This isn't meant to shoot stuff down, but more to suggest other places that filtering is probably going to be needed, based on some "advanced" [1] usage of Gentoo.
On Sun, Jun 21, 2009 at 03:26:56AM +0200, Sebastian Pipping wrote: > What do I mean by auto-filtering? Auto-filtering works to protect the > user's privacy. It's the process of comparing his local settings > against the knowledge base of the Gentoo system: Every part of his > config that's outside of that larger set is stripped away, because > publishing that information could hurt his privacy. To make this more > concrete: I really need to get around to publishing one of my sekrit projects, "managed-portage", which I might as well start to describe here, as it's nearly ready. It's not so much a direct codebase for use, but a guideline on how to manage sets of machines that may match in certain dimensions only: location, purpose, hardware type [2] The entire managed-portage system works with stacked profiles, and various degrees of partial inheritance, so machines can end up with very different views of the package trees. Relevant to this, I might not want to disclose my profile inheritance tree. Here's one of them for you: /etc/make.profile /etc/managed-portage/hosts/build_webdb/make.profile /etc/managed-portage/common/post/make.profile /etc/managed-portage/class/webdb/make.profile /etc/managed-portage/class/db/make.profile /etc/managed-portage/class/web/make.profile /etc/managed-portage/common/pre/make.profile /etc/managed-portage/location/surrey/make.profile /etc/managed-portage/hwtype/nehalem/make.profile /usr/portage/profiles/default/linux/amd64/2008.0 > For Overlays .. > we filter out overlays not located below /usr/local/portage/layman/. This is going to be fail. 1. That's not the only location used for layman. - At home: /code/gentoo/layman/ - At work: /usr/local/portage-layman/ - Gentoo Infra: /usr/portage/local/layman/ 2. Just because an overlay is distributed by layman does NOT mean that it's safe to disclose the existence of, within Gentoo infra, we do this in layman.cfg: overlays : http://www.gentoo.org/proj/en/overlays/layman-global.txt file:///etc/layman/infra-overlays.xml While I don't mind disclosing the list of overlays we have in infra, other large-scale use of layman might not be happy to disclose it. If it came from the layman-global.txt, sure, it might be ok, but see if there's a way to filter out others. 3. For one of my work overlays, we have a custom category called 'ih-int', for our internal ebuilds (some just meta ebuild, others full applications). I might not want to disclose just those package names. Footnotes: [1] By "advanced", I mean stuff that I haven't seen used by many users, but have seen in large-scale business usage of Gentoo. [2] Hardware type is very fined grained for my use: - Usually pairs of motherboard+cpu combinations. - Multiple generations of Opterons. - Multiple generations of Xeons. -- Robin Hugh Johnson Gentoo Linux Developer & Infra Guy E-Mail : robb...@gentoo.org GnuPG FP : 11AC BA4F 4778 E3F6 E4ED F38E B27B 944E 3488 4E85
pgpHSF3zrqq3E.pgp
Description: PGP signature
