subject:"\[HEADS UP\] No more gnupg2 in buildroot"

Re: [HEADS UP] No more gnupg2 in buildroot

2018-02-21 Thread Peter Robinson

>> > > On Tue, 2018-02-20 at 19:11 +, Peter Robinson wrote:
>> > > > On Tue, Feb 20, 2018 at 1:11 PM, Igor Gnatenko
>> > > >  wrote:
>> > > > > -BEGIN PGP SIGNED MESSAGE-
>> > > > > Hash: SHA256
>> > > > >
>> > > > > Hey,
>> > > > >
>> > > > > today I've split⁰ librpmsign from rpm-build-libs into its own
>> > > > > subpackage
>> > > > > rpm-
>> > > > > sign-libs.
>> > > >
>> > > > Does this mean that the python bindings no longer depend on
>> > > > rpm-build-libs and hence won't be pulled for a standard minimal
>> > > > install and similar artifacts anymore?
>> > >
>> > > Nope, it means that python bindings will depend *also* on
>> > > rpm-sign-libs 
>> > >
>> > > Since bindings are monolitic, it's not possible to split them easily.
>> >
>> > Actually you could split out build- and sign-bindings (together or
>> > separately) from the main python bindings package. "import rpm"
>> > intentionally lets the build- and sign-module imports to fail to allow
>> > this so as long as the "submodules" depend on the main bindings it
>> > should be ok.
>>
>> Oh and BTW, the reason this hasn't been done is basically the same the
>> sign-libs hadn't been split up: in the past when I last looked at the
>> situation, there just was no benefit to doing so. Back then fedpkg was
>> present in buildroots, and yum + yum-utils used to be included in core
>> set (quite possibly "minimal" install as you know it today didn't even
>> exist), and yum itself dragged in a whole pile of gpg-related packages.
>
> This probably still doesn't make much sense, dnf pulls in python3-rpm and
> python3-gpg. In the end, both are pulling in gnupg2.

It might not to you, or from a pure programming/package sense, but it
would for people doing audit for large companies that come back with
questions like "why is this here? We need to audit all of this to
assess impact" it does make sense. Please fix it.
___
devel mailing list -- devel@lists.fedoraproject.org
To unsubscribe send an email to devel-le...@lists.fedoraproject.org

Re: [HEADS UP] No more gnupg2 in buildroot

2018-02-21 Thread Panu Matilainen


On 02/21/2018 10:47 AM, Igor Gnatenko wrote:

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256

On Wed, 2018-02-21 at 10:24 +0200, Panu Matilainen wrote:

On 02/21/2018 10:12 AM, Panu Matilainen wrote:

On 02/20/2018 10:15 PM, Igor Gnatenko wrote:

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256

On Tue, 2018-02-20 at 19:11 +, Peter Robinson wrote:

On Tue, Feb 20, 2018 at 1:11 PM, Igor Gnatenko
 wrote:

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256

Hey,

today I've split⁰ librpmsign from rpm-build-libs into its own
subpackage
rpm-
sign-libs.


Does this mean that the python bindings no longer depend on
rpm-build-libs and hence won't be pulled for a standard minimal
install and similar artifacts anymore?


Nope, it means that python bindings will depend *also* on
rpm-sign-libs 

Since bindings are monolitic, it's not possible to split them easily.


Actually you could split out build- and sign-bindings (together or
separately) from the main python bindings package. "import rpm"
intentionally lets the build- and sign-module imports to fail to allow
this so as long as the "submodules" depend on the main bindings it
should be ok.


Oh and BTW, the reason this hasn't been done is basically the same the
sign-libs hadn't been split up: in the past when I last looked at the
situation, there just was no benefit to doing so. Back then fedpkg was
present in buildroots, and yum + yum-utils used to be included in core
set (quite possibly "minimal" install as you know it today didn't even
exist), and yum itself dragged in a whole pile of gpg-related packages.


This probably still doesn't make much sense, dnf pulls in python3-rpm and
python3-gpg. In the end, both are pulling in gnupg2.


What about the minidnf thingie, does it pull gnupg2 in as well?

The other thing is the build-side dependencies: elfutils-libs and 
file-libs. They're by no means big, but if you're going for the 
absolutely bare minimum (container or otherwise) images...


- Panu -
___
devel mailing list -- devel@lists.fedoraproject.org
To unsubscribe send an email to devel-le...@lists.fedoraproject.org

Re: [HEADS UP] No more gnupg2 in buildroot

2018-02-21 Thread Igor Gnatenko

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256

On Wed, 2018-02-21 at 10:24 +0200, Panu Matilainen wrote:
> On 02/21/2018 10:12 AM, Panu Matilainen wrote:
> > On 02/20/2018 10:15 PM, Igor Gnatenko wrote:
> > > -BEGIN PGP SIGNED MESSAGE-
> > > Hash: SHA256
> > > 
> > > On Tue, 2018-02-20 at 19:11 +, Peter Robinson wrote:
> > > > On Tue, Feb 20, 2018 at 1:11 PM, Igor Gnatenko
> > > >  wrote:
> > > > > -BEGIN PGP SIGNED MESSAGE-
> > > > > Hash: SHA256
> > > > > 
> > > > > Hey,
> > > > > 
> > > > > today I've split⁰ librpmsign from rpm-build-libs into its own 
> > > > > subpackage
> > > > > rpm-
> > > > > sign-libs.
> > > > 
> > > > Does this mean that the python bindings no longer depend on
> > > > rpm-build-libs and hence won't be pulled for a standard minimal
> > > > install and similar artifacts anymore?
> > > 
> > > Nope, it means that python bindings will depend *also* on 
> > > rpm-sign-libs 
> > > 
> > > Since bindings are monolitic, it's not possible to split them easily.
> > 
> > Actually you could split out build- and sign-bindings (together or 
> > separately) from the main python bindings package. "import rpm" 
> > intentionally lets the build- and sign-module imports to fail to allow 
> > this so as long as the "submodules" depend on the main bindings it 
> > should be ok.
> 
> Oh and BTW, the reason this hasn't been done is basically the same the 
> sign-libs hadn't been split up: in the past when I last looked at the 
> situation, there just was no benefit to doing so. Back then fedpkg was 
> present in buildroots, and yum + yum-utils used to be included in core 
> set (quite possibly "minimal" install as you know it today didn't even 
> exist), and yum itself dragged in a whole pile of gpg-related packages.

This probably still doesn't make much sense, dnf pulls in python3-rpm and
python3-gpg. In the end, both are pulling in gnupg2.
- -- 
- -Igor Gnatenko
-BEGIN PGP SIGNATURE-

iQIzBAEBCAAdFiEEhLFO09aHZVqO+CM6aVcUvRu8X0wFAlqNMhYACgkQaVcUvRu8
X0zsDQ/8CQoCohJHeh7kIe0/++LBpYF8unBYc+176LirKAs3uJUjEp80aUlljiYp
HDJEkkIszQn1os3zJWv5PdsU3EBS5y0Uj1+hQBVkthEFfe5NEC/qXvw8OG+goshE
42qZJBI16lqOy5ORLq0fLDKDarEnAUYyDp8Tykjww+YBPVQr/2zQh3Ec7k+WmXmO
a/j5lIrGYXCISeNzeZ0C+T0SFyIX/whYiPI73sKlGhdkMEirEspFk5GQlEmblSUu
PPElBV+EXmaF2hwGJMNuq+WOaR6wbxz7U5WwvtXS5OXBM3+GA4Y70G2lXMT+xefv
FPwrQk71EN/XTevTVep8wf9zdzGOjdtCbO4JTImcFGiOc2lWzh4HNja9de2c9u+s
RMHn1xoPBw3krVZtUMyLFXiSus/BlKLtxuU/tP0Os1Zb9cbLx2+xt7uGBwHG/4tI
dYkLrJSw++G+TiFzk8lX6CCOcZMZ6uedAMPA4vgpIcRxYyJvrmrnOf7ninOPyaNu
AttWHW8H00//vEHiDa9RotC45/p+G6pSx4M+rGgcBGQpImIaygTSDXyNs/B0u30d
JyhuAE9oZlMYucJW8XkhhiorqJR0p4l68EZgaJwxrv2zC5wjW/FW4RnwrNtKdxsF
QSjV9RfqxnMmushzcz8XoQS1QQhzjFjV9K3cbyMC2wQ9vvRyoZ8=
=o6lZ
-END PGP SIGNATURE-
___
devel mailing list -- devel@lists.fedoraproject.org
To unsubscribe send an email to devel-le...@lists.fedoraproject.org

Re: [HEADS UP] No more gnupg2 in buildroot

2018-02-21 Thread Panu Matilainen


On 02/21/2018 10:12 AM, Panu Matilainen wrote:

On 02/20/2018 10:15 PM, Igor Gnatenko wrote:

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256

On Tue, 2018-02-20 at 19:11 +, Peter Robinson wrote:

On Tue, Feb 20, 2018 at 1:11 PM, Igor Gnatenko
 wrote:

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256

Hey,

today I've split⁰ librpmsign from rpm-build-libs into its own 
subpackage

rpm-
sign-libs.


Does this mean that the python bindings no longer depend on
rpm-build-libs and hence won't be pulled for a standard minimal
install and similar artifacts anymore?


Nope, it means that python bindings will depend *also* on 
rpm-sign-libs 


Since bindings are monolitic, it's not possible to split them easily.


Actually you could split out build- and sign-bindings (together or 
separately) from the main python bindings package. "import rpm" 
intentionally lets the build- and sign-module imports to fail to allow 
this so as long as the "submodules" depend on the main bindings it 
should be ok.


Oh and BTW, the reason this hasn't been done is basically the same the 
sign-libs hadn't been split up: in the past when I last looked at the 
situation, there just was no benefit to doing so. Back then fedpkg was 
present in buildroots, and yum + yum-utils used to be included in core 
set (quite possibly "minimal" install as you know it today didn't even 
exist), and yum itself dragged in a whole pile of gpg-related packages.


- Panu -
___
devel mailing list -- devel@lists.fedoraproject.org
To unsubscribe send an email to devel-le...@lists.fedoraproject.org

Re: [HEADS UP] No more gnupg2 in buildroot

2018-02-21 Thread Panu Matilainen


On 02/20/2018 10:15 PM, Igor Gnatenko wrote:

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256

On Tue, 2018-02-20 at 19:11 +, Peter Robinson wrote:

On Tue, Feb 20, 2018 at 1:11 PM, Igor Gnatenko
 wrote:

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256

Hey,

today I've split⁰ librpmsign from rpm-build-libs into its own subpackage
rpm-
sign-libs.


Does this mean that the python bindings no longer depend on
rpm-build-libs and hence won't be pulled for a standard minimal
install and similar artifacts anymore?


Nope, it means that python bindings will depend *also* on rpm-sign-libs 

Since bindings are monolitic, it's not possible to split them easily.


Actually you could split out build- and sign-bindings (together or 
separately) from the main python bindings package. "import rpm" 
intentionally lets the build- and sign-module imports to fail to allow 
this so as long as the "submodules" depend on the main bindings it 
should be ok.


- Panu -
___
devel mailing list -- devel@lists.fedoraproject.org
To unsubscribe send an email to devel-le...@lists.fedoraproject.org

Re: [HEADS UP] No more gnupg2 in buildroot

2018-02-20 Thread Tomasz Kłoczko

On 20 February 2018 at 13:11, Igor Gnatenko
 wrote:
[..]
> today I've split⁰ librpmsign from rpm-build-libs into its own subpackage rpm-
> sign-libs.

[root@tin ~]# rpm -e rpm-build-libs
error: Failed dependencies:
  librpmbuild.so.8()(64bit) is needed by (installed)
python3-rpm-4.14.1-6.fc28.1.x86_64
  librpmsign.so.8()(64bit) is needed by (installed)
python3-rpm-4.14.1-6.fc28.1.x86_64
[root@tin ~]# rpm -e rpm-build-libs python3-rpm
error: Failed dependencies:
  python3-rpm >= 4.13.0-0.rc1.29 is needed by (installed)
python3-dnf-2.7.5-8.fc28.noarch
[root@tin ~]# rpm -e rpm-build-libs python3-rpm python3-dnf
error: Failed dependencies:
  python3-dnf >= 2.7.0 is needed by (installed)
python3-dnf-plugins-core-2.1.5-4.fc28.noarch
  python3-dnf < 3.0 is needed by (installed)
python3-dnf-plugins-core-2.1.5-4.fc28.noarch
  python3-dnf = 2.7.5-8.fc28 is needed by (installed) dnf-2.7.5-8.fc28.noarch

I'm only pointing to the fact that now package which name suggests
that it has something to do with the building packages is required by
@Core
On top above now both (rpm-build-libs and rpm-sign-libs) still are
required by the minimal set of packages.
In other words, this and prev change introduces negative simplification factor.

Maybe it would be good to review the content of the python3-rpm .. *maybe*.

kloczek
--
Tomasz Kłoczko | LinkedIn: http://lnkd.in/FXPWxH
___
devel mailing list -- devel@lists.fedoraproject.org
To unsubscribe send an email to devel-le...@lists.fedoraproject.org

Re: [HEADS UP] No more gnupg2 in buildroot

2018-02-20 Thread Igor Gnatenko

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256

On Tue, 2018-02-20 at 19:11 +, Peter Robinson wrote:
> On Tue, Feb 20, 2018 at 1:11 PM, Igor Gnatenko
>  wrote:
> > -BEGIN PGP SIGNED MESSAGE-
> > Hash: SHA256
> > 
> > Hey,
> > 
> > today I've split⁰ librpmsign from rpm-build-libs into its own subpackage
> > rpm-
> > sign-libs.
> 
> Does this mean that the python bindings no longer depend on
> rpm-build-libs and hence won't be pulled for a standard minimal
> install and similar artifacts anymore?

Nope, it means that python bindings will depend *also* on rpm-sign-libs 

Since bindings are monolitic, it's not possible to split them easily.
- -- 
- -Igor Gnatenko
-BEGIN PGP SIGNATURE-

iQIzBAEBCAAdFiEEhLFO09aHZVqO+CM6aVcUvRu8X0wFAlqMgdAACgkQaVcUvRu8
X0wE4A//dtpjcv0oNDygoZjZvhWmyL+61Y1OmkuwjRxcMKccDNQ4XurA6pPogM8u
Ph2jAUsjEk7wmDKzrq/CcLnBhF4JCTHFQO5A57cRXhw8+Ztr9osDDP0boqbp6l/c
W0I2+PSfTHwIu80rfuL7Pb2HxM7Rfof2an64l75X16bZn3IYTJ8i+QznrePur60+
njPP6u6lHEA5e+mTHd1UyIR+eaxra1/72QSzMLKUWlE3THr68qSWI7Z2CjN3ybzS
Kfq3jk2lSY16aEpsJF6MNSfZukCnra6cxE3qKrYPPjzRyYy0b6wil2ncrbWHjv2Q
Na+/BkKwakQJtWLHnFb+pdzdzcCojVb/Edp1I5HK4jVsvQnBm+bCrK4h7+oMkj5A
TuKaaStVENT3Gv3Dz2MeOpgEeIYq0mdH3YHgVCqrOpiu+AtS28tkcXj8QIb6nyRz
MbaUsrWtpXq35LXaCgLBFOqBNIgA0l/POPOqJln9wjRylUF0J+H6S4b02/KDaUnq
FJ+LngmhT7KMaOjXutYytPDOUnysIAiOoYYqS9hlWXPzBjT4LdOPwNb+bNLZq3rQ
z7yeQw8yKhekeosgH8uWL54tJLhCCFKimxoEEQlI8oEJBqSPO9hC55jBoESsMN57
tu0DIDp0x5SP/4pPp8dhLFPwXOjdKrNJi1cjR6wsXawIz9E+/hM=
=o5FQ
-END PGP SIGNATURE-
___
devel mailing list -- devel@lists.fedoraproject.org
To unsubscribe send an email to devel-le...@lists.fedoraproject.org

Re: [HEADS UP] No more gnupg2 in buildroot

2018-02-20 Thread Peter Robinson

On Tue, Feb 20, 2018 at 1:11 PM, Igor Gnatenko
 wrote:
> -BEGIN PGP SIGNED MESSAGE-
> Hash: SHA256
>
> Hey,
>
> today I've split⁰ librpmsign from rpm-build-libs into its own subpackage rpm-
> sign-libs.

Does this mean that the python bindings no longer depend on
rpm-build-libs and hence won't be pulled for a standard minimal
install and similar artifacts anymore?
___
devel mailing list -- devel@lists.fedoraproject.org
To unsubscribe send an email to devel-le...@lists.fedoraproject.org

[HEADS UP] No more gnupg2 in buildroot

2018-02-20 Thread Igor Gnatenko

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256

Hey,

today I've split⁰ librpmsign from rpm-build-libs into its own subpackage rpm-
sign-libs.

This resulted into 8 packages disappearing from buildroot¹².

This should not be a problem, but still useful to know.

⁰ https://src.fedoraproject.org/rpms/rpm/c/99d6687a36647cb307b789d19921a34154e9
c671
¹ gnupg2, gnutls, ima-evm-utils, libassuan, libksba, libusbx, nettle, npth
² 171 → 163 packages
- -- 
- -Igor Gnatenko
-BEGIN PGP SIGNATURE-

iQIzBAEBCAAdFiEEhLFO09aHZVqO+CM6aVcUvRu8X0wFAlqMHnsACgkQaVcUvRu8
X0wmUhAAtx5N4EQ+ulMHDkWyi1p96RGojp0H0xMudlai54sJOU/0FvNe8y0e0o6H
ZERhdDKDgl7KtNEhSS/KsL+8Siog2PCSDv3SbwGrfeqegCRz/qOq4gqPsdLdkgCu
dNtUNpvVIBwrTcNSU7igVnlnz5b9Su3TcCBunca3vCEEU5MKtEWQTYqFIjxOAjBX
NGkuvmoY3hj07IP9Vh0q0VNyHCBfsXmVHruN9b8VFZx9IcEJ2OguQ6cFVzoeyeeI
p4dlKza3znXeS53GtDA7WMGBEl/EI8Czh2/5JXgBZrshshfCY84pa2kZo0igC/3m
lAbTCvGtqt8V4HW2RPttQsEtvTrRseuXWRXvNIcrXXiTaB6XyRaf58tY3jWerK5k
3KlDyMSNvD6neSrk7ujykX5Wh4qQAvmvSrjEeYAPpwIoBh1uAH1yKQJ1THPSxwff
9u/kU7bnGfJOIMAi0AQR3jNBxFVWZzEZisA/k6M5RwKLdb+Lvcxpz39wTSzqd0SE
0dMP5VWZ50P9JGh+xmWPtYWId7qzbYsXxzLBTwtbDZNfoUGxawF8jsxLN35tsgw9
Mojw9R34uq1ytPYcg6tIX2tryDW2oBm9AhKPC6+WKCjJeQIZze1YzL+cdFsd0aba
9+smUVTWBRaXI6CL9luXkjSG4jzu7C2Fb7Fvb4/PZ0bM0ZtNhUk=
=wlgf
-END PGP SIGNATURE-
___
devel-announce mailing list -- devel-annou...@lists.fedoraproject.org
To unsubscribe send an email to devel-announce-le...@lists.fedoraproject.org
___
devel mailing list -- devel@lists.fedoraproject.org
To unsubscribe send an email to devel-le...@lists.fedoraproject.org

[HEADS UP] No more gnupg2 in buildroot

2018-02-20 Thread Igor Gnatenko

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256

Hey,

today I've split⁰ librpmsign from rpm-build-libs into its own subpackage rpm-
sign-libs.

This resulted into 8 packages disappearing from buildroot¹².

This should not be a problem, but still useful to know.

⁰ https://src.fedoraproject.org/rpms/rpm/c/99d6687a36647cb307b789d19921a34154e9
c671
¹ gnupg2, gnutls, ima-evm-utils, libassuan, libksba, libusbx, nettle, npth
² 171 → 163 packages
- -- 
- -Igor Gnatenko
-BEGIN PGP SIGNATURE-

iQIzBAEBCAAdFiEEhLFO09aHZVqO+CM6aVcUvRu8X0wFAlqMHnsACgkQaVcUvRu8
X0wmUhAAtx5N4EQ+ulMHDkWyi1p96RGojp0H0xMudlai54sJOU/0FvNe8y0e0o6H
ZERhdDKDgl7KtNEhSS/KsL+8Siog2PCSDv3SbwGrfeqegCRz/qOq4gqPsdLdkgCu
dNtUNpvVIBwrTcNSU7igVnlnz5b9Su3TcCBunca3vCEEU5MKtEWQTYqFIjxOAjBX
NGkuvmoY3hj07IP9Vh0q0VNyHCBfsXmVHruN9b8VFZx9IcEJ2OguQ6cFVzoeyeeI
p4dlKza3znXeS53GtDA7WMGBEl/EI8Czh2/5JXgBZrshshfCY84pa2kZo0igC/3m
lAbTCvGtqt8V4HW2RPttQsEtvTrRseuXWRXvNIcrXXiTaB6XyRaf58tY3jWerK5k
3KlDyMSNvD6neSrk7ujykX5Wh4qQAvmvSrjEeYAPpwIoBh1uAH1yKQJ1THPSxwff
9u/kU7bnGfJOIMAi0AQR3jNBxFVWZzEZisA/k6M5RwKLdb+Lvcxpz39wTSzqd0SE
0dMP5VWZ50P9JGh+xmWPtYWId7qzbYsXxzLBTwtbDZNfoUGxawF8jsxLN35tsgw9
Mojw9R34uq1ytPYcg6tIX2tryDW2oBm9AhKPC6+WKCjJeQIZze1YzL+cdFsd0aba
9+smUVTWBRaXI6CL9luXkjSG4jzu7C2Fb7Fvb4/PZ0bM0ZtNhUk=
=wlgf
-END PGP SIGNATURE-
___
devel-announce mailing list -- devel-announce@lists.fedoraproject.org
To unsubscribe send an email to devel-announce-le...@lists.fedoraproject.org

Re: [HEADS UP] No more gnupg2 in buildroot

Re: [HEADS UP] No more gnupg2 in buildroot

Re: [HEADS UP] No more gnupg2 in buildroot

Re: [HEADS UP] No more gnupg2 in buildroot

Re: [HEADS UP] No more gnupg2 in buildroot

Re: [HEADS UP] No more gnupg2 in buildroot

Re: [HEADS UP] No more gnupg2 in buildroot

Re: [HEADS UP] No more gnupg2 in buildroot

[HEADS UP] No more gnupg2 in buildroot

[HEADS UP] No more gnupg2 in buildroot

10 matches

Site Navigation

Mail list logo

Footer information