From: Baurzhan Ismagulov <ibr@radix50.net>
To: isar-users@googlegroups.com
Subject: Re: [PATCH 0/9] first wic integration
Date: Wed, 31 Jan 2018 16:21:18 +0100 [thread overview]
Message-ID: <20180131152118.GJ6508@yssyq.radix50.net> (raw)
In-Reply-To: <26963944-16e9-cab4-15be-5dd2deff73f6@siemens.com>
On Wed, Jan 31, 2018 at 03:01:48PM +0100, Jan Kiszka wrote:
> >> BTW, we also need to address unprivileged or container-compatible
> >> binfmt, or we won't be able to do cross stuff. Probably solvable, maybe
> >> via namespace support for binfmt in the upstream kernel, but far from
> >> reachable in the near future.
> >
> > That is another issue to fix, but it isn't related to hacking wic, is it?
>
> It is related to the question if we need to worry about sudo wic right
> now or can do this when all the other issues that prevent unprivileged
> Isar building are solved. I would say the latter applies here.
Unprivileged != container-compatible.
Sudo is a hack. Solving it has value.
That said, my concern isn't prioritizing that. My concern is imposing sudo on
wic users when we already have an effective, manageable workaround in master.
There is also an architectural issue with that. All-in sudo would hide the
details why we need it, thus moving unprivileged builds farther away.
At the end, wic should be compatible with Isar and be available without
importing it into Isar. If we want to work with upstream, we should start with
that and not with breaking the existing code. If existing tools were
sufficient, we wouldn't need Isar in the first place; upstreaming should be a
good practical trade-off and not transform into purification that stands in the
way.
Thus my suggestion to keep selective sudo in wic. It doesn't require reworking
the series, we can just drop the patch 7.
With kind regards,
Baurzhan.
next prev parent reply other threads:[~2018-01-31 15:21 UTC|newest]
Thread overview: 51+ messages / expand[flat|nested] mbox.gz Atom feed top
2018-01-31 9:41 Henning Schild
2018-01-31 9:41 ` [PATCH 1/9] classes: image: introduce size measuring function, for before do_*_image Henning Schild
2018-01-31 9:41 ` [PATCH 2/9] images: new class wic-img for wic intregration Henning Schild
2018-02-13 14:44 ` Alexander Smirnov
2018-02-13 16:06 ` Henning Schild
2018-01-31 9:41 ` [PATCH 3/9] wic: add a bootimg-efi-isar plugin outside the wic tree Henning Schild
2018-02-12 17:48 ` Jan Kiszka
2018-01-31 9:41 ` [PATCH 4/9] Revert "wic: Make the bootimg-efi plugin generate usable images" Henning Schild
2018-01-31 9:41 ` [PATCH 5/9] Revert "wic: Introduce the `WicExecError` exception class" Henning Schild
2018-01-31 9:41 ` [PATCH 6/9] Revert "wic: Work around mcopy error" Henning Schild
2018-01-31 9:41 ` [PATCH 7/9] Revert "wic: Use sudo instead of pseudo" Henning Schild
2018-01-31 9:41 ` [PATCH 8/9] Revert "wic: Remove sysroot support" Henning Schild
2018-01-31 9:42 ` [PATCH 9/9] wic: now truly go for the wic version we claim to have Henning Schild
2018-01-31 10:11 ` Alexander Smirnov
2018-01-31 10:55 ` Jan Kiszka
2018-01-31 11:11 ` Alexander Smirnov
2018-01-31 11:43 ` Jan Kiszka
2018-01-31 11:53 ` Baurzhan Ismagulov
2018-01-31 12:01 ` Jan Kiszka
2018-01-31 12:28 ` Baurzhan Ismagulov
2018-01-31 13:53 ` Henning Schild
2018-01-31 14:01 ` Baurzhan Ismagulov
2018-01-31 14:21 ` Henning Schild
2018-01-31 10:02 ` [PATCH 0/9] first wic integration Alexander Smirnov
2018-01-31 10:12 ` Henning Schild
2018-01-31 11:24 ` Baurzhan Ismagulov
2018-01-31 11:47 ` Jan Kiszka
2018-01-31 12:02 ` Baurzhan Ismagulov
2018-01-31 12:15 ` Jan Kiszka
2018-01-31 13:30 ` Jan Kiszka
2018-01-31 13:41 ` Baurzhan Ismagulov
2018-01-31 14:01 ` Jan Kiszka
2018-01-31 15:21 ` Baurzhan Ismagulov [this message]
2018-01-31 15:46 ` Henning Schild
2018-01-31 16:13 ` Jan Kiszka
2018-01-31 13:35 ` Baurzhan Ismagulov
2018-01-31 13:47 ` Henning Schild
2018-01-31 14:00 ` Baurzhan Ismagulov
2018-01-31 13:46 ` Henning Schild
2018-01-31 13:36 ` Henning Schild
2018-01-31 13:40 ` Baurzhan Ismagulov
2018-01-31 13:05 ` Henning Schild
2018-02-01 12:41 ` [PATCH] images: wic: limit use of sudo and enable manual call again Henning Schild
2018-02-01 12:44 ` Henning Schild
2018-02-01 16:09 ` Baurzhan Ismagulov
2018-02-01 18:10 ` Henning Schild
2018-02-01 18:55 ` Henning Schild
2018-02-12 19:07 ` Henning Schild
2018-02-12 17:27 ` [PATCH 0/9] first wic integration Henning Schild
2018-02-12 18:21 ` Alexander Smirnov
2018-02-12 18:30 ` Henning Schild
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20180131152118.GJ6508@yssyq.radix50.net \
--to=ibr@radix50.net \
--cc=isar-users@googlegroups.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox