1 |
On 02/02/2017 01:01 PM, Rich Freeman wrote: |
2 |
> On Thu, Feb 2, 2017 at 11:25 AM, Michael Orlitzky <mjo@g.o> wrote: |
3 |
>> |
4 |
>> If (base == minimal), then all of the upstream defaults need to be added |
5 |
>> to package.use for the upstream-defaults profile. That's bad, |
6 |
> |
7 |
> I'll go further and say that it is unacceptably bad. |
8 |
> |
9 |
>> but if |
10 |
>> (base == upstream-defaults), then the important IUSE defaults need to be |
11 |
>> copy/pasted from our ebuilds into the minimal profile. The latter is |
12 |
>> more spiritually damning =) |
13 |
>> |
14 |
> |
15 |
> So, I'll admit I've never been one that cared a great deal about |
16 |
> minimalism so I appreciate that I may not be the best one to judge |
17 |
> this, so let's go ahead and embrace your statement for the purpose of |
18 |
> debate. |
19 |
> |
20 |
> Is there a better way we can have our cake and eat it too? I'll admit |
21 |
> that a huge package.use on the minimal profile isn't a whole lot |
22 |
> better than a huge package.use on all the other profiles. |
23 |
> |
24 |
> Do we need another form of syntax in individual ebuilds to try to |
25 |
> separate out the various cases you cite? Does anybody care to |
26 |
> actually suggest one? |
27 |
|
28 |
I think that unikernels are something everyone should be aware of |
29 |
as they purport to be the latest trend in securing all sorts of systems. |
30 |
(a brief read). |
31 |
|
32 |
http://unikernel.org/ |
33 |
|
34 |
|
35 |
Perhaps we should not have a 'minimal profile', as it means so many |
36 |
different things to so many different people. We have not even surveyed |
37 |
the user base... |
38 |
|
39 |
So if we think of all the possible profiles and sub-profiles as being |
40 |
organized in a tree structure, it is better to figure out logical |
41 |
organization of all profiles, imho. |
42 |
|
43 |
So how about profiles that are either under the embedded or basic |
44 |
'moniker' in the profile tree. So embedded is the least number of |
45 |
packages possible, regardless of upstream, where folks build up from |
46 |
there to what they want as a finished system. Embedded, clusters, HPC, |
47 |
and such are compatible enough for what I'm building to be under the |
48 |
same branch of the profile tree. If other folks want their cluster works |
49 |
under the basic part of the profile tree that is concerned with |
50 |
upstream, then they have their part of the profile tree located there. |
51 |
|
52 |
And the 'basic' part of the tree is similar to what we now call |
53 |
'default' and the names build up in whatever schema those target builds |
54 |
desire, like basic+headless, basic+kde, basic+?+whatever..... ? |
55 |
|
56 |
And is there any reason, if necessary that other needs cannot be |
57 |
branched off, as necessary form the profile tree? Perhaps the main root |
58 |
is a state diagram of what is need and has links to relevant documents. |
59 |
That way the profile tree is a live system that can be enhance or |
60 |
modified to serve all of Gentoo's diverse visions. |
61 |
|
62 |
|
63 |
> I still think that we shouldn't encourage users to lightly deviate |
64 |
> from all the upstream defaults. There are of course legitimate |
65 |
> reasons for doing so, and you and I can probably appreciate when we |
66 |
> should do this, but for somebody starting out we're giving them a lot |
67 |
> of rope to hang themselves with. |
68 |
|
69 |
This is only the case because profiles are in general in a mess and |
70 |
there are little in the way of conventions. What is so sacrosanct about |
71 |
upstream for a truly embedded gentoo system or a gentoo based IoT |
72 |
device? How many of the gentoo-embedded devs even bother to read |
73 |
gentoo-dev? Your vision seems to me to be tainted by the major distros |
74 |
and their visions, not be impolite, but they are way off course for |
75 |
secure systems, embedded systems, IoT, HPC and numerous other active |
76 |
areas of Linux, imho. |
77 |
|
78 |
|
79 |
Think about it, if upstream is so brilliant, and has our needs 'at |
80 |
heart' then why have not the kernel-geniuses bothered to build a |
81 |
logical, coherent semantic for kernel configurations, management, |
82 |
security testing and such? If fact, if I were to be critical of |
83 |
upstream, I'd say those and many other issues should have been addressed |
84 |
before the adventures of systemd were dictated upon the larger user |
85 |
base. Upstream is an 'ad-hoc' mess, in the old days we called such |
86 |
entities a clusterF*. |
87 |
|
88 |
|
89 |
So those of us going back to minimal and basics and such venues, even |
90 |
with clusters, could not care less about Mozilla, systemd and thousands |
91 |
of other upstream folks that have lost their pathway forward. (deepest |
92 |
apologies, but I have very strong feelings about "upstream*". |
93 |
|
94 |
|
95 |
Many of the profiles in this and other recent threads, are just 'ad-hoc' |
96 |
naming structures and locations, and that historical flexibility extend |
97 |
to the devs is fantastic. This enhance/cleaning need of gentoo profiles |
98 |
needs to be well thought out and as flexible semantically as possible. |
99 |
|
100 |
|
101 |
It is absolutely a superior approach to not care at all what upstream |
102 |
does, to provide a pathway for embedded gentoo. That is a fundamental |
103 |
characteristic of what an embedded system is. Thanke the code, purge |
104 |
90+ percent of this, and then install it on a embedded system so |
105 |
only what is needed is encluded. On a distro, you can pile on tons |
106 |
of uncessary codes, for convenience and not care, but embedded, |
107 |
it does matter. That is why so much of Iot is hacked and owned |
108 |
by folks with nefarious intentions. Much of 'upstream' is growing |
109 |
dumber by the day, and corporate manager and government interlopers |
110 |
are just loving the cruft of 'upstream'. |
111 |
|
112 |
|
113 |
Minimal is a close cousin to embedded, and now unikernels and aggressive |
114 |
HPC clusters are going that direction too in the name of performance, |
115 |
sane-management and reducing attack surfaces for the cloud or HPC |
116 |
cluster (not all, but many). |
117 |
|
118 |
|
119 |
Surely a branch of the gentoo profiles tree, could rigorously be focused |
120 |
on compatibility with upstream, but that inflexibility, if imposed |
121 |
on everyone else, will only serve to further alienate gentoo-embedded |
122 |
and serve as a unnecessary wedge between some minimal, HPC and unikernel |
123 |
types of gentoo builds. |
124 |
|
125 |
|
126 |
|
127 |
> It is like building a kernel |
128 |
> answering no to the largest number of questions possible while still |
129 |
> actually building something. I'd actually be curious as to what that |
130 |
> kernel would even be capable of doing (there are a lot of fairly |
131 |
> essential things you can turn off in the kernel). |
132 |
|
133 |
|
134 |
This is a whole other area of valid concern. Their was a GSoC project |
135 |
last summer to work on organizing gentooish kernel builds, but that is a |
136 |
very big topic. Perhaps the profiles will have to be proposed but not |
137 |
formalized until folks go out and do some kernel builds and testing |
138 |
associated with a proposed profile organization? |
139 |
|
140 |
|
141 |
> In the same way, we shouldn't be too quick to deviate from upstream |
142 |
> defaults ourselves (#4 in your example), beyond actual integration |
143 |
> work. |
144 |
|
145 |
> I'll admit the current state is a bit of a compromise, but I don't |
146 |
> think we should change it unless we're changing it to something |
147 |
> significantly better. This is a pretty big-impact change. |
148 |
|
149 |
|
150 |
Just formalize some new parts of the profile tree to not be required to |
151 |
be upstream compliant. Isn't that part of being a 'meta-distribution'? |
152 |
|
153 |
In my future (and the future of many others) there will be minimalistic |
154 |
builds on clusters where any number to constructs including |
155 |
compatibility which will all be solved, at the framework level, not the |
156 |
base distro level, to the extent possible. Folks are now running a |
157 |
myriad of windows OS versions on linux (&clusters), so I have just read |
158 |
about a few days ago. So I'm proposing and working on gentoo |
159 |
heterogeneous cluster where one can partition part to be for systemd |
160 |
stuffage, part to be HPC, part to be extraordinarily secure, part to be |
161 |
aligned with a particularly commercial linux distro, and many other |
162 |
differing needs based frameworks. |
163 |
|
164 |
|
165 |
The minimal (lowest level) should be clear of all of those distro |
166 |
encumbrances. CoreOS is taking this approach, as their bare metal |
167 |
bootstrapping occurs completely and well before systemd or any other |
168 |
PID1 schema is invoked or becomes a defacto requirement. Gentoo is all |
169 |
about freedom, right? |
170 |
|
171 |
|
172 |
hth, |
173 |
James |