Aleksey Cheusov wrote:
One reason for this is that USE_DESTDIR=full works by overriding the file system permissions and nothing currently tags the permissions and ownership in the PLIST. This should be changed and one positive side effect is that auditing for s[ug]id binaries can be done much easier. SPECIAL_PERMS is another workaround for that.Ok, specifying permissions in PLIST or somewhere else may be better than METALOG approach for a number of reasons. Is format of pkgsrc packages documented somewhere?
The format is described in the man pages for pkg_create(1), pkg_add(1) and pkg_delete(1) and you can also find information in pkgsrc/mk/flavor/pkg/metadata.mk. A lot of this is legacy from the original FreeBSD pkg_install code -- we're still using largely the exact same tar.gz archive format as 10 years ago.
>> Unprivileged build and "prefixed" packaging is big step >> forward for pkgsrc but it is not enough.If all packages would be able to work with user-destdir, a bulk build can be easily done unprivileged. Testing the installation is important though and you will see a number of install scripts fail if they can't run as root.Of course DESTDIR support in its current form is good _start_ for testing. I even tried to run partial _test_ bulk build with USE_DESTDIR variable set. http://mova.org/~cheusov/pub/pkgsrc-pbulk/NetBSD/current-destdir/log/20080330.0120/META/report.html Note that this was just a test. Not all things were done accurately. But I hope to see pkgsrc ready for fully unprivileged bulk builds in future (including 'make bin-install|package-install' and 'make depends' phases). And... without need to set PKG_DESTDIR_SUPPORT variable for each package, that is, without PKG_DESTDIR_SUPPORT variable at all.
I know that some folks are looking into alternative solutions for staged installation that are separate from the current idea of teaching packages to honor DESTDIR. The generally involve some level of wrapping the installation tools or installing a specially-crafted shell, but those ideas are not fully fleshed out, though they have been tested to work in limited cases. <jmmv> and <agc> may have more to share on this.
The benefits of the current approach of teaching packages to honor DESTDIR are:
(1) No "magic" is involved. The tools just do exactly what you tell them to do, so the steps are very clear to both developers and users.
(2) DESTDIR-style support is already prevalent because it's used by Debian .deb as well as OpenBSD's FAKE support in its package system. This is at least a well-understood method that many packages already support and that many developers know how to apply.
The downside to this DESTDIR approach is that you potentially have to patch many files, and because programmers are lazy in general, it's nice to try to find ways to avoid potentially having to make so many changes.
I'm definitely open to different approaches to staged installations if you'd like to brainstorm other ideas on this list.
Cheers, -- Johnny C. Lam