[gentoo-dev] Infra notice: increasing strictness of OpenPGP checks

2018-07-20 Thread Michał Górny
Hi, everyone.

I'm working on improving OpenPGP commit verification on Infra end.
The changes so far shouldn't visibly affect developers whose accounts
are configured correctly.  However, if you have trouble pushing, please
contact me (or other Infra members) immediately to investigate.

The changes so far are:

1. We've switched to a new model for fetching and propagating keys
within Infra.  This means that your key updates should be propagated
faster now (within 2 hours + keyserver propagation time).  Hopefully,
this also means revocations will be noticed much faster.

2. We're enabling pairing keys with developers (the way gkeys is
supposed to work).  It means that gitolite will now check that the key
used to sign commits actually belongs to the developer performing
the push.

-- 
Best regards,
Michał Górny


signature.asc
Description: This is a digitally signed message part


Re: [gentoo-dev] [PATCH v2] distutils-r1.eclass: Enable parallel builds in py3.5+

2018-07-20 Thread Mike Gilbert
On Thu, Jul 19, 2018 at 11:01 AM, Michał Górny  wrote:
> Python 3.5+ introduces parallel build support in distutils.  Take
> advantage of that by passing appropriate -j option.  Since distutils
> does not support an equivalent of --load-average, default to the number
> of CPUs+1 when unspecified.
>
> In order to avoid breaking stable systems, introduce the new behavior
> only for EAPI 7 ebuilds, or older EAPI ebuilds with unstable
> implementations (Python 3.7 and PyPy 3).

Looks good to me.



Re: [gentoo-dev] Adding USE=udev to linux profiles

2018-07-20 Thread Roy Bamford
On 2018.07.20 14:14, Rich Freeman wrote:

>  While you can get Gentoo
> running with busybox and such and I completely support having profiles
> to enable this, I'm not sure this is the sort of thing that we want to
> point new users towards as a starting point.
> 
> -- 
> Rich
> 
New to Linux users, I agree. Linux users new to Gentoo should maybe 
have more freedom to shoot themselves in the foot. They are more
likely to be coming to Gentoo to get what they think they want. They just 
don't know how yet, so lets not make it too difficult.

I_KNOW_WHAT_I_AM_DOING or something similar comes to mind.

-- 
Regards,

Roy Bamford
(Neddyseagoon) a member of
arm64
elections
gentoo-ops
forum-mods


pgpU9UN94Wo7a.pgp
Description: PGP signature


Re: [gentoo-dev] Adding USE=udev to linux profiles

2018-07-20 Thread Michael Orlitzky
On 07/20/2018 03:37 AM, Matt Turner wrote:
>>
>> If I want to undo your new flag, I have to set USE="-udev" globally, and
>> that clobbers any important per-package defaults that maintainers have set.
> 
> I understand the concern at least in theory. But can you please give
> me a concrete example of a package where you don't want USE=udev and
> another example of a package where you do?
> 

I... probably don't want USE=udev enabled anywhere. What does it
actually do? I don't know, and the flag description is useless, and I
don't have time to read the source code to every package with the flag.

But, I'm willing to trust the maintainers who have set IUSE="+udev" in
their ebuilds.

As an example of how this works out, I have both sys-apps/hwids and
sys-apps/pciutils built with USE=udev, but media-gfx/gimp built without it.


> What dependency are you trying to avoid? Or is it just a design issue?

I just want to have the option to disable it, without having to maintain
my own copy of the entire "linux" profile hierarchy.



Re: [gentoo-dev] Adding USE=udev to linux profiles

2018-07-20 Thread Peter Stuge
Mart Raudsepp wrote:
> > * USE=udev means different things for different packages. You think
> >   it "makes udev work" or whatever, but nobody has any idea what it
> >   does for half of the packages that use it. The meaning is package-
> >   specific, so the default should be package-specific.
> 
> It makes hardware work without static configurations, including when
> hotplugged.

That's not really a complete description...

1. Linux always sends netlink messages on device changes.

2a. If running, udevd receives those messages and executes all udev rules.

2b. udevd then sends its own netlink messages, after executing rules.

3. libudev consumers receive messages from 2b.

libudev and udev in general is thus an abstraction of the kernel
information exposed in 1. It is possible, easy, and at times strongly
preferable to skip the udev stack and just consume 1. messages
directly. I know of at least one package which does exactly that
on USE=-udev, I can only emphasize that the meaning of USE=udev is
completely package-specific. There are several possibilities what to
do in an upstream package when libudev can or should not be used, and
I for one don't think profiles/ebuilds should neccessarily model them.


> It should be enable by default for all Linux users.

I disagree. Linux is used more widely than that.


> The default shouldn't be "nothing works, until you make it work".

I agree completely, but please don't assume that no Linux system will
work without USE=udev.


I think the viewpoint of rearranging profile inheritance makes a lot
of sense. Profiles are super powerful, expressive, and cheap! I think
it would be fine to add another level of inheritance for udev.

Maybe there is a clever trick with a profile for each desired USE flag?
Somehow dynamic profiles? Dunno - just an idea.


Thanks!

//Peter



Re: [gentoo-dev] Adding USE=udev to linux profiles

2018-07-20 Thread Rich Freeman
On Fri, Jul 20, 2018 at 9:47 AM Michael Orlitzky  wrote:
>
> On 07/20/2018 07:55 AM, Rich Freeman wrote:
> >
> > While I agree that setting USE=-udev isn't the same as leaving it to
> > package defaults, you further claim that setting this globally causes
> > severe breakage in some cases.  Can you provide an example of this?
> >
>
> https://bugs.gentoo.org/640226

This doesn't involve USE=-udev, which is the flag we're talking about.

> Or see any thread on the dangers of USE="-*" which is dangerous for the
> same reason.

We aren't setting USE=-* either.

I get that globally manipulating flags CAN cause issues.  And yet we
do it from time to time.  I'm looking for evidence that in this
particular case there is a problem.

-- 
Rich



Re: [gentoo-dev] Adding USE=udev to linux profiles

2018-07-20 Thread Michael Orlitzky
On 07/20/2018 07:55 AM, Rich Freeman wrote:
> 
> While I agree that setting USE=-udev isn't the same as leaving it to
> package defaults, you further claim that setting this globally causes
> severe breakage in some cases.  Can you provide an example of this?
> 

https://bugs.gentoo.org/640226

Or see any thread on the dangers of USE="-*" which is dangerous for the
same reason.



Re: [gentoo-dev] Adding USE=udev to linux profiles

2018-07-20 Thread Rich Freeman
On Fri, Jul 20, 2018 at 9:17 AM M. J. Everitt  wrote:
>
> The hierarchy method is indeed flawed, it would be better to have
> something akin to USE flags for profiles (PROFLAGS?) .. so that you
> could mingle different aspects without replicating sections of the
> 'tree' to get the common configurations covered ..
>
> eg. LINUX + AMD64 + DEVELOPER + KDE
> LINUX + ARM + DESKTOP
> LINUX + X86 + CONTAINER
> FREEBSD + DESKTOP
>
> And then have some rules which say that .. eg. KDE inherits DESKTOP (if
> required)
>
> I know you're gonna bike-shed this to death, but its an idea ..

No need to bike-shed:

https://www.funtoo.org/Funtoo_Profiles
https://bugs.gentoo.org/523036


-- 
Rich



Re: [gentoo-dev] Adding USE=udev to linux profiles

2018-07-20 Thread M. J. Everitt
On 20/07/18 13:39, n...@troglodyte.be wrote:
> Hi,
>
> July 20, 2018 2:26 PM, "Ben Kohler"  wrote:
>
>> On 07/19/18 23:04, Michael Orlitzky wrote:
>>
>>> 
>>>
>>> If you really want to enable it globally after being told that it's bad
>>> engineering and downright annoying, go do it in a profile that I can
>>> avoid and not "linux".
>> I believe you're arguing against profile global USE in general, can you
>> start a new thread for that if you believe it's worth discussing?
>>
>> We do have global USE in profiles now and I believe that the sane
>> default for linux profiles is to have udev support globally.
> Why not introducing a new level in the hierarchy ? Something like "common" 
> could be fit.
>
> default/linux/amd64/13.0
> default/linux/amd64/13.0/common
> default/linux/amd64/13.0/common/desktop
> default/linux/amd64/13.0/common/developer
> ...
>
> By doing so we could still have a bare profiles with minimal things set to 
> work, and have the
> common subset with sane defaults for most users.
>
> --
> Corentin “Nado” Pazdera
>
default/linux/amd64/17.0/minimal
default/linux/amd64/17.0/default
default/linux/amd64/17.0/default/desktop
default/linux/amd64/17.0/default/desktop/kde
default/linux/amd64/17.0/developer

The hierarchy method is indeed flawed, it would be better to have
something akin to USE flags for profiles (PROFLAGS?) .. so that you
could mingle different aspects without replicating sections of the
'tree' to get the common configurations covered ..

eg. LINUX + AMD64 + DEVELOPER + KDE
LINUX + ARM + DESKTOP
LINUX + X86 + CONTAINER
FREEBSD + DESKTOP

And then have some rules which say that .. eg. KDE inherits DESKTOP (if
required)

I know you're gonna bike-shed this to death, but its an idea ..

MJE



signature.asc
Description: OpenPGP digital signature


Re: [gentoo-dev] Adding USE=udev to linux profiles

2018-07-20 Thread Rich Freeman
On Fri, Jul 20, 2018 at 9:05 AM  wrote:
>
> I’m not sure I was clear enough in what 13.0 would mean : basically, its 
> current content would be
> delegated to common, and 13.0 would keep only things needed to have minimal 
> breakages/conflicts.
> And we would keep the current directory-like inheritance.
>

Your proposal was clear enough.  I was just pointing out that it might
make more sense to make common the thing that is minimal to prevent
breakage/conflict, and make 13.0 something that could not be reliably
inherited by the things below it in the hierarchy.  Ie, it wouldn't
really be a hierarchy any longer.

And, honestly, it wasn't necessarily intended as a design that we
ought to adopt, but more to get people to stop and think about the
issues with how we're doing it today.

Some of it might just be user mindset.  A lot of people are drawn to
Gentoo by minimalism, and I'd count myself among them in general.
However, that leads to a certain tendency to start out with the most
minimal starting point within Gentoo, and I don't know that this is a
good idea.  Even the desktop profile for Gentoo is pretty minimal
compared to a lot of distros out there.  While you can get Gentoo
running with busybox and such and I completely support having profiles
to enable this, I'm not sure this is the sort of thing that we want to
point new users towards as a starting point.

-- 
Rich



Re: [gentoo-dev] Adding USE=udev to linux profiles

2018-07-20 Thread M. J. Everitt
On 20/07/18 13:20, Ben Kohler wrote:
> On 07/19/18 20:54, Mikle Kolyada wrote:
>
>> +1. widely used profiles should have as least flags enabled by default
>> as possible, I would not be happy with +udev on my servers.
>>
> I disagree with this premise.  The default and most widely used profiles
> should fit the most common use cases.
>
> I'd be curious as to what problems would be caused on your servers if
> this flag were turned on-- specifically what packages will get the flag
> turned on, where that bothers you?  On my servers, the impact is very
> minimal.
>
> I'm not totally sure that my proposal of USE=udev is correct/justified,
> but there are a few counter-arguments I've heard that I don't think hold
> water, I'd like to focus on the others.
>
> -Ben
Ben: Were you trying to sign your email .. a strange .asc attachment
came through this end?

Can we make a 'minimal'/container/etc _profile_ for such use-cases
perhaps? so that linux 'default' might have +udev but this minimal
doesn't .. or won't the overlapping of profiles allow this?



signature.asc
Description: OpenPGP digital signature


Re: [gentoo-dev] Adding USE=udev to linux profiles

2018-07-20 Thread nado
July 20, 2018 2:55 PM, "Rich Freeman"  wrote:

> On Fri, Jul 20, 2018 at 8:39 AM  wrote:
> 
>> Why not introducing a new level in the hierarchy ? Something like "common" 
>> could be fit.
>> 
>> default/linux/amd64/13.0
>> default/linux/amd64/13.0/common
>> default/linux/amd64/13.0/common/desktop
>> default/linux/amd64/13.0/common/developer
>> ...
>> 
>> By doing so we could still have a bare profiles with minimal things set to 
>> work, and have the
>> common subset with sane defaults for most users.
> 
> I think one of the issues is that our docs/defaults and the mentality
> of our users tends to drive them to what looks like the most basic
> starting point.
> 
> I think that having a base profile intended just as an inheritance
> point for other profiles makes sense technically, but it may not
> actually be a good default for end-users.
> 
> If you set up the example above, how many would would still pick 13.0
> as their starting point, and not common?
> 
> Now, there is nothing that says that inheritance has to follow the
> directory tree. We could have a
> default/linux/amd64/13.0/donotuse/core profile that everything
> inherits, and make that the minimal one. It just means that most
> profiles under 13.0 wouldn't inherit 13.0.
> 
> To some degree we may have painted ourselves into a bit of a corner by
> presenting this as a heirarchy, as it tends to force the bottom of the
> heirarchy to be the best profile for inheritance, when it is also the
> first thing users see as well.

I’m not sure I was clear enough in what 13.0 would mean : basically, its 
current content would be
delegated to common, and 13.0 would keep only things needed to have minimal 
breakages/conflicts.
And we would keep the current directory-like inheritance.

Then about what is presented to users and how they choose it : we could adapt 
eselect-profile to
hilight some suggested defaults by use-case and people who still want to pick 
the minimalist one
can do so freely, as they are probably doing it right now anyway.

--
Corentin “Nado” Pazdera



Re: [gentoo-dev] Adding USE=udev to linux profiles

2018-07-20 Thread Rich Freeman
On Fri, Jul 20, 2018 at 8:39 AM  wrote:
>
>
> Why not introducing a new level in the hierarchy ? Something like "common" 
> could be fit.
>
> default/linux/amd64/13.0
> default/linux/amd64/13.0/common
> default/linux/amd64/13.0/common/desktop
> default/linux/amd64/13.0/common/developer
> ...
>
> By doing so we could still have a bare profiles with minimal things set to 
> work, and have the
> common subset with sane defaults for most users.

I think one of the issues is that our docs/defaults and the mentality
of our users tends to drive them to what looks like the most basic
starting point.

I think that having a base profile intended just as an inheritance
point for other profiles makes sense technically, but it may not
actually be a good default for end-users.

If you set up the example above, how many would would still pick 13.0
as their starting point, and not common?

Now, there is nothing that says that inheritance has to follow the
directory tree.  We could have a
default/linux/amd64/13.0/donotuse/core profile that everything
inherits, and make that the minimal one.  It just means that most
profiles under 13.0 wouldn't inherit 13.0.

To some degree we may have painted ourselves into a bit of a corner by
presenting this as a heirarchy, as it tends to force the bottom of the
heirarchy to be the best profile for inheritance, when it is also the
first thing users see as well.

-- 
Rich



Re: [gentoo-dev] Adding USE=udev to linux profiles

2018-07-20 Thread nado
Hi,

July 20, 2018 2:26 PM, "Ben Kohler"  wrote:

> On 07/19/18 23:04, Michael Orlitzky wrote:
> 
>> 
>> 
>> If you really want to enable it globally after being told that it's bad
>> engineering and downright annoying, go do it in a profile that I can
>> avoid and not "linux".
> 
> I believe you're arguing against profile global USE in general, can you
> start a new thread for that if you believe it's worth discussing?
> 
> We do have global USE in profiles now and I believe that the sane
> default for linux profiles is to have udev support globally.

Why not introducing a new level in the hierarchy ? Something like "common" 
could be fit.

default/linux/amd64/13.0
default/linux/amd64/13.0/common
default/linux/amd64/13.0/common/desktop
default/linux/amd64/13.0/common/developer
...

By doing so we could still have a bare profiles with minimal things set to 
work, and have the
common subset with sane defaults for most users.

--
Corentin “Nado” Pazdera



Re: [gentoo-dev] Adding USE=udev to linux profiles

2018-07-20 Thread Ben Kohler
On 07/19/18 23:04, Michael Orlitzky wrote:

> 
> No I'm not. I'm saying add them per-package, because it's a better
> design. We have package.use in profiles now, not just IUSE defaults.
> 
> Global defaults have problems:
> 
>   * They can't be undone. It's next to impossible for me to undo
> USE=udev when set in a profile that is inherited by all others.
> 
>   * USE=udev means different things for different packages. You think it
> "makes udev work" or whatever, but nobody has any idea what it does
> for half of the packages that use it. The meaning is package-
> specific, so the default should be package-specific.
> 
>   * They're easy to set, but hard do unset when you realize you were
> wrong a year from now.
> 
> If you really want to enable it globally after being told that it's bad
> engineering and downright annoying, go do it in a profile that I can
> avoid and not "linux".
> 

I believe you're arguing against profile global USE in general, can you
start a new thread for that if you believe it's worth discussing?

We do have global USE in profiles now and I believe that the sane
default for linux profiles is to have udev support globally.

-Ben


pEpkey.asc
Description: application/pgp-keys


Re: [gentoo-dev] Adding USE=udev to linux profiles

2018-07-20 Thread Ben Kohler

On 07/19/18 22:40, Benda Xu wrote:
> 
> To represent the Gentoo Prefix users, we would like to have USE=udev
> turned off or even hard masked on linux-prefix profiles.
> 
> Yours,
> Benda
> 
I believe this is an argument in favor of moving the default to profiles
then, out of IUSE defaults, right?

-Ben


pEpkey.asc
Description: application/pgp-keys


Re: [gentoo-dev] Adding USE=udev to linux profiles

2018-07-20 Thread Ben Kohler

On 07/19/18 20:54, Mikle Kolyada wrote:

> +1. widely used profiles should have as least flags enabled by default
> as possible, I would not be happy with +udev on my servers.
> 
I disagree with this premise.  The default and most widely used profiles
should fit the most common use cases.

I'd be curious as to what problems would be caused on your servers if
this flag were turned on-- specifically what packages will get the flag
turned on, where that bothers you?  On my servers, the impact is very
minimal.

I'm not totally sure that my proposal of USE=udev is correct/justified,
but there are a few counter-arguments I've heard that I don't think hold
water, I'd like to focus on the others.

-Ben


pEpkey.asc
Description: application/pgp-keys


Re: [gentoo-dev] Adding USE=udev to linux profiles

2018-07-20 Thread Rich Freeman
On Fri, Jul 20, 2018 at 1:58 AM Michael Orlitzky  wrote:
>
> On 07/20/2018 01:06 AM, Mart Raudsepp wrote:
> >>
> >>   * They can't be undone. It's next to impossible for me to undo
> >> USE=udev when set in a profile that is inherited by all others.
> >
> > You set USE=-udev in your make.conf.
>
> That doesn't work, for reasons already stated.
>
> If I set USE="-udev" in my make.conf, ... This causes
> severe breakage in some cases, and there's no way for me (or anyone
> else) to regain the existing behavior once you turn the flag on by default.

While I agree that setting USE=-udev isn't the same as leaving it to
package defaults, you further claim that setting this globally causes
severe breakage in some cases.  Can you provide an example of this?

If you aren't actually using udev I don't see how setting USE=-udev is
more likely to cause problems than setting it or having it set by
default.

If a package simply doesn't work with USE=-udev at all then the
package shouldn't even allow this to be set.  If the breakage is
limited to a particular arch/etc then this should be dealt with at the
specific profile level or in the ebuild logic.

-- 
Rich



Re: [gentoo-dev] Adding USE=udev to linux profiles

2018-07-20 Thread Andrew Savchenko
On Thu, 19 Jul 2018 23:51:05 -0400 Aaron Bauman wrote:
> You are the minimalist... Not the rest.  Provide a reasonable scenario please.

Such setup is quite simple: secure server or container usually for
a single task with minimal setup of packages and USE flags to
reduce attack surface.

Best regards,
Andrew Savchenko


pgpleYuSQ46h1.pgp
Description: PGP signature


Re: [gentoo-dev] Adding USE=udev to linux profiles

2018-07-20 Thread Mart Raudsepp
Ühel kenal päeval, R, 20.07.2018 kell 17:01, kirjutas Benda Xu:
> Hi Mart,
> 
> Mart Raudsepp  writes:
> 
> > That said, I would question such a choice. Does it technically not
> > work or what's the problem with it?
> 
> It works partially.  Most of the time they does not bulid. 

That sounds like a case for package.use.mask for the given packages in
prefix profiles?

> The host OS handles /dev for Gentoo Prefix, be it mdev or udev.

But in various cases it's about getting notified of plugged in devices.
But yes, then the question is if the prefix libudev can get these
notifications from host udev or some such.

> > But it's up the prefix project.
> 
> Yes, if the Linux profile enables it, we will have to disable it
> explicitly in the Linux Prefix profiles.
> 

But you are getting this already for various packages from their IUSE
defaults +udev usage as far as I can see.


Anyhow, I concede to the problems stemming from USE_ORDER described by
mjo and retract my strong preference of global USE=udev, pending proper
solution for those problems. However concrete examples as asked by Matt
would be nice.
Someone should work on that USE_ORDER issue... This IUSE default vs
profiles trouble keeps coming up every couple of months..


Mart

signature.asc
Description: This is a digitally signed message part


Re: [gentoo-dev] Adding USE=udev to linux profiles

2018-07-20 Thread Benda Xu
Hi Mart,

Mart Raudsepp  writes:

> That said, I would question such a choice. Does it technically not
> work or what's the problem with it?

It works partially.  Most of the time they does not bulid. 

The host OS handles /dev for Gentoo Prefix, be it mdev or udev.

> But it's up the prefix project.

Yes, if the Linux profile enables it, we will have to disable it
explicitly in the Linux Prefix profiles.

Cheers,
Benda


signature.asc
Description: PGP signature


Re: [gentoo-dev] Adding USE=udev to linux profiles

2018-07-20 Thread Matt Turner
On Thu, Jul 19, 2018 at 3:00 PM, Michael Orlitzky  wrote:
> On 07/19/2018 05:51 PM, Ben Kohler wrote:
>> Hello,
>>
>> I'd like to propose adding USE=udev to our linux profiles (in
>> profiles/default/linux/make.defaults probably).  This flag is already
>> enabled on desktop profiles but it also affects quite a few packages
>> used on non-desktop linux systems.
>>
>> ...
>>
>> Any objections to this idea?
>>
>
> Please add defaults per-package, only where they make sense. Enabling
> flags globally creates a huge headache for people that want them off.
>
> If I want to undo your new flag, I have to set USE="-udev" globally, and
> that clobbers any important per-package defaults that maintainers have set.

I understand the concern at least in theory. But can you please give
me a concrete example of a package where you don't want USE=udev and
another example of a package where you do?

Grepping the tree, I see the following packages pulled in with
USE=udev predominantly:

virtual/libudev
virtual/libgudev
virtual/udev

A few others have some additional dependencies enabled with USE=udev:

app-emulation/libvirt: x11-libs/libpciaccess
dev-qt/qtgui/qtgui: sys-kernel/linux-headers
gnome-base/gnome-desktop: sys-apps/hwids
media-gfx/iscan-data: dev-libs/libxslt, media-gfx/sane-backends
sys-auth/consolekit: x11-libs/libdrm
sys-fs/dosfstools: virtual/pkgconfig


What dependency are you trying to avoid? Or is it just a design issue?