[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Questions reqarding packaging and conventions

From: Leo Famulari
Subject: Re: Questions reqarding packaging and conventions
Date: Thu, 3 Jun 2021 16:32:53 -0400

On Wed, Jun 02, 2021 at 07:55:31AM +0200, Ignacio Coterillo wrote:
> I'm trying to debug and fix issues with Kerberos based authentication on both 
> Icecat and
> qutebrowser and got a few questions:
> Via strace I found that icecat tries load `` which doesn't exist.
> Trivially creating the file as a symbolic link to the `` 
> provided
> by the `mit-krb5` package and exposing via LD_LIBRARY_PATH solves the issue 
> and
> fixes Kerberos based authentication.
> - Question 1: Should this be fixed in the mit-krb5 package or in the icecat 
> package?

If the mit-krb5 authors aim to provide, then we should
adjust our package to achieve that. Otherwise, I'd guess it's a problem
in icecat / firefox. Do you know what other distros do?

> - Question 2: What would be the best way of creating this link in a package?
>   I've played with creating a modified `mit-krb5` (i.e. `my-mit-krb5`) with 
> the
>   following additional build phase:
>   (modify-phases %standard-phases
>       (add-after 'install 'create-link
>       (lambda _
>           (let* ((libpath (getenv "out"))
>               (origin (format #f "~a/lib/" libpath))
>               (target (format #f "~a/lib/" libpath)))
>           (symlink origin target))
>           #t))

That would work, but like I said above, the mit-krb5 build scripts
should have a way to do this, or it's likely a change to be made in the
icecat package.

>   This works, but creates the link with full path target instead of relative 
> like the rest of links
>   created naturally by the original build process:
>   ❯ ls -l 
> /gnu/store/irhvqdpc4zvyj9in514lv859mjkyi7p3-my-mit-krb5-1.18/lib/libgssapi*
>   lrwxrwxrwx 3 root root     21 Jan  1  1970 
> /gnu/store/irhvqdpc4zvyj9in514lv859mjkyi7p3-my-mit-krb5-1.18/lib/
>  ->
>   lrwxrwxrwx 3 root root     21 Jan  1  1970 
> /gnu/store/irhvqdpc4zvyj9in514lv859mjkyi7p3-my-mit-krb5-1.18/lib/
>  ->
>   -r--r--r-- 2 root root 380520 Jan  1  1970 
> /gnu/store/irhvqdpc4zvyj9in514lv859mjkyi7p3-my-mit-krb5-1.18/lib/
>   lrwxrwxrwx 7 root root     82 Jan  1  1970 
> /gnu/store/irhvqdpc4zvyj9in514lv859mjkyi7p3-my-mit-krb5-1.18/lib/ 
> -> 
> /gnu/store/irhvqdpc4zvyj9in514lv859mjkyi7p3-my-mit-krb5-1.18/lib/
>   Should I try to `chdir` to the path before creating the link, or is there a 
> cleaner
>   way of doing something like this?

Not sure, but I agree that it should be a relative link, if adjusting
mit-krb5 is the solution we choose.

> qutebrowser Kerberos support comes from `qtwebengine`. The only change needed 
> would
> be to add `mit-krb5` as input and add the "--webengine-kerberos=yes" qmake 
> option in its
> `configure` build phase.

Sounds good.

> My question here is about whether there is any policy requiring formal 
> justification to
> increase the number of dependencies of a certain package or this would be 
> considered a valid
> request/patch.

There's no policy. In general, we aim to provide fully-featured
packages, but that is an informal habit rather than a strict guideline.

reply via email to

[Prev in Thread] Current Thread [Next in Thread]