"Kevin F. Quinn" <[EMAIL PROTECTED]> wrote:
I don't know if anyone is interested in my opinion, but I'll dump it on
you anyway. :-)
> IMO devs should be working with "collision-protect sandbox strict
> stricter test userpriv" but let's not get too excited ;)
ACK. I also agree with the general idea to turn on some FEATUREs
by default to help ensuring ebuild and program correctness, etc. Those
that you mentioned are the features I usually use, some of them with few
or no problems, some with frequent problems. My experiences (of anecdotal
value only, of course):
a) strict - default in the selinux profiles, works fine
b) collision-protect - the last problem I had occurred several months ago
and concerned ownership of /usr/X11R6
c) userpriv:
1) only one ebuild really failed so far
2) problems if (like me) you use umask=077 as root to compile your
kernel and the program you wish to install wants to access certain files
in /usr/src/linux, which fails and breaks (e.g. nvidia-drivers) or
misinterprets the situation and configure turns on some weird features or
turns off others, and perhaps breaks later (e.g. alsa-driver)
d) sandbox - no issue with it this year, for some reason not default in
the selinux profile
e) stricter - numerous ebuilds fail to install (ffmpeg, openoffice-bin,...)
f) test - numerous ebuild fail AND a (very) few programs take a *long* time
to go through the tests. Not only the former, but especially the latter
makes "test" IMHO unsuitable as a default option.
So right now, I'd like to see "collision-protect sandbox strict" included
in the default FEATUREs.
Perhaps it would be a good idea to announce somewhere (maybe GWN) that
new default FEATUREs are going to be added at some point and widespread
tests are needed beforehand?
--
[email protected] mailing list
