On 21-11-2018 10:33:18 +0100, Michał Górny wrote: > > > > > 2. **The format relies on obscure compressor feature of ignoring > > > > > trailing garbage**. While this behavior is traditionally > > > > > implemented > > > > > by many compressors, the original reasons for it have become long > > > > > irrelevant and it is not surprising that new compressors do not > > > > > support it. In particular, Portage already hit this problem twice: > > > > > once when users replaced bzip2 with parallel-capable pbzip2 > > > > > implementation [#PBZIP2]_, and the second time when support for > > > > > zstd > > > > > compressor was added [#ZSTD]_. > > > > > > > > I think this is actually the result of a rather opportunistic > > > > implementation. The fault is that we chose to use an extension that > > > > suggests the file is a regular compressed tarball. > > > > When one detects that a file is xpak padded, it is trivial to feed the > > > > decompressor just the relevant part of the datastream. The format > > > > itself isn't bad, and doesn't rely on obscure behaviour. > > > > > > Except if you don't have the proper tools installed. In which case > > > the 'opportunistic' behavior made it possible to extract the contents > > > without special tools... except when it actually happens not to work > > > anymore. Roy's reply indicates that there is actually interest in this > > > design feature. > > > > Your point is that the format is broken (== relies on obscure compressor > > feature). My point is that the format simply requires a special tool. > > The fact that we prefer to use existing tools doesn't imply in any way > > that the format is broken to me. > > I think you should rewrite your point to mention that you don't want to > > use a tool that doesn't exist in @system (?) to unpack a binpkg. My > > guess is that you could use some head/tail magic in a script if the > > trailing block is upsetting the decompressor. > > > > I'm not saying this may look ugly, I'm just saying that your point seems > > biased. > > I've spent a significant effort rewriting those point to make it clear > what the problem is, and separating it from other changes 'worth doing > while we're changing stuff'. Hope that satisfies your nitpicking.
Yes it does, thank you. > > > > > 3. **Placing metadata at the end of file makes partial fetches > > > > > complex.** While it is technically possible to obtain package > > > > > metadata remotely without fetching the whole package, it usually > > > > > requires e.g. 2-3 HTTP requests with rather complex driver. For > > > > > comparison, if metadata was placed at the beginning of the file, > > > > > early-terminated pipeline with a single fetch request would > > > > > suffice. > > > > > > > > I think this point needs to be quantified somewhat why it is so > > > > important. > > > > I may be wrong, but the average binpkg is small, <1MiB, bigger packages > > > > are <50MiB. > > > > So what is the gain to be saved here? A "few" MiBs for what operation > > > > exactly? I say "few" because I know for some users this is actually not > > > > just a blib before it's downloaded. So if this is possible to achieve, > > > > in what scenarios is this going to be used (and is this often?). > > > > > > Last I checked, Gentoo aimed to support more users than the 'majority' > > > of people with high-throughput Internet access. If there's no cost > > > in doing things better, why not do them better? > > > > You didn't address the critical question, but instead just repeated what > > I said. > > So again, why do you need to read just the metadata? > > The original idea was to provide the ability of indexing remote packages > without having a server-side cache available (or up-to-date). In order > to do that, the package manager would need to fetch the metadata of all > packages (but there's no necessity in fetching the whole packages). > However, that's merely a possible future idea. It's not worth debating > today. > > Today I really understood the point of avoiding premature optimization. > Even if the change is practically zero-cost and harmless (as it's simply > reordering files), it's going to cost you a lot of time because someone > will keep nitpicking on it, even though any other order will not change > anything. Perhaps next time don't put as much emphasize on it. I can see now what you aim for, but it simply raises more questions and concerns to me than it resolves. There is nothing wrong with putting in such future possibility though, if easily possible and not colliding with anything else. > > > > > 4. **Extending the format with OpenPGP signatures is non-trivial.** > > > > > Depending on the implementation details, it either requires > > > > > fetching > > > > > additional detached signature, breaking backwards compatibility or > > > > > introducing more custom logic to reassemble OpenPGP packets. > > > > > > > > I think one could add an extra key to the xpak that holds a gpg sig or > > > > something. Perhaps this point is better phrased as that current binpkgs > > > > don't have any validation options defined. > > > > > > ...which extra key would mean that the two disjoint implementations > > > in use would need more custom code that extracts the signature, > > > reconstructs signed data for verification and verifies it. Or, in other > > > words, that user needs even more custom tooling to manually verify > > > the package he just fetched. > > > > I don't see your point. If you define what the package format looks > > like, you just need to implement that. There is no point in having a > > binpkg format that Portage doesn't implement properly. Portage is > > well-equipped to implement any of the approaches. A user should use > > Portage to install a package. A poweruser could use a separate tool for > > a scenario where he/she's in charge of keeping things sane. Relevancy? > > > > I just don't agree that extending the format is non-trivial. You seem > > to have no arguments other than adding "custom logic", which is what you > > eventually also do in the reference implementation of your new approach. > > The difference is that my format is transparent. You file(1) it, you > see a .tar archive. You extract the archive, you see subarchives > and .sig which are widely recognized. You don't have to read the spec, > you don't have to get special tools. If you ever verified detached > signature, you know how to proceed. If you didn't, you'll learn > something you can reuse. Totally agree. > Now, implementing signatures on top of XPAK is more effort, and yields > something that is more fragile and in the end doesn't benefit anyone. I agree this would be more effort, and it'd get complicated in some aspects. Whether noone benefits from it depends a bit on whether XPAK could potentially give you performance boosts or memory/storage savings. > > > > > 5. **Metadata is not compressed.** This is not a significant problem, > > > > > it is just listed for completeness. > > > > > > > > > > > > > > > Goals for a new container format > > > > > -------------------------------- > > > > > > > > > > The following goals have been set for a replacement format: > > > > > > > > > > 1. **The packages must remain contained in a single file.** As a > > > > > matter > > > > > of user convenience, it should be possible to transfer binary > > > > > packages without having to use multiple files, and to install them > > > > > from any location. > > > > > > > > > > 2. **The file format must be entirely based on common file formats, > > > > > respecting best practices, with as little customization as > > > > > necessary > > > > > to satisfy the requirements.** In particular, it is unacceptable > > > > > to create new binary formats. > > > > > > > > I take this as your personal opinion. I don't quite get why it is > > > > unacceptable to create a new binary format though. In particular when > > > > you're looking for efficiency, such format could serve your purposes. > > > > As long as it's clearly defined, I don't see the problem with a binary > > > > format either. > > > > Could you add why it is you think binary formats are unacceptable here? > > > > > > Because custom binary formats require specialized tooling, and are > > > a royal PITA when the user wants to do something that the author of > > > specialized tooling just happened not to think worthwhile, or when > > > the tooling is not available for some reason. And before you ask really > > > silly questions, yes, I did fight binary packages over hex editor > > > at some point. > > > > Which I still don't understand, to be frank. I think even Portage > > exposes python APIs to get to the data. > > Compare the time needed to make a trivial (but unforeseen) change > on a format that's transparent vs a format that requires you to learn > its spec and/or API, write a program and debug it. I was under the impression you could unpack a tbz2 into data and xpak, then unpack both, modify the contents with an editor or whatever, and then pack the whole stuff back into a tbz2 again. This can be done worst case scenario by emerge -k <pkg>, modifying the vdb and quickpkg <pkg> afterwards. I know that with portage-utils you can do this easily with the qtbz2 and qxpak commands. No need to do anything with a hex editor, or know anything about how it's done. Obvious advantage of your approach is that you don't need q* tools, but can use tar instead. The editting is as trivial though. In your case you need a special procedure to reconstruct the binpkg should you want to keep your special properties (label, order) which equates to q* tools somewhat. > > > The most trivial case is an attempted recovery of a broken system. > > > If you don't have Portage working and don't have portage-utils > > > installed, do you really prefer a custom format which will require you > > > to fetch and compile special tools? Or is one that can be processed > > > with tools you're quite likely to have on every system, like tar? > > > > Well, I think the idea behind the original binpkg format was to use tar > > directly on the files in emergency scenarios like these... > > The assumption was bzip2 decompressor and tar being available. > > I think it is an example of how you add something, while still allowing > > to fallback on existing tools. > > Except progress in compressors has made it work less and less reliably. > It's mostly an example how to be *clever*. However, being clever > usually doesn't pay off in the long term, compared to doing things *in a > simple way*. We agree it is hackish, and we agree we can do without. You simply exaggerate the problem, IMO, which mostly isn't there, because it works fine today. It can also be solved today using shell tools. % head -c `grep -abo 'XPAKPACK' $EPREFIX/usr/portage/packages/sys-apps/sed-4.5.tbz2 | sed 's/:.*$//'` $EPREFIX/usr/portage/packages/sys-apps/sed-4.5.tbz2 | tar -jxf - results in no warnings/errors from bzip about trailing garbage, possible thanks to the spec being smart enough about this. Not having to do this, when under stress and pressure to restore a system to get it back into production, is a plus. Though, in that scenario the trailing garbage warning wouldn't have been that bad either. > > > > > 3. **The file format should provide for partial fetching of binary > > > > > packages.** It should be possible to easily fetch and read > > > > > the package metadata without having to download the whole package. > > > > > > > > Like above, what is the use-case here? Why would you want this? I > > > > think I'm missing something here. > > > > > > Does this harm anything? Even if there's little real use for this, is > > > there any harm in supporting it? Are we supposed to do things the other > > > way around with no benefit just because you don't see any real use for > > > it? > > > > Well, you make a huge point out of it. And if it isn't used, then why > > bother so much about it. Then it just looks like you want to use it as > > an argument to get rid of something you just don't like. > > > > In my opinion you better just say "hey I would like to implement this > > binpkg format, because I think it would be easier to support with > > minimal tools since it doesn't have custom features". I would have > > nothing against that. Simple and elegant is nice, you don't need to > > invent arguments for that, in my opinion. > > The spec is now more focused on that. Thank you, much appreciated. Fabian -- Fabian Groffen Gentoo on a different level
signature.asc
Description: PGP signature
