X-Original-To: alpine-aports@mail.alpinelinux.org Delivered-To: alpine-aports@mail.alpinelinux.org Received: from mail.alpinelinux.org (dallas-a1.alpinelinux.org [127.0.0.1]) by mail.alpinelinux.org (Postfix) with ESMTP id 4346FDC01C2 for ; Thu, 22 Oct 2015 18:39:43 +0000 (UTC) Received: from mail-lf0-f46.google.com (mail-lf0-f46.google.com [209.85.215.46]) (using TLSv1 with cipher ECDHE-RSA-RC4-SHA (128/128 bits)) (No client certificate requested) by mail.alpinelinux.org (Postfix) with ESMTPS id AE66BDC00B6 for ; Thu, 22 Oct 2015 18:39:42 +0000 (UTC) Received: by lffv3 with SMTP id v3so58547088lff.0 for ; Thu, 22 Oct 2015 11:39:40 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc:content-type; bh=efGj2slv7uhsa68gHjLW/dz2nyStK/aJiJn+pXwAe1s=; b=Y72WjWBf2ZjIdp9sdd1qetWFfXZ7P9KLmRWB6Id2WvKhPTl9VBQ762StvfkXXxPQ1j JmNgV8ihefaJ+dAz3j3zRhbG78bj7w+SyFhvi5icOa8O+wSfBKx49olsTEgxQ/LbayIS jSFtiRF2I7QX4pz4i/7VuJ5zxb1Aof9FfXHWEdZdi4pMO9hb29oN+CgpLOO+tP59D0yT wTDqEl9Dtrtkv6QOcUAHqVwfx5askZoHSGVRZgCah3cbmZ+3JO8XADw2U+Wc2oqHKjdZ RncOaXwII3YUQTqnl0q3pNNl6VbZnN2j4D7yFGriuMIP2rjEX2qNhJwHizr4oHqv0h4n 6e6g== X-Gm-Message-State: ALoCoQmZOcbBpqV4IcwSs0KZZSM8MucYpYhaRMrrXq1dRp/3SxiAKy8Ed0Rm4sRTT6fBIKWlqBWb X-Received: by 10.25.169.68 with SMTP id s65mr6315473lfe.78.1445539179912; Thu, 22 Oct 2015 11:39:39 -0700 (PDT) X-Mailinglist: alpine-aports Precedence: list List-Id: Alpine Development List-Unsubscribe: List-Post: List-Help: List-Subscribe: MIME-Version: 1.0 References: <1445093218-3450-1-git-send-email-christian@kampka.net> <20151022181111.5a0f7369@ncopa-laptop> In-Reply-To: <20151022181111.5a0f7369@ncopa-laptop> From: Christian Kampka Date: Thu, 22 Oct 2015 18:39:30 +0000 Message-ID: Subject: Re: [alpine-aports] main/busybox: split package into core and suid subpackages To: Natanael Copa Cc: alpine-aports@lists.alpinelinux.org Content-Type: multipart/alternative; boundary=001a11411dca53fb460522b5d154 X-Virus-Scanned: ClamAV using ClamSMTP --001a11411dca53fb460522b5d154 Content-Type: text/plain; charset=UTF-8 > > > The proposed patch splits the busybox package into two subpackages, > > busybox-core and busybox-suid. The core package contains everything > > that is currently included in the busybox package except for the > > bbsuid binary. This will be shipped via the busybox-suid package. The > > busybox package will be turned into a metapackage that pulls in > > busybox-core and busybox-suid, so for most use cases nothing will > > change except for those installations that desire it explicitly. > > I wonder if we somehow can solve this with totally 2 packages: > busybox + busybox-suid > instead of totally 3: > busybox-core + busybox-suid + busybox. > I did not go for this option because it introduces a breaking change, but it is certainly desirable in the long run. Since 3.3 is now in freeze, it may be OK to possibly break dependencies here. > We could for example add busybox-suid as a dependency to alpine-base, > or assume that busybox-suid is needed if some other package like openrc > is installed and have install_if="busybox=$pkgver openrc". I wonder > what happens then, if you "apk add !busybox-suid" to opt out? > Having busybox-suid as a dependency to alpine-base is crucial, but I think we need to take care of packages that really require it, eg. mkinitfs without suid could lead to really interesting problems. Having a metapackage for the transition would soften the blow. I don't have the overview yet to really offer a qualified opinion here. > I suppose the most critical thing we want avoid is someone end up > locked out from remote box due to 'su' not working after an upgrade. > Yes, definitely. Let me know what you decide is the best way to proceed, I'll make the necessary modifications to the patch. Thanks for reviewing this. Cheers, Christian --001a11411dca53fb460522b5d154 Content-Type: text/html; charset=UTF-8 Content-Transfer-Encoding: quoted-printable
= > The proposed patch splits the busybox package into two subpackages, > busybox-core and busybox-suid. The core package contains everything > that is currently included in the busybox package except for the
> bbsuid binary. This will be shipped via the busybox-suid package. The<= br> > busybox package will be turned into a metapackage that pulls in
> busybox-core and busybox-suid, so for most use cases nothing will
> change except for those installations that desire it explicitly.

I wonder if we somehow can solve this with totally 2 packages:
=C2=A0 busybox + busybox-suid
instead of totally 3:
=C2=A0 busybox-core + busybox-suid + busybox.

I did not go for this option because it introduces a breaking change= , but it is certainly desirable in the long run. Since 3.3 is now in freeze= , it may be OK to possibly break dependencies here.

=C2=A0
We could for example add busyb= ox-suid as a dependency to alpine-base,
or assume that busybox-suid is needed if some other package like openrc
is installed and have install_if=3D"busybox=3D$pkgver openrc". I = wonder
what happens then, if you "apk add !busybox-suid" to opt out?
=

Having busybox-suid as a dependency to alp= ine-base is crucial, but I think we need to take care of packages that real= ly require it, eg. mkinitfs without suid could lead to really interesting p= roblems. Having a metapackage for the transition would soften the blow.
I don't have the overview yet to really offer a qualified opinio= n here.
=C2=A0
I suppose the most critical thing we want avoid is someone end up
locked out from remote box due to 'su' not working after an upgrade= .

Yes, definitely.
Let me kno= w what you decide is the best way to proceed, I'll make the necessary m= odifications to the patch.
Thanks for reviewing this.
<= br>
Cheers,
Christian

=C2=A0
--001a11411dca53fb460522b5d154-- --- Unsubscribe: alpine-aports+unsubscribe@lists.alpinelinux.org Help: alpine-aports+help@lists.alpinelinux.org ---