From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from lists.gentoo.org (pigeon.gentoo.org [208.92.234.80]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by finch.gentoo.org (Postfix) with ESMTPS id 548601382C5 for ; Wed, 1 Jul 2020 13:36:42 +0000 (UTC) Received: from pigeon.gentoo.org (localhost [127.0.0.1]) by pigeon.gentoo.org (Postfix) with SMTP id 9382DE096C; Wed, 1 Jul 2020 13:36:38 +0000 (UTC) Received: from smtp.gentoo.org (smtp.gentoo.org [IPv6:2001:470:ea4a:1:5054:ff:fec7:86e4]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by pigeon.gentoo.org (Postfix) with ESMTPS id 59233E095E for ; Wed, 1 Jul 2020 13:36:38 +0000 (UTC) Subject: Re: [gentoo-dev] RFC: Standard build environment variables To: gentoo-dev@lists.gentoo.org References: <91a59b26-94e1-9494-3f2c-ca75e8ff1426@gentoo.org> <20200630162223.flffq4fu26zjlbce@gentoo.org> From: Michael Orlitzky Message-ID: Date: Wed, 1 Jul 2020 09:36:30 -0400 User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:68.0) Gecko/20100101 Thunderbird/68.9.0 Precedence: bulk List-Post: List-Help: List-Unsubscribe: List-Subscribe: List-Id: Gentoo Linux mail X-BeenThere: gentoo-dev@lists.gentoo.org Reply-to: gentoo-dev@lists.gentoo.org X-Auto-Response-Suppress: DR, RN, NRN, OOF, AutoReply MIME-Version: 1.0 In-Reply-To: <20200630162223.flffq4fu26zjlbce@gentoo.org> Content-Type: text/plain; charset=utf-8 Content-Language: en-US Content-Transfer-Encoding: 7bit X-Archives-Salt: bf919d0d-ac43-4e4d-b45b-8e432faf5cb9 X-Archives-Hash: 61d65e5781c2205ce0f7512859d42241 On 2020-06-30 12:22, Matthew Thode wrote: > > I'd like to suggest allowing only approved variables in the build > environment, having portage unset all variables and setting only what is > needed (or configured). I think this is orthogonal to the problem I'm trying to solve. Even if all environment variables had to be whitelisted, ebuilds would still need to know how to use them when they happen to be defined. I basically just want to write down things like "If set, CC is assumed to contain the name of a compiler driver such as /usr/bin/gcc." That way ebuilds can be written to pass $CC to the build system in places that are expecting a compiler driver. Conversely, if LD is documented to contain a dynamic linker such as /bin/ld, then ebuilds must mangle LD whenever the upstream build system (e.g. pari, perl) interprets it otherwise. These meanings are already enshrined in the tc-getFOO() functions and the various de-facto standards, but there's no user or developer documentation promising that the variables will be used in any particular way.