From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from [140.105.134.102] (helo=robin.gentoo.org) by nuthatch.gentoo.org with esmtp (Exim 4.43) id 1DkOPZ-0008AS-1J for garchives@archives.gentoo.org; Mon, 20 Jun 2005 15:42:09 +0000 Received: from robin.gentoo.org (localhost [127.0.0.1]) by robin.gentoo.org (8.13.4/8.13.4) with SMTP id j5KFfL9w030400; Mon, 20 Jun 2005 15:41:21 GMT Received: from smtp04.gnvlscdb.sys.nuvox.net (smtp.nuvox.net [64.89.70.9]) by robin.gentoo.org (8.13.4/8.13.4) with ESMTP id j5KFdfQH008370 for ; Mon, 20 Jun 2005 15:39:41 GMT Received: from cgianelloni.nuvox.net (216.215.202.4.nw.nuvox.net [216.215.202.4]) by smtp04.gnvlscdb.sys.nuvox.net (8.12.11/8.12.11) with SMTP id j5KFeAJ4025717 for ; Mon, 20 Jun 2005 11:40:11 -0400 Received: by cgianelloni.nuvox.net (sSMTP sendmail emulation); Mon, 20 Jun 2005 11:39:47 -0400 Subject: Re: [gentoo-dev] Re: Re: splitting one source package into many binaries From: Chris Gianelloni To: gentoo-dev@lists.gentoo.org In-Reply-To: References: <564d96fb0506160950b9752bf@mail.gmail.com> <42B1B997.5070003@gentoo.org> <20050616132044.2b689bd3@edune.lan> <1119016612.13606.13.camel@cgianelloni.nuvox.net> Content-Type: multipart/signed; micalg=pgp-sha1; protocol="application/pgp-signature"; boundary="=-EJjYh36mharq4oGGPywG" Organization: Gentoo Linux Date: Mon, 20 Jun 2005 11:39:47 -0400 Message-Id: <1119281987.13606.26.camel@cgianelloni.nuvox.net> Precedence: bulk List-Post: List-Help: List-Unsubscribe: List-Subscribe: List-Id: Gentoo Linux mail X-BeenThere: gentoo-dev@gentoo.org Reply-to: gentoo-dev@lists.gentoo.org Mime-Version: 1.0 X-Mailer: Evolution 2.2.2 X-Archives-Salt: 20258acd-6dc8-4e0a-80f6-353b3deffd0c X-Archives-Hash: ebdb335082a9cb8eac078f20a52c638f --=-EJjYh36mharq4oGGPywG Content-Type: text/plain Content-Transfer-Encoding: quoted-printable On Sat, 2005-06-18 at 05:17 -0700, Duncan wrote: > > There is zero security risk unless you, as root, start the server. >=20 > I get the point, but if it's not there to be started, it cannot be > started, thru some fat-fingering on the part of a confused admin trying t= o > launch the client, or any other way. If it's needed, that's one thing, bu= t > if it's not needed, it shouldn't be there. USE flags (not split > packages, I'll absolutely agree there) are the Gentoo way to control that= . http://bugs.gentoo.org/show_bug.cgi?id=3D12499 Personally, I am completely against it. It makes dependencies a complete nightmare to work with and would add an immense amount of complexity for the developers and also for users that aren't going to need/use this system. You have the tools to remove the binaries already. Use them. > > I think you have the wrong assumption here on how Gentoo is "supposed t= o > > work". Gentoo ships packages as close to how upstream packages them as > > possible. If you have a problem with the daemon being shipped with the > > client, then complain upstream. We have always provided the package as > > determined by upstream. Splitting packages is a waste of developer tim= e > > and also makes things much more complex dependency-wise. >=20 > Gentoo Philosophy page: "The Gentoo philosophy is to allow this user to > do what he or she wants to do, without getting in the way." ...and you can. You can write your own ebuild or use INSTALL_MASK. Allowing the user to do what he wants doesn't mean that *we* have to do it for them. > Of course, there's a practical limit to that. However, a simple > "clientonly" USE flag on client/server combo packages such as ssh and > dhcp would appear to be entirely within the Gentoo spirit, and generally > would require no more work than is already done in support of all sorts o= f > other USE flags. Simply don't compile or install the server, if a separat= e > binary from the client, and don't include /etc/init.d server starter > scripts (like sshd) and the like, if the clientonly USE flag is set. See my comments about writing your own ebuild or using INSTALL_MASK. It's always easy for someone to suggest how "easy" something may or may not be when they aren't the one that has to do the work... ;] We have provided methods for you to accomplish what you want. You do not want to use them or do not find them adequate. I can understand that. You need to understand, however, that we simply might not make any changes because we feel what we have provided is adequate and don't feel like taking on the extra work required to change the hundreds of packages in portage that this would affect. --=20 Chris Gianelloni Release Engineering - Strategic Lead/QA Manager Games - Developer Gentoo Linux --=-EJjYh36mharq4oGGPywG Content-Type: application/pgp-signature; name=signature.asc Content-Description: This is a digitally signed message part -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.1 (GNU/Linux) iD8DBQBCtuNDkT4lNIS36YERApTVAKCIGxlH+H89Q8liuL6USPrvTC7teACfZXVA O3aepdsI5LbKSWtrjARMo8c= =UIm6 -----END PGP SIGNATURE----- --=-EJjYh36mharq4oGGPywG-- -- gentoo-dev@gentoo.org mailing list