Re: Tainted builds (was Re: usrmerge -- plan B?)

To: Russ Allbery <rra@debian.org>, Ian Jackson <ijackson@chiark.greenend.org.uk>
Cc: debian-devel@lists.debian.org
Subject: Re: Tainted builds (was Re: usrmerge -- plan B?)
From: Guillem Jover <guillem@debian.org>
Date: Tue, 19 Feb 2019 03:59:17 +0100
Message-id: <[🔎] 20190219025916.GA21901@gaara.hadrons.org>
Mail-followup-to: Russ Allbery <rra@debian.org>, Ian Jackson <ijackson@chiark.greenend.org.uk>, debian-devel@lists.debian.org
In-reply-to: <23559.54312.981563.533044@chiark.greenend.org.uk> <87efaydocj.fsf@hope.eyrie.org>

Hi!

On Mon, 2018-12-03 at 18:20:44 -0800, Russ Allbery wrote:
> Guillem Jover <guillem@debian.org> writes:
> > … and then I'm not entirely sure a non-minimal environment should be
> > qualified as tainted? For example contrast using a minimal but outdated
> > installation to a non-minimal, but clean and up-to-date one.
> 
> > I think I'm still of the opinion that a user should be able to build on
> > a normal (clean and up-to-date) system and get a proper result. I guess
> > the problem might be how to define "clean". :)
> 
> Tainted is a loaded term that may make this more confusing.  I think it
> may be better to instead think of it as additional metadata to figure out
> why a package is buggy, if a bug shows up.  Some build states we know are
> more likely to cause problems than others, but if a bug exists only in the
> versions of the package built in a minimal chroot and not in the versions
> built on a regular system, that's a useful clue to what may be causing
> problems.

So, I didn't end up merging the patch for 1.19.[34] due to this, which
was my initial intention. Having thought about this a bit more, I do
really want to include them, and perhaps as a non-native speaker,
tainted looks fine to me. This is also the term I've had in my mind
for a long time to use for tracking f.ex. automatically sanitized
elements in the dpkg database, or when performing dangerous actions
on packages:

  <https://wiki.debian.org/Teams/Dpkg/Spec/TaintedDatabase>

To me tainted does not necessarily mean something is broken in the
resulting artifact, just that there was something unclean about the
environment that might have affected it. There's also precedent in the
Linux kernel with external modules tainting the kernel, but that does
not mean that, say, an oops, was caused by that.

And when it comes to the merged-usr-via-symlinks tag, I actually think
that tainted is really an understatement.

On Wed, 2018-12-05 at 13:35:36 +0000, Ian Jackson wrote:
> Russ Allbery writes ("Re: Tainted builds (was Re: usrmerge -- plan B?)"):
> > Tainted is a loaded term that may make this more confusing.
> 
> Can we think of a better term before `taint' gets embedded ?
> 
> It's going to be annoying if we have to have an argument every time we
> want to capture some additional data of this kind, because someone
> will pop up and say `my build system is like this and it is fine' or
> whatever.

So I think I'll go ahead with the current name for now, it's going to
be an optional field anyway, so if there's a better name proposed that
conveys a satisfactory meaning, I'll be happy to consider it and do a
rename, and handle any users of the current name.

Thanks,
Guillem

Reply to:

Follow-Ups:
- Re: Tainted builds (was Re: usrmerge -- plan B?)
  - From: Russ Allbery <rra@debian.org>

Prev by Date: Re: libnode *might* need abi bump related to openssl 1.1.1 api break... or not...
Next by Date: Re: Bug#922628: ITP: dt -- DNS tool - display information about your domain
Previous by thread: Re: Bug#922643: ITP: build-alternative -- helper to build Debian package with diet libc
Next by thread: Re: Tainted builds (was Re: usrmerge -- plan B?)
Index(es):
- Date
- Thread