RPM vs xattrs [was: python3.2+ compiled files]

Tomasz Pala gotar at polanet.pl
Sun Apr 10 02:36:15 CEST 2011


On Sat, Apr 09, 2011 at 19:52:34 -0400, Jeff Johnson wrote:

> SO add the tag. I can't justify the implementation for lots of reasons,
> not only space. I answered what the overhead cost was, not what the
> complexity cost is/was.

Once again you write about 'some reasons' and keep them for yourself, I
don't know if you are assuming we're too dumb to understand them, but I
see that they got no problems with capabilities at rpm.org, so - well,
maybe it just works?

>>> Then also add that to download times,
>> 
>> You must be kidding - downloading 1 MB more considering entire distro is
>> nothing.
> 
> I son't personally think download is worth worrying about.

So why do you mention this, to keep me busy answering such bullshit?

> Meanwhile -- for lots of reasons -- other do,
> and blame RPM for "bloat".

Well, if the reasons are lots in numbers, than OK. But why didn't you
put any here, just the less important ones?

> I'm well aware of the cost of RPM_I18NSTRING_TYPE. There are 2 distros
> left using %description -l XY in *.spec recipes.
> 
> Mandriva is the other distro ... all @redhat derived distros stopped
> using locales in *.spec a decade ago.

Did they removed translations entirely or put them in some better place?
BTW it's you who wrote we've got good engineering practices often.

>>>> There are patches - in rpm.org as you know.
>>> 
>>> I'm well aware of what is @rpm.org even if you are not.
>> 
>> Maybe I'm not - how does it even matter?
> 
> It doesn't matter -- we;re having a dscussion abt *.pyo files in python 3.2, aren't we?

Especially for you, with dedication, I've changed subject of this
thread. Can we now focus on technical discussion not form and style?

>>> You claimed that rpm was preventing you from remoing SUID.
>> 
>> Yeah - %caps() was added in 4.6 and we got 4.5 here in PLD.
> 
> You're foolish if you think 4.6 > 4.5 and hence "newer".

You're foolish if you think I'm not aware of distinct lines of rpm.
You exactly know that there's no 4.5 at rpm.org and no 4.6 at rpm5.org,
so adding adjuncts would be robust.

>> package, The Point is to supply proper xattrs and leave user a choice.
            ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
> SO remobve SUID's or disable SUID's or write the script that attaches
> capabilities to 100-300 files (a generous over estimate considering
> how few setuid programs ther actually are), and do whatever you please.

Sure, I can write a script to maintain database of untared archives.
Wait a minute, isn't it a package manager?

> But it simply isn't true that RPM "package mangement" is stopping you
> from implementing SUID removal or me from discussing chicks-in-charge.

RPM prevents me from having non-destructable upon regular system
maintaince xattrs, which are required for SUID/UID==0 removal.

>> Assuming this "way" can undo transaction (full rollback) in context of
>> privilidged process. How to setcap setcap binary after upgrade?
> 
> Re-run the script and write it with +capability/-capability and --rollback if you ish.

I can't re-run it, because at this moment it is already unpriviledged.
You know what, just chmod -x /bin/* and have fun.

>> Unless one wokes up with no privilidged apps in system.
> 
> Too bad for you.

That's all you can say?

>> Eventually one of these will be used, but I doubt PLD is used in nuclear
>> installations or by chicks in charge.
> 
> Wanna bet? AFAIK, PLD is happier with its own fork of RPM.

I don't know who is happier, I don't know all the differences, I see
different branches in CVS _including_ rpm5.org and rpm.org.

> I have offered
> to assist with upgrade multiple times, gave up caring a few years back
> because what PLD does is up to PLD.

If you've offered this in a way you 'offer' to support caps (go write a
script or send me patch) you shouldn't be surprised...

> But yes, there's a horrendous amount of "bloat" associated with
> 	%description -l XY
> 
> WHich is why RPM_I18NSTRING_TYPE was abandoned (as in not used, yes the
> implementation still exists, as b0rken as ever, in RPM) a decade ago.
> 
> But "Not yet." for PLD and Mandriva.

~:  rpm -qai | wc -c
1648049

in C locale, my entire /var/lib/rpm uses 70 MB and I don't care. But
saving '\0'? Seriously?

-- 
Tomasz Pala <gotar at pld-linux.org>


More information about the pld-devel-en mailing list