyes, above things arent concepts and specific i dont know what |
87 |
> else actually is. I dont understand you, you dont understand me, so thats the |
88 |
> wrong place for me, i quit. |
89 |
> |
90 |
> I always tried to be strictly technical, maybe sometimes i failed. i am human. |
91 |
> Sorry. Dont hate me, i, as you, only try to do my best. |
92 |
> |
93 |
|
94 |
Relax, just do not be so pushy from day one. Try to find out more |
95 |
first. Maybe try to create a few ebuilds, or try to update some. |
96 |
Maybe have a look at some open bugs, and try to help fix them. |
97 |
Alternatively you might try to have a look at the portage code. |
98 |
|
99 |
Basically, get involved, see how things is done (not a objective |
100 |
view from the outside without having been involved first). Then |
101 |
recheck what you think, and bring it to the table with enough |
102 |
why's and why not's. |
103 |
|
104 |
|
105 |
Regards, |
106 |
|
107 |
-- |
108 |
|
109 |
Martin Schlemmer |
110 |
Gentoo Linux Developer, Desktop/System Team Developer |
111 |
Cape Town, South Africa |