Gentoo Archives: gentoo-dev

From: Brian Harring <ferringb@×××××.com>
To: lxnay@g.o
Cc: gentoo-dev@l.g.o
Subject: Re: [gentoo-dev] We need *you* for a USE="selinux" dependency
Date: Mon, 05 Dec 2011 03:05:22
In Reply to: Re: [gentoo-dev] We need *you* for a USE="selinux" dependency by Fabio Erculiani
On Sun, Dec 04, 2011 at 11:10:17PM +0100, Fabio Erculiani wrote:
> On Sun, Dec 4, 2011 at 9:35 PM, Sven Vermeulen <swift@g.o> wrote: > > [...] > > The dependency must be on both levels, because the SELinux module must be > > installed before the package is installed (and in theory, RDEPEND could > > trigger an installation afterwards): during the installation phase, Portage > > labels the files on the system (which would get wrong labels if the module > > isn't installed yet[1]). Also, DEPEND isn't sufficient due to binary package > > support requirements. > > > > > > Wkr, > > ?? ?? ?? ??Sven Vermeulen > > > > [1] I am aware that Portage currently installs RDEPEND before the package > > ?? ??itself, but that might change in the future and other package managers might > > ?? ??exhibit different behavior. > > > > I haven't really understood what you mean with RDEPENDs being scheduled "after". > RDEPEND must be always scheduled before the pkg requiring it,
While it appears that way, it's not actually true; RDEPEND is what the pkg requires to be able to be usable, not what is required to merge it. Key thing there is the 'run' part; the manager can merge a pkg that isn't yet usable (unsatisfied rdeps), as long as nothing in the graph currently requires the pkg to be working at that state in the build plan. Assuming pkg x DEPENDs on a, and RDEPENDS on b for the context of this discussion, it's perfectly valid for the manager to sequentially build and merge (a, x, b). At the point 'b' is merged, 'x' is considered satisfied/usable. This is the long term rules; the reason it's not obvious is because it's rare for the graph to be flexed in such a fashion that a,x,b is forced rather than a,b,x. Cycles, blockers, odd deps, etc, can force it however.
> If you need to schedule a dep install at some point, you should rather > use PDEPEND, but if the same is required earlier in the schedule, > well, you're flooked.
In the context of this discussion (apply selinux policies), PDEPEND isn't valid; PDEPEND should be used strictly for for deps that are RDEPEND required, but the pkg can function (degraded) without; this being done for cycle breaking reasons. Well aware people don't always abide by those terms, but that's the actual rules. Selinux wise, the policy needs to be available for applying at merge time, so PDEPEND doesn't fly. ~harring


Subject Author
Re: [gentoo-dev] We need *you* for a USE="selinux" dependency Fabio Erculiani <lxnay@g.o>