Re: [gentoo-dev] Warn users not to do separate /usr partition without proper initramfs in the handbook?
Le 31/07/11 à 04:40, Samuli a tapoté : If there's any option that allows the use of a separate /usr partition without an initramfs, then let's explore it. I don't feel like having to use an initramfs just because I want a small / without /usr on it. The message is really missing all the context without explanation for WHY you want it. System reactivity. I have an old setup with multiple partitions on multiple hard-drives mounted on multiple system directories. When the system is busy, it is responsiveness.
Re: [gentoo-dev] Warn users not to do separate /usr partition without proper initramfs in the handbook?
On 07/31/2011 10:20 AM, netfab wrote: Le 31/07/11 à 04:40, Samuli a tapoté : If there's any option that allows the use of a separate /usr partition without an initramfs, then let's explore it. I don't feel like having to use an initramfs just because I want a small / without /usr on it. The message is really missing all the context without explanation for WHY you want it. System reactivity. I have an old setup with multiple partitions on multiple hard-drives mounted on multiple system directories. And why is both using an initramfs or migrating /usr to / an problem? When the system is busy, it is responsiveness. I can guess. Suboptimal ordering of disks per speed and usage? Or what was your point?
Re: [gentoo-dev] Warn users not to do separate /usr partition without proper initramfs in the handbook?
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On Sun, 31 Jul 2011 04:40:33 +0300 Samuli Suominen ssuomi...@gentoo.org wrote: Can we discuss both options? If there's any option that allows the use of a separate /usr partition without an initramfs, then let's explore it. I don't feel like having to use an initramfs just because I want a small / without /usr on it. The message is really missing all the context without explanation for WHY you want it. (As an interested non-developer) My own rationale is as follows: 1. I do regular backups of /home. I would prefer to have them run in the background while I continue using the system, so the filesystem won't be idle. For consistency, that means I want /home in LVM, so I can create a snapshot and back that up instead—it will be at least as consistent as an instantaneous power failure would be, which things tend to be pretty good at recovering from (both the filesystem and anything above it that uses a journal of some sort, like sqlite). 2. /home is big. /usr is big. When I first install a system, it's not clear exactly how big each one will be. It's really nice to be able to share space between them without any manual intervention, which is what happens if you put both on the same filesystem. Thus, if /home is in LVM, then /usr must also be in LVM, on the same LV. 3. Booting with / on LVM requires an initramfs. It's much easier to not use an initramfs than to use one. So I keep / outside LVM as a small ordinary partition, typically ~250MB (no need for a separate /boot partition in this case). That said, I hadn't ever actually noticed that putting /usr on a separate filesystem was broken in the first place. It's served me well enough. I'd just like it if it would continue to do so. If I have no choice I suppose I will have to switch to using an initramfs, but I prefer not having to poke the early boot sequences of machines it's a PITA to get physical access to that have been working fine for years. Chris -BEGIN PGP SIGNATURE- Version: GnuPG v2.0.17 (GNU/Linux) iEYEARECAAYFAk41E38ACgkQXUF6hOTGP7emFACfYeoq2vSxk8B1I+URk5ohGbvJ soYAoJZ1p2cm4IjoEFvdfzkQNlxERCv1 =yZkv -END PGP SIGNATURE-
Re: [gentoo-dev] Warn users not to do separate /usr partition without proper initramfs in the handbook?
Le 31/07/11 à 11:15, Samuli a tapoté : System reactivity. I have an old setup with multiple partitions on multiple hard-drives mounted on multiple system directories. And why is both using an initramfs [...] an problem? No problem for me. If I have to do it, I will. In fact I already use an initramfs for uvesafb and v86d [1]. I was simply answer you on WHY I want a separate /usr partition. And why is both [...] migrating /usr to / an problem? This depend on your setup. Mine is basically like this : - /tmp and /var are still on the root partition. - everything else have their own partition, this includes : - official dirs : /usr /portage/trees /portage/distpack /home /opt - custom dirs : /data and raid arrays. For example, when running emerge -uDN world, /var is intensively used during compilation. If /usr is on a separate partition on another hard drive, launching multiple applications during the system update will necessarily be faster than if /usr is on /. When the system is busy, it is responsiveness. I can guess. Suboptimal ordering of disks per speed and usage? Yes. [1] http://dev.gentoo.org/~spock/projects/uvesafb/
Re: [gentoo-dev] Warn users not to do separate /usr partition without proper initramfs in the handbook?
On 07/31/2011 04:56 AM, William Hubbs wrote: On Sun, Jul 31, 2011 at 04:40:33AM +0300, Samuli Suominen wrote: On 07/31/2011 03:59 AM, Jorge Manuel B. S. Vicetto wrote: On 30-07-2011 22:17, William Hubbs wrote: On Sat, Jul 30, 2011 at 10:27:27AM +0300, Samuli Suominen wrote: Since running separate /usr without mounting it from initramfs on top of / before init is and has been broken with udev for a long time now[1][2][3] [1] http://bugs.gentoo.org/show_bug.cgi?id=364235 [2] http://fedoraproject.org/wiki/Features/UsrMove#Move_all_to_.2Fusr [3] http://www.freedesktop.org/wiki/Software/systemd/separate-usr-is-broken Can we warn users about not doing the separate /usr mistake in the handbook? There are actually two options for us according to upstream. One is the one you are talking about -- mounting /usr from an initramfs before / is mounted. The other is to mount local file systems, if setups are simple enough, before we start udev. I could set this one up easily enough just by moving localmount to the boot runlevel. Can we discuss both options? If there's any option that allows the use of a separate /usr partition without an initramfs, then let's explore it. I don't feel like having to use an initramfs just because I want a small / without /usr on it. The message is really missing all the context without explanation for WHY you want it. Here is a good argument for supporting this. http://tldp.org/LDP/lame/LAME/linux-admin-made-easy/install-partitioning.html The documentation seems to lack any arguments, bad or good, for the separate /usr issue. Any chance you could highlight it out? You can hose your system easier with one big file system with / and /usr combined than you can with multiple partitions. Too vague. Did you mean to compare filesystem size with the amount of errors and it's capability to recover? To what effect, and same for every filesystem type? Details please. :-/ - Samuli
[gentoo-dev] removing ebuilds
Just as a reminder - you can't break the stable tree by removing ebuilds even if there's a big scary security bug. I restored the latest stable ebuild until the arch teams do their thing for bug #377143
[gentoo-dev] Re: removing ebuilds
On Sun, 31 Jul 2011 05:29:52 -0400 Michael Sterrett mr_bon...@gentoo.org wrote: Just as a reminder - you can't break the stable tree by removing ebuilds even if there's a big scary security bug. Well it wasn't done on purpose. I restored the latest stable ebuild until the arch teams do their thing for bug #377143 Thanks. -- fonts, gcc-porting, it makes no sense how it makes no sense toolchain, wxwidgets but i'll take it free anytime @ gentoo.orgEFFD 380E 047A 4B51 D2BD C64F 8AA8 8346 F9A4 0662 signature.asc Description: PGP signature
Re: [gentoo-dev] Warn users not to do separate /usr partition without proper initramfs in the handbook?
W dniu 30.07.2011 15:55, Samuli Suominen pisze: On 07/30/2011 01:46 PM, Ciaran McCreesh wrote: On Sat, 30 Jul 2011 10:27:27 +0300 Samuli Suominen ssuomi...@gentoo.org wrote: Since running separate /usr without mounting it from initramfs on top of / before init is and has been broken with udev for a long time now[1][2][3] [1] http://bugs.gentoo.org/show_bug.cgi?id=364235 [2] http://fedoraproject.org/wiki/Features/UsrMove#Move_all_to_.2Fusr [3] http://www.freedesktop.org/wiki/Software/systemd/separate-usr-is-broken Can we warn users about not doing the separate /usr mistake in the handbook? It's important to consider the timeline here. Separate /usr was accidentally broken by a sudden increase in dependencies from base system packages to desktopy things. It was only later that certain people decided that oh, separate /usr is a bad idea anyway, and they did so because they couldn't figure out how to fix the mess they'd caused. This is very much a case of carelessly letting the horse escape and then trying to convince everyone that no-one needs a horse anyway... Someone mentioned NFS mount on /usr. Do we have other reasons? How many users that might be? That covers headless/diskless clusters and I suspect many people still do that. Cheers, Kacper signature.asc Description: OpenPGP digital signature
Re: [gentoo-dev] Warn users not to do separate /usr partition without proper initramfs in the handbook?
On Sat, 30 Jul 2011 16:55:23 +0300 Samuli Suominen ssuomi...@gentoo.org wrote: I dislike the IUSE=+static some packages are currently doing to workaround this, instead of moving the needed shared libs to / I dislike the idea of pciutils and usbutils database(s) in non-standard location in / to keep udev working I dislike the idea of moving libglib-2.0, libdbus-1, libdbus-glib-1, and couple of dozen more libs to / I dislike the idea of maintaining and keeping track of the files in / using files from /usr. Does any of the PMs have check for this, like NEEDED entries? I can imagine this getting past the maintainers easily otherwise Most likely still not seeing the full picture here, and just scratching the surface... Despite that, I don't have any strong opinion on any of this, just need to know if I should start moving the files over Honestly, I'd rather see system libs and apps being moved to /usr rather than the opposite. IMO the benefit of getting a clear tree is greater than benefits of having separate fs for 'system' and 'non-system' packages which actually tend to randomly depend one on another. What's the point of having shared /usr if you need to keep /bin, /lib, /sbin in sync anyway? And considering the above, the number of files to keep separate synced is growing, and thus our potential / gets bigger and bigger. -- Best regards, Michał Górny signature.asc Description: PGP signature
[gentoo-dev] POSIX capability in Gentoo
Hi everyone, A couple of days ago, bonsaikitten (Patrick), kerframil (Kerin Millar) and myself were talking about other distros moving away from setuid binaries towards caps. Openwall and Fedora are now setuid-less [1]. Some googling showed that Constanze has done quite a bit of work in the area and that there was a consensus to include functions to set caps within portage [2]. I don't know what, if anything has been done since then, but I'd like to lend my support. Ref [1] http://lwn.net/Articles/420969/ [2] http://www.gossamer-threads.com/lists/gentoo/dev/226948 -- Anthony G. Basile, Ph.D. Gentoo Linux Developer [Hardened] E-Mail: bluen...@gentoo.org GnuPG FP : 8040 5A4D 8709 21B1 1A88 33CE 979C AF40 D045 5535 GnuPG ID : D0455535
[gentoo-dev] RFC: an eclass to handle optional runtime depends
Hello, all. The last discussion on new solutions optional runtime depends lead to no agreement. Thus, I'd like to propose a solution extending the usability of current methods of handling them. My idea is to create an eclass which would take a optional dependency list (e.g. through some kind of SDEPEND variable or so [being a bash array!]) and print it out to user in pkg_postinst(). The eclass could also denote whether the particular package is installed like I do in sys-apps/systemd [1]. But first, I'd like to ask interested devs: how many packages need more than a single dep for a single optional feature? How would like such a deps to be printed as? I thought about something like: SDEPEND=( app-foo/bar blah blah blah blah app-bar/foo fooh fooh fooh fooh ) Though not sure how to handle support for many-to-one deps. [1]:http://git.overlays.gentoo.org/gitweb/?p=dev/mgorny.git;a=blob;f=sys-apps/systemd/systemd-.ebuild;h=2703d8621874c3a9f961d1e0a764f88c56cdcd30;hb=HEAD#l126 -- Best regards, Michał Górny signature.asc Description: PGP signature
Re: [gentoo-dev] RFC: an eclass to handle optional runtime depends
On Sun, 31 Jul 2011 17:27:21 +0200 Michał Górny mgo...@gentoo.org wrote: My idea is to create an eclass which would take a optional dependency list (e.g. through some kind of SDEPEND variable or so [being a bash array!]) and print it out to user in pkg_postinst(). Please don't. This should be worked out and stuck in an EAPI, not hacked around via an eclass. -- Ciaran McCreesh signature.asc Description: PGP signature
Re: [gentoo-dev] Ohloh statistics updated
On 07/22/2011 03:11 PM, Stanislav Ochotnicky wrote: Hello fellow devs, [snip] Yey i'm number two :D
Re: [gentoo-dev] RFC: an eclass to handle optional runtime depends
On 7/31/11 8:27 AM, Michał Górny wrote: The last discussion on new solutions optional runtime depends lead to no agreement. Thus, I'd like to propose a solution extending the usability of current methods of handling them. I'm interested in some sort of suggested/recommend deps for www-client/chromium, but I'm not sure if eclass is the right implementation. I think I agree with Ciaran that this should be implemented as a PMS update. Let me know if I can help with drafting a change proposal or something like that. signature.asc Description: OpenPGP digital signature
Re: [gentoo-dev] POSIX capability in Gentoo
On Sun, Jul 31, 2011 at 8:13 PM, Anthony G. Basile bluen...@gentoo.org wrote: Hi everyone, A couple of days ago, bonsaikitten (Patrick), kerframil (Kerin Millar) and myself were talking about other distros moving away from setuid binaries towards caps. Openwall and Fedora are now setuid-less [1]. Some googling showed that Constanze has done quite a bit of work in the area and that there was a consensus to include functions to set caps within portage [2]. I don't know what, if anything has been done since then, but I'd like to lend my support. One problem that came up was that a lot of people use tmpfs for /var/tmp/portage, and tmpfs doesn't support xattrs which are needed for setting caps. Linux 3.0 has added support for xattrs with tmpfs (the redhat folks did the work, afaik), so that problem is partly solved now. -- ~Nirbheek Chauhan Gentoo GNOME+Mozilla Team
Re: [gentoo-dev] Ohloh statistics updated
On Sun, Jul 31, 2011 at 10:33 PM, Raúl Porcel armi...@gentoo.org wrote: On 07/22/2011 03:11 PM, Stanislav Ochotnicky wrote: Hello fellow devs, [snip] Yey i'm number two :D You're a bot, you don't count. ;) -- ~Nirbheek Chauhan Gentoo GNOME+Mozilla Team
Re: [gentoo-dev] POSIX capability in Gentoo
On 07/31/2011 03:46 PM, Nirbheek Chauhan wrote: On Sun, Jul 31, 2011 at 8:13 PM, Anthony G. Basile bluen...@gentoo.org wrote: Hi everyone, A couple of days ago, bonsaikitten (Patrick), kerframil (Kerin Millar) and myself were talking about other distros moving away from setuid binaries towards caps. Openwall and Fedora are now setuid-less [1]. Some googling showed that Constanze has done quite a bit of work in the area and that there was a consensus to include functions to set caps within portage [2]. I don't know what, if anything has been done since then, but I'd like to lend my support. One problem that came up was that a lot of people use tmpfs for /var/tmp/portage, and tmpfs doesn't support xattrs which are needed for setting caps. Linux 3.0 has added support for xattrs with tmpfs (the redhat folks did the work, afaik), so that problem is partly solved now. I know, there are lots of places where xattrs is not supported that lead to the same problem. I'm tempted to respond with pkg_postinst() but I see QA problems written all over that. -- Anthony G. Basile, Ph.D. Gentoo Linux Developer [Hardened] E-Mail: bluen...@gentoo.org GnuPG FP : 8040 5A4D 8709 21B1 1A88 33CE 979C AF40 D045 5535 GnuPG ID : D0455535
Re: [gentoo-dev] POSIX capability in Gentoo
On Mon, 1 Aug 2011 01:16:21 +0530 Nirbheek Chauhan nirbh...@gentoo.org wrote: On Sun, Jul 31, 2011 at 8:13 PM, Anthony G. Basile bluen...@gentoo.org wrote: Hi everyone, A couple of days ago, bonsaikitten (Patrick), kerframil (Kerin Millar) and myself were talking about other distros moving away from setuid binaries towards caps. Openwall and Fedora are now setuid-less [1]. Some googling showed that Constanze has done quite a bit of work in the area and that there was a consensus to include functions to set caps within portage [2]. I don't know what, if anything has been done since then, but I'd like to lend my support. One problem that came up was that a lot of people use tmpfs for /var/tmp/portage, and tmpfs doesn't support xattrs which are needed for setting caps. Will packages always explicitly set caps themselves or will sometimes upstream do that for us? IOW, will we have total control over actual caps? -- Best regards, Michał Górny signature.asc Description: PGP signature
Re: [gentoo-dev] POSIX capability in Gentoo
On Sun, 31 Jul 2011 22:28:35 +0200 Michał Górny mgo...@gentoo.org wrote: Will packages always explicitly set caps themselves or will sometimes upstream do that for us? I've no doubt some upstreams will try... But userpriv should stop most of the damage. -- Ciaran McCreesh signature.asc Description: PGP signature
Re: [gentoo-dev] Warn users not to do separate /usr partition without proper initramfs in the handbook?
On 30 July 2011 08:27, Samuli Suominen ssuomi...@gentoo.org wrote: Since running separate /usr without mounting it from initramfs on top of / before init is and has been broken with udev for a long time now[1][2][3] [1] http://bugs.gentoo.org/show_bug.cgi?id=364235 [2] http://fedoraproject.org/wiki/Features/UsrMove#Move_all_to_.2Fusr [3] http://www.freedesktop.org/wiki/Software/systemd/separate-usr-is-broken Can we warn users about not doing the separate /usr mistake in the handbook? I reported this to bugzilla[1] in June. There was no resolution, but the discussion was interesting and worth reading. To summarize, changing the handbook would be a start, but it doesn't solve the larger problem, and separate /usr will be supported for as long as it is practical to do so. I don't know how to resolve the situation, but I'm relieved to hear that other people care. [1] https://bugs.gentoo.org/show_bug.cgi?id=372317
[gentoo-dev] Automated Package Removal and Addition Tracker, for the week ending 2011-07-31 23h59 UTC
The attached list notes all of the packages that were added or removed from the tree, for the week ending 2011-07-31 23h59 UTC. Removals: dev-lang/ekopath-bin2011-07-25 18:27:17 xarthisius x11-themes/mythtv-themes-extra 2011-07-28 21:02:05 cardoe media-plugins/mythflix 2011-07-28 21:06:29 cardoe media-libs/libkmap 2011-07-29 19:15:48 dilfridge Additions: dev-libs/gecode 2011-07-25 08:33:42 hollow dev-ruby/dep_selector 2011-07-25 08:38:10 hollow dev-ruby/fast_xs2011-07-25 08:56:25 hollow dev-ruby/amqp 2011-07-25 08:58:40 hollow app-admin/chef-expander 2011-07-25 09:11:46 hollow dev-python/libcloud 2011-07-25 15:57:56 patrick dev-lang/ekopath2011-07-25 18:25:29 xarthisius sec-policy/selinux-gpg 2011-07-25 22:49:21 blueness sec-policy/selinux-haveged 2011-07-25 22:58:54 blueness sec-policy/selinux-nginx2011-07-25 23:06:58 blueness media-gfx/graphite2 2011-07-26 19:02:19 scarabeus dev-python/pyamg2011-07-26 19:09:17 bicatali app-text/wpd2odt2011-07-27 10:48:04 scarabeus kde-base/kde-wallpapers 2011-07-27 14:04:25 alexxy kde-base/korundum 2011-07-27 14:04:26 alexxy kde-base/smokegen 2011-07-27 14:04:27 alexxy kde-base/smokeqt2011-07-27 14:04:29 alexxy kde-base/konq-plugins 2011-07-27 14:04:30 alexxy kde-base/qtruby 2011-07-27 14:04:31 alexxy kde-base/qyoto 2011-07-27 14:04:32 alexxy kde-base/kimono 2011-07-27 14:04:32 alexxy kde-base/smokekde 2011-07-27 14:04:32 alexxy kde-base/perlqt 2011-07-27 14:04:34 alexxy kde-base/krossruby 2011-07-27 14:04:35 alexxy kde-base/katepart 2011-07-27 14:04:37 alexxy kde-base/perlkde2011-07-27 14:04:42 alexxy sci-mathematics/pari-data 2011-07-27 19:03:15 bicatali media-libs/libkface 2011-07-27 19:53:57 dilfridge net-misc/autoupnp 2011-07-27 20:08:52 mgorny media-libs/libkmap 2011-07-27 20:12:57 dilfridge media-libs/libmediawiki 2011-07-27 20:16:26 dilfridge net-firewall/ufw-frontends 2011-07-28 07:20:19 pva sys-devel/ucpp 2011-07-28 13:18:23 alexxy sci-chemistry/ambertools2011-07-28 13:19:06 alexxy media-plugins/gst-plugins-assrender 2011-07-29 07:41:42 leio sci-chemistry/acpype2011-07-29 08:27:31 alexxy dev-lang/path64 2011-07-29 17:40:49 xarthisius media-libs/libkgeomap 2011-07-29 19:13:27 dilfridge dev-python/chameleon2011-07-29 23:59:01 rafaelmartins dev-python/translationstring2011-07-30 00:41:22 rafaelmartins dev-python/iso8601 2011-07-30 01:16:20 rafaelmartins dev-python/colander 2011-07-30 01:43:51 rafaelmartins dev-python/peppercorn 2011-07-30 01:57:57 rafaelmartins dev-python/deform 2011-07-30 02:12:48 rafaelmartins app-vim/csv 2011-07-30 20:32:54 radhermit x11-drivers/afb-ucode 2011-07-31 11:00:06 armin76 dev-java/commons-compress 2011-07-31 14:21:09 tommy dev-java/jbitcollider-core 2011-07-31 14:53:59 tommy dev-haskell/statevar2011-07-31 15:59:31 slyfox -- Robin Hugh Johnson Gentoo Linux Developer E-Mail : robb...@gentoo.org GnuPG FP : 11AC BA4F 4778 E3F6 E4ED F38E B27B 944E 3488 4E85 Removed Packages: dev-lang/ekopath-bin,removed,xarthisius,2011-07-25 18:27:17 x11-themes/mythtv-themes-extra,removed,cardoe,2011-07-28 21:02:05 media-plugins/mythflix,removed,cardoe,2011-07-28 21:06:29 media-libs/libkmap,removed,dilfridge,2011-07-29 19:15:48 Added Packages: dev-libs/gecode,added,hollow,2011-07-25 08:33:42 dev-ruby/dep_selector,added,hollow,2011-07-25 08:38:10 dev-ruby/fast_xs,added,hollow,2011-07-25 08:56:25 dev-ruby/amqp,added,hollow,2011-07-25 08:58:40 app-admin/chef-expander,added,hollow,2011-07-25 09:11:46 dev-python/libcloud,added,patrick,2011-07-25 15:57:56 dev-lang/ekopath,added,xarthisius,2011-07-25 18:25:29 sec-policy/selinux-gpg,added,blueness,2011-07-25 22:49:21 sec-policy/selinux-haveged,added,blueness,2011-07-25 22:58:54 sec-policy/selinux-nginx,added,blueness,2011-07-25 23:06:58