1 |
On 08/21/05 Alec Warner wrote: |
2 |
|
3 |
> -----BEGIN PGP SIGNED MESSAGE----- |
4 |
> Hash: SHA1 |
5 |
> |
6 |
> Was talking with Brian about the build environment and how settings |
7 |
> were to be passed into the build environment. |
8 |
> |
9 |
> Essentially three scenarios were presented. |
10 |
> |
11 |
> 1) The full environment is passed to the build environment. This was |
12 |
> generally agreed upon to be bad since there are environmental things |
13 |
> that can cause build problems. |
14 |
> |
15 |
> 2) The full environment is parsed via a blacklist to strip out |
16 |
> environment settings that are known to be bad for building packages. |
17 |
> This leads to a clean* build environment. However, maintaining the |
18 |
> blacklist can be a challenge if it grows in size. |
19 |
> |
20 |
> (*) clean, meaining all the bad things we know about are not in the |
21 |
> build environment. This does not account for the bad things we do NOT |
22 |
> know about. |
23 |
> |
24 |
> 3) The full environment is parsed via a whitelist to get a list of |
25 |
> environment settings that are known to be good for building packages. |
26 |
> This leads to a clean build environment, as only whitelisted |
27 |
> environment settings are passed in. However, the whitelist will |
28 |
> probably be worse to maintain than a blacklist. |
29 |
> |
30 |
> Both 2) and 3) above have issues where some build variables are bad |
31 |
> for ebuild X but not ebuild Y. I am unsure how exactly to cover any |
32 |
> kind of situation like that ( and I don't have an example from the |
33 |
> tree, save perhaps LANG=weird-language ). |
34 |
> |
35 |
> To me 1) is unacceptable and 3) is the best option. Feel free to |
36 |
> shoot these down as you see fit ;) |
37 |
|
38 |
Well, codewise 2) and 3) aren't that different (one is just the |
39 |
inversion of the other), so why not implement both, make a config |
40 |
setting for it and get empirical data to find the "best" solution? |
41 |
Actually don't even need a config switch, just detect if a blacklist or |
42 |
a whitelist is present and use them then. |
43 |
|
44 |
Theoretical discussions about this are pointless IMO without |
45 |
numbers/facts to back things up. |
46 |
|
47 |
Marius |
48 |
|
49 |
-- |
50 |
Public Key at http://www.genone.de/info/gpg-key.pub |
51 |
|
52 |
In the beginning, there was nothing. And God said, 'Let there be |
53 |
Light.' And there was still nothing, but you could see a bit better. |
54 |
-- |
55 |
gentoo-portage-dev@g.o mailing list |