| 1 |
Hello, |
| 2 |
|
| 3 |
I think the policies proposed in GLEP 81 [1] were overenthusiastic |
| 4 |
and they don't stand collision with sad Gentoo developer reality. |
| 5 |
Instead of improving the quality of resulting packages, they rather |
| 6 |
hamper their adoption and cause growing frustration. |
| 7 |
|
| 8 |
The problems I see today are: |
| 9 |
|
| 10 |
|
| 11 |
1. Mailing list reviews hamper the adoption of new user packages. |
| 12 |
|
| 13 |
Firstly, there are a few developers who obstructively refuse to |
| 14 |
communicate with others and especially to use the public mailing lists. |
| 15 |
While this is a separate problem, and a problem that needs to be |
| 16 |
resolved, this GLEP can't resolve it. Of course, there is no reason to |
| 17 |
believe that removing review requirement will actually make them migrate |
| 18 |
their packages but it's at least one obstacle out of the way. |
| 19 |
|
| 20 |
Secondly, even developers capable of communication find the two stage |
| 21 |
request-wait-commit workflow inconvenient. At any time, there are |
| 22 |
at least a few requests waiting for being committed, possibly with |
| 23 |
the developers forgetting about them. |
| 24 |
|
| 25 |
|
| 26 |
2. Mailing list reviews don't serve their original purpose. |
| 27 |
|
| 28 |
The original purpose of mailing list reviews was to verify that |
| 29 |
the developers use new packages correctly. For example, Michael |
| 30 |
Orlitzky has found a lot of unnecessary home directories specified. |
| 31 |
Of course, that works only if people submit *ebuilds* for review. |
| 32 |
|
| 33 |
However, at some points developers arbitrarily decided to send only |
| 34 |
numbers for review. This defeats the purpose of the review in the first |
| 35 |
place. |
| 36 |
|
| 37 |
|
| 38 |
3. Cross-distro syncing has no purpose. |
| 39 |
|
| 40 |
One of the original ideas was to reuse UID/GID numbers from other |
| 41 |
distros when available to improve sync. However, given the collisions |
| 42 |
between old Gentoo UIDs and other distros, other distros themselves, |
| 43 |
non-overlapping user/group names, etc. there seems to be little reason |
| 44 |
to actually do it. If we even managed some overlap, it would be minimal |
| 45 |
and quasi-random. |
| 46 |
|
| 47 |
While other distros provide a cheap way of choosing new UID/GID, it |
| 48 |
doesn't seem that many people actually use it. Then we hit pretty |
| 49 |
absurd situations when someone chooses one UID/GID, somebody else tells |
| 50 |
him to use the one from other distro. |
| 51 |
|
| 52 |
|
| 53 |
4. Assignment mechanism is not collision-prone. |
| 54 |
|
| 55 |
The secondary goal of mailing list reviews is to prevent UID/GID |
| 56 |
collisions. Sadly, it doesn't work there either. Sometimes two people |
| 57 |
request the same UID/GID, and only sometimes somebody else notices. |
| 58 |
In the end, people have hard time figuring out which number is the 'next |
| 59 |
free', sometimes they discover the number's been taken when somebody |
| 60 |
else commits it first. |
| 61 |
|
| 62 |
|
| 63 |
All that considered, I'd like to open discussion how we could improve |
| 64 |
things. |
| 65 |
|
| 66 |
My proposal would be to: |
| 67 |
|
| 68 |
a. split the UID/GID range into 'high' (app) and 'low' (system) |
| 69 |
assignments, 'high' being >=100 and 'low' <100 (matching Apache suEXEC |
| 70 |
defaults), |
| 71 |
|
| 72 |
b. UIDs/GIDs in the 'high' range can be taken arbitrarily (recommending |
| 73 |
taking highest free), while in the 'low' range must be approved by QA, |
| 74 |
|
| 75 |
c. no review requirement for the 'high' range, just choose your UID/GID |
| 76 |
straight of uid-gid.txt and commit it, |
| 77 |
|
| 78 |
d. strong recommendation to use matching UID/GID for the same user/group |
| 79 |
name. |
| 80 |
|
| 81 |
WDYT? |
| 82 |
|
| 83 |
|
| 84 |
[1] https://www.gentoo.org/glep/glep-0081.html |
| 85 |
|
| 86 |
-- |
| 87 |
Best regards, |
| 88 |
Michał Górny |
Archives