Wonderful. Is there some tracker covering the issues/packages? I was recently looking into filesystem: https://bugzilla.redhat.com/show_bug.cgi?id=1306489#c7 Vít Dne 01. 07. 19 v 22:26 Ben Cotton napsal(a): > https://fedoraproject.org/wiki/Features/LimitScriptletUsage > > == Summary == > Remove direct scriptlet calls from "core packages" (those that are > used to build minimal container image). The packages can still affect > changes during installation by placing files in the correct locations > to trigger registered external programs. > > == Owner == > * Name: [[User:james| James Antill]] > > == Detailed Description == > > Currently we know how to make an installable OS with packages that > doesn't require the use of scriptlets, indeed rpm-ostree and others > have already done this on a significantly bigger scale. So we plan to > remove direct scriptlets from most (if not all) of the packages in the > main fedora container image for Fedora 31. This means all four of: > %pre/%post/%preun/%postun. After this change it'd be good to have some > kind of temporary exception to be granted before those packages could > add a scriptlet back (post F31 work). > > Almost all of the hard work is already done, as rpm can react to files > being dropped in specified places with known actions (Eg. In this way > systemd components can create users or files). There are a few minor > changes needed to packages to move from the old way of doing things > (Eg. calling adduser) to doing the new thing. Note that while a > program will still be run at installation time, those programs will be > few and easily audited (as against the 666 slightly different ways of > adding a user we currently have). > > == Benefit to Fedora == > > At the moment all of the packages with scriptlets (and anything > installed with them) are basically opaque programs that happen to also > carry files that are installed, from the point of view of all of the > packaging tools (rpm, ostree, composer, etc.) . After this change the > entire installation of the main container image will be declarative, > and thus. understandable by all of those tools. This should make > things faster, and allow new optimizations and features. > > This should also make packagers life easier in the long term, as > packaging becomes less unique. > > == Scope == > > Proposal owners: > > * James Antill > * 1 needs to get combine.d into the distribution, and then /etc/shells > can use that. > * 2 minor wrangling of package owners to tweak specfiles. > > * Other developers: > > * Policies and guidelines: We should work toward only allowing new > scriptlets to appear with policy exceptions, in any of the fixed > packages. This needs to be done somewhat carefully, and post F31. > > == How To Test == > All of the following should provide no output on a standard container: > > * rpm -a --qf '%{preinprog}' > * rpm -a --qf '%{preunprog}' > * rpm -a --qf '%{postinprog}' > * rpm -a --qf '%{postunprog}' > * rpm -a --qf '%{pretransprog}' > * rpm -a --qf '%{posttransprog}' > > == User Experience == > There should be no significant difference to users, initially, > although package installation should be faster. > > == Dependencies == > N/A (not a System Wide Change) > > == Contingency Plan == > Until higher level packaging/installation tooling starts to depend on > the scriptlets not being present it is always possible to just let > those packages which still have scriptlets continue, if it's required. > > * Contingency mechanism: Just ship packages with scriptlets, as we > always have done. > * Contingency deadline: N/A > * Blocks release? No > > == Documentation == > N/A (not a System Wide Change) > _______________________________________________ devel mailing list -- devel@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe send an email to devel-leave@xxxxxxxxxxxxxxxxxxxxxxx Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/devel@xxxxxxxxxxxxxxxxxxxxxxx
