On Tue, May 29, 2012 at 10:57 AM, hasufell <hasufell@gentoo.org> wrote:
> I am against too many defaults. It's documented and people can
> activate it.
> I'm already annoyed by pre-set stuff like "cups" in
> releases/make.defaults.

While universal agreement is a bit much to hope for, I just wanted to
point out that fewer defaults is really just an illusion.

There is ALWAYS a default, anytime you have an option. The default
might be one thing, or it might be another, but there is ALWAYS a
default. My thinking is that our defaults should generally reflect
the most mainstream or least-surprising behavior, especially where
there are upstream projects. in the case of portage, we are the
upstream, so we should do whatever is most useful and least obnoxious
to our users.

If you're running something other than a generic desktop/server, there
will always be a need to tweak things.

Rich

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On 05/29/2012 05:23 PM, Rich Freeman wrote:
> On Tue, May 29, 2012 at 10:57 AM, hasufell <hasufell@gentoo.org>
> wrote:
>> I am against too many defaults. It's documented and people can
>> activate it. I'm already annoyed by pre-set stuff like "cups" in
>> releases/make.defaults.
>
> While universal agreement is a bit much to hope for, I just wanted
> to point out that fewer defaults is really just an illusion.
>
> There is ALWAYS a default, anytime you have an option. The
> default might be one thing, or it might be another, but there is
> ALWAYS a default. My thinking is that our defaults should
> generally reflect the most mainstream or least-surprising behavior,
> especially where there are upstream projects. in the case of
> portage, we are the upstream, so we should do whatever is most
> useful and least obnoxious to our users.
>
> If you're running something other than a generic desktop/server,
> there will always be a need to tweak things.
>
> Rich
>

Well then let my clarify: I'm against too many pre-set (meaning
"activated") features/useflags.

That's probably a seperate discussion, but I myself would expect the
_default_ profile/config to have almost nothing activated. No
useflags, no features etc.

That may imply that this default is "broken", but it takes more time
to do reverse-configuration while looking for things that someone
considered "sane" and has set for your "convenience".

I discovered this the first time I set up a blank chroot and got a
load of stuff pulled in by some trivial emerges. Some set by already
mentioned releases/make.defaults and similar, some set by ebuilds etc.

What you do with other profiles is a completely different topic,
because I'm not forced to use them.

means: I don't like the fact that I have to set
FEATURES="-foobar"
or
USE="-foobar"

That should almost never be the case (unless I set some globally and
unset some locally or use desktop-profiles etc).

am I offtopic already? Hope you got the point though.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.19 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/

iQEcBAEBAgAGBQJPxPkHAAoJEFpvPKfnPDWzejcH/3g1VGmSRHufoQMHUpi6X1x3
31pNy2Q+SKxo4voy5Y1/mt+0lKGrhyDq6npmBY+7n5RlhdKrn8J3VyQ7HQ1jBGiS
nEdSVb6BCHtFeWWWYRo6efooQFsGT+6NOFQgX/xXXgk9Ndzk8LtURGp8oP0oucNt
YWfhDruoUzJXRyIMP9u6SbbDVXOnYVP+WUniNJ855l2Q1jg5lr wE6f6dD7wsbtyp
3PGBEtMqX9nAtzFZ8blUHngyrMP9J/GcJ3OVQkLXla7WBCWLqKlN0pIIiVqe2L5V
45MPQ/Muhyy0JUKLmLJLvx/2c+1I4mCt1lrfZNNN3zhepnjZSLn/uiGZk3JVEQs=
=KNF8
-----END PGP SIGNATURE-----

On 29 May 2012 12:27, hasufell <hasufell@gentoo.org> wrote:
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
> On 05/29/2012 05:23 PM, Rich Freeman wrote:
>> On Tue, May 29, 2012 at 10:57 AM, hasufell <hasufell@gentoo.org>
>> wrote:
>>> I am against too many defaults. It's documented and people can
>>> activate it. I'm already annoyed by pre-set stuff like "cups" in
>>> releases/make.defaults.
>>
>> While universal agreement is a bit much to hope for, I just wanted
>> to point out that fewer defaults is really just an illusion.
>>
>> There is ALWAYS a default, anytime you have an option. *The
>> default might be one thing, or it might be another, but there is
>> ALWAYS a default. *My thinking is that our defaults should
>> generally reflect the most mainstream or least-surprising behavior,
>> especially where there are upstream projects. *in the case of
>> portage, we are the upstream, so we should do whatever is most
>> useful and least obnoxious to our users.
>>
>> If you're running something other than a generic desktop/server,
>> there will always be a need to tweak things.
>>
>> Rich
>>
>
> Well then let my clarify: I'm against too many pre-set (meaning
> "activated") features/useflags.
>
> That's probably a seperate discussion, but I myself would expect the
> _default_ profile/config to have almost nothing activated. No
> useflags, no features etc.
>
> That may imply that this default is "broken", but it takes more time
> to do reverse-configuration while looking for things that someone
> considered "sane" and has set for your "convenience".
>
> I discovered this the first time I set up a blank chroot and got a
> load of stuff pulled in by some trivial emerges. Some set by already
> mentioned releases/make.defaults and similar, some set by ebuilds etc.
>
> What you do with other profiles is a completely different topic,
> because I'm not forced to use them.
>
> means: I don't like the fact that I have to set
> FEATURES="-foobar"
> or
> USE="-foobar"
>
> That should almost never be the case (unless I set some globally and
> unset some locally or use desktop-profiles etc).
>
> am I offtopic already? Hope you got the point though.
> -----BEGIN PGP SIGNATURE-----
> Version: GnuPG v2.0.19 (GNU/Linux)
> Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/
>
> iQEcBAEBAgAGBQJPxPkHAAoJEFpvPKfnPDWzejcH/3g1VGmSRHufoQMHUpi6X1x3
> 31pNy2Q+SKxo4voy5Y1/mt+0lKGrhyDq6npmBY+7n5RlhdKrn8J3VyQ7HQ1jBGiS
> nEdSVb6BCHtFeWWWYRo6efooQFsGT+6NOFQgX/xXXgk9Ndzk8LtURGp8oP0oucNt
> YWfhDruoUzJXRyIMP9u6SbbDVXOnYVP+WUniNJ855l2Q1jg5lr wE6f6dD7wsbtyp
> 3PGBEtMqX9nAtzFZ8blUHngyrMP9J/GcJ3OVQkLXla7WBCWLqKlN0pIIiVqe2L5V
> 45MPQ/Muhyy0JUKLmLJLvx/2c+1I4mCt1lrfZNNN3zhepnjZSLn/uiGZk3JVEQs=
> =KNF8
> -----END PGP SIGNATURE-----
>

I disagree with this. I think Gentoo should be about SANE defaults. If
you want a minimal system, you can turn off all the USE flags and/or
FEATURES and/or use the standard (not desktop/) profile. SANE defaults
like FEATURES="userpriv usersandbox" are optimal for probably 90% of
users and if you're not one of those 90%, there'll be a news item,
just turn them off...

On Tue, 29 May 2012 18:27:51 +0200
hasufell <hasufell@gentoo.org> wrote:

> Well then let my clarify: I'm against too many pre-set (meaning
> "activated") features/useflags.

Think of it as nouserpriv feature. Either way, to disable userpriv
is kind of working against QA as a package really should be build-able
as non root user but then.

Have userpriv and usersandbox enabled since it's became available, no
issues to report.

How about introducing e.g. FEATURES="nouserpriv", and make the current
userpriv behavior the default?

The migration might be a bit more confusing, but it allows portage to
gradually adopt better stuff without having FEATURES="everything under
the sun".

On Tue, May 29, 2012 at 3:46 PM, Michael Orlitzky <michael@orlitzky.com> wrote:
> How about introducing e.g. FEATURES="nouserpriv", and make the current
> userpriv behavior the default?
>

Portage currently defaults to running the build process as root. The
entire point of this thread is that Zac wants to change the default to
build as the portage user (FEATURES="userpriv" in make.globals).

On Tue, May 29, 2012 at 03:46:39PM -0400, Michael Orlitzky wrote:
> How about introducing e.g. FEATURES="nouserpriv", and make the current
> userpriv behavior the default?

No. Please stay away from things like this.
It is reverse logic and can be very confusing. Just adding "-userpriv"
to your features would do exactly the same thing.

William

On 05/29/12 15:58, Mike Gilbert wrote:
> On Tue, May 29, 2012 at 3:46 PM, Michael Orlitzky <michael@orlitzky.com> wrote:
>> How about introducing e.g. FEATURES="nouserpriv", and make the current
>> userpriv behavior the default?
>>
>
> Portage currently defaults to running the build process as root. The
> entire point of this thread is that Zac wants to change the default to
> build as the portage user (FEATURES="userpriv" in make.globals).
>

Right, I was just offering a way to change the default behavior without
adding another value to the FEATURES variable, which seems to be
hasufell's objection.

On 05/29/2012 07:11 AM, Michał Górny wrote:
> On Tue, 29 May 2012 02:05:08 -0700
> Zac Medico <zmedico@gentoo.org> wrote:
>
>> On 05/29/2012 01:43 AM, Agostino Sarubbo wrote:
>>> I'm using usersync since a long time, how about add it too?
>>
>> Yeah, I think that would be a good default too. I guess the portage
>> ebuild can do a recursive adjustment of $PORTDIR permissions in
>> pkg_postinst, in order to solve bug #277970 [1].
>
> Wouldn't that break users who sync using a regular user?

No, because the "usersync" feature causes the rsync process to inherit
the UID and GID of the PORTDIR directory (obtained using the stat function).

> And then break
> again, and again every time portage is merged?

No, I would not want to trigger an relatively expensive operation like
this more that once. So, it would only be triggered in pkg_postinst if
the replaced version of portage did not have usersync enabled by default.
--
Thanks,
Zac

On 29 May 2012 12:46, Michael Orlitzky <michael@orlitzky.com> wrote:
> How about introducing e.g. FEATURES="nouserpriv", and make the current
> userpriv behavior the default?

rootpriv instead of nouserpriv?

> The migration might be a bit more confusing, but it allows portage to
> gradually adopt better stuff without having FEATURES="everything under
> the sun".