From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from lists.gentoo.org (pigeon.gentoo.org [208.92.234.80]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by finch.gentoo.org (Postfix) with ESMTPS id F18251382C5 for ; Sat, 5 Dec 2020 13:44:09 +0000 (UTC) Received: from pigeon.gentoo.org (localhost [127.0.0.1]) by pigeon.gentoo.org (Postfix) with SMTP id 030E4E0908; Sat, 5 Dec 2020 13:44:06 +0000 (UTC) Received: from smtp.gentoo.org (smtp.gentoo.org [140.211.166.183]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by pigeon.gentoo.org (Postfix) with ESMTPS id 82D8AE087A for ; Sat, 5 Dec 2020 13:44:05 +0000 (UTC) Subject: Re: [gentoo-user] Switching default tmpfiles and faster internet coming my way. To: gentoo-user@lists.gentoo.org References: <4b0dc38c-0f6e-208d-6187-c856a453aeae@gentoo.org> <61d98418-9451-027d-3266-4f62a13a8802@gmail.com> From: Michael Orlitzky Message-ID: <7dc8a328-6fda-ef4e-b0d2-f7f719b732ec@gentoo.org> Date: Sat, 5 Dec 2020 08:43:59 -0500 User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:78.0) Gecko/20100101 Thunderbird/78.5.0 Precedence: bulk List-Post: List-Help: List-Unsubscribe: List-Subscribe: List-Id: Gentoo Linux mail X-BeenThere: gentoo-user@lists.gentoo.org Reply-to: gentoo-user@lists.gentoo.org X-Auto-Response-Suppress: DR, RN, NRN, OOF, AutoReply MIME-Version: 1.0 In-Reply-To: Content-Type: text/plain; charset=utf-8; format=flowed Content-Language: en-US Content-Transfer-Encoding: 8bit X-Archives-Salt: b4ba8fc0-c5f5-4626-8b12-a385df276df4 X-Archives-Hash: 8319b908ebf88911ed4597f059b2170f On 12/4/20 12:02 PM, Dale wrote: > > So basically, that package would have to start over from scratch to be > fixed.  That's not very likely if history means anything. > I think the opentmpfiles devs are planning to copy/paste the systemd-tmpfiles C code into opentmpfiles eventually. That will make it safe on Linux, obviously, since systemd-tmpfiles is... but will leave the hardlink problem unsolved on other kernels. There's no way to make opentmpfiles both cross-platform and safe. It's possible to do so with OpenRC more generally, but that's a larger undertaking that I suspect no one is interested in taking under: 1. Give up on tmpfiles entirely 2. Replace "checkpath" in OpenRC with something that drops privileges 3. Rewrite all of the init scripts that rely on tmpfiles 4. Rework any packages that use tmpfiles without an OpenRC service > Sounds like switching is the best path and really, about the only path. > Until something better comes along or the default is redone from > scratch, not switching leaves a door open for a bad guy. Exactly. > Do you know if the systemd devs manage this or is this package done > outside of them?  Since some don't like systemd, myself being one of > them, I'd like to know what group maintains that package. Lennart "fuck Gentoo" Poettering is still in charge of systemd-tmpfiles, but there's nothing bad to be said about him in this regard. Compare his immediate and complete response to these issues, * https://github.com/systemd/systemd/issues/7736 * https://github.com/systemd/systemd/issues/7986 with the fact that the opentmpfiles bugs have sat there unaddressed for three years.