• [gentoo-dev] packages touching files in /dev

    From karl@aspodata.se@21:1/5 to All on Mon May 23 11:40:02 2022
    Dear package maintainers,
    please do not mess with preexisting files in /dev.

    I have static /dev and that suit me well for quite a few systems that
    has a static environment, especially system that are intended to run
    for a long time and where I tend to minimize the number of running
    processes, every running process is something that can go wrong.
    Their /dev/ files are set up for their intended use, and I don't want
    surprises there.

    When upgrading it isn't easy to see what package that did
    something to /dev so it isn't easy to bug the guilty party.

    If sys-fs/static-dev is installed, please do not touch /dev,
    if you want you can leave suggestions in some file.

    Regards,
    /Karl Hammar

    --- SoupGate-Win32 v1.05
    * Origin: fsxNet Usenet Gateway (21:1/5)
  • From Mike Gilbert@21:1/5 to karl@aspodata.se on Mon May 23 16:20:01 2022
    On Mon, May 23, 2022 at 5:39 AM <karl@aspodata.se> wrote:

    Dear package maintainers,
    please do not mess with preexisting files in /dev.

    I have static /dev and that suit me well for quite a few systems that
    has a static environment, especially system that are intended to run
    for a long time and where I tend to minimize the number of running
    processes, every running process is something that can go wrong.
    Their /dev/ files are set up for their intended use, and I don't want surprises there.

    When upgrading it isn't easy to see what package that did
    something to /dev so it isn't easy to bug the guilty party.

    If sys-fs/static-dev is installed, please do not touch /dev,
    if you want you can leave suggestions in some file.

    This blanket request is unlikely to yield any useful results.

    ebuilds don't generally do anything with /dev. Changing behavior based
    on the presence of sys-fs/static-dev is probably not a good idea.

    If you can identify specific packages that have caused you problems,
    we can probably resolve them.

    --- SoupGate-Win32 v1.05
    * Origin: fsxNet Usenet Gateway (21:1/5)
  • From karl@aspodata.se@21:1/5 to All on Tue May 24 12:50:01 2022
    Mike Gilbert:
    On Mon, May 23, 2022 at 5:39 AM <karl@aspodata.se> wrote:
    Dear package maintainers,
    please do not mess with preexisting files in /dev.
    ...
    If you can identify specific packages that have caused you problems,
    we can probably resolve them.

    I'll see what I can do, the easiest is probably making /dev a separate
    ro filesystem.

    Is there some hook to emerge I can use where I can attach some code to
    run tests after each individual package when doing emerge @world ?

    Regards,
    /Karl Hammar

    --- SoupGate-Win32 v1.05
    * Origin: fsxNet Usenet Gateway (21:1/5)
  • From Rich Freeman@21:1/5 to karl@aspodata.se on Tue May 24 14:00:01 2022
    On Tue, May 24, 2022 at 6:49 AM <karl@aspodata.se> wrote:

    Is there some hook to emerge I can use where I can attach some code to
    run tests after each individual package when doing emerge @world ?


    So, Portage has hooks, and that would work for any file being
    installed normally (so would config protection and that would be a
    much easier solution).

    There are a couple of problems though:
    1. The only package I'm aware of that directly touches /dev is
    static-dev (which I hadn't even heard of until you mentioned it). It
    uses a post-install hook to create device nodes, so there is no
    opportunity to inspect anything before /dev is modified. This isn't
    the normal way to install files, but of course it isn't installing
    normal files.
    2. I think it is very unlikely that a package is directly modifying
    /dev. It seems more likely that a package is installing some daemon
    that gets run as root and then it modifies /dev, maybe on your next
    boot. Obviously if you install something like udev you'd expect to
    end up with /dev getting modified when it runs. Again, there is
    nothing for a hook to detect.

    Having a backup (it is static after all), and something like a
    read-only mount might be your better solutions, if you really want a
    static dev, or maybe marking files as immutable or something. (You
    might want to test that - I am assuming you could still write to a
    device node on a read-only filesystem but it isn't like I've tried. I
    don't think there is anything special about /dev so you could just
    create a device node in some other read-only filesystem and test it
    out.)

    If you do find a random package touching /dev I think most here would
    be pretty interested, as that seems rather bizarre.

    --
    Rich

    --- SoupGate-Win32 v1.05
    * Origin: fsxNet Usenet Gateway (21:1/5)
  • From Roy Bamford@21:1/5 to Rich Freeman on Tue May 24 15:20:01 2022
    On 2022.05.24 12:58, Rich Freeman wrote:
    On Tue, May 24, 2022 at 6:49 AM <karl@aspodata.se> wrote:

    Is there some hook to emerge I can use where I can attach some code
    to
    run tests after each individual package when doing emerge @world ?


    So, Portage has hooks, and that would work for any file being
    installed normally (so would config protection and that would be a
    much easier solution).

    There are a couple of problems though:
    1. The only package I'm aware of that directly touches /dev is
    static-dev (which I hadn't even heard of until you mentioned it). It
    uses a post-install hook to create device nodes, so there is no
    opportunity to inspect anything before /dev is modified. This isn't
    the normal way to install files, but of course it isn't installing
    normal files.
    2. I think it is very unlikely that a package is directly modifying
    /dev. It seems more likely that a package is installing some daemon
    that gets run as root and then it modifies /dev, maybe on your next
    boot. Obviously if you install something like udev you'd expect to
    end up with /dev getting modified when it runs. Again, there is
    nothing for a hook to detect.

    Having a backup (it is static after all), and something like a
    read-only mount might be your better solutions, if you really want a
    static dev, or maybe marking files as immutable or something. (You
    might want to test that - I am assuming you could still write to a
    device node on a read-only filesystem but it isn't like I've tried. I
    don't think there is anything special about /dev so you could just
    create a device node in some other read-only filesystem and test it
    out.)

    If you do find a random package touching /dev I think most here would
    be pretty interested, as that seems rather bizarre.

    --
    Rich



    Team,

    As a long time static /dev user the only thing I've noticed updates making
    a mess of is /dev/snd. I've not traced that, I know what it is and how to
    fix it. Its faster to fix it now and again that it is to establish the root cause.

    --
    Regards,

    Roy Bamford
    (Neddyseagoon) a member of
    elections
    gentoo-ops
    forum-mods
    arm64
    -----BEGIN PGP SIGNATURE-----

    iQEzBAABCAAdFiEEsOrcx0gZrrCMwJzo/xJODTqpeT4FAmKM2aEACgkQ/xJODTqp eT5b0ggAn//+0IkbiLo5PZve6s+Yf7Rq2xs3dUWAuK5FpX60r9Oes4L9J/0qEZ0s gsQapMfm6vG8ihZhK+fmrqpNacKdgePkXO47mSV686lgOPIzW5Mj6g+EZSh9Qgy4 o+1xq4VStrNBXthem+ahNje6eR3o67Q8Y2PGFHwVQa8P2ZWVLzmFOOawcFHmC7zE JQuG7mLeGWxyBEv+IDoQPVqG5LWhQqzXF0qdE5l/Iy8QB1m6d6nu8mlCZYqFznvM 7zt4pyAyuumtC4Ppa8OZNH0ltdEchDX1o5fyOUbbYklL3a4tgbK4ZVl7ed7K7xZG jX68KZ4Kra1pyHmFnOmTrRJyJmUspA==
    =Baqa
    -----END PGP SIGNATURE-----

    --- SoupGate-Win32 v1.05
    * Origin: fsxNet Usenet Gateway (21:1/5)
  • From karl@aspodata.se@21:1/5 to All on Wed May 25 14:10:01 2022
    Roy Bamford:
    As a long time static /dev user the only thing I've noticed updates making
    a mess of is /dev/snd. I've not traced that, I know what it is and how to
    fix it. Its faster to fix it now and again that it is to establish the root cause.

    Yes, It seems to be audio related.
    I'll see if I can track it down.

    Regards,
    /Karl Hammar

    --- SoupGate-Win32 v1.05
    * Origin: fsxNet Usenet Gateway (21:1/5)