Re: F35 Change: Debuginfod By Default (Self-Contained Change proposal)

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On Thu, 2021-04-08 at 11:19 -0400, Frank Ch. Eigler wrote:
> 
> ngompa13 wrote:
> 
> > Woohoo! I'm excited for this!
> 
> Thanks!
> 
> > I got a chance to use debuginfod to do some debugging of DNF on
> > openSUSE last Saturday and the experience was fantastic.
> > 
> > I'm looking forward to this being wired up into GDB, ABRT, and
> > everything else
> 
> Hey, it already is there in most tools, try it.
> 
> % export DEBUGINFOD_URLS=https://debuginfod.stg.fedoraproject.org/
> 
> and shortly all F32+ packages/versions/architectures will be
> debuggable
> that way.  (The staging indexer is processing the l* packages, after
> a
> few days of churning from 0* through k*.  It has a one or two more
> days
> to go, but may already be used.)
> 
> The purpose of this Change is to configure this environment variable
> by
> default, pointing to the forthcoming production version of the server
> at https://debuginfod.fedoraproject.org/.
> 

Something that occurred to me about this change is that as well as
sources and DWARF data, some of our debuginfo files contain python
scripts.

Back in Fedora 13 with:
  https://fedoraproject.org/wiki/Features/EasierPythonDebugging
I added python scripts to python-debuginfo and python3-debuginfo so
that if you install them, gdb becomes gains type-specific pretty-
printers and extra commands relevant to what you're debugging.

That made sense to me back then, given that if you're debugging a
process you had to download the debuginfo package, so it made sense to
put the .py scripts in there so they would get autoadded (I don't see
any reference in my old wiki page to "add-auto-load-safe-path", so
maybe those directories would be regarded as safe automatically).

Having the sources and DWARF on-demand via debuginfod sounds great, and
hopefully means never having to manually install debuginfo rpms again -
but what about those .py files?  I'm assuming debuginfod isn't
supplying those (is it?).  I'm much more nervous about arbitrary python
scripts being supplied over this service, as the barrier to entry for
bad guys to do Bad Things would be so much lower as compared to
malformed DWARF, so perhaps if people want the .py files, they have to
install the debuginfo package in the traditional way?  (It's still .py
files from rpm payloads, but having them autodownloaded with little
user involvement seems troublesome as compared to manually installing
debuginfo rpms).

Thoughts?
Dave

_______________________________________________
devel mailing list -- devel@xxxxxxxxxxxxxxxxxxxxxxx
To unsubscribe send an email to devel-leave@xxxxxxxxxxxxxxxxxxxxxxx
Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: https://lists.fedoraproject.org/archives/list/devel@xxxxxxxxxxxxxxxxxxxxxxx
Do not reply to spam on the list, report it: https://pagure.io/fedora-infrastructure




[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Index of Archives]     [Fedora Announce]     [Fedora Users]     [Fedora Kernel]     [Fedora Testing]     [Fedora Formulas]     [Fedora PHP Devel]     [Kernel Development]     [Fedora Legacy]     [Fedora Maintainers]     [Fedora Desktop]     [PAM]     [Red Hat Development]     [Gimp]     [Yosemite News]

  Powered by Linux