From mboxrd@z Thu Jan 1 00:00:00 1970 X-GM-THRID: 6520199916203016192 X-Received: by 10.223.144.69 with SMTP id h63mr499453wrh.24.1518443112064; Mon, 12 Feb 2018 05:45:12 -0800 (PST) X-BeenThere: isar-users@googlegroups.com Received: by 10.223.163.205 with SMTP id m13ls2625304wrb.0.gmail; Mon, 12 Feb 2018 05:45:11 -0800 (PST) X-Google-Smtp-Source: AH8x224NyFi5Cr+ADZcNgmAgsXfgfBcEgJN/7Q0qe8nyhotFGKRLFWZHTgqExALAlVGevQNRJ7eM X-Received: by 10.223.171.208 with SMTP id s74mr534721wrc.26.1518443111472; Mon, 12 Feb 2018 05:45:11 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1518443111; cv=none; d=google.com; s=arc-20160816; b=We78+QVZoYdnDH/4yYREA+gBOzCFVV0AYoLczLEDKp4CiX3rvIs9Af3VXQLk2v3X/e l0iWHF4gICjsFzrBHFiyrc8+AGvJjHUo728AkJbssmFuGZdEFf9fiPHy9t4ZehdyS3nu dLfVg5RYQ9tA0rBHqIvJDOCtVHU8u5yxB9+2xoj5XZH0W01Cj8agHvVaFQHvHx9s5koV t3FrB+3/RutJut9sLVB4zEu3Zs0GmSQriRPMWKhbX1l4IpXNofVXHZYwf5rKhUan4N+C /JdJBVUYzJ/K60ceFA6v/4Mpmtjal3cWI8kwKA+B/wt4Wz5ucXc/51x1iU5jbDJb2LMa l84Q== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=content-transfer-encoding:content-language:in-reply-to:mime-version :user-agent:date:message-id:from:references:to:subject :arc-authentication-results; bh=el4JArFchcLAO/e7BwYvB+sCsVMF+4/wIFaEGvHHDgo=; b=DYhT5O7YG+lsoZqICGxm8/0MdzKV89cv1LxLCNMc5SyGxwj6WmTCjJLWhJdpbqW1OT mes0QWewfUR9IcJ9i77JZrn6KpbrtaSQz/04qq0Om0A8tTcWzRT0PaXVSlEREoJKl09F t+3dgJZt9cP2ZR2AWBr8FJOOQ11y3mu/nJvVMf9bqgyNwFeQQQ6zlYBPqaayEW795rlI kWkRZWDGkaXOYlA8Q4dJQzwEo90AwYPVso8BlqHwlolYGkLazwAtJ8KYOvDpZGVgLtIm zWbh9/J/PxtjGoMbEhlMLin+xw3jfTGmUAWPe/EWxyW6PNfjPLMjVpSTa190pWiVDri2 txFw== ARC-Authentication-Results: i=1; gmr-mx.google.com; spf=pass (google.com: domain of jan.kiszka@siemens.com designates 192.35.17.28 as permitted sender) smtp.mailfrom=jan.kiszka@siemens.com Return-Path: Received: from goliath.siemens.de (goliath.siemens.de. [192.35.17.28]) by gmr-mx.google.com with ESMTPS id e14si263815wmg.0.2018.02.12.05.45.11 for (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Mon, 12 Feb 2018 05:45:11 -0800 (PST) Received-SPF: pass (google.com: domain of jan.kiszka@siemens.com designates 192.35.17.28 as permitted sender) client-ip=192.35.17.28; Authentication-Results: gmr-mx.google.com; spf=pass (google.com: domain of jan.kiszka@siemens.com designates 192.35.17.28 as permitted sender) smtp.mailfrom=jan.kiszka@siemens.com Received: from mail3.siemens.de (mail3.siemens.de [139.25.208.14]) by goliath.siemens.de (8.15.2/8.15.2) with ESMTPS id w1CDjA8V014193 (version=TLSv1.2 cipher=DHE-RSA-AES256-GCM-SHA384 bits=256 verify=OK); Mon, 12 Feb 2018 14:45:10 +0100 Received: from [139.25.68.37] (md1q0hnc.ad001.siemens.net [139.25.68.37] (may be forged)) by mail3.siemens.de (8.15.2/8.15.2) with ESMTP id w1CDjAhZ000390; Mon, 12 Feb 2018 14:45:10 +0100 Subject: Re: [PATCH v4 2/8] Prioritize isar-apt repo over all others To: Alexander Smirnov , isar-users References: <136df397-5fce-9f50-fd74-f35f038fbda2@siemens.com> <905dabd5-e9b9-9382-8c86-8e33d8559b21@siemens.com> From: Jan Kiszka Message-ID: <65f07e31-b2d7-4858-440e-f32f1a9b0832@siemens.com> Date: Mon, 12 Feb 2018 14:45:09 +0100 User-Agent: Mozilla/5.0 (X11; U; Linux i686 (x86_64); de; rv:1.8.1.12) Gecko/20080226 SUSE/2.0.0.12-1.1 Thunderbird/2.0.0.12 Mnenhy/0.7.5.666 MIME-Version: 1.0 In-Reply-To: Content-Type: text/plain; charset=utf-8 Content-Language: en-US Content-Transfer-Encoding: 7bit X-TUID: 0ClL36qx1jxV On 2018-02-12 14:09, Alexander Smirnov wrote: > On 02/12/2018 01:27 PM, Jan Kiszka wrote: >> On 2018-02-12 11:11, Jan Kiszka wrote: >>> On 2018-02-12 11:08, Alexander Smirnov wrote: >>>> On 02/12/2018 12:41 PM, Jan Kiszka wrote: >>>>> On 2018-02-12 10:33, Alexander Smirnov wrote: >>>>>> On 02/11/2018 06:25 PM, Jan Kiszka wrote: >>>>>>> From: Jan Kiszka >>>>>>> >>>>>>> This ensures that we can override packages from upstream Debian or >>>>>>> other >>>>>>> external sources with our self-built versions. We achieve this >>>>>>> for now >>>>>>> by asking multistrap to drop a preferences file for the >>>>>>> buildchroot so >>>>>>> that dependency installations use the right priority. For the image >>>>>>> build, this does not work because all packages are pull during the >>>>>>> bootstrap. Therefore, we set aptdefaultrelease to isar to ensure >>>>>>> that >>>>>>> our repo gets the higher priority. >>>>>>> >>>>>> >>>>>> I'm not sure that I completely understand this. What is the >>>>>> use-case for >>>>>> this? If you build your own copy of upstream package, this >>>>>> prioritization could be resolved by specifying suffix to version. >>>>> >>>>> Simple example: custom kernel build of linux-cip >>>>> >>>>> This generates a package called linux-image-amd64 (for amd64 as >>>>> target), >>>>> and that may have a version < debian's kernel. Now, if we do not >>>>> prioritize isar-apt over upstream, the upstream kernel is taken, even >>>>> when you switched PREFERRED_PROVIDER (in fact, the build will break >>>>> when >>>>> that virtual package linux-cip is selected but can't be installed >>>>> due to >>>>> the version preference "newest"). >>>> >>>> Ok, but why you can't name you kernel 'linux-cip-image-amd64'? Having >>>> the same name as with original Debian one could be confusing. >>>> >>> >>> That is mandatory, in order to write packages that depend on THE kernel, >>> instead of "my-custom-kernel-in-version-4.4.112". >> >> To make it clearer, just look at the example-module case: The recipe can >> build both against the distro as well as all custom kernels, without >> touching it. And that is a pattern not limited to kernel<->module >> relationships. > > kernel<->module pair are built from the same source tree, so here no > problem with ${PN}-${PV} substitution as dependency. Also I've parsed > pure Debian packages, nobody depends from 'linux-image-*', so no > correlation with upstream packages. No, they can be independent, just like in the example I submitted. It's an external kernel module vs. some kernel. Please re-read. For Debian, this specific problem does not exist because Debian only ships in-tree modules or those that are built on the target on installation. But you will find the exact same pattern when browsing external projects that come with modules. > > What are the other use-cases for this pattern? As I mentioned above with > 'glibc' example, this is unclean approach, distro could become broken at > anytime. This could become robust *only* after build reproducibility > integration, when you cache the upstream content. But with build-rep you > could manually manage the content of the cache, so prioritization is not > needed, you could just drop duplications from the cache. Every lib-dependency is another pattern for the special kernel/module case: Every distro package that come with a dependencies that you want to replace with a custom build AND you have good reason to downgrade that package, then you want your own packages to have higher prior. That's why this hard-coding is the right thing to do, in general: If you are building a package that competes with upstream, there must be a reason... > > In general having packages with the same name in 'source.list' and > overriding version policies in apt looks very dangerous for me. > > If the current series requires prioritization for kernel only, it would > be nice to specify only this package in apt preferences. See above, the kernel is just the first case. There will be more, I'm absolutely sure. Jan -- Siemens AG, Corporate Technology, CT RDA IOT SES-DE Corporate Competence Center Embedded Linux