On 10/15/2013 11:52 AM, Jan Kratochvil wrote: > On Tue, 15 Oct 2013 20:25:10 +0200, Paul Wouters wrote: >> - complexity >> - complicated prelink blacklists >> - complicated cron job exclusion with sysconfig > You can always make your software development life more simple by giving up on > some useful feature. That -O2 vs. -O0 build is a good comparison. I think the point is that the 'feature' is not viewed as useful. I can measure and see the performance improvement -O2 gains me. Yes it does complicate debugging, but it's being actively maintained, and the debugger does an OK job of handling it. prelink throws rocks at a lot of packages that have to check the integrity of the shared libraries they are using. It provides no real useful way of assisting in those tasks, and we can't meaningfully measure or observe the performance gains. You will need to strongly show the latter, because the cost it forces on other packages is unbearable. > > >> - FIPS foot-bullets > I really do not care and do not run FIPS. Disable/uninstall prelink for FIPS. 1. Some packages supports FIPS on the fly. Prelink puts me between a rock and a hard place. I can't embargo my library because glibc would then be embargoed (because prelink automatically embargos libraries that depend on other libraries that are embargoed), so I have to exec the prelink to get the original library, which causes problems with some applications running under restricted policies. 2. FIPS isn't the only place you need to do sofware integrity checks. (see rpm). If prelink provided noticeable improvement, I would say we put the resources into prelink to make it play more nicely with these integrity systems, but since it doesn't, the more rational approach is have it go away. bob
<<attachment: smime.p7s>>
-- devel mailing list devel@xxxxxxxxxxxxxxxxxxxxxxx https://admin.fedoraproject.org/mailman/listinfo/devel Fedora Code of Conduct: http://fedoraproject.org/code-of-conduct
