From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Date: Mon, 28 Dec 2009 03:44:40 +0300 From: "Dmitry V. Levin" To: ALT Devel discussion list Message-ID: <20091228004439.GA27650@wo.int.altlinux.org> Mail-Followup-To: ALT Devel discussion list References: <20091221154028.9681B2D7602E@ssh.git.orion.altlinux.org> <20091221233616.GN9864@altlinux.org> <20091222080556.GP9864@altlinux.org> <20091227010938.GB13847@wo.int.altlinux.org> <20091227015352.GJ9864@altlinux.org> Mime-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha1; protocol="application/pgp-signature"; boundary="bg08WKrSYDhXBjb5" Content-Disposition: inline In-Reply-To: <20091227015352.GJ9864@altlinux.org> X-fingerprint: FE4C 93AB E19A 2E4C CB5D 3E4E 7CAB E6AC 9E35 361E Subject: Re: [devel] forcing arch/noarch X-BeenThere: devel@lists.altlinux.org X-Mailman-Version: 2.1.12 Precedence: list Reply-To: ALT Linux Team development discussions List-Id: ALT Linux Team development discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 28 Dec 2009 00:44:42 -0000 Archived-At: List-Archive: List-Post: --bg08WKrSYDhXBjb5 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On Sun, Dec 27, 2009 at 04:53:52AM +0300, Alexey Tourbin wrote: > On Sun, Dec 27, 2009 at 04:09:38AM +0300, Dmitry V. Levin wrote: [...] > > The proposed patchset introduces two new restrictions: > > 1. Packages that mustn't be noarch because of essential payload > > mismatch on different architectures. >=20 > Furthermore, /usr/share part of arch-dependent packages is treated > the same way as noarch packages. Yes, and this might be a problem for packagers. For example, eclipse-ecj isn't a noarch package but /usr/share/java/eclipse-ecj-3.4.1.jar symlink points to %_libdir/eclipse/dropins/jdt/plugins/org.eclipse.jdt.core_3.4.2.v_883_R34x.= jar That is, the whole package needs to be reworked. This task might be quite complicated because /usr/share/java/ecj.jar is referenced by other packages. I'm not sure that we are ready for this restriction yet. > This is how you can detect binaries under /usr/share/doc. Yes, but there are other methods to implement such a detection. > > 2. Packages that must be noarch because their payload is essentially > > the same on different architectures. > >=20 > > The only drawback of the first restriction is that the proposed > > implementation fails to filter out non-essential differences, e.g. > > timestamps and random html reference names. That is, in its current > > form it would stop some grave packaging bugs, but also it would forbid > > some legal noarch packages. >=20 > This depends on how you define "legal". At an extreme, it is best to > require full md5 match for both noarch packages and /usr/share part of > arch packages. However, we need to omit mtime. This might not be easy > since some files can include mtime (e.g. *.jar files) but otherwise have > identical contents (and in case of *.jar files, mtime is not even part > of the "contents"). I'd say that noarch packages built on different platforms are equivalent if one could be substituted with another without changing behaviour. For example, different timestamps are OK if nothing depends on them. Even different file names are probably OK if they behave the same way and if they aren't referenced by other packages (it would be hard to prove that they aren't referenced, though). > So we simply can't require full md5 match before we can handle *.jar > files. So, for now, to use file(1) seems to be the right thing to do. Timestamps are sometimes included in file(1) output. The first hunk from your usr-share.gz demonstrates this: -/usr/share/doc/SNNS-Manual-4.2/UserManual.dvi 100644 TeX DVI file (TeX out= put 2009.10.08:2318\213 +/usr/share/doc/SNNS-Manual-4.2/UserManual.dvi 100644 TeX DVI file (TeX out= put 2009.10.08:2317\213 > > The second restriction was reported to have a major impact on packages > > because it affects about 600 source packages, and changing rules to > > break so many packages due to optimization purposes doesn't look good. > > Some ideas to avoid extra dumb work for packages were proposed later, > > but no implementation have been arisen yet. > > Also, the implementation in its current form may mistakenly decide that > > packages have to be noarch while they really shouldn't, e.g. cpuburn. > >=20 > > That is, I'd be glad to make these restrictions taken effect when these > > three issues are dealt with. >=20 > So "the three issues" are: > 1a) Different filenames in noarch packages - to me, illegal. > And that's not new. Only treating /usr/share the same way is new. > 1b) Non-essential differences between files - we use only file magic > instead of full md5 match (also, fixed gzip magic to exclude mtime). TeX DVI file magic needs similar fix. > 2) Too many packages will fail to pass the girar. Yes. > 3) False noarch due to i586 running on x86_64. I believe these false positives could be dealt with. For example, packages with exclusivearch/excludearch shouldn't be forced to noarch. > I guess we can agree upon downgrading to warnings. But warnings > don't work as good as errors. How many times you think you've seen > the warning about /usr/share/doc/liboil-0.3.16 ? Yes, warnings are almost of no use. In particular, too little attention is being paid to repocop warnings. But vast number of new errors is not good, too. --=20 ldv --bg08WKrSYDhXBjb5 Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.10 (GNU/Linux) iEYEARECAAYFAks3/3cACgkQfKvmrJ41Nh4BfwCcCe+RjCogOkMAXHC6p8QiBjey 028AoILWpKbB1HNXllv6U0bil91Zz/E6 =EoJj -----END PGP SIGNATURE----- --bg08WKrSYDhXBjb5--