[opensuse-factory] Avoid use of %systemd_requires
TLDR: I would ask to not use %systemd_requires in your .spec files anymore - they impose a dependency on systemd even though the programs per se do not require systemd in all case to run. Long story: While playing around with containers, I set myself up one for the purpose of running a single application in it (boinc-client if you want to know). This is reasonably easy to pull off: 1. mkdir /compute 2. Populate /compute/etc/zypp/repos.d 3. Populate with a basic /etc/passwd & /etc/group so that installed files don't revert to root during installation. One can use `zypper -R /compute in --no-r aaa_base && rm -Rf /compute/var/lib/rpm` to that effect... 4. zypper -R /compute in --no-r aaa_base 5. zypper -R /compute in --no-r boinc-client 6. Create a user account in /compute (e.g. useradd). 6. systemd-nspawn -D /compute -u jengelh /bin/sh -c 'cd /home/jengelh; exec /usr/bin/boinc_client' That works really nice. I love it - it is a minimal system, like security-concious people want it. Well, almost. The boinc-client package requires systemd due to use of %systemd_requires in its specfile. However, there is nothing in the boinc package that depends soooo much on systemd that the program won't run without its presence. I therefore think that we can omit using that macro from specfiles, as "regular" systems (installed via YAST/kiwicds) will cause installation of an init implementation through their static patterns anyway. The %systemd_* macros in %pre,%post,etc. can all deal with the absence of systemd. An issue I can imagine is that if a packages does not explicitly Requires systemd, then, in an unpopulated system, systemd might be installed after the program package, and the `systemctl preset ..` commands as part of %service_add_post won't do anything. Comments..? -- To unsubscribe, e-mail: opensuse-factory+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse-factory+owner@opensuse.org
On Wednesday 18 of March 2015 14:36:13 Jan Engelhardt wrote:
Comments..?
Hi just one, this seems to be related to packaging perhaps this should be also discussed at opensuse-packaging as not all people involved with packaging are necessarily subscribed here. Martin Pluskal
Ccing opensuse-packaging. On Wednesday 2015-03-18 14:36, Jan Engelhardt wrote:
TLDR: I would ask to not use %systemd_requires in your .spec files anymore - they impose a dependency on systemd even though the programs per se do not require systemd in all case to run.
Long story: While playing around with containers, I set myself up one for the purpose of running a single application in it (boinc-client if you want to know). This is reasonably easy to pull off:
1. mkdir /compute 2. Populate /compute/etc/zypp/repos.d 3. Populate with a basic /etc/passwd & /etc/group so that installed files don't revert to root during installation. One can use `zypper -R /compute in --no-r aaa_base && rm -Rf /compute/var/lib/rpm` to that effect... 4. zypper -R /compute in --no-r aaa_base 5. zypper -R /compute in --no-r boinc-client 6. Create a user account in /compute (e.g. useradd). 6. systemd-nspawn -D /compute -u jengelh /bin/sh -c 'cd /home/jengelh; exec /usr/bin/boinc_client'
That works really nice. I love it - it is a minimal system, like security-concious people want it. Well, almost. The boinc-client package requires systemd due to use of %systemd_requires in its specfile. However, there is nothing in the boinc package that depends soooo much on systemd that the program won't run without its presence.
I therefore think that we can omit using that macro from specfiles, as "regular" systems (installed via YAST/kiwicds) will cause installation of an init implementation through their static patterns anyway. The %systemd_* macros in %pre,%post,etc. can all deal with the absence of systemd.
An issue I can imagine is that if a packages does not explicitly Requires systemd, then, in an unpopulated system, systemd might be installed after the program package, and the `systemctl preset ..` commands as part of %service_add_post won't do anything.
Comments..? -- To unsubscribe, e-mail: opensuse-factory+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse-factory+owner@opensuse.org
-- To unsubscribe, e-mail: opensuse-factory+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse-factory+owner@opensuse.org
Jan Engelhardt wrote:
Ccing opensuse-packaging.
On Wednesday 2015-03-18 14:36, Jan Engelhardt wrote:
TLDR: I would ask to not use %systemd_requires in your .spec files anymore - they impose a dependency on systemd even though the programs per se do not require systemd in all case to run. ... However, there is nothing in the boinc package that depends soooo much on systemd that the program won't run without its presence.
Reminds me of gvim+vim having a pre-req on systemd in factory just before 13.1 was released (corrected in 13.1). What wasn't corrected in 13.1 or 13.2 is both vim/gvim having dependencies on ***perl***. While I filed bugs on this in the past, my reports were rejected in regards to perl, though they did remove deps on "tcl", "python" and "ruby". But perl is still required, and not just perl 5.16 5.18 or 5.20 and not just a minimum of one of those, but specific patch-levels : -- (5.16.1, 5.18.1, 5.20.1). That means if perl got a hot security patch that put it at 5.20.2, all of the packages that have exact, "=" patch-levels in them won't work. Now I don't know about anyone else, but MOST of my editing in 'gvim' doesn't involve ANY of those languages. There was no reason to leave perl in as a dep -- it can be dynamically loaded at run time just like ruby, tcl and python are. (I even provided the patched code to do it before 13.1).
An issue I can imagine is that if a packages does not explicitly Requires systemd, then, in an unpopulated system, systemd might be installed after the program package, and the `systemctl preset ..` commands as part of %service_add_post won't do anything. Comments..?
If it is that vital, have the packages leave a config script in a 'common location' (for systemd) that are run upon systemd installation (same could be done on systemd removal, but would it be that vital?). -- To unsubscribe, e-mail: opensuse-factory+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse-factory+owner@opensuse.org
participants (3)
-
Jan Engelhardt
-
L.A. Walsh
-
Martin Pluskal