From: Hanspeter N. <fi...@sn...> - 2012-04-14 16:49:44
|
On 4/14/2012 9:58 AM, Dustin Cartwright wrote: > On Fri, Apr 13, 2012 at 5:52 PM, Max Horn<ma...@qu...> wrote: > >> How about this strategy instead: First we turn off BuildAsNobody globally >> again by default. Then we make a release with the new BuildAsNobody field >> and command line option in it. *Then* we email to -devel and ask all >> authors to check their packages (and how) and add BuildAsNobody as needed. >> Meanwhile, we update all base packages as necessary. Finally, after a >> certain grace period (I'd suggest a month or two at least), we can turn off >> BuildAsNobody globally. Some packages will still break, but at least this >> way we give maintainers a fair chance to fix their act. As opposed to >> forcing them to fix their packages IMMEDIATELY after the release or else >> potentially getting tons of user complaints for something that might not >> even be avoidable from their side. In addition, this approach might reduce >> the pain for our users a bit, too... ;). >> > > Hello, > > I agree that it would be a good idea to have a transition period during > which package maintainers can add "BuildAsNobody: false" as needed before > releasing a version of fink which builds as nobody by default. As you say, > this would mean modifying the validator and notifying fink-devel well in > advance of the change. > > However, I don't see the point of going through a stage where BuildAsNobody > is off by default, but opt-in at the package level. It wouldn't really lead > to more packages getting tested because maintainers already have the > ability to test their packages with the --build-as-nobody flag. The poorly > maintained packages still won't get tested until the default is switched. > That's why it seems like a good idea to have BuildAsNobody the default in > master: it makes it more likely that problematic packages will be first > noticed by someone who recognizes the problem rather than a random user. To add, my last buildworld ran --build-as-nobody first and if the package failed, it would then try again as root. So at least 10.5/unstable as of 2010-08-14 has been tested with --b-a-n. The results of that are here: <http://www.snaggledworks.com/fink/buildworld/2010-08-14/nobody/>. The vast majority of those packages have been fixed to use --b-a-n in the 18 months since. And I would presume that most new packages since have been tested with --b-a-n (at least if they came from the tracker via me), as well as those migrated in the transition to stable. Hanspeter |