Bug#698012: debian-policy: Please update 10.6 "Device files" for udev and the like

2017-04-30 Thread Russ Allbery 
Russ Allbery  writes:
> Andreas Henriksson  writes:

>> I don't think it's policys place to describe the actual implementation
>> details (which might change and we really don't care that much).
>> Instead only focus on if package maintainers needs to take special care
>> (like currently described in policy) or not (which is the actual truth).

>> Some parts of 10.6 might still be considered useful (but I wonder if
>> anyone would actually violate it even if it wasn't there these days,
>> after all policy can't describe every way to get things wrong so maybe
>> the entire chapter should still be considered for removal).

> I propose the following section to completely replace this section.  This
> preserves what I think are the still-useful requirements while making it
> clear that nearly all packages should keep their hands off of /dev
> entirely.  It also takes notice of device files outside of /dev, which are
> more like named pipes than regular device files and which packages may
> need to create for various jailing reasons (like creating a /dev/null
> inside your file system namespace).

> Comments, seconds?

This has now been applied for the next release.

-- 
Russ Allbery (r...@debian.org)

Re: Bug#698012: debian-policy: Please update 10.6 "Device files" for udev and the like

2017-03-01 Thread Simon McVittie 
On Mon, 20 Feb 2017 at 16:12:53 -0800, Russ Allbery wrote:
> I propose the following section to completely replace this section.  This
> preserves what I think are the still-useful requirements while making it
> clear that nearly all packages should keep their hands off of /dev
> entirely.

Seconded.

S

Bug#698012: debian-policy: Please update 10.6 "Device files" for udev and the like

2017-03-01 Thread Andreas Henriksson 
On Mon, Feb 20, 2017 at 04:12:53PM -0800, Russ Allbery wrote:
> I propose the following section to completely replace this section.  This
> preserves what I think are the still-useful requirements while making it
> clear that nearly all packages should keep their hands off of /dev
> entirely.  It also takes notice of device files outside of /dev, which are
> more like named pipes than regular device files and which packages may
> need to create for various jailing reasons (like creating a /dev/null
> inside your file system namespace).
> 
> Comments, seconds?
> 
> (Also attached in the form of a patch.)
> 
>   
>   Device files
> 
>   
> Packages must not include device files or named pipes in the
> package file tree.
>   
> 
>   
> Debian packages should assume that device files
> in /dev are dynamically managed by the kernel or
> some other system facility and do not have to be explicitly
> created or managed by the package.  Debian packages other than
> those whose purpose is to manage the /dev device
> file tree must not attempt to create or remove device files
> in /dev when a dynamic device management facility
> is in use.
>   
> 
>   
> If named pipes or device files outside of /dev are
> required by a package, they should normally be created when
> necessary by the programs in the package, by init scripts or
> systemd unit files, or by similar on-demand mechanisms.  If such
> files need to be created during package installation, they must
> be created in the postinst maintainer
> script
>   It's better to use mkfifo rather
>   than mknod to create named pipes to avoid false
>   positives from automated checks for packages incorrectly
>   creating device files.
> 
> and removed in either the prerm or
> the postrm maintainer script.
>   
>   
> 
> -- 
> Russ Allbery (r...@debian.org)   
> 

> From d575df9af106f837c3783e5c829abeef60484790 Mon Sep 17 00:00:00 2001
> From: Russ Allbery 
> Date: Mon, 20 Feb 2017 16:05:15 -0800
> Subject: [PATCH] Rewrite the Device files section
> 
> Remove the requirement to call MAKEDEV and prohibit attempting to
> create or remove device files if a dynamic management facility is in
> place.  Packages should assume device files in /dev are dynamically
> managed.  Point people towards dynamic creation of named pipes and
> document that creation in postinst is not the usual approach.  Extend
> that discussion to device files outside of /dev, which are required
> for some chroot or file system namespace approaches.
> 
> Remove the reference to old serial devices, which are now so old that
> it's highly unlikely anyone will care.
> ---
>  policy.sgml | 55 ---
>  1 file changed, 24 insertions(+), 31 deletions(-)
> 
> diff --git a/policy.sgml b/policy.sgml
> index 200712a..4f02240 100644
> --- a/policy.sgml
> +++ b/policy.sgml
> @@ -9131,38 +9131,31 @@ ln -fs ../sbin/sendmail debian/tmp/usr/bin/runq
>   
>  
>   
> -   If a package needs any special device files that are not
> -   included in the base system, it must call
> -   MAKEDEV in the postinst script,
> -   after notifying the user
> -   This notification could be done via a (low-priority)
> -   debconf message, or an echo (printf) statement.
> -   .
> - 
> -
> - 
> -   Packages must not remove any device files in the
> -   postrm or any other script. This is left to the
> -   system administrator.
> - 
> -
> - 
> -   Debian uses the serial devices
> -   /dev/ttyS*. Programs using the old
> -   /dev/cu* devices should be changed to use
> -   /dev/ttyS*.
> - 
> -
> - 
> -   Named pipes needed by the package must be created in
> -   the postinst script
> +   Debian packages should assume that device files
> +   in /dev are dynamically managed by the kernel or
> +   some other system facility and do not have to be explicitly
> +   created or managed by the package.  Debian packages other than
> +   those whose purpose is to manage the /dev device
> +   file tree must not attempt to create or remove device files
> +   in /dev when a dynamic device management facility
> +   is in use.
> + 
> +
> + 
> +   If named pipes or device files outside of /dev are
> +   required by a package, they should normally be created when
> +   necessary by the programs in the package, by init scripts or
> +   systemd unit files, or by similar on-demand mechanisms.  If such
> +   files need to be created during package installation, they must
> +   be created in the postinst maintainer
> +   script
>   It's better to use mkfifo

Bug#698012: debian-policy: Please update 10.6 "Device files" for udev and the like

2017-02-20 Thread Russ Allbery 
Andreas Henriksson  writes:

> I don't think it's policys place to describe the actual implementation
> details (which might change and we really don't care that much).
> Instead only focus on if package maintainers needs to take special care
> (like currently described in policy) or not (which is the actual truth).

> Some parts of 10.6 might still be considered useful (but I wonder if
> anyone would actually violate it even if it wasn't there these days,
> after all policy can't describe every way to get things wrong so maybe
> the entire chapter should still be considered for removal).

I propose the following section to completely replace this section.  This
preserves what I think are the still-useful requirements while making it
clear that nearly all packages should keep their hands off of /dev
entirely.  It also takes notice of device files outside of /dev, which are
more like named pipes than regular device files and which packages may
need to create for various jailing reasons (like creating a /dev/null
inside your file system namespace).

Comments, seconds?

(Also attached in the form of a patch.)

  
Device files


  Packages must not include device files or named pipes in the
  package file tree.



  Debian packages should assume that device files
  in /dev are dynamically managed by the kernel or
  some other system facility and do not have to be explicitly
  created or managed by the package.  Debian packages other than
  those whose purpose is to manage the /dev device
  file tree must not attempt to create or remove device files
  in /dev when a dynamic device management facility
  is in use.



  If named pipes or device files outside of /dev are
  required by a package, they should normally be created when
  necessary by the programs in the package, by init scripts or
  systemd unit files, or by similar on-demand mechanisms.  If such
  files need to be created during package installation, they must
  be created in the postinst maintainer
  script
It's better to use mkfifo rather
than mknod to create named pipes to avoid false
positives from automated checks for packages incorrectly
creating device files.
  
  and removed in either the prerm or
  the postrm maintainer script.

  

-- 
Russ Allbery (r...@debian.org)   

>From d575df9af106f837c3783e5c829abeef60484790 Mon Sep 17 00:00:00 2001
From: Russ Allbery 
Date: Mon, 20 Feb 2017 16:05:15 -0800
Subject: [PATCH] Rewrite the Device files section

Remove the requirement to call MAKEDEV and prohibit attempting to
create or remove device files if a dynamic management facility is in
place.  Packages should assume device files in /dev are dynamically
managed.  Point people towards dynamic creation of named pipes and
document that creation in postinst is not the usual approach.  Extend
that discussion to device files outside of /dev, which are required
for some chroot or file system namespace approaches.

Remove the reference to old serial devices, which are now so old that
it's highly unlikely anyone will care.
---
 policy.sgml | 55 ---
 1 file changed, 24 insertions(+), 31 deletions(-)

diff --git a/policy.sgml b/policy.sgml
index 200712a..4f02240 100644
--- a/policy.sgml
+++ b/policy.sgml
@@ -9131,38 +9131,31 @@ ln -fs ../sbin/sendmail debian/tmp/usr/bin/runq
 	
 
 	
-	  If a package needs any special device files that are not
-	  included in the base system, it must call
-	  MAKEDEV in the postinst script,
-	  after notifying the user
-	  This notification could be done via a (low-priority)
-	  debconf message, or an echo (printf) statement.
-	  .
-	
-
-	
-	  Packages must not remove any device files in the
-	  postrm or any other script. This is left to the
-	  system administrator.
-	
-
-	
-	  Debian uses the serial devices
-	  /dev/ttyS*. Programs using the old
-	  /dev/cu* devices should be changed to use
-	  /dev/ttyS*.
-	
-
-	
-	  Named pipes needed by the package must be created in
-	  the postinst script
+	  Debian packages should assume that device files
+	  in /dev are dynamically managed by the kernel or
+	  some other system facility and do not have to be explicitly
+	  created or managed by the package.  Debian packages other than
+	  those whose purpose is to manage the /dev device
+	  file tree must not attempt to create or remove device files
+	  in /dev when a dynamic device management facility
+	  is in use.
+	
+
+	
+	  If named pipes or device files outside of /dev are
+	  required by a package, they should normally be created when
+	  necessary by the programs in the package, by init scripts or
+	  systemd unit files,

Bug#698012: debian-policy: Please update 10.6 "Device files" for udev and the like

2017-01-24 Thread Andreas Henriksson 
Hello,

Trying to bring this old issue back to life. In recent years things
have changed so that it's not actually udev that creates the device
nodes anymore, but the kernel (via devtmpfs).

I don't think it's policys place to describe the actual implementation
details (which might change and we really don't care that much).
Instead only focus on if package maintainers needs to take special
care (like currently described in policy) or not (which is the
actual truth).

Some parts of 10.6 might still be considered useful (but I wonder if
anyone would actually violate it even if it wasn't there these days,
after all policy can't describe every way to get things wrong so maybe
the entire chapter should still be considered for removal).

This might still be useful:
"Packages must not include device files or named pipes in the package
file tree."

This (harmful advice) should just be removed:
"If a package needs any special device files that are not included in
the base system, it must call MAKEDEV in the postinst script, after
notifying the user."

Maybe still useful:
"Packages must not remove any device files in the postrm or any other
script. This is left to the system administrator."

Likely very outdated and probably not useful, but atleast not harmful:
"Debian uses the serial devices /dev/ttyS*. Programs using the old
/dev/cu* devices should be changed to use /dev/ttyS*."

This makes me cringe, in some cases I'd rather have them created on
demand:
"Named pipes needed by the package must be created in the postinst
script and removed in the prerm or postrm script as appropriate."
A simple fix would be to replace must by should, or add
alternatives to postinst/prerm mentioning "or created on demand, eg. via
unit files, init scripts, or similar".

My advice would be that if it's hard to find the perfect wording
for chapter 10.6, then start by removing the entire chapter now!
I think the current way does more harm than good.
After it has been removed there could be an issue opened where
new wording can be discussed.

Hopeing to see some progress made here soon. Please tell me if there's
anything more I can do to help move this issue forward.

Regards,
Andreas Henriksson

Bug#698012: debian-policy: Please update 10.6 Device files for udev and the like

2013-03-08 Thread Charles Plessy 
user debian-pol...@packages.debian.org
usertags 698012 normative discussion
thanks

Le Sat, Jan 12, 2013 at 09:00:48PM +0100, Christoph Biedl a écrit :
 
 recently I stumbled over the following paragraph in 10.6:
 
 If a package needs any special device files that are not
 included in the base system, it must call MAKEDEV in the
 postinst script, after notifying the user.

Dear Christoph,

thank you for your report.

Indeed, it is not even guaranteed anymore that MAKEDEV will be present
on a system, so the Policy is definitely broken.

Given the lack of feedback for the last two months on this list, do
you think you could raise the issue on debian-devel ?

Have a nice week-end,

-- 
Charles Plessy
Tsurumi, Kanagawa, Japan


--
To UNSUBSCRIBE, email to debian-policy-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Archive: http://lists.debian.org/20130309021913.gd6...@falafel.plessy.net

Bug#698012: debian-policy: Please update 10.6 Device files for udev and the like

2013-01-12 Thread Christoph Biedl 
Package: debian-policy
Severity: normal

Hi,

recently I stumbled over the following paragraph in 10.6:

If a package needs any special device files that are not
included in the base system, it must call MAKEDEV in the
postinst script, after notifying the user.

and I think it needs an improvement.

Mostly, this sentence smells like it predates the times of dynamically
populated /dev like udev, or formerly devfs. Today, creating the
device files in postinst is often skipped if udev is running, for
example in fuse. Therefore, technically fuse violates 10.6 but that's
of course silly. The demand above is mostly historic.

More important, at least on systems running udev, is to ensure the
device files do exist after a reboot, or the latest if programs are
started that rely on them.


Aside: Although there's no other dynamically populated /dev in Debian
at the moment but udev, all rules should be in a neutral wording so
they will still fit any successors. I'll use /dev manager as a
generalized term.

A /dev manager is a subsystem that creates device dynamically as
come into existance.

As far as I can see, the following cases must be covered:

* static /dev

This is an opportunity to to legalize fuse's behaviour by stating that
device files should (or must?) not be created if a /dev manager is
running. A more flexible approach was any /dev manager must provide a
policy whether static device files should be created, with not at
all for udev, and a package's postinst must act accordingly.

So the old sentence might we worded like

If a package needs any special device files that are not
included in the base system, and there's no /dev manager
running, it must call MAKEDEV in the postinst script, after
notifying the user.

On a second thought, this opens an interesting question if there's a
need to catch the case when a package is configured while udev is
running, hence no static devices files created, but udev is later
disabled, thus not device files present, likely causing breakage.
But that's for another day.

* /dev manager used

This clarifies support for udev and the like to re-create devices
during reboot. So it's about /lib/udev/rules.d/ sniplets.

If a /dev manager needs additional information to create the
device files, the package must provide according control data.

A clarification for udev, nothing needs to be done if udev ...
- somehow already knows how to create a device.
- cannot create the device due to missing sysfs support in the underlying
  kernel module.

The latter case does exists, is the reason for ...

* fallback

If any /dev manager cannot create device files needed by the
package for reasons out of its domain, the package must create
them in due time.[0]

[0]preferably in an init script.


Thanks in advance for comments, I probably missed a few points.

Christoph


signature.asc
Description: Digital signature