| 1 |
-----BEGIN PGP SIGNED MESSAGE----- |
| 2 |
Hash: SHA1 |
| 3 |
|
| 4 |
On 11/24/2013 12:28 PM, Anthony G. Basile wrote: |
| 5 |
> Hi everyone, |
| 6 |
> |
| 7 |
> I'd like to bounce a question of the community regarding the order of |
| 8 |
> profile stackings. We have a suggestion in hardened to re-introduce the |
| 9 |
> hardened desktop profile. This was deprecated because controlling the |
| 10 |
> profile stacking order is very difficult. Specifically, if we set |
| 11 |
> |
| 12 |
> .. |
| 13 |
> ../../../../targets/desktop |
| 14 |
> |
| 15 |
> in $PORTDIR/hardened/linux/amd64/desktop/parent (taking amd64 as an |
| 16 |
> example), then we get a stacking order where targets/desktop overrides |
| 17 |
> hardened/linux/amd64. This causes problems because of flags we need to |
| 18 |
> mask in hardened. |
| 19 |
> |
| 20 |
Right, targets/desktop overriding hardened is undesirable, that is the |
| 21 |
main problem with this stacking order. |
| 22 |
|
| 23 |
> A suggestion was forwarded to switch |
| 24 |
> $PORTDIR/hardened/linux/amd64/desktop/parent to the following |
| 25 |
> |
| 26 |
> ../../../../targets/desktop |
| 27 |
> .. |
| 28 |
> |
| 29 |
> This, however, puts targets/desktop before even base which is |
| 30 |
> problematic. In fact, the resulting stacking order is: |
| 31 |
> |
| 32 |
> /usr/portage/profiles/targets/desktop |
| 33 |
> /usr/portage/profiles/base |
| 34 |
> /usr/portage/profiles/default/linux |
| 35 |
> /usr/portage/profiles/arch/base |
| 36 |
> /usr/portage/profiles/features/multilib |
| 37 |
> /usr/portage/profiles/features/multilib/lib32 |
| 38 |
> /usr/portage/profiles/arch/amd64 |
| 39 |
> /usr/portage/profiles/releases |
| 40 |
> /usr/portage/profiles/eapi-5-files |
| 41 |
> /usr/portage/profiles/releases/13.0 |
| 42 |
> /usr/portage/profiles/hardened/linux |
| 43 |
> /usr/portage/profiles/hardened/linux/amd64 |
| 44 |
> /usr/portage/profiles/hardened/linux/amd64/desktop |
| 45 |
> |
| 46 |
> The concern with this stacking order is that, with all the later |
| 47 |
> subprofiles overriding targets/desktop, we have breakage waiting to |
| 48 |
> happen when changes are made in arch/amd64 or default/linux. Since the |
| 49 |
> whole community takes care of those profiles, this seems like a question |
| 50 |
> for everyone. Do people assume a particular order to stacking when they |
| 51 |
> commit to arch/ or default/linux? |
| 52 |
> |
| 53 |
So the main problem with the old hardened desktop profile is impossible |
| 54 |
here, right? So in what world is this worse than having no hardened |
| 55 |
desktop profile at all? At worst I can imagine something from |
| 56 |
targets/desktop being overridden which, yes, leaves one more use flag |
| 57 |
for the user to set, but breaks nothing and can be easily fixed in the |
| 58 |
new hardened desktop profile.... |
| 59 |
|
| 60 |
> The issue is being tracked in bug #492312. I give an example of my |
| 61 |
> concern there. |
| 62 |
> |
| 63 |
So for the 300th time, why exactly is this a bad idea? I've yet to hear |
| 64 |
a single person willing to bother testing, and everyone is just |
| 65 |
terrified that "omg, what do you mean base isn't first???" |
| 66 |
|
| 67 |
- -Zero_Chaos |
| 68 |
-----BEGIN PGP SIGNATURE----- |
| 69 |
Version: GnuPG v2.0.22 (GNU/Linux) |
| 70 |
Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/ |
| 71 |
|
| 72 |
iQIcBAEBAgAGBQJSkqsuAAoJEKXdFCfdEflK2e4P/idmJZFtMhLMom6oV2vgiZJ5 |
| 73 |
NEyhqzfeDObvoz+RFasUW5FJWuoF2tRKQ5YeqN/OqBooW7T2nfuYHUHBYKk5XXPf |
| 74 |
giYLLe8uTorPdEVoKcyB6gLJm4miVNrVP4GwiRiKn3UwIDN7WWUQkf6SX4ki8bgR |
| 75 |
t7DVHfc490xwlxe7iTRW3usRJPW3fs1RJ6giMGFe5Y7ddtyC3XyojEBJvaJejZfJ |
| 76 |
YoRLcyonEiwoEBnYdpV4LKBI85ZCmevLs8CatYZ6tdwvoUtam5fsZ7QNeFtgp4qd |
| 77 |
YJAMkux+CXB+2BP0xant8f/TA4xzPSoGGRxxLs+r8a9vDbZ0lm9FjCUYHEKR3iSG |
| 78 |
Z38xFiaWwh2VJ73sNTrJ52KNpfWmtpAqSHFmgZci8157y7H+3uYZDTFhYfKsB5xN |
| 79 |
JCXiTWOJ5fKK0QKxf4PDWp6yAQNO8Ef7ObMkA96a+1JfCZXkFROCkpuKh+I7OD1J |
| 80 |
Fhyx9yN3axLuo77YjjO+H00rL4qbDMhujX8ZXUqWxwZYSY6o1sCh2fvKZWIAstgf |
| 81 |
rhENd2R5Ae7I0PxCjID29BS2TjQz+z7o0kQz4FEm4zlJm7Qt29QrYSENkXpZw6rZ |
| 82 |
5L20FtSjJx6IfBbsdGIyFTANV0B7fPht8peoSoMggfvFAVNps6bVGzEMuoowWwSX |
| 83 |
QYBPkyLcLJ8Tnl3dnTcK |
| 84 |
=fiGs |
| 85 |
-----END PGP SIGNATURE----- |
Archives