Re: about build flavours

To: Arturo Borrero Gonzalez <arturo@debian.org>, Debian Development <debian-devel@lists.debian.org>
Subject: Re: about build flavours
From: Sascha Steinbiss <satta@debian.org>
Date: Tue, 29 Nov 2016 15:24:56 +0100
Message-id: <[🔎] b4b822da-6cf4-b0eb-1154-e90cec6494c8@debian.org>
In-reply-to: <[🔎] 20161129132430.54f3v4v3cchn2lip@home.ouaza.com>
References: <[🔎] CAOkSjBjTFbtCY4pFYsn13VzTBxpghRg6_kvpZBaWfhZut+GJeQ@mail.gmail.com> <[🔎] 20161129132430.54f3v4v3cchn2lip@home.ouaza.com>

Hi Raphael,

thanks, here are a few more thoughts.

>> Currently, our main idea is to create a suricata-hyperscan package
>> which includes the dependency to hyperscan, and the binary is build
>> linked to the library.
>>
>> We distribute two /usr/bin/suricata binaries in two binary packages:
>>  * suricata, without hyperscan
>>  * suricata-hyperscan, with hyperscan
>>
>> Then, we conflict the packages with each other and dpkg-divert the
>> /usr/bin/suricata file in suricata-hyperscan.
> 
> If both packages conflict with each other, then you don't need
> dpkg-divert. 

One could think of multiple approaches with varying modularity.

The first approach builds two full copies of the suricata package with
all package contents in each, largely identical except for
/usr/bin/suricata which differs w.r.t. Hyperscan support compiled in
(and dependencies, obviously). These two packages would indeed be set to
Conflict: with each other to avoid file clashes.

In the other (IMHO better) approach one wouldn't set Conflicts. The idea
is to have an original suricata package containing everything including
a generic /usr/bin/suricata binary without Hyperscan support. This file
would get dpkg-diverted via the suricata-hyperscan package by a version
of this file that has Hyperscan support.
In this case the suricata-hyperscan package would only contain
/usr/bin/suricata to reduce duplication of content. It would depend on
libhyperscan4 (as it should) as well as on the original suricata
package, to make sure the 'rest' of the Suricata distribution is
installed. This way one could 'patch' Hyperscan support in by just
installing suricata-hyperscan.

At least these are the two alternatives linked in #846143.

> And dpkg-divert is mainly useful when you want to replace a
> file that is not under your own control, otherwise using the alternatives
> system is usually preferred.

Interesting. I assume this would require using unique installation paths
for both the Hyperscan-enabled and non-enabled /usr/bin/suricata
versions, neither of which should be /usr/bin/suricata?

Cheers
Sascha

Attachment: signature.asc
Description: OpenPGP digital signature

Reply to:

Follow-Ups:
- Re: about build flavours
  - From: Thibaut Paumard <thibaut@debian.org>

References:
- about build flavours
  - From: Arturo Borrero Gonzalez <arturo@debian.org>
- Re: about build flavours
  - From: Raphael Hertzog <hertzog@debian.org>

Prev by Date: Re: Test instance of our infrastructure [and 1 more messages]
Next by Date: Bug#846240: ITP: r-cran-modelmetrics -- GNU R Rapid Calculation of Model Metrics
Previous by thread: Re: about build flavours
Next by thread: Re: about build flavours
Index(es):
- Date
- Thread