On Tue, 2019-12-10 at 07:44 +0200, Joonas Niilola wrote: > Hey, > > On 12/9/19 10:17 AM, Michał Górny wrote: > > Hello, > > > > I think the policies proposed in GLEP 81 [1] were overenthusiastic > > and they don't stand collision with sad Gentoo developer reality. > > Instead of improving the quality of resulting packages, they rather > > hamper their adoption and cause growing frustration. > > > > The problems I see today are: > > > > > > 2. Mailing list reviews don't serve their original purpose. > > > > The original purpose of mailing list reviews was to verify that > > the developers use new packages correctly. For example, Michael > > Orlitzky has found a lot of unnecessary home directories specified. > > Of course, that works only if people submit *ebuilds* for review. > > > > However, at some points developers arbitrarily decided to send only > > numbers for review. This defeats the purpose of the review in the first > > place. > > The problem: There is still no any official documentation about using > acct-, and reviewing it was/is pretty much left on the shoulders of one > man. It's easy to say on hindsight it was implemented too quickly.
There is official documentation in devmanual [1]. > > > > 4. Assignment mechanism is not collision-prone. > > > > The secondary goal of mailing list reviews is to prevent UID/GID > > collisions. Sadly, it doesn't work there either. Sometimes two people > > request the same UID/GID, and only sometimes somebody else notices. > > In the end, people have hard time figuring out which number is the 'next > > free', sometimes they discover the number's been taken when somebody > > else commits it first. > > If I remember correctly, at one point it was agreed not to paste ebuilds > because they all just looked similar, but just ask for IDs? I wouldn't call it 'agreed'. Someone said something, people stopped doing. Nobody bothered updating the policy (in GLEP 81, the rationale explains it [2]). > > All that considered, I'd like to open discussion how we could improve > > things. > > > > My proposal would be to: > > > > a. split the UID/GID range into 'high' (app) and 'low' (system) > > assignments, 'high' being >=100 and 'low' <100 (matching Apache suEXEC > > defaults), > > > > b. UIDs/GIDs in the 'high' range can be taken arbitrarily (recommending > > taking highest free), while in the 'low' range must be approved by QA, > > > > c. no review requirement for the 'high' range, just choose your UID/GID > > straight of uid-gid.txt and commit it, > > > > d. strong recommendation to use matching UID/GID for the same user/group > > name. > > > > WDYT? > > > > > > [1] https://www.gentoo.org/glep/glep-0081.html > > I think none of the above really prevent collisions for unmotivated > people. They also still require manual update of uid-gid.txt, and it > can't be expected everyone does it. Now this is not of a big interest to > devs, but I believe committing non-dev acct's will get hard here, > because there might be some "lag" with their contributions vrt. the > current situation. > Hence my idea that if we stop requiring mailing list RFC, we can replace that with obligatory update to uid-gid.txt. It should work good enough for synchronization. [1] https://devmanual.gentoo.org/ebuild-writing/users-and-groups/index.html [2] https://www.gentoo.org/glep/glep-0081.html#requiring-mailing-list-rfc -- Best regards, Michał Górny
signature.asc
Description: This is a digitally signed message part
