[devel] forcing arch/noarch

[Alexey Tourbin]

On Sun, Dec 27, 2009 at 04:09:38AM +0300, Dmitry V. Levin wrote:
> On Tue, Dec 22, 2009 at 11:05:56AM +0300, Alexey Tourbin wrote:
> > On Tue, Dec 22, 2009 at 02:36:16AM +0300, Alexey Tourbin wrote:
> [...]
> > > I think I am going to implement much stricter checking for both noarch
> > > packages and /usr/share part of arch packages.  Also, I am going to
> > > implement new "force-noarch" check which will require some packages
> > > be noarch (by the principle of "extensional equality").
> > 
> > http://git.altlinux.org/people/at/packages/girar-builder.git
> > 642af655  gb-task-check-noarch-i: force noarch by extensional equality
> > 9bce38b3  gb-task-check-noarch-i: check for identical /usr/share part in arch pacakges
> > 60af4a7c  gb-task-check-noarch-i: use rpmfile(1) to check noarch cpio contents
> > 67f83c43  gb-task-check-noarch-i: use ls again
> > 17d6d4ea  gb-task-check-noarch, gb-task-check-noarch-i: factored from gb-task-check-build-i
> 
> Let's summarise the discussion and decide what shall we do with it.
> 
> The proposed patchset introduces two new restrictions:
> 1. Packages that mustn't be noarch because of essential payload
>    mismatch on different architectures.

Furthermore, /usr/share part of arch-dependent packages is treated
the same way as noarch packages.  This is how you can detect binaries
under /usr/share/doc.

> 2. Packages that must be noarch because their payload is essentially
>    the same on different architectures.
> 
> The only drawback of the first restriction is that the proposed
> implementation fails to filter out non-essential differences, e.g.
> timestamps and random html reference names.  That is, in its current
> form it would stop some grave packaging bugs, but also it would forbid
> some legal noarch packages.

This depends on how you define "legal".  At an extreme, it is best to
require full md5 match for both noarch packages and /usr/share part of
arch packages.  However, we need to omit mtime.  This might not be easy
since some files can include mtime (e.g. *.jar files) but otherwise have
identical contents (and in case of *.jar files, mtime is not even part
of the "contents").

So we simply can't require full md5 match before we can handle *.jar
files.  So, for now, to use file(1) seems to be the right thing to do.

> The second restriction was reported to have a major impact on packages
> because it affects about 600 source packages, and changing rules to
> break so many packages due to optimization purposes doesn't look good.
> Some ideas to avoid extra dumb work for packages were proposed later,
> but no implementation have been arisen yet.
> Also, the implementation in its current form may mistakenly decide that
> packages have to be noarch while they really shouldn't, e.g. cpuburn.
> 
> That is, I'd be glad to make these restrictions taken effect when these
> three issues are dealt with.

So "the three issues" are:
1a) Different filenames in noarch packages - to me, illegal.
And that's not new.  Only treating /usr/share the same way is new.
1b) Non-essential differences between files - we use only file magic
instead of full md5 match (also, fixed gzip magic to exclude mtime).
2) Too many packages will fail to pass the girar.
3) False noarch due to i586 running on x86_64.

I guess we can agree upon downgrading to warnings.  But warnings
don't work as good as errors.  How many times you think you've seen
the warning about /usr/share/doc/liboil-0.3.16 ?

Results 1 - 50 of 50 from lists.altlinux.org for "/usr/share/doc/liboil-0.3".
----------- следующая часть -----------
Было удалено вложение не в текстовом формате...
Имя     : отсутствует
Тип     : application/pgp-signature
Размер  : 198 байтов
Описание: отсутствует
Url     : <http://lists.altlinux.org/pipermail/devel/attachments/20091227/9d3e73f2/attachment.bin>