From mboxrd@z Thu Jan 1 00:00:00 1970 X-GM-THRID: 7022692424202846208 X-Received: by 2002:a2e:8041:: with SMTP id p1mr18606291ljg.158.1635160543381; Mon, 25 Oct 2021 04:15:43 -0700 (PDT) X-BeenThere: isar-users@googlegroups.com Received: by 2002:a2e:9696:: with SMTP id q22ls2764590lji.5.gmail; Mon, 25 Oct 2021 04:15:42 -0700 (PDT) X-Google-Smtp-Source: ABdhPJy+nODNwv3w/ylGemJ67dxwIoS1aAOZMFxUw/amMOp7pf16WLOBMJmG3onTuuf68Fn86aWK X-Received: by 2002:a2e:6e0b:: with SMTP id j11mr18753314ljc.527.1635160542327; Mon, 25 Oct 2021 04:15:42 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1635160542; cv=none; d=google.com; s=arc-20160816; b=04pd1AS1YfkA5i3UBbpLuejNHTddUqyIDGT4+vPR2JUmZ4EmR0g7JhrjQujM+6Ry0o XkQOXdHg3uRxSsQK7QMVXTBXXXTJ1YGNhjFYxFonYICJu2oM0hrXkg0MgwHSCN+OX9hz oPT7PVDfLJWuuhXzRxRQZXeY1lu+W89RKCtlYpeTUELSKshbeVWC4gpQjdTDVHgHKz5L PLQutLleOkL41zJ2s18b9lWw6kGHw4lDr1B0x4a0cg/7MfRSni8webvKO/aLVJIXx7/f xtkbDCcqggLh/U8FcclDJ6tiMwmor2PHFCawI9zoRxtRJklvzAOIAFllbSY/Pwyvf9ef ah9Q== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=content-transfer-encoding:mime-version:subject:in-reply-to :message-id:cc:to:from:date:dkim-signature; bh=MRDV2s1F6XdW8NcZfk3gFpkbgSQZrMu+UN7tCQ70PhE=; b=CDOXQsPj+P4Nzudgw3hPR11CoQ2qUUCMkqI5DqcWl7T9VmyFX6SywaN+i2wZmSp45Q unEw0mehiL1oACVXhXj/q/y/FCwIsRQxbgM3MTzhl0WL2yvrLe+K3zdLOZXOiu5qsnKX azyMXpA3/Wd5nhutPSTUnTifE836E6vdu884NOHbwWpn3zcSt5segOiX9Ww3cirh2Gf0 5+nmWdVYdbhV2xVGvDq21ZnFvLhxl9bLGX7HJiN9ltjOJqqwiINq+jLXu1KA5NOgt9A9 E05ng1G6hksG2RtKycp/O6M/QBZyMB7DaFyT4OEsKiSnqMtn9twi6HatNEr82owiKGRY 1Gkw== ARC-Authentication-Results: i=1; gmr-mx.google.com; dkim=pass header.i=@free.fr header.s=smtp-20201208 header.b=Exe1oFCX; spf=pass (google.com: domain of ydirson@free.fr designates 212.27.42.5 as permitted sender) smtp.mailfrom=ydirson@free.fr; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=free.fr Return-Path: Received: from smtp5-g21.free.fr (smtp5-g21.free.fr. [212.27.42.5]) by gmr-mx.google.com with ESMTPS id a19si122375ljq.1.2021.10.25.04.15.42 for (version=TLS1_2 cipher=ECDHE-ECDSA-CHACHA20-POLY1305 bits=256/256); Mon, 25 Oct 2021 04:15:42 -0700 (PDT) Received-SPF: pass (google.com: domain of ydirson@free.fr designates 212.27.42.5 as permitted sender) client-ip=212.27.42.5; Authentication-Results: gmr-mx.google.com; dkim=pass header.i=@free.fr header.s=smtp-20201208 header.b=Exe1oFCX; spf=pass (google.com: domain of ydirson@free.fr designates 212.27.42.5 as permitted sender) smtp.mailfrom=ydirson@free.fr; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=free.fr Received: from zimbra39-e7.priv.proxad.net (unknown [172.20.243.189]) by smtp5-g21.free.fr (Postfix) with ESMTP id 10A3B5FF95; Mon, 25 Oct 2021 13:15:42 +0200 (CEST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=free.fr; s=smtp-20201208; t=1635160542; bh=QLpsBDmH3L13KCxQ/0tYCmZDUki8Yfsd9vewCrGaBoU=; h=Date:From:To:Cc:In-Reply-To:Subject:From; b=Exe1oFCXkwMcWtM1KOfXWKxfWN1PoqDjMLNi79fPvo1lfdTmQ/EYoqYblWJH5gAkp e4xf54zRTOtnEHoeWPaRRgJVtgd1ztJAdhNF6VSlt5szM0oSFVgdKMXSvrpMi6xJsr 2SzDY+kYcQPyXFwJ4YVGMzwEZ5RBq7dbW6Z2xc3YfB4kThIejEkz2xII6TzXmxznD8 q5eXQD4o9I+PCgs42Yd20v/X5TAgThmzpluSHf9AcFRfdJTvQZ4A1M1vfIAyTbUl0t 5+Y3uNVIbC0+bTTUtwwcmWiJW9gsigMsYy+2Wbq35igJypmYwRDC7qyCZGcrtaiBau +Rqq7OVv2j6lw== Date: Mon, 25 Oct 2021 13:15:42 +0200 (CEST) From: ydirson@free.fr To: Henning Schild Cc: isar-users@googlegroups.com Message-ID: <647230114.1341501698.1635160542010.JavaMail.root@zimbra39-e7> In-Reply-To: <20211025100202.0da43e3a@md1za8fc.ad001.siemens.net> Subject: Re: status of meta-eid ? MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 7bit X-Originating-IP: [88.120.44.86] X-Mailer: Zimbra 7.2.0-GA2598 (ZimbraWebClient - FF3.0 (Linux)/7.2.0-GA2598) X-Authenticated-User: ydirson@free.fr X-TUID: leT/tZiyLH+f Hi Henning, > Am Sun, 24 Oct 2021 21:18:53 +0200 (CEST) > schrieb ydirson@free.fr: > > > Hi Baurzhan, > > > > > sbuild preview is available in [1]. > > > > Nice! > > > > > If you are interested, we could share the current state. > > > > I still have quite a lot in dig in right now, so don't divert > > efforts > > :) > > > > My main focus for now is a bit far from this - I still need to get > > familiar with the current state of things, with in mind the idea of > > possibly using ISAR as a next-gen build system[1] for QubesOS[0] (a > > bit of a personal research project to see if it can help to improve > > the dev workflow there) > > > > [0] https://qubes-os.org/ > > [1] > > https://forum.qubes-os.org/t/ideas-for-next-generation-qubes-builder/6402 > > Cater as a build system for an OSS project like qubes-os would be > cool. > I looked into 1 and it seems qubes-os is currently based on fedora. > > Making isar work for that would be possible but not an easy task. It > is > already hard to keep all the different flavours/versions of debian > maintained and working. Plus we are building on top of > qemu-debootstrap > for native builds of non-host architectures. A very powerful thing > that > might be missing some bits in other distros. > > In fact Isar is not a lot of code, and most of it is very much debian > specific. The easiest way to go might be switching base distros, > which > might bring you "back in time" and on a slower release cycle your > might > be used to. And if you carry a lot of your own spec-files, those will > need translation into "debian/" folders. > > Also note that Isars main feature is building complete bootable > images, > or OTA-update rootfss. For more than just a rootfs, partitioning and > bootloader stuff come into play. It also builds debian package repos > for later offline rebuild or for shipping package-based updates with > apt. > If your main concern is building packages, and maybe package repos > ... > it might be too big of a gun (but will work). On the other hand full > bootable image is what you might still need for automated continous > testing in qemu or on real devices. QubesOS encompasses quite a number of things, the most prominent ones from my PoV being: - the virtualization layer and dom0, which happen to be fedora-based today, but will likely not stay that way in the long run, see eg. [0]. This one will for a start essentially benefit from better package-building capabilities (eg. don't rebuild all dependent packages every time) - the VM templates, which include as standard Fedora, Debian, and Whonix. They are indeed OS images, and it will not be a large amount of work to produce those for Debian with ISAR, as all VM tools already come with Debian packaging. - the assembled OS itself, which is out of my scope for now (as I understand it, it is mostly a customized installer for the dom0 OS) This last point excluded, the first 2 ones both need to build some custom packages and modified versions of upstream ones, so ISAR features still seem to address a big part of the needs. My plan (as outline in [1]) is to have a closer look at rootfs and package building, to get a measure of the amount of work to adapt for a rpm distro. I guess most of it can live in a separate meta-isar-rpm layer, and a meta-isar-qubes can be build on top of that. [0] https://forum.qubes-os.org/t/alpine-linux-in-dom0/7077/4 [1] https://forum.qubes-os.org/t/ideas-for-next-generation-qubes-builder/6402/2