| 1 |
Hello, QA. |
| 2 |
|
| 3 |
Since it seems that we are unable to get a proper meeting anytime soon, |
| 4 |
I would like to discuss the agenda items of my interest via the mailing |
| 5 |
list. For a first thread, I would like to discuss games team policies. |
| 6 |
|
| 7 |
The specific policies were proposed for Council meeting [1, pts. 3-5], |
| 8 |
yet the Council deferred the topic to QA as a more appropriate body |
| 9 |
[2, 'Games team policies']: |
| 10 |
|
| 11 |
| - There is consensus amongst council members that specific policies |
| 12 |
| (e.g., games group, /usr/games hierarchy, and games.eclass) should |
| 13 |
| be settled by the QA team. |
| 14 |
|
| 15 |
The relevant requests are [from 1]: |
| 16 |
|
| 17 |
| 3. the use of group 'games' to control access to games can be |
| 18 |
| deprecated and needs not to be enforced, |
| 19 |
| |
| 20 |
| 4. the /usr/games hierarchy (esp. Gentoo-specific /usr/games/lib*) |
| 21 |
| and other locations listed in games.eclass are entirely optional. Using |
| 22 |
| upstream install locations is recommended, |
| 23 |
| |
| 24 |
| 5. the use of games.eclass is entirely optional. Preferably, the eclass |
| 25 |
| would be deprecated since it mostly serves the purpose of enforcing |
| 26 |
| the rules objected in (3) and (4). |
| 27 |
|
| 28 |
And the relevant part of rationale: |
| 29 |
|
| 30 |
| 3. The attempt of limiting access to games through use of 'games' group |
| 31 |
| is unjustified and unprofessional. It caused multiple issues |
| 32 |
| in the past, including repeatedly ignored security issue from 2006 [3] |
| 33 |
| and multiple uses of RESTRICT=userpriv [4]. |
| 34 |
| |
| 35 |
| I recall hearing that game access ought to be restricted because |
| 36 |
| the games are more likely to be of worse quality and the sysadmin wants |
| 37 |
| limit the access to them to the trusted users. Yet at the same time |
| 38 |
| the restriction is causing game ebuilds to run game tools with root |
| 39 |
| privileges since otherwise the portage user is unable to access them. |
| 40 |
| |
| 41 |
| 4. This specific hierarchy is specified by FHS as optional and is |
| 42 |
| not beneficial to users (esp. considering the objection in (3)). |
| 43 |
| In some cases, it forces a lot of patching on packages using |
| 44 |
| non-autoconf build systems that would otherwise be installed in /usr |
| 45 |
| hierarchy, with no visible benefit. Additionally, this causes Gentoo to |
| 46 |
| diverge from upstream and therefore from other distributions. |
| 47 |
| |
| 48 |
| 5. Most of the code in the games.eclass is meant to redefine phase |
| 49 |
| functions and provide wrappers over standard PMS helpers. The sole |
| 50 |
| purpose of all that is to force the ownership and permissions (objected |
| 51 |
| in (3)), and /usr/games hierarchy (objected in (4)). If Council agrees |
| 52 |
| on abolishing those requirements, the eclass becomes mostly a no-op |
| 53 |
| (or equivalent to base.eclass which it is inheriting). |
| 54 |
| |
| 55 |
| Moreover, the games team currently requires the eclass to be always |
| 56 |
| inherited last. Since it redefines multiple phase functions, this |
| 57 |
| sometimes results in ebuilds needing to restore all 'original' phase |
| 58 |
| functions. |
| 59 |
|
| 60 |
What are your thoughts? |
| 61 |
|
| 62 |
[1]:http://article.gmane.org/gmane.linux.gentoo.project/3919 |
| 63 |
[2]:http://www.gentoo.org/proj/en/council/meeting-logs/20140812-summary.txt |
| 64 |
[3]:https://bugs.gentoo.org/show_bug.cgi?id=125902 |
| 65 |
[4]:https://bugs.gentoo.org/show_bug.cgi?id=516576 |
| 66 |
|
| 67 |
-- |
| 68 |
Best regards, |
| 69 |
Michał Górny |
Archives