From owner-svn-src-head@freebsd.org Tue Oct 27 08:53:32 2020 Return-Path: Delivered-To: svn-src-head@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id 48AE6444564; Tue, 27 Oct 2020 08:53:32 +0000 (UTC) (envelope-from se@freebsd.org) Received: from smtp.freebsd.org (smtp.freebsd.org [IPv6:2610:1c1:1:606c::24b:4]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "smtp.freebsd.org", Issuer "Let's Encrypt Authority X3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4CL58X19N6z4Wm1; Tue, 27 Oct 2020 08:53:32 +0000 (UTC) (envelope-from se@freebsd.org) Received: from Stefans-MBP-WLAN.fritz.box (p200300cd5f0bbc0065341bf6eefbff0e.dip0.t-ipconnect.de [IPv6:2003:cd:5f0b:bc00:6534:1bf6:eefb:ff0e]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (Client did not present a certificate) (Authenticated sender: se/mail) by smtp.freebsd.org (Postfix) with ESMTPSA id 6BE8F2BA46; Tue, 27 Oct 2020 08:53:31 +0000 (UTC) (envelope-from se@freebsd.org) To: Alex Kozlov Cc: src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-head@freebsd.org References: <202010230922.09N9MNZu040921@repo.freebsd.org> <20201024074840.GA26119@ravenloft.kiev.ua> <38d15142-1cb1-eb1f-215e-cee165743d99@freebsd.org> <20201025055633.GA52119@ravenloft.kiev.ua> <0140ae63-3044-9946-4047-c64331be0b50@freebsd.org> <20201026060038.GA78455@ravenloft.kiev.ua> <20201027073744.GA27357@ravenloft.kiev.ua> From: Stefan Esser Subject: Re: svn commit: r366962 - in head: include usr.bin/calendar Message-ID: Date: Tue, 27 Oct 2020 09:53:27 +0100 User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.16; rv:78.0) Gecko/20100101 Thunderbird/78.4.0 MIME-Version: 1.0 In-Reply-To: <20201027073744.GA27357@ravenloft.kiev.ua> Content-Type: multipart/signed; micalg=pgp-sha256; protocol="application/pgp-signature"; boundary="kilvKSLv0TmgaSox3eZQsGj8shoKosD6N" X-Content-Filtered-By: Mailman/MimeDel 2.1.33 X-BeenThere: svn-src-head@freebsd.org X-Mailman-Version: 2.1.33 Precedence: list List-Id: SVN commit messages for the src tree for head/-current List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 27 Oct 2020 08:53:32 -0000 This is an OpenPGP/MIME signed message (RFC 4880 and 3156) --kilvKSLv0TmgaSox3eZQsGj8shoKosD6N Content-Type: multipart/mixed; boundary="FLmgHCC80PatMF74oOzaJ9G8g8NMEU4h1"; protected-headers="v1" From: Stefan Esser To: Alex Kozlov Cc: src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-head@freebsd.org Message-ID: Subject: Re: svn commit: r366962 - in head: include usr.bin/calendar References: <202010230922.09N9MNZu040921@repo.freebsd.org> <20201024074840.GA26119@ravenloft.kiev.ua> <38d15142-1cb1-eb1f-215e-cee165743d99@freebsd.org> <20201025055633.GA52119@ravenloft.kiev.ua> <0140ae63-3044-9946-4047-c64331be0b50@freebsd.org> <20201026060038.GA78455@ravenloft.kiev.ua> <20201027073744.GA27357@ravenloft.kiev.ua> In-Reply-To: <20201027073744.GA27357@ravenloft.kiev.ua> --FLmgHCC80PatMF74oOzaJ9G8g8NMEU4h1 Content-Type: multipart/mixed; boundary="------------59B077A31C346F4B1268A04E" Content-Language: en-US This is a multi-part message in MIME format. --------------59B077A31C346F4B1268A04E Content-Type: text/plain; charset=windows-1252; format=flowed Content-Transfer-Encoding: quoted-printable Am 27.10.20 um 08:37 schrieb Alex Kozlov: > On Mon, Oct 26, 2020 at 12:11:56AM -0600, Warner Losh wrote: >> So, first off, it's already hard coded. Stefan's changes change the ha= rd >> coding from 'impossible to change' to 'changeable with a recompile' wh= ich >> is an improvement. It might even wind up as a build variable (or not, = doing >> that has some really ugly, nasty dependencies). >> >> But even in ports-land, it's a compile time constant. Quite a large nu= mber >> of ports will allow you to change it at compile / build time, but not >> after. You have to rebuild if you want to change PREFIX... >> >> So I'm a bit puzzled what makes this the wrong approach? > 1) Making it buildtime instead of fixing a few regression cases which a= s > simple as reading environment variable before fallback to hardcoded /us= r/local, > or make it kernel variable/sysctl if security is a concern. Please provide patches that make the affected programs use a run-time value for LOCALBASE (start with the base system, but do apply this to ports that are extensions of the base system functionality to be able to use packages on such a system with non-default LOCALBASE). And please show that there are no security issues, that there is no negative impact on the run-time for the huge majority of installations that use the default value of LOCALBASE, and that there is no added complexity to maintain such a system (starting from documentation that needs to be adapted to a dynamically changeable LOCALBASE). A compiled-in path is protected against manipulation by an attacker, and, while a sysctl value could be as well, you ought to be able to use different LOCALBASE values in jails, to make this really universal. Please provide an architectural draft that accounts for all these points and an estimate of the effort required to implement it and be assured we'll openly discuss it. > 2) Codifying LOCALBASE =3D /usr/local, so from now more people will use= > it because it's in defines. No, the _PATH_LOCALBASE makes it easier to refer to port provided files *without* hard-coding /usr/local! But LOCALBASE =3D=3D /usr/local has been the default for so many decades that I cannot remember when it started. Probably before BSD-4.2 already, but we have committers that don't have to guess but have been there ;-) (I've been a BSD user starting with BSD-4.2, and we have already used /usr/local for the programs distributed over USENET at that time ...) A verbatim /usr/local occurs in more than 1700 individual files in base, and I'm going to remove some 20 of them that get compiled into binaries. You are welcome to bring this number further down and we are awaiting your patches. We do not move base components to ports for fun, but to be able to disconnect them from the release cycle, to ease outside contributions, and to reduce the maintenance effort for release-agnostic components (no need to MFC updates to the calendar files, for example). And we have to compare the effort caused for the project with the effort it takes to make FreeBSD use a non-default LOCALBASE for users that really need it. Those will probably have forked off their own repository to be able to make much bigger changes to the code base - adjusting the _PATH_LOCALBASE before building the world is really a minor effort for them. And we want to make such a change of LOCALBASE easier than it used to be for a long time. If you are affected and the above does not apply to you, then please provide the patches you probably already have ready since you relied on them before the introduction of _PATH_LOCALBASE. Regards, STefan --------------59B077A31C346F4B1268A04E-- --FLmgHCC80PatMF74oOzaJ9G8g8NMEU4h1-- --kilvKSLv0TmgaSox3eZQsGj8shoKosD6N Content-Type: application/pgp-signature; name="OpenPGP_signature.asc" Content-Description: OpenPGP digital signature Content-Disposition: attachment; filename="OpenPGP_signature" -----BEGIN PGP SIGNATURE----- wsB5BAABCAAjFiEEo3HqZZwL7MgrcVMTR+u171r99UQFAl+X4AcFAwAAAAAACgkQR+u171r99UQ1 MggAriFLydIb/lJRitU7BHWgZ8ZGG5u2GjTPPbU2G1CC1A5DAkrSt20oVzwXQV1WqWwh/VseJCD4 4UMw2uvT0RnV/T7HTEFSYCl9JakRBxGDK5T5IE6GUmq5KEheYRfzyOi5q4GsnRH/d4dKyG5Jo4cx rvCR158xCnEP7YLfubbXMKjvyF14Rf2q21pyD9wOkblbrHHRfJN3MIvWX5tEb5I/ZMrXMX6/d+7U seOSVQG/jgGx7sKwfEy6yL1AWUWfPQzCpuP8jAjhk5EewIuhxhT5My92qqmAGQPBTkzjpfE/wlmn mm/UfqREAiu9JvXwLyMsGWeqdBtDmRIWIdpFvFs8Bg== =SIDW -----END PGP SIGNATURE----- --kilvKSLv0TmgaSox3eZQsGj8shoKosD6N--