From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: (qmail 8403 invoked by uid 1002); 8 Sep 2003 00:25:11 -0000 Mailing-List: contact gentoo-dev-help@gentoo.org; run by ezmlm Precedence: bulk List-Post: List-Help: List-Unsubscribe: List-Subscribe: List-Id: Gentoo Linux mail X-BeenThere: gentoo-dev@gentoo.org Received: (qmail 1920 invoked from network); 8 Sep 2003 00:25:09 -0000 From: Martin Schlemmer Reply-To: azarah@gentoo.org To: Jan Krueger Cc: Jon Portnoy , Gentoo-Dev In-Reply-To: <200309080208.51371.jk@microgalaxy.net> References: <200309080132.45709.jk@microgalaxy.net> <20030907234111.GA9582@cerberus.oppresses.us> <200309080208.51371.jk@microgalaxy.net> Content-Type: multipart/signed; micalg=pgp-sha1; protocol="application/pgp-signature"; boundary="=-z90h+kF4KNq7Sl2KePpV" Message-Id: <1062980914.8455.228.camel@nosferatu.lan> Mime-Version: 1.0 X-Mailer: Ximian Evolution 1.4.4 Date: Mon, 08 Sep 2003 02:28:34 +0200 Subject: Re: [gentoo-dev] suggestion portage ebuild system file modification rights and protection X-Archives-Salt: c3863fb3-106c-49fb-a82d-3929d0a7c157 X-Archives-Hash: 479b9cc0bb1c69fc24fa06afbb2ad1bc --=-z90h+kF4KNq7Sl2KePpV Content-Type: text/plain Content-Transfer-Encoding: quoted-printable On Mon, 2003-09-08 at 04:08, Jan Krueger wrote: > > > Again examples from the actual tree, so you can try yourself: > > > 1. emerge ezmlm and emerge ezmlm-idx > > > providing slightly different funtionality they will overwrite each ot= her > > > (instead of blocking each other) > > > > Bug. Is it filed? > Bug in portage! portage is the one that allows such integrity mess. >=20 Whoever just forgot to add a 'DEPEND=3D"!ezmlm-idx"' to ezmlm, and reverse for ezmlm-idx ? I do not see how portage will cause that individual(s) to forget about that ? > > So we don't have enough manpower. > Thats true for many open-source project. Some of them just try to get=20 > organized more efficiently and succeed in doing so. > So, maybe there is a more appropriate organization model for gentoo? >=20 I am also guessing you have not read GWN, and -dev for the last two months or so ? > > > And to me its clear why it is like that (at least on reason): > i meant to say: (at least one reason) > sorry. >=20 > > So basically you're saying portage shouldn't install software. > I say: > portage must respect my system inegrity! >=20 Ok, but the merge code in portage could have a bug bigger than anything pkg_{post,pre}inst() could ever cause. Right, so that is why we need all the other safety nets - they could be more buggy ? > > So we should never be able to tweak config files et al in an ebuild? > an ebuild may freely modify its own config files. > modification of config files not belonging to the ebuild should be done v= ia an=20 > already suggested, secure abstraction, lets say a function like: > changeconf phph.ini "line to add to phpini" > portage could then intercept, respecting the suggested CONFIG_EXCLUDE or = other=20 > user settings, or, if no user setting is the way, go to apply the change. > This way it would be impossible for the ebuild to wipe php.ini. > Also the user, via CONFIG_EXCLUDE, may completely switch of editing of ph= p.ini=20 > by ebuilds. On the other hand, if the user doesnt care, the ebuild is fre= e to=20 > add this line to php.ini. >=20 Some times it is not so easy. Unfortunately black and white on paper usually is much more seperate issues than real live could ever be. --=20 Martin Schlemmer Gentoo Linux Developer, Desktop/System Team Developer Cape Town, South Africa --=-z90h+kF4KNq7Sl2KePpV Content-Type: application/pgp-signature; name=signature.asc Content-Description: This is a digitally signed message part -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.3 (GNU/Linux) iD8DBQA/W80yqburzKaJYLYRAsLzAJ9YGBbo6ReE8xRJdBu5HU2j8eG0MwCbBQT/ +IbzjCZuy8OWxHB00TRTufk= =FsOo -----END PGP SIGNATURE----- --=-z90h+kF4KNq7Sl2KePpV--