Paludis kdebuild-1 Removal

kdebuild-1 was an EAPI used by the Gentoo KDE team and the Genkdesvn project for various live ebuilds in overlays. It was created following a request from the Gentoo KDE project, who needed certain features that Portage had not yet implemented. It was a documented, public standard, in the same way that EAPIs 0, 1 and 2 are.

The Gentoo Council has decided that all mention of the kdebuild-1 EAPI is to be removed from the Package Manager Specification immediately. A request that this be done only after a deprecation period to give users more time to catch up was rejected. As such, support for this EAPI, including support for uninstalling packages with that EAPI, will be removed from Paludis in version 0.44.

Users should verify that they have no kdebuild-1 packages installed. If Paludis was built with the ‘inquisitio’ use flag enabled, you can use:

$ inquisitio -K installed -k EAPI kdebuild-1

Otherwise, use:

$ paludis -q '*/*::/[.EAPI=kdebuild-1]'

and, if any such packages are installed, they must be uninstalled before Paludis is upgraded.

Good News Everyone!

Good news everyone! Portage no longer corrupts mtimes when merging, which hopefully means the Council won’t force us to screw up EAPI 3 any more. Now Portage will either exactly preserve mtimes to the degree supported by the filesystem, or drop the nanosecond part to 0 (which some filesystems do anyway, so programs have to be aware of that possibility), which is what the sane people have been after all along.

Next up: see how long it takes everyone to see the light and realise that the package mangler should only be preserving mtimes that are after the start of the build process, so you don’t end up with lots of files with mtimes in the past getting merged.

EAPI 3 to Specify “Auto Space like Word 95″

When Microsoft was trying to get OOXML standardised, it received all kinds of flak for including a feature described as “auto space like Word 95″. Unfortunately, the Gentoo Council has just done the same thing for EAPI 3.

Historically, Portage would always clobber a package’s mtimes when merging. This wasn’t really a problem, because nothing relied upon it. Paludis carefully copied this behaviour.

Later on, Portage was changed to more or less preserve file mtimes, but it would sometimes corrupt those mtimes thanks to deficiencies in Python. This is where things started to get messy.

People began writing ebuilds that relied upon mtimes being preserved exactly. Because corruption of the seconds part of mtimes was relatively rare, and because most programs don’t yet make use of nanosecond-resolution timestamps (which were introduced in POSIX 2008), and because invalid bytecode-compiled files are usually silently ignored, this would usually work most of the time, except when it didn’t, or when people were using older Portage versions, or when people were using Paludis.

To solve this, mtime preservation was proposed for EAPI 3. Unfortunately, what ended up being voted in was to “make PMS specify exactly what Portage does”. Assuming “what Portage does” refers to what Portage did at the time the Council vote was held, this means that ebuild authors should note the following:

• The seconds part of mtimes will be preserved, except if the build filesystem supports nanosecond-resolution timestamps, in which case the seconds part of mtimes may sometimes be one higher than they should be.
• The nanoseconds part of mtimes may either be preserved exactly, or set to zero, or rounded to some arbitrary number of digits, with some of those digits being wrong.
• It will now be your responsibility to ensure that packages don’t merge files with silly timestamps (such as when packages don’t use a Makefile to install things, but just cp an extracted tarball’s contents to DESTDIR).

Or, in other words, you still can’t rely upon mtime preservation, but the package manager must guarantee that your code will only sometimes break horribly, and that such breakages will be extremely difficult to reproduce consistently (unless your code uses st_mtim instead of st_mtime, as per newer POSIX, in which case it will break most times but not all of the time).

Today In PMS FUD: PMS Shot JFK

Patrick Lauer is complaining that one of his patches to PMS was rejected. What he is not telling you is why it was rejected, so I shall explain here:

The version of bash to be required by ebuilds was decided by the Council, as was the specification defining it. The PMS project quite rightly doesn’t have the authority to override a Council decision. Patrick was told this, and was told that the process for getting EAPI definitions retroactively changed was to go to the gentoo-dev list and from there to the Council. Such changes have been made in the past, and they’re open to being made again in the future.

Unfortunately it looks like he’s not interested in getting his concern fixed, and is instead just trying to cause trouble.

Ten Ways PMS Raped your Baby

Since hating PMS seems to be back in fashion again this week, I thought I’d list ten of the stupidest claims that I’ve seen of late in the hope that some of the FUD might die down:

1. PMS slows down new features and prevents innovation

Actually, once new ebuild-usable features end up in Portage, they very quickly end up in a published EAPI. The reason you can’t use all the fancy new features in EAPI 3 that you’ve all been waiting for for so long is that Portage still hasn’t implemented them. In addition, we’ve gone from “EAPI 3 will be ready for Portage within a month” three months ago to “there’s an 80% chance EAPI 3 support will be ready in Portage by the end of the year“.

Time-wise, EAPI 3 has been waiting for Portage for six months and before that, for the Council to come to decisions for two months. The total overhead imposed by PMS was around four days, and those four days weren’t holding up anything else anyway.

Still, at least there’s a long way to go before EAPI 3 takes as long as it took Portage to get use dependencies…

Similarly, PMS isn’t to blame for profiles not being able to make use of new features. People who are telling you this are probably thinking about an undocumented Portage feature that isn’t in PMS and that isn’t supported by other package managers. This feature could very easily be in PMS, but there’s been no interest from the Council in retroactively adding it to EAPI 3 or in doing an EAPI 2.1 just to include that feature. The feature almost certainly will be in EAPI 4, but work on EAPI 4 isn’t going to start until Portage is done with EAPI 3. So again, PMS isn’t the reason you can’t use it.

2. PMS or EAPI is about ebuilds, not profiles

This one’s from people who haven’t bothered to read the opening of PMS, or who haven’t been paying attention to the Council.

PMS covers ebuilds and the tree format, including things like profiles. The aim is to cover everything necessary to produce a package manager that can use ebuilds (except possibly VDB, which probably shouldn’t be necessary for ebuild support but currently is…).

EAPI is used to indicate the rules used to handle ebuilds, and also profiles following the Council accepting Zac’s proposal last year.

3. PMS imposes an Exherbo agenda upon Gentoo

Exherbo doesn’t use PMS or Gentoo EAPIs.

4. PMS imposes a Paludis agenda upon Gentoo

Again, no. There’s no feature in any EAPI that’s there because of Paludis. Every feature in EAPIs 1, 2 and 3 was either requested by a Gentoo developer or included to make things easier for Portage. To get into an EAPI, features merely have to be vetted by the Portage team and the Council.

5. PMS is only used by Paludis anyway

Nope. PMS is used by both Portage and Paludis, as well as a number of third party libraries and utilities which don’t support full package management operations (things that need to compare two versions, for example, need to use PMS), and it was also used by Pkgcore.

Saying that PMS is only of use for third party package managers is like saying that the HTTP specification is irrelevant for Internet Explorer.

6. PMS stops other distributions from doing things

Again, no. Other distributions can ignore PMS entirely. Doing so would of course be a horrible idea, as all the people who wrote websites to work on Internet Explorer 5 found out, but that’s their decision to make. A much better option would be for those distributions to roll their own derived EAPIs, which, as happened for the Gentoo KDE project’s kdebuild-1, could be added to PMS. That way they are guaranteed that any undocumented features they rely upon won’t break with the next release, as well as avoiding complaints from users who want to use a different package manager, thus avoiding the problems people who wrote Internet Explorer 5 specific code rather than following the HTML specification encountered.

7. PMS stops Gentoo from deciding its own features

PMS is run by a Gentoo developer and approval of new EAPI features is handled by the Portage team and the Gentoo council. For that matter, the PMS team has never rejected a single feature for inclusion in a future EAPI.

8. PMS introduces red tape

No, the previous Council introduced red tape, primarily because a couple of Council members refused to read any submissions more than five minutes before a meeting. Had the Council used the two weeks between meetings to read over and state their opinions on the EAPI 3 feature list, EAPI 3 would have been approved within two meetings rather than dragging on for months.

Unfortunately the current Council doesn’t seem to have improved, with at least one member showing up to a meeting having not read the agenda beforehand.

9. PMS imposed stupid ordering on metadata files

There’s a tendency amongst certain people to blame PMS for stupid or arbitrary rules. A typical example is to moan about PMS because it says that EAPI has to be on line 15 of metadata cache files. Quite how PMS is to blame for a decision that was made before PMS existed, and that was made because line 15 was the first available cache line when EAPI was introduced as a metadata key, is completely beyond me. Similarly, the rules for handling leading 0s in version numbers is Portage’s fault (although ultimately it’s Perl’s fault), as is any other format gripe you care to name.

10. PMS will stop me from using my favourite feature in configuration files

PMS doesn’t discuss user configuration at all. Handling of user configuration is left entirely to the package manager.

What’s Happened to EAPI 3?

EAPI 3 was effectively finished three months ago; some of you are no doubt wondering what happened to it and why there hasn’t been any news.

EAPI 3’s approval was conditional upon Portage support. This isn’t unreasonable, at least for main tree usage, although it’s arguably less relevant for overlays. Unfortunately, Portage is suffering from a severe lack of maintainers.

You can track Portage’s EAPI 3 implementation progress via Gentoo’s bugzilla. As you can see, some progress has been made, but it’s slow going, and hasn’t met the “we’ll be ready within a month” goal given at the Council meeting a month ago.

In the mean time, Paludis 0.38.0 has EAPI 3 support present but not enabled at install time (unlike Portage, we don’t hardcode EAPI numbers into the source, so supporting a feature doesn’t involve any kind of treatment for the EAPI that provides it). Anyone wishing to play with EAPI 3 support for personal use can just copy the EAPI 3 definition file from the source tree.

It’s a shame that Gentoo has to hold back on delivering a better user experience and making good ebuilds easier to write because of Portage. I’d like to encourage anyone who can handle Portage’s codebase to give Gentoo the help it so badly needs.

As for future EAPIs… The current Council has expressed an interest in handing off the EAPI approval process to a separate group. This is either good news if that group is going to put in the work necessary to get things done and deliver practical results, or terrible news if that group is going to perpetuate the worst habits of the previous Council.

What’s in EAPI 3?

EAPI 3’s feature list has been provisionally approved by the Gentoo Council, subject to nothing going wrong when Portage implements it. It’s not yet usable in ebuilds.

EAPI 3 is defined based upon EAPI 2. The changes are:

• pkg_pretend
• Slot operator dependencies
• Use dependency defaults
• DEFINED_PHASES and PROPERTIES are now mandatory
• New default src_install
• Controllable compression
• dodoc -r
• doins symlink support
• dohard and dosed banned
• unpack xz support
• New default econf arguments
• pkg_info changes
• Profile-controlled IUSE injection
• AA and KV removed
• Replace version variables
• The S to WORKDIR fallback is sometimes gone
• RDEPEND=DEPEND is gone
• Most utility commands now die on failure, unless prefixed with nonfatal

Full and precise definitions will be provided in PMS (and can currently be found in a draft PMS branch); an overview of each feature will appear in subsequent posts.

Distributed Distribution Development, and Why Git and / or Funtoo is Not It

Gentoo is slowly shuffling towards switching from CVS to Git. This is a good thing, because CVS stinks. Using Git will reduce the amount of time developers need to waste to get something committed, make it easier to apply patches from third parties and make tree-wide changes merely a lot of work rather than practically impossible. What it will not do is make Gentoo in any way more ‘distributed’, ‘decentralised’ or ‘democratic’.

Some of the Git work has already been done, in a reduced manner (no history and no mirroring), by Daniel Robbins’ Funtoo, which is purported to be more distributed than Gentoo. The problem is, there’s nothing there to back up the distributed claim.

Distributed development, in the sense for which Git was designed (and ignoring the intervening BitKeeper stage), meant moving away from having a single central repository off of which everyone worked to having everyone work off their own, publishable repositories and providing easy ways of merging changes from one to another. ‘Good’ changes would tend to find their way from the authors up the food chain to the main repository whence official releases are made. Users requiring things that hadn’t made their way to the top would maintain their own repository, and merge in changes from elsewhere that they needed.

Typical Git Workflow Model

For a conventional codebase, this model works. But it’s not particularly nice, and it’s driven by necessity. You’ll note the big red dots in the diagrams. These represent places where people (assisted to some highly variable degree by Git) have to do merges. I chose big red dots rather than soft fluffy clouds because merges can be a lot of work (and because drawing clouds takes effort).

If you’ve got a conventional codebase, you have to do merges to make use of things from multiple sources — the compiler takes a single codebase and produces a program from it. You can do the same thing with a distribution. Funtoo, for example has had the Sunrise repository merged in to the main repository. Such a change would likely not be possible with Gentoo’s current CVS architecture.

It’s not entirely clear whether Funtoo intends to have users who want to use other overlays merge those overlays into their own tree. Doing so would be more Gitish.

Apparent Funtoo Workflow Model

But why bother? There’s no need to have a single codebase — there’s no compiler that has to take every input at once and turn it into a single monolithic product. Those big red dots are unnecessary.

A lot of fashionable programs are moving away from the big monolithic binary model and towards a plugin-assisted architecture. If you want Firefox to do a few things it doesn’t, you don’t hunt around for people who have already written them and then try to merge their source trees together. You install plugins. Only for more severe changes do you have to dive into the source, and the severity of change requiring a trip to the source is gradually increasing.

There’s a reason for this — whilst the merge model is a lot better than a single authoritative codebase and a bunch of patches, it’s a lot more work than providing limited composable extensibility at a higher level.

What, then, would a plugin-based model look like for a Gentoo-like distribution?

Presumably, one would have a centralised ‘main’ codebase. One could then add additional small extras to that main codebase to obtain new functionality (packages, in this case); these extras would rely upon parts of the main codebase and wouldn’t be able to operate on their own. Sound familiar? Yup, overlays are plugins.

This whole “merging overlays into the main tree” thing is starting to look like a step in the wrong direction. What would be some steps in a better direction?

One thing that comes instantly to mind is improving overlay handling. Portage’s overlay handling currently (at least in stable) looks like this:

Portage Overlay Model

Portage takes the main Gentoo repository, and then merges it with each overlay in turn, creating one ‘final’ overlay that ends up being used. I’ve used an orange dot here rather than a red one because it’s a different kind of merge. Rather than doing a source-level merge, the orange dot merge more or less (sort of) works like this:

• If there’s a package with the same name and version in the origin and the overlay we’re merging in, take the overlay version.
• If there’s an eclass with the same name and version in the origin and the overlay we’re merging in, sometimes take the overlay version.
• Do some horrid hackery to merge together any colliding profile things in an uncontrolled manner that doesn’t work for more than one merge.
• Pass everything else through.

Now, to be fair, the orange dot merge usually works. Most overlays don’t try to override eclasses, don’t have eclasses that conflict with each other and don’t mess with profiles. For colliding versions, you end up being stuck with a single selected version, which isn’t always so good.

Unfortunately, some overlays do try to override eclasses and profiles, and the result isn’t pretty. You’re ok so long as you only use a single overlay that does this, and so long as any eclass changes aren’t incompatible, but anything beyond that and weird stuff happens.

A less dangerous model would be to make the package manager support multiple repositories. Presumably most overlays wouldn’t want to have to reimplement all the profile and eclass things in the Gentoo repository, so the model would look like this:

Safer Overlay Model

Here, repositories, rather than the user, have control over which implementation of eclasses and so on gets used. Paludis uses this model for Gentoo overlays unless told not to.

Sidebar: one might want to go a step further, and allow repositories to use multiple masters. Some Exherbo supplemental repositories do this — the gnome supplemental repository, for example, makes use of both arbor (the ‘main’ repository) and x11:

Exherbo Repository Model

Note that we chose not to make a repository use its master’s masters. We could’ve gone either way on this one — it’s slightly easier if masters are inherited, but it can lead to unnecessary inter-repository dependencies.

Unstable Portage, meanwhile, is starting to support controlled masters for eclass merging, but not version handling, which will eventually give:

New Portage Overlay Model

A multiple repository model is clearly safer than the Portage model, and does away with the manual merges required by the Funtoo model. This gives us:

Model	Multiple Repositories?	Manual Merges?	Unsafe Automatic Merges?
Portage (Stable)	No	No	Yes
Portage (Unstable)	No	No	Sometimes
Funtoo	No	Yes	No
Safe	Yes	No	No

I consider the multiple repository model to be better for users even ignoring the merge or conflict issues. Here’s why:

• Users can make selective, rather than all or nothing, use of a repository. It becomes possible to mask the foo-1.2 provided by the dodgy overlay, and use the one in the main tree or a different overlay.
• Similarly, users can choose not to use anything from a particular overlay except things they explicitly request.
• It paves the way for handling repositories of different formats.

There aren’t any downsides, either — so long as repositories have user-orderable importance, there’s no loss of functionality.

Finally, I’d like to debunk the myth that the Git model is somehow ‘democratic’. There’s nothing in the least bit democratic about everyone having their own repository. At best, it could be said to be a way of allowing everyone to have their own dictatorship that anyone else can be free to visit — all very well, but when tin pot dictators fall back on old habits it does little to encourage collaboration. A democratic distribution would more likely make use of a special repository which lets people vote on unwritten packages and version bumps — clearly a recipe for disaster, since most people think “I haven’t noticed any bugs” means “stable it instantly”…

The only thing switching Gentoo to Git will solve is the pain of having to use CVS. This alone is enough to make the move worthwhile, but it will do little to nothing to fix Gentoo’s monolithic design and inherently centralised model. Nor does Funtoo’s merge approach solve the problem — on the contrary, it replaces a model where the package manager automatically does unnecessary merging (and sometimes gets things wrong) with a model where people do unnecessary merging (which is a lot of work, and they will still sometimes get things wrong). The future is (or at least should be) in a multi-repository model with good support from the package manager that removes the costs of decentralisation.

EAPI 3: A Preview

Gentoo is shuffling its way towards EAPI 3. The details haven’t been worked out yet, but there’s a provisional list of things likely to show up that’s mostly been agreed upon. This post will provide a summary; when EAPI 3’s finalised, I’ll do a series of posts with full descriptions as I did for EAPI 2. PMS will remain the definitive definition; I’ve put together a a draft branch (I’ll be rebasing this, so don’t base work off it if you don’t know how to deal with that).

Everything on this list is subject to removal, arbitrary change or nuking from orbit. We’re looking for a finalisation reasonably soon, so if it turns out Portage is unable to support any of these, they’ll be dropped rather than holding the EAPI up.

EAPI 3 will be defined in terms of differences to EAPI 2. These differences may include:

• pkg_pretend support. This will let ebuilds signal a lot more errors at pretend-time, rather than midway through an install of a hundred packages that you’ve left running overnight. This feature is already in exheres-0.
• Slot operator dependencies. This will let ebuilds specify what to do when they depend upon a package that has multiple slots available — using :* deps will mean “I can use any slot, and it can change at runtime”, whilst := means “I need the best slot that was there at compile time”. This feature is already in exheres-0 and kdebuild-1.
• Use dependency defaults. With EAPI 2 use dependencies, it’s illegal to reference a flag in another package unless that package has that flag in IUSE. With use dependency defaults, you’ll be able to use foo/bar[flag(+)] and foo/bar[flag(-)] to mean “pretend it’s enabled (disabled) if it’s not present”. This feature is already in exheres-0.
• DEFINED_PHASES and PROPERTIES will become mandatory (they’re currently optional). This won’t have any effect for users (although without the former, pkg_pretend would be slooooow).
• There’s going to be a default src_install of some kind. Details are yet to be entirely worked out.
• Ebuilds will be able to tell the package manager that it’s ok or not ok to compress certain documentation things using the new docompress function.
• dodoc will have a -r, for recursively installing directories.
• doins will support symlinks properly.
• || ( use? ( ... ) ) will be banned.
• dohard and dosed will be banned. (Maybe. This one’s still under discussion.)
• New doexample and doinclude functions. (Again, maybe. Quite a few people think these’re icky and unnecessary.)
• unpack will support a few new extensions, probably xz, tar.xz and maybe xpi.
• econf will pass --disable-dependency-tracking --enable-fast-install. This is already done for exheres-0.
• pkg_info will be usable on uninstalled packages too. This is already in exheres-0 and kdebuild-1.
• USE and friends will no longer contain arbitrary extra values. (Possibly. Not sure Portage will have this one done in time.)
• AA and KV will be removed.
• New REPLACED_BY_VERSION and REPLACING_VERSIONS variables, to let packages work out whether they’re upgrading / downgrading / reinstalling. exheres-0 has a more sophisticated version.
• The automatic S to WORKDIR fallback will no longer happen under certain conditions. exheres-0 already has this.
• unpack will consider unrecognised suffixes an error unless --if-compressed is specified, and the default src_unpack will pass this. exheres-0 already has this. (Maybe. Not everyone’s seen the light on this one yet.)
• The automagic RDEPEND=DEPEND ick will be gone.
• Utilities will die on failure unless prefixed by nonfatal. exheres-0 already has this.

Unless, of course, something completely different happens.

Exherbo Over Twice as Stable as Gentoo: A Totally Objective Study

Potential users often ask whether Exherbo is stable. To test this, I decided to reinstall everything on my Gentoo desktop and my Exherbo laptop. The results are as follows:

For Exherbo:

Summary of failures:

* net-misc/neon-0.28.3:0::arbor: failure
* dev-perl/IO-Socket-SSL-1.17:0::arbor: failure
* sys-apps/upstart-0.3.9:0::arbor: failure

Total: 390 packages, 387 successes, 0 skipped, 3 failures, 0 unreached

For Gentoo:

Summary of failures:

* sys-devel/flex-2.5.35:0::gentoo: failure
* sys-apps/coreutils-6.10-r2:0::gentoo: failure
* sys-libs/glibc-2.9_p20081201-r2:2.2::gentoo: failure
* dev-util/dejagnu-1.4.4-r1:0::gentoo: failure
* sys-devel/automake-1.9.6-r2:1.9::gentoo: failure
* dev-python/numeric-24.2-r6:0::gentoo: failure
* app-misc/g15daemon-1.9.5.3-r2:0::gentoo: failure
* app-misc/g15mpd-1.0.0:0::gentoo: skipped (dependency '>=app-misc/g15daemon-1.9.0' unsatisfied)
* dev-libs/boost-1.35.0-r2:0::gentoo: failure
* dev-libs/xerces-c-3.0.1:0::gentoo: failure
* dev-libs/xqilla-2.2.0:0::gentoo: skipped (dependency '>=dev-libs/xerces-c-3.0.1' unsatisfied)
* dev-util/bzr-1.12:0::gentoo: failure
* dev-util/mercurial-1.0.2:0::gentoo: failure
* media-video/mplayer-20090226.28734:0::gentoo: failure
* www-servers/lighttpd-1.4.20:0::gentoo: failure
* x11-wm/compiz-0.7.8-r2:0::gentoo: failure

Total: 833 packages, 817 successes, 2 skipped, 14 failures, 0 unreached

From this highly objective and totally fair study, we can conclude that Exherbo ~arch is 99.2% stable, whereas Gentoo ’stable’ is merely 98.1% stable. This, alongside Exherbo’s worryingly disappearing lack of documentation, is an unfortunate trend that must be corrected before things start to get out of hand. I look forward to breaking everything at the earliest available opportunity.