Re: [gentoo-dev] RFC: Should preserve-libs be enabled by default?
Marius Mauch a écrit : So, do you think it should be enabled by default? Does portage have a way to report which libraries it is keeping around because of preserve-libs ? If there's an easy way to figure that out, then enabling it by default is a very sane and sound idea. Cheers, Rémi -- gentoo-dev@lists.gentoo.org mailing list
Re: [gentoo-dev] RFC: Should preserve-libs be enabled by default?
On 29-05-2008 08:54:48 +0200, Rémi Cardona wrote: Marius Mauch a écrit : So, do you think it should be enabled by default? Does portage have a way to report which libraries it is keeping around because of preserve-libs ? If there's an easy way to figure that out, then enabling it by default is a very sane and sound idea. It does so after every merge IIRC, and you can also find them in a file somewhere. -- Fabian Groffen Gentoo on a different level -- gentoo-dev@lists.gentoo.org mailing list
Re: [gentoo-dev] RFC: Should preserve-libs be enabled by default?
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Marius Mauch wrote: | The purpose of this is to keep the system operational after library | upgrades until all affected packages could be rebuilt and to simplify | the process, not to avoid the rebuilds. I couldn't find it mentioned in your email, but if portage is effectively doing reference counts, what happens when its reference count gets to 0? Once no ebuilds rely on the old library is it removed automatically, or do the you need to rebuild these message just go away? Is there a way to have portage delete the libraries once it's sure they're no longer necessary? If so, is that done by rebuilding the owning package itself, or by editing the owning pacakge's contents and removing the old library? Does @preserved-rebuild contain just the affected packages, or the package containing the old library as well? (i.e. Does an emerge @preserved-rebuild ensure that the old library will no longer exist on your system, or not?) Basically, if I can safely replace revdep-rebuild with emerge @preserved-rebuild then I'd be happy to keep it enabled. If it's going to leave cruft on the system (or then require manual rebuilds of packages containing preserved libraries to clear out the cruft) then I'd personally be inclined to turn it off and stick with revdep-rebuild... Mike 5:) -BEGIN PGP SIGNATURE- Version: GnuPG v2.0.9 (GNU/Linux) iEYEARECAAYFAkg+aSAACgkQu7rWomwgFXoR2ACeJnf+J/pd/GEEh5Ds/Q80sjOR vIkAoKEyLD2lTGfehoSoYLP6pH/R++2J =0sv1 -END PGP SIGNATURE- -- gentoo-dev@lists.gentoo.org mailing list
Re: [gentoo-dev] RFC: Should preserve-libs be enabled by default?
2008-05-29 08:54:48 Rémi Cardona napisał(a): Does portage have a way to report which libraries it is keeping around because of preserve-libs ? portageq list_preserved_libs / -- Arfrever Frehtes Taifersar Arahesis signature.asc Description: This is a digitally signed message part.
Re: [gentoo-dev] RFC: Should preserve-libs be enabled by default?
On Thu, 29 May 2008 09:28:16 +0100 Mike Auty [EMAIL PROTECTED] wrote: -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Marius Mauch wrote: | The purpose of this is to keep the system operational after library | upgrades until all affected packages could be rebuilt and to | simplify the process, not to avoid the rebuilds. I couldn't find it mentioned in your email, but if portage is effectively doing reference counts, what happens when its reference count gets to 0? Once no ebuilds rely on the old library is it removed automatically, or do the you need to rebuild these message just go away? They are removed automatically. Marius -- gentoo-dev@lists.gentoo.org mailing list
[gentoo-dev] RFC: Should preserve-libs be enabled by default?
As portage-2.2 is about to be unmasked into ~arch soon (there is one weird bug to solve before) it's time to ask for some input on one of the important new features, FEATURES=preserve-libs. (if you're already familiar with it you can skip this paragraph) Simply said, when this feature is enabled portage keeps track of all installed libraries and binaries linked against them, and if a package upgrade would remove a library that's still in use portage will keep the library around, owned by the new version and also registered in a separate file. There is also an internal package set that can be used to rebuild all packages linked against libraries preserved in this way, and the user is notified after each emerge operation that he should do that (the example is from an expat downgrade in case you wonder about the versions): !!! existing preserved libs: package: dev-libs/expat-1.95.8 * - /usr/lib64/libexpat.so.1 * - /usr/lib64/libexpat.so.1.5.2 Use emerge @preserved-rebuild to rebuild packages using these libraries The purpose of this is to keep the system operational after library upgrades until all affected packages could be rebuilt and to simplify the process, not to avoid the rebuilds. Now the question is if this behavior should be enabled by default? In the existing prereleases it has been enabled to get some real-world testing, and it's been quite effective, though there are still a few issues to be worked out (e.g. if libraries are moved between packages). And no doubt a few more bugs will turn up over time. Also it is not going to be a perfect solution against all runtime link errors, but if enabled it should eliminate the need for revdep-rebuild in most cases. One concern raised by some people is that it might cause old libraries with security issues to stay on the system for eternity even though the package was upgraded, and eventually be preferred by new builds. I can't rule this out completely but thinks it's very unlikely, as preserved libraries are specially tracked and the user is notified about their existance after every emerge operation (similar to glep42 news). And new builds shouldn't find them as the unversioned .so symlinks ar going to point to the current versions. So personally I'm not too worried about this concern becoming reality, but I can understand if others are. So, do you think it should be enabled by default? Marius PS: Obviously, if you haven't tested portage-2.2 yet, now would be a good time. -- Public Key at http://www.genone.de/info/gpg-key.pub In the beginning, there was nothing. And God said, 'Let there be Light.' And there was still nothing, but you could see a bit better. signature.asc Description: PGP signature
Re: [gentoo-dev] RFC: Should preserve-libs be enabled by default?
On 01:13 Thu 29 May , Marius Mauch wrote: One concern raised by some people is that it might cause old libraries with security issues to stay on the system for eternity even though the package was upgraded, and eventually be preferred by new builds. I can't rule this out completely but thinks it's very unlikely, as preserved libraries are specially tracked and the user is notified about their existance after every emerge operation (similar to glep42 news). Part of this should be addressable by keeping track of the version that installed them and checking it against the distributed GLSAs... Thanks, Donnie -- gentoo-dev@lists.gentoo.org mailing list