From: Steve Long <slong@rathaus.eclipse.co.uk>
To: gentoo-dev@lists.gentoo.org
Subject: [gentoo-dev] Re: [PMS] Add RESTRICT="distcc" capability
Date: Mon, 03 Nov 2008 08:18:58 +0000 [thread overview]
Message-ID: <gemc7b$8p0$1@ger.gmane.org> (raw)
In-Reply-To: 20081102192825.7bb8a97d@snowcone
Ciaran McCreesh wrote:
> On Sun, 2 Nov 2008 12:11:10 -0700
> Gordon Malm <gengor@gentoo.org> wrote:
>> > Have you conclusively established that they do build fine in
>> > parallel? If so, how?
>> Yes it builds in parallel. By compiling it in parallel.
> If you think compiling it in parallel confirms that it builds in
> parallel, you're reaffirming my growing suspicion that you're entirely
> wrong about distcc being responsible for anything other than hardened
> brokenness...
>
Well my understanding of parallel make is that it would show some issues but
not all. I'd hope you were trying to say: "Build it via distcc with N
virtual hosts" or sth along those lines.
>> > RESTRICT=distcc on kernel modules is unnecessary for the large
>> > proportion of users who don't use hardened. RESTRICTs can't be set
>> > dependent upon whether or not something like hardenened is enabled;
>> > other mechanisms are available that can be. So why aren't you
>> > considering those other mechanisms?
>>
>> I agree with the first sentence, never said otherwise. Who says I am
>> not considering them? In fact, I have stated that I am.
More why hasn't he proposed them already.
>> They are
>> just more hackish than adding the ability to RESTRICT distcc, hence
>> my reason for soliciting such a feature. I'm surprised that you'd
>> suggest this after debasing a RESTRICT option on the same grounds.
>
> And that brings us to the other thing you don't understand: RESTRICT is
> a global, system independent, invariant metadata key. Things in
> RESTRICT are in RESTRICT because they have to be known in situations
> where those constraints are in effect.
"those constraint are in effect" isn't a good way of explaining that imo.
> Things that do not have to be
> known at the metadata level shouldn't be in metadata.
>
Yeah, stuff that always applies, no matter what.
>> Sorry to everyone who e-mailed me who thought RESTRICT=distcc would
>> be somewhat useful.
Well a user could always turn off FEATURES externally, which isn't hard to
automate[2]; developers are notoriously bad at defining use-cases.
>
> Those people are mistaken.
>
>> > Uh, that's your answer to technical objections to a proposal? You
>> > aren't prepared to defend your proposal on its merits?
I think those two bits go nicely together.
It's not supposed to be a fight, btw.
>>
>> Why are you assuming this point is *at all* related to my proposal?
>> It's not. It's about Gentoo. But I stand corrected, a bunch of
>> people rushed to tell me you don't actually determine anything. ;)
>
> So you don't care about whether your solution is right?
>
*sigh*
> You are proposing to add a metadata invariant option for a condition
> that isn't metadata invariant and that, by being made metadata
> invariant, means it's being disabled for everyone rather than by the
> small number of users who might need it. In addition, you can't
> demonstrate any cases where this option is genuinely useful, other than
> as a workaround for a hardened bug that you haven't contacted upstream
> about, and when used to work around said hardened bug the scope of the
> change isn't limited to hardened.
>
I agree this case isn't the best one, nor am I in favour of this RESTRICT.
I'm totally neutral on it as a solution. I can envisage wanting to restrict
compilation to the local machine, but I'm not bothered about how it gets
done. My instinct would be to err toward giving the control to the ebuild
maintainer, with a clear QA policy, perhaps around making it something that
had to be reviewed on every bump (QA script to watch ebuild as long it has
the RESTRICT, unless it's proprietary.)
Much as we might want perfect builds, they don't always happen, nor do we
always have time to fix upstream bugs, however minor they turn out to be.
> You still haven't explained why you don't do something like:
>
> broken_hardened_compiler && export DISTCC_HOSTS=localhost
>
Still it would have been easier on the reader if you'd just mentioned this
first.
[1] http://hardened.gentooexperimental.org/trac/secure/
[2] http://forums.gentoo.org/viewtopic-t-546828.html
next prev parent reply other threads:[~2008-11-03 8:25 UTC|newest]
Thread overview: 18+ messages / expand[flat|nested] mbox.gz Atom feed top
2008-11-01 20:57 [gentoo-dev] [PMS] Add RESTRICT="distcc" capability Gordon Malm
2008-11-01 21:00 ` Ciaran McCreesh
2008-11-01 21:21 ` Gordon Malm
2008-11-01 21:28 ` Ciaran McCreesh
2008-11-01 21:58 ` Gordon Malm
2008-11-01 22:11 ` Ciaran McCreesh
2008-11-01 22:47 ` Gordon Malm
2008-11-01 22:57 ` Ciaran McCreesh
2008-11-01 23:28 ` Jan Kundrát
2008-11-02 1:29 ` Gordon Malm
2008-11-02 3:16 ` Jorge Manuel B. S. Vicetto
2008-11-02 11:26 ` Ciaran McCreesh
2008-11-02 19:11 ` Gordon Malm
2008-11-02 19:28 ` Ciaran McCreesh
2008-11-03 8:18 ` Steve Long [this message]
2008-11-03 10:22 ` Peter Volkov
2008-11-04 3:37 ` Gordon Malm
2008-11-02 0:11 ` David Leverton
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to='gemc7b$8p0$1@ger.gmane.org' \
--to=slong@rathaus.eclipse.co.uk \
--cc=gentoo-dev@lists.gentoo.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox