From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from pigeon.gentoo.org ([208.92.234.80] helo=lists.gentoo.org) by finch.gentoo.org with esmtp (Exim 4.60) (envelope-from ) id 1RTNE6-0003L9-Io for garchives@archives.gentoo.org; Thu, 24 Nov 2011 00:31:42 +0000 Received: from pigeon.gentoo.org (localhost [127.0.0.1]) by pigeon.gentoo.org (Postfix) with SMTP id 9A13021C0BC; Thu, 24 Nov 2011 00:31:33 +0000 (UTC) Received: from smtp.gentoo.org (smtp.gentoo.org [140.211.166.183]) by pigeon.gentoo.org (Postfix) with ESMTP id 1AB3D21C07C for ; Thu, 24 Nov 2011 00:31:04 +0000 (UTC) Received: from vapier.localnet (localhost [127.0.0.1]) by smtp.gentoo.org (Postfix) with ESMTP id 79B1B646CC for ; Thu, 24 Nov 2011 00:31:03 +0000 (UTC) From: Mike Frysinger Organization: wh0rd.org To: gentoo-dev@lists.gentoo.org Subject: [gentoo-dev] restricting phases where enew{user,group} is allowed Date: Wed, 23 Nov 2011 19:31:11 -0500 User-Agent: KMail/1.13.7 (Linux/3.1.1; KDE/4.6.5; x86_64; ; ) Precedence: bulk List-Post: List-Help: List-Unsubscribe: List-Subscribe: List-Id: Gentoo Linux mail X-BeenThere: gentoo-dev@lists.gentoo.org Reply-to: gentoo-dev@lists.gentoo.org MIME-Version: 1.0 Content-Type: multipart/signed; boundary="nextPart2294473.NPOmfsuoc7"; protocol="application/pgp-signature"; micalg=pgp-sha1 Content-Transfer-Encoding: 7bit Message-Id: <201111231931.11919.vapier@gentoo.org> X-Archives-Salt: 0d4f04f6-12a0-4877-9e19-ffafaf4c415f X-Archives-Hash: ed43ed0df212ea26ef953fb061e9e860 --nextPart2294473.NPOmfsuoc7 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: quoted-printable currently we blacklist certain phases (which is largely based on EAPI=3D0 a= nd=20 blocking src_*) for enew{user,group}. moving forward, ferringb suggested w= e=20 invert this into a whitelist of allowed phases. afaict, the blacklisting + dev documentation has done a good job of=20 restricting calls to three places: pkg_{setup,preinst,postinst}. so invert= ing=20 the logic should largely be safe. on the off chance it isn't, i think lett= ing=20 the ebuild `die` and getting it fixed up via bug reports is acceptable (i=20 grepped through the tree a bit and looked sane). moving beyond that, i'd like to also ban pkg_postinst usage. the trouble w= ith=20 using this phase is that `die` isn't fatal because the package has already= =20 been merged to $ROOT, so there's no going back. and while logically i can = see=20 that people might prefer pkg_postinst vs pkg_preinst (no point in creating = a=20 user/group if the pkg isn't actually yet merged), for all real world usage,= =20 there's no need to delay it, and it makes the ebuilds a bit more robust as= =20 errors get caught before things get merged to $ROOT. i believe the=20 documentation has always recommended pkg_setup and pkg_preinst anyways. moving even beyond that, i'd like to update the documentation to push peopl= e=20 to prefer pkg_preinst. if your package doesn't require the user/group to b= e=20 available at compile/install time, then there's no need to use pkg_setup. = =20 this improves the use case of attempting to install a package from source,= =20 things failing for whatever reason, and then the pkg is never actually=20 installed, but the user/group is left behind. any feedback before i implement ? =2Dmike --nextPart2294473.NPOmfsuoc7 Content-Type: application/pgp-signature; name=signature.asc Content-Description: This is a digitally signed message part. -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.17 (GNU/Linux) iQIcBAABAgAGBQJOzZBPAAoJEEFjO5/oN/WBBicQAJNFraodjhRCUWrJMJ8tuW+j hOOfKwUQGFIV1bjPLR2zCtwabTSmQ/eOLPs9yyiQ/jJ9+NmOeoo8jE64Cy4FE6GX St7hoTwG8mszpT2MAS1r7a8hImUNtpwwkwZTJAW7G5Z1D8GwEnTzGhQsrtVYOiQ7 BKJYqEQjXKFEDF4He0LNrXfiZMdnNZVG7NJsqAHO+E1nMyu8TeQu9C8AmhjMIgp2 8ojIRAF6+bR3YO2GyKv4gJ/BHQ9ONwqTICzQ2ANNuIofAQOUeESDz1EXLJC3sh7B Gzb3DJonmm3Xzi37frfJOJCOHhwFp9ojSN16XdtP/JR1NxCKCZaogyZnyF9+647i CFR8YImp6el94RWbIH0sMl8HDfoK6dc1e9vE1esKSP+AsT57SToVLFCPnPv4ysKp 2VdN5/U2j0tZL1uP6t0qSQWEh+HXte7PjY9HIeGni/9EgBzr4awJknjwVBFFQcR7 dD34cFgJLkLpBTvEjQMUGCMtan3cm/w5LIpQph72d3dM1RvZ2rVTIshK8XsUqQZj Kk/JYcPgOF00W5pYGxDJmlXqt6JyGRIlj9THCEQ/B6X2PBnh3+bd9Qzoq6+I18fJ ZC8aDdWffvgj4YhzKfncvBY6edc/Ptaog+TbrTromErtRpMltUxklO8vk+WUxfYs cXjSWqKyxXc2ysAHYulW =J3hN -----END PGP SIGNATURE----- --nextPart2294473.NPOmfsuoc7--