--- xml/htdocs/proj/en/glep/glep-0060.html 2010/01/13 00:35:49 1.4 +++ xml/htdocs/proj/en/glep/glep-0060.html 2010/04/07 21:56:59 1.10 @@ -4,7 +4,7 @@ - + GLEP 60 -- Manifest2 filetypes @@ -27,9 +27,9 @@ Title:Manifest2 filetypes -Version:1.3 +Version:1.10 -Last-Modified:2008/10/28 07:46:51 +Last-Modified:2010/04/07 21:34:24 Author:Robin Hugh Johnson <robbat2 at gentoo.org> @@ -43,11 +43,11 @@ Created:November 2007 -Updated:June 2008, July 2008, October 2008 +Updated:June 2008, July 2008, October 2008, January 2010 Updates:44 -Post-History: +Post-History:December 2009, January 2010 @@ -92,15 +92,20 @@

Abstract

-

Clarification of the Manifest2 [#GLEP44] specification, including new types to +

Clarification of the Manifest2 [GLEP44] specification, including new types to help in the tree-signing specification.

Motivation

-

[#GLEP44] was not entirely clear on the usage of filetype specifiers. +

[GLEP44] was not entirely clear on the usage of filetype specifiers. This document serves to provide some of the internal logic used by Portage at the point of writing, as well as adding new types to cover the rest of the tree, for the purposes of tree-signing coverage.

+

This GLEP is not mandatory for the tree-signing specification, but +instead aims to clarify the usage of the Manifest2 filetype specifiers, +and note which types signify files that are allowed to be missing from +the tree (e.g. a user excluding a package or category). As such, it is +also able to stand on it's own.

Specification

@@ -113,11 +118,11 @@

Excluded files

-

When generating or validating a Manifest, or commiting to a version +

When generating or validating a Manifest, or committing to a version control system, the package manager should endeavour to ignore files created by a version control system, backup files from text editors. A -non-exhaustive list is suggested here: CVS/, .svn/, .bzr/, -.git/, .hg/, .#*, *.rej, *.orig, *.bak, *~.

+non-exhaustive list is suggested here: CVS/, .svn/, .bzr/, +.git/, .hg/, .#*, *.rej, *.orig, *.bak, *~.

Additionally, for a transitional Manifest1->Manifest2 system, old-style digest files located in a 'files/' directory, may be excluded from Manifest2 generation, or included with a type of MISC.

@@ -192,7 +197,7 @@
@@ -222,7 +227,7 @@
  • The MANIFEST type is explicitly to cover all nested Manifest files.
  • During validation, this serves as an indicator that the package manager may need to check subtree Manifest file.
  • -
  • A missing MANIFEST file may be treated as a minor (eg excluding an +
  • A missing MANIFEST file may be treated as a minor (e.g. excluding an entire category) or critical validation failure.
  • The failure should be considered as critical only if files that would be directly covered by this Manifest are missing. Deletion of a @@ -235,7 +240,6 @@
  • @@ -251,10 +255,12 @@
    @@ -263,6 +269,10 @@
  • uses _CRIT.
  • All other files that are not covered by another type should be considered as 'OTHER'.
  • +
  • Any further new filetypes should be introduced to subtract files +from the 'OTHER' set.
  • +
  • If a package manager runs into a unknown Manifest2 type, it should +be treated as 'OTHER'.
  • @@ -271,25 +281,26 @@

    If repeated use of a common path prefix is considered a bloat problem, a Manifest file should be added inside the common directory, however this should not be done blindly, as bloat by inodes is more significant for -the majority of use cases.

    +the majority of use cases. See also [GLEP58] on size reductions of +Manifests.

    Chosing a filetype

    1. -
      matches Manifest
      +
      matches Manifest

      => MANIFEST, stop.

    2. -
      matches *.ebuild
      +
      matches *.ebuild

      => EBUILD, stop.

    3. -
      matches *.eclass
      +
      matches *.eclass

      => ECLASS, stop.

      @@ -301,25 +312,25 @@
    4. -
      matches files/*
      +
      matches files/*

      => AUX, continue [see note].

    5. -
      matches any of *.sh, *.bashrc, *.patch, ...
      +
      matches any of *.sh, *.bashrc, *.patch, ...

      => EXEC, stop.

    6. -
      matches any of metadata/cache/*, profiles/, package.*, use.mask*, ...
      +
      matches any of metadata/cache/*, profiles/, package.*, use.mask*, ...

      => DATA, stop.

    7. -
      matches any of ChangeLog, metadata.xml, *.desc, ...
      +
      matches any of ChangeLog, metadata.xml, *.desc, ...

      => MISC, stop.

      @@ -332,10 +343,12 @@

    The logic behind 5, 6, 7 is ensuring that every item that by it's -presence or absense may be dangerous should always be treated strictly. +presence or absence may be dangerous should always be treated strictly. (Consider epatch given a directory of patches ${FILESDIR}/${PV}/, where it blindly includes them, or alternatively, the package.mask file or a profile being altered/missing).

    +

    The above lists of file patterns are not intended to be exhaustive, +but merely demonstrative.

    Note: The AUX entries should only be generated if we are generating a compatible Manifest that supports older versions of Portage. They should be generated along with the new type.

    @@ -348,7 +361,7 @@ The new entries may be included already in all Manifest files, as they will be ignored by older Portage versions. Over time, ECLASS, DATA, EXEC, OTHER may replace the existing AUX type.

    -

    The adoption of this proposal does also affect [#GLEP58] as part of +

    The adoption of this proposal does also affect [GLEP58] as part of this GLEP series, however this GLEP was an offset of the research in that GLEP.

    @@ -359,27 +372,34 @@

    References

    - +
    -
    [1]Mauch, M. (2005) GLEP44 - Manifest2 format. +
    [GLEP44]Mauch, M. (2005) GLEP44 - Manifest2 format. http://www.gentoo.org/proj/en/glep/glep-0044.html
    + + + + + +
    [GLEP58]Security of distribution of Gentoo software - Infrastructure to User distribution - MetaManifest +http://www.gentoo.org/proj/en/glep/glep-0058.html