On Thu, Feb 10, 2022 at 6:56 PM Demi Marie Obenour
wrote:
>
> On 2/10/22 18:49, Demi Marie Obenour wrote:
> > On 2/10/22 13:39, Adam Williamson wrote:
> >> On Thu, 2022-02-10 at 18:58 +0100, Zbigniew Jędrzejewski-Szmek wrote:
> >>> On Mon, Oct 18, 2021 at 10:33:59AM +0200, Kamil Dudka wrote:
> >>>
On 2/10/22 18:49, Demi Marie Obenour wrote:
> On 2/10/22 13:39, Adam Williamson wrote:
>> On Thu, 2022-02-10 at 18:58 +0100, Zbigniew Jędrzejewski-Szmek wrote:
>>> On Mon, Oct 18, 2021 at 10:33:59AM +0200, Kamil Dudka wrote:
For example dracut, dnf, and rpm seem to use FTP:
On 2/10/22 13:39, Adam Williamson wrote:
> On Thu, 2022-02-10 at 18:58 +0100, Zbigniew Jędrzejewski-Szmek wrote:
>> On Mon, Oct 18, 2021 at 10:33:59AM +0200, Kamil Dudka wrote:
>>> For example dracut, dnf, and rpm seem to use FTP:
>>>
>>>
>>> https://git.kernel.org/pub/scm/boot/dracut/dracut.g
On Thu, Feb 10, 2022, 3:44 PM Ben Cotton wrote:
> On Thu, Feb 10, 2022 at 2:51 PM Zbigniew Jędrzejewski-Szmek
> wrote:
> >
> > That's a good idea. I'll file a late Change page for F36.
>
> We're deep enough into the cycle that sending a proposal through the
> process, even superficially, seems e
On Thu, Feb 10, 2022 at 2:51 PM Zbigniew Jędrzejewski-Szmek
wrote:
>
> That's a good idea. I'll file a late Change page for F36.
We're deep enough into the cycle that sending a proposal through the
process, even superficially, seems excessive. I suggest just sending a
devel-announce post or waiti
On Thu, Feb 10, 2022 at 10:41:41AM -0800, Adam Williamson wrote:
> On Thu, 2022-02-10 at 19:30 +0100, Zbigniew Jędrzejewski-Szmek wrote:
> > (*) I'm assuming that other rpms that need those protocols from
> > libcurl, will pull in the full libcurl too. Some packaging adjustments
> > might be needed
On Thu, Feb 10, 2022 at 10:39:38AM -0800, Adam Williamson wrote:
> On Thu, 2022-02-10 at 18:58 +0100, Zbigniew Jędrzejewski-Szmek wrote:
> > On Mon, Oct 18, 2021 at 10:33:59AM +0200, Kamil Dudka wrote:
> > > For example dracut, dnf, and rpm seem to use FTP:
> > >
> > >
> > > https://git.kerne
On Thu, 2022-02-10 at 19:30 +0100, Zbigniew Jędrzejewski-Szmek wrote:
> (*) I'm assuming that other rpms that need those protocols from
> libcurl, will pull in the full libcurl too. Some packaging adjustments
> might be needed. So this is only about using strange protocols
> directly from /usr/bin/
On Thu, 2022-02-10 at 18:58 +0100, Zbigniew Jędrzejewski-Szmek wrote:
> On Mon, Oct 18, 2021 at 10:33:59AM +0200, Kamil Dudka wrote:
> > For example dracut, dnf, and rpm seem to use FTP:
> >
> >
> > https://git.kernel.org/pub/scm/boot/dracut/dracut.git/tree/modules.d/45url-lib/url-lib.sh?h=05
ftware-management/rpm/blob/rpm-4.14.0-release/rpmio/url.c#L25
> > This calls %_urlhelper, i.e. '/usr/bin/curl --silent --show-error --fail
> > --globoff --location -o',
> > so it will fail on ftp://.
> >
> > Anyway, with current libcurl-minimal, dnf and rpm both s
l. But I don't think we have many
> such urls...
>
> >
> > https://github.com/rpm-software-management/rpm/blob/rpm-4.14.0-release/rpmio/url.c#L25
> This calls %_urlhelper, i.e. '/usr/bin/curl --silent --show-error --fail
> --globoff --location -o',
&g
5
This calls %_urlhelper, i.e. '/usr/bin/curl --silent --show-error --fail
--globoff --location -o',
so it will fail on ftp://.
Anyway, with current libcurl-minimal, dnf and rpm both seem to download
ftp:// urls just fine… (I used [2] for testing since we don't advertise ftp
On Saturday, October 16, 2021 5:32:17 PM CEST Richard W.M. Jones wrote:
> On Thu, Oct 14, 2021 at 09:52:59AM +, Zbigniew Jędrzejewski-Szmek wrote:
> > Hi Kamil and everyone,
> >
> > what is the plan with introduction of libcurl-minimal in Fedora?
> > IIUC, libcu
On Sunday, October 17, 2021 2:40:05 PM CEST Steven Grubb wrote:
> On Sat, Oct 16, 2021 at 10:08 PM Kevin Kofler via devel <
>
> devel@lists.fedoraproject.org> wrote:
> > Steve Grubb wrote:
> > > I'd like to suggest making libcurl-minimal very minimal for se
On Sat, Oct 16, 2021 at 10:08 PM Kevin Kofler via devel <
devel@lists.fedoraproject.org> wrote:
> Steve Grubb wrote:
> > I'd like to suggest making libcurl-minimal very minimal for security
> > reasons. The main curl package has many security issues (CVE's)
&
Steve Grubb wrote:
> I'd like to suggest making libcurl-minimal very minimal for security
> reasons. The main curl package has many security issues (CVE's)
> constantly. But usually, the problem is in some obscure feature/protocol.
> Looking at the packages that depend on
On Thu, Oct 14, 2021 at 09:52:59AM +, Zbigniew Jędrzejewski-Szmek wrote:
> Hi Kamil and everyone,
>
> what is the plan with introduction of libcurl-minimal in Fedora?
> IIUC, libcurl and libcurl-minimal both have the same Provides, so
> libcurl-minimal
> can be used to sat
(lib)curl-minimal actually
> > used
> > on some Fedora installations by default.
>
> This sounds interesting. For elfutils-debuginfod-client we really only
> support http(s):// and file:// so replacing our dependency from full
> libcurl to libcurl-minimal seems a good idea (
gt; (lib)curl-minimal actually used on some Fedora installations by default.
>
>
> This sounds interesting. For elfutils-debuginfod-client we really only
> support http(s):// and file:// so replacing our dependency from full
> libcurl to libcurl-minimal seems a good idea (assumi
resting. For elfutils-debuginfod-client we really only
support http(s):// and file:// so replacing our dependency from full
libcurl to libcurl-minimal seems a good idea (assuming those 3
protocols are in libcurl-minimal). Please let us know what we should
do/test to see if this works as intended.
T
On Thursday, October 14, 2021 3:27:03 PM CEST Steve Grubb wrote:
> Hello,
>
> On Thursday, October 14, 2021 6:51:54 AM EDT Kamil Dudka wrote:
> > > what is the plan with introduction of libcurl-minimal in Fedora?
> >
> > I proposed to use libcurl-minimal and curl-
Hello,
On Thursday, October 14, 2021 6:51:54 AM EDT Kamil Dudka wrote:
> > what is the plan with introduction of libcurl-minimal in Fedora?
>
> I proposed to use libcurl-minimal and curl-minimal in minimal base images
> half a year ago but there has been no reply so far:
Hi Zbyszek,
On Thursday, October 14, 2021 11:52:59 AM CEST Zbigniew Jędrzejewski-Szmek
wrote:
> Hi Kamil and everyone,
>
> what is the plan with introduction of libcurl-minimal in Fedora?
I proposed to use libcurl-minimal and curl-minimal in minimal base images
half a year ago but
Hi Kamil and everyone,
what is the plan with introduction of libcurl-minimal in Fedora?
IIUC, libcurl and libcurl-minimal both have the same Provides, so
libcurl-minimal
can be used to satisfy automatically generated dependencies:
$ dnf repoquery --provides libcurl-minimal
libcurl
On Thu, 2017-04-13 at 10:42 +0100, David Woodhouse wrote:
> On Thu, 2017-04-06 at 12:57 -0400, Stephen Gallagher wrote:
> > > > Also, wasn't there an issue with the OpenSSL's licensing and
> > > > GPL?
> > > > If it still is, could it affect any of the packages that are
> > > > now using
> > > > li
On Mon, Apr 10, 2017 at 03:52:32PM +0200, Kai Engert wrote:
> In my opinion, a little bit of space saving shouldn't be a sufficient
> argument for removing existing security functionality.
Space saving is nice, but that's not the real issue. It's a given that
all security libraries will have criti
Once upon a time, David Woodhouse said:
> I'm not sure what reasoning there was for switching to OpenSSL instead
> of GnuTLS...?
I think the general idea is to move things to what upstream considers
the "preferred" library. If you had all the relevant -devel packages
installed and ran configure
On Thursday, April 13, 2017 10:45:13 David Woodhouse wrote:
> On Mon, 2017-04-10 at 15:52 +0200, Kai Engert wrote:
> > On Mon, 2017-04-10 at 15:31 +0200, Kamil Dudka wrote:
> > > Anyway, I guess we should move this discussion to some curl- or
> > > nss-related channel...
> >
> > The question rema
On Thu, 2017-04-13 at 11:57 +0200, Reindl Harald wrote:
>
> that for example we run 20 servers on top of Fedora from mail, web, sfp
> over fileservers, routers, firewalls and *none* of them has GnuTLS
> installed at all - even not the build and deployment machine?
Ah, OK. I thought it was more
On Mon, 2017-04-10 at 15:52 +0200, Kai Engert wrote:
> On Mon, 2017-04-10 at 15:31 +0200, Kamil Dudka wrote:
> > Anyway, I guess we should move this discussion to some curl- or nss-related
> > channel...
>
> The question remains, if it makes sense to switch back to openssl, if the
> consequence i
On Thu, 2017-04-06 at 12:57 -0400, Stephen Gallagher wrote:
> > > Also, wasn't there an issue with the OpenSSL's licensing and GPL?
> > > If it still is, could it affect any of the packages that are now using
> > > libcurl?
> > There is this: https://www.openssl.org/blog/blog/2017/03/22/license/
W
On Friday, April 07, 2017 18:46:33 Kai Engert wrote:
> You convinced me, that it would be good to have test cases to demonstrate
> how nss/openssl/gnutls are behaving related to the distrust rules.
>
> I setup the following page, wich provides multiple test cases, and
> intructions how to test:
>
On 04/10/2017 03:52 PM, Kai Engert wrote:
On Mon, 2017-04-10 at 15:31 +0200, Kamil Dudka wrote:
Anyway, I guess we should move this discussion to some curl- or nss-related
channel...
The question remains, if it makes sense to switch back to openssl, if the
consequence is a loss in completeness
On Mon, 2017-04-10 at 15:31 +0200, Kamil Dudka wrote:
> Anyway, I guess we should move this discussion to some curl- or nss-related
> channel...
The question remains, if it makes sense to switch back to openssl, if the
consequence is a loss in completeness of certificate trust checking.
In my op
On Friday, April 07, 2017 18:46:33 Kai Engert wrote:
> You convinced me, that it would be good to have test cases to demonstrate
> how nss/openssl/gnutls are behaving related to the distrust rules.
>
> I setup the following page, wich provides multiple test cases, and
> intructions how to test:
>
You convinced me, that it would be good to have test cases to demonstrate how
nss/openssl/gnutls are behaving related to the distrust rules.
I setup the following page, wich provides multiple test cases, and intructions
how to test:
https://kuix.de/misc/test-distrust/
Kai
On Friday, April 07, 2017 13:45:48 Kamil Dudka wrote:
> On Friday, April 07, 2017 13:34:42 Kai Engert wrote:
> > On Fri, 2017-04-07 at 11:54 +0200, Kamil Dudka wrote:
> > > On Friday, April 07, 2017 11:01:35 Kai Engert wrote:
> > > > On Fri, 2017-04-07 at 10:38 +0200, Kamil Dudka wrote:
> > > > > A
On Friday, April 07, 2017 13:34:42 Kai Engert wrote:
> On Fri, 2017-04-07 at 11:54 +0200, Kamil Dudka wrote:
> > On Friday, April 07, 2017 11:01:35 Kai Engert wrote:
> > > On Fri, 2017-04-07 at 10:38 +0200, Kamil Dudka wrote:
> > > > Although we build libcurl against NSS now, it loads the same CA b
On Fri, 2017-04-07 at 11:54 +0200, Kamil Dudka wrote:
> On Friday, April 07, 2017 11:01:35 Kai Engert wrote:
> > On Fri, 2017-04-07 at 10:38 +0200, Kamil Dudka wrote:
> > > Although we build libcurl against NSS now, it loads the same CA bundle as
> > > if we built it against OpenSSL:
> > >
> > >
On Friday, April 07, 2017 11:01:35 Kai Engert wrote:
> On Fri, 2017-04-07 at 10:38 +0200, Kamil Dudka wrote:
> > Although we build libcurl against NSS now, it loads the same CA bundle as
> > if we built it against OpenSSL:
> >
> > /etc/pki/tls/certs/ca-bundle.crt
> >
> > So I doubt it could a
On Fri, 2017-04-07 at 10:38 +0200, Kamil Dudka wrote:
>
> Although we build libcurl against NSS now, it loads the same CA bundle as
> if we built it against OpenSSL:
>
> /etc/pki/tls/certs/ca-bundle.crt
>
> So I doubt it could actually take advantage of those extra flags.
This file doesn't
On Thursday, April 06, 2017 18:39:26 Kai Engert wrote:
> On Thu, 2017-04-06 at 09:29 -0700, Adam Williamson wrote:
> > On Thu, 2017-04-06 at 18:22 +0200, Kai Engert wrote:
> > > I would like to make you aware that the certificate validation of
> > > openssl
> > > isn't
> > > as complete as in NSS.
On 04/06/2017 12:15 PM, Matthew Miller wrote:
> On Thu, Apr 06, 2017 at 05:50:16PM +0200, Miroslav Lichvar wrote:
>>> In order to make even smaller Fedora base images, it was proposed to switch
>>> libcurl back to OpenSSL. The Fedora Crypto Consolidation project, which
>>> motivated the switch of
On Thu, 2017-04-06 at 09:29 -0700, Adam Williamson wrote:
> On Thu, 2017-04-06 at 18:22 +0200, Kai Engert wrote:
> > I would like to make you aware that the certificate validation of openssl
> > isn't
> > as complete as in NSS.
> >
> > For example, NSS is able to handle the blacklisted/distrusted
On Thu, 2017-04-06 at 18:22 +0200, Kai Engert wrote:
> I would like to make you aware that the certificate validation of openssl
> isn't
> as complete as in NSS.
>
> For example, NSS is able to handle the blacklisted/distrusted CAs, which have
> been published by Mozilla, and are being made avail
I would like to make you aware that the certificate validation of openssl isn't
as complete as in NSS.
For example, NSS is able to handle the blacklisted/distrusted CAs, which have
been published by Mozilla, and are being made available as part of the ca-
certificates package, while I believe open
On Thu, Apr 06, 2017 at 05:50:16PM +0200, Miroslav Lichvar wrote:
> > In order to make even smaller Fedora base images, it was proposed to switch
> > libcurl back to OpenSSL. The Fedora Crypto Consolidation project, which
> > motivated the switch of libcurl from OpenSSL to NSS ten years ago, is no
On Wed, Apr 05, 2017 at 03:52:22PM +0200, Kamil Dudka wrote:
> In order to make even smaller Fedora base images, it was proposed to switch
> libcurl back to OpenSSL. The Fedora Crypto Consolidation project, which
> motivated the switch of libcurl from OpenSSL to NSS ten years ago, is now
> depreca
On Thursday, April 06, 2017 16:05:16 Jan Kurik wrote:
> On Thu, Apr 6, 2017 at 3:47 PM, Stephen Gallagher wrote:
> > On 04/06/2017 09:12 AM, Kamil Dudka wrote:
> >> On Thursday, April 06, 2017 15:00:31 Jan Kurik wrote:
> >>> On Thu, Apr 6, 2017 at 2:49 PM, Kamil Dudka wrote:
> On Wednesday,
On Thu, Apr 6, 2017 at 3:47 PM, Stephen Gallagher wrote:
> On 04/06/2017 09:12 AM, Kamil Dudka wrote:
>> On Thursday, April 06, 2017 15:00:31 Jan Kurik wrote:
>>> On Thu, Apr 6, 2017 at 2:49 PM, Kamil Dudka wrote:
On Wednesday, April 05, 2017 17:09:34 Jan Kurik wrote:
> Might not be dire
On 04/06/2017 09:12 AM, Kamil Dudka wrote:
> On Thursday, April 06, 2017 15:00:31 Jan Kurik wrote:
>> On Thu, Apr 6, 2017 at 2:49 PM, Kamil Dudka wrote:
>>> On Wednesday, April 05, 2017 17:09:34 Jan Kurik wrote:
Might not be directly related, but just for a reference - one of the
F26 Cha
On Thursday, April 06, 2017 15:00:31 Jan Kurik wrote:
> On Thu, Apr 6, 2017 at 2:49 PM, Kamil Dudka wrote:
> > On Wednesday, April 05, 2017 17:09:34 Jan Kurik wrote:
> >> Might not be directly related, but just for a reference - one of the
> >> F26 Changes (currently deferred to F27) is doing the
On Thu, Apr 6, 2017 at 2:49 PM, Kamil Dudka wrote:
> On Wednesday, April 05, 2017 17:09:34 Jan Kurik wrote:
>> Might not be directly related, but just for a reference - one of the
>> F26 Changes (currently deferred to F27) is doing the same for
>> OpenLDAP: https://fedoraproject.org/wiki/Changes/O
On Wednesday, April 05, 2017 18:28:53 Dusty Mabe wrote:
> On 04/05/2017 12:17 PM, Kamil Dudka wrote:
> > On Wednesday, April 05, 2017 11:38:35 Colin Walters wrote:
> >> libostree does that -
> >> https://github.com/ostreedev/ostree/blob/c937305c0e7f5609273e25753912c294
> >> b0
> >> 40a6ac/src/libos
create Fedora base image that contains fewer crypto
> >>> libraries inside.>>
> >> Makes sense to me - from the Atomic Host perspective, we are switching
> >> ostree to use libcurl, since libdnf already does (and librepo hard
> >> depends
> >
On 04/05/2017 12:17 PM, Kamil Dudka wrote:
> On Wednesday, April 05, 2017 11:38:35 Colin Walters wrote:
>>
>> libostree does that -
>> https://github.com/ostreedev/ostree/blob/c937305c0e7f5609273e25753912c294b0
>> 40a6ac/src/libostree/ostree-fetcher-curl.c
>>
>> In the exploded archive case, I ge
Hello, Kamil.
On Wednesday, 05 April 2017 at 15:52, Kamil Dudka wrote:
> In order to make even smaller Fedora base images, it was proposed to switch
> libcurl back to OpenSSL. The Fedora Crypto Consolidation project, which
> motivated the switch of libcurl from OpenSSL to NSS ten years ago, is no
e.
>>
>> Additional proposal that would help to reduce the size of base image is the
>> libcurl-minimal subpackage, which can be installed installed as a lightweight
>> replacement of the libcurl package, with smaller size and fewer dependencies.
>> The libcurl-minimal
On Wednesday, April 05, 2017 11:38:35 Colin Walters wrote:
> On Wed, Apr 5, 2017, at 11:28 AM, Kamil Dudka wrote:
> > Anyway, do not overestimate the power of HTTP/2. It will not
> > transparently
> > bring you better transfers for free. You can speak HTTP/2 even while
> > using
> > the curl tool
only package that pulls NSS as its dependency
into the Fedora base image. Hence, by switching libcurl back to OpenSSL, we
could create Fedora base image that contains fewer crypto libraries inside.
Additional proposal that would help to reduce the size of base image is the
libcurl-minimal subpackage
package that pulls NSS as its dependency
> into the Fedora base image. Hence, by switching libcurl back to OpenSSL, we
> could create Fedora base image that contains fewer crypto libraries inside.
>
> Additional proposal that would help to reduce the size of base image is the
>
On Wed, Apr 5, 2017, at 11:28 AM, Kamil Dudka wrote:
> Anyway, do not overestimate the power of HTTP/2. It will not transparently
> bring you better transfers for free. You can speak HTTP/2 even while using
> the curl tool but it is mainly useful for testing. If you want to take the
> advantage
es (and librepo hard depends
> > on OpenSSL, even though libcurl used NSS).
> >
> >> Additional proposal that would help to reduce the size of base image is
> >> the
> >> libcurl-minimal subpackage, which can be installed installed as a
> >> lightweight
contains fewer crypto libraries inside.
>>
>> Makes sense to me - from the Atomic Host perspective, we are switching
>> ostree to use libcurl, since libdnf already does (and librepo hard depends
>> on OpenSSL, even though libcurl used NSS).
>>
>>> Additional propo
ypto libraries inside.
>
> Makes sense to me - from the Atomic Host perspective, we are switching
> ostree to use libcurl, since libdnf already does (and librepo hard depends
> on OpenSSL, even though libcurl used NSS).
>
>> Additional proposal that would help to reduce the
e switching
ostree to use libcurl, since libdnf already does (and librepo hard depends
on OpenSSL, even though libcurl used NSS).
> Additional proposal that would help to reduce the size of base image is the
> libcurl-minimal subpackage, which can be installed installed as a lightweight
>
into the Fedora base image. Hence, by switching libcurl back to OpenSSL, we
could create Fedora base image that contains fewer crypto libraries inside.
Additional proposal that would help to reduce the size of base image is the
libcurl-minimal subpackage, which can be installed installed as a
On Wed, Mar 16, 2016 at 5:44 PM, Jason L Tibbitts III wrote:
>> "JLT" == Jason L Tibbitts writes:
>
> JLT> Using a different soname and patching python-pycurl to use the
> JLT> maximal module if present and the minimal module otherwise would be
> JLT> another possibility, assuming it's even d
s in the SONAME, nor in any file installed by the RPMs in
> > > > > > > question.
> > > > > >
> > > > > > ... which means if the SONAME is the same, you either are dealing
> > > > > > with
> > > > >
&
> http://pkgs.fedoraproject.org/cgit/rpms/curl.git/log/?h=private-kdudka-libcurl-minimal
libcurl.so.x.y.z.minimal looks pretty weird to me, and wrong as well
because it stuffs "minimal" into the version part, but the minimalism
here is not really related to the version. Did y
Once upon a time, Paul Howarth said:
> The installed soname is exactly the same as the regular libcurl
> version, making them interchangeable. The .minimal suffix is removed by
> rpm at packaging time using RemovePathPostfixes:
That seems like a terrible idea, to have to shared libraries in the
d
the /usr/lib64/libcurl.so symlink. This would be yet another *run-time*
dependency of the package you patched. See the following bug for example:
https://bugzilla.redhat.com/215928
- This approach is not compatible with the dependency scanner of rmp-build.
- You would need to patch t
On Wednesday, March 16, 2016 17:20:38 Przemek Klosowski wrote:
> On 03/16/2016 04:39 PM, Kamil Dudka wrote:
> > ldconfig will always pick /usr/lib64/libcurl.so.4 because there can be
> > only one file with that name installed at a time.
>
> OK, but how do you determine which one you have on a part
ntation detail of the packaging (the
> > > RemovePathPostfixes feature of rpm). The string you mentioned neither
> > > appears in the SONAME, nor in any file installed by the RPMs in
> > > question.
> >
> > ... which means if the SONAME is the same, you either are dealin
On 03/16/2016 04:39 PM, Kamil Dudka wrote:
ldconfig will always pick /usr/lib64/libcurl.so.4 because there can be
only one file with that name installed at a time.
OK, but how do you determine which one you have on a particular system
someone just handed to you?
It seems to me that you are usi
gt; > > > > neither
> > > > > appears in the SONAME, nor in any file installed by the RPMs in
> > > > > question.
> > > >
> > > > ... which means if the SONAME is the same, you either are dealing with
> > >
> > &
> Conflicts:
Exactly. libcurl conflicts with libcurl-minimal, which means that exactly
one of them will be installed on any Fedora system at a time. On a regular
system (server, desktop, etc.) it will always be libcurl.
On the other hand, if you need to create a minimal installation of Fedo
il of the packaging (the
> > > > > > RemovePathPostfixes feature of rpm). The string you mentioned
> > > > > > neither
> > > > > > appears in the SONAME, nor in any file installed by the RPMs in
> > > > > > question.
> > > > >
t request reducing the run-time dependencies
I am open to discuss what features should be included in (lib)curl-minimal
and I already refined my draft base on the discussion in this thread.
I am also open to discuss other solution to the above problem. The other
proposals I have captured in this thr
; > neither
> >> > > appears in the SONAME, nor in any file installed by the RPMs in
> >> > > question.
> >> >
> >> > ... which means if the SONAME is the same, you either are dealing with
> >>
> >> > Conflicts:
> >> Exact
On 03/17/2016 12:54 PM, Kamil Dudka wrote:
I am also open to discuss other solution to the above problem. The other
proposals I have captured in this thread are:
- use dlopen() -- already proven wrong (see RHBZ and upstream ML)
I looked and didn't see any discussion of dlopen() in 1305701; ar
of rpm). The string you mentioned
> > > > > > > > neither
> > > > > > > > appears in the SONAME, nor in any file installed by the RPMs
> > > > > > > > in
> > > > > > > > question.
> > > > > > >
&
On Fri, Mar 18, 2016 at 4:29 AM, Petr Pisar wrote:
> I think the solution is have more packages delivering the same-named
> shared library file with the same soname. Each of the packages
> conflicting each other. Then the non-minimal package would provide RPM
> symbols declaring compiled-in featu
On Wednesday, March 16, 2016 20:28:16 Ville Skyttä wrote:
> > http://pkgs.fedoraproject.org/cgit/rpms/curl.git/log/?h=private-kdudka
> > -libcurl-minimal
> libcurl.so.x.y.z.minimal looks pretty weird to me, and wrong as well
> because it stuffs "minimal" in
neither
>> > > appears in the SONAME, nor in any file installed by the RPMs in
>> > > question.
>> >
>> > ... which means if the SONAME is the same, you either are dealing with
>>
>> > Conflicts:
>> Exactly. libcurl conflicts with libcurl-mini
On 2016-03-16 14:07, Kamil Dudka wrote:
On Wednesday, March 16, 2016 20:28:16 Ville Skyttä wrote:
http://pkgs.fedoraproject.org/cgit/rpms/curl.git/log/?h=private-kdudka
-libcurl-minimal
libcurl.so.x.y.z.minimal looks pretty weird to me, and wrong as well
because it stuffs "mi
arch
>
> Ah, rpm requires it (through %__urlhelpercmd). So I suppose there's
> the use case for curl-minimal I was wondering about.
>
> >
> > http://pkgs.fedoraproject.org/cgit/rpms/curl.git/log/?h=private-kdudka-libcurl-minimal
> >
>
> libcurl.so.x
n system
for libcurl :-)
> , but only helps with edge cases, in this case in
> minimalizing build environments.
Neither me, nor Petr were talking about minimalizing build environments.
> This is extremely difficult to test,
Really? What exactly were the problems you encountered while you
On Friday 18 March 2016 08:29:27 Petr Pisar wrote:
> On 2016-03-18, Kamil Dudka wrote:
> > On Thursday, March 17, 2016 14:44:21 Przemek Klosowski wrote:
> >
> > According to Fedora Packaging Guidelines, unversioned shared library files
> > should be installed by -devel packages:
> >
> > https://
Kamil Dudka (kdu...@redhat.com) said:
> Are you reading it from the specfile?
>
> It is just an implementation detail of the packaging (the RemovePathPostfixes
> feature of rpm). The string you mentioned neither appears in the SONAME, nor
> in any file installed by the RPMs in question.
...
ntioned neither
> > appears in the SONAME, nor in any file installed by the RPMs in question.
>
> ... which means if the SONAME is the same, you either are dealing with
> Conflicts:
Exactly. libcurl conflicts with libcurl-minimal, which means that exactly one
of them will be insta
The curl and libcurl packages, which are both required by dnf, have a lot of
run-time dependencies. I propose to maintain curl-minimal and libcurl-minimal
subpackages obtained from a conservatively configured build of curl, resulting
in a significant reduction of their run-time dependencies
> > > RemovePathPostfixes feature of rpm). The string you mentioned neither
> > > appears in the SONAME, nor in any file installed by the RPMs in question.
> >
> > ... which means if the SONAME is the same, you either are dealing with
> > Conflicts:
>
> Exa
;
>I am not against keeping the GSSAPI support in libcurl-minimal. From the
>discussion, it sounds like the right thing to do.
Thanks.
>But what do you mean by XML-RPC?
>
>I am not aware of any such feature in (lib)curl itself. XML-RPC is usually
>implemented in hi
>> >> > > question.
> >> >> >
> >> >> > ... which means if the SONAME is the same, you either are dealing
> >> >> > with
> >> >>
> >> >> > Conflicts:
> >> >> Exactly. li
On Thu, Mar 17, 2016 at 07:00:09PM +0100, Kamil Dudka wrote:
> On Thursday 17 March 2016 13:21:42 Przemek Klosowski wrote:
> I was (by mistake) speaking about loading libcurl's run-time dependencies
> by dlopen(), which is implemented for OpenLDAP in RHEL-5. It used to cause
> problems and was re
> "JLT" == Jason L Tibbitts writes:
JLT> Using a different soname and patching python-pycurl to use the
JLT> maximal module if present and the minimal module otherwise would be
JLT> another possibility, assuming it's even doable.
Or, even easier, having python-curl-minimal which requires and
>>>>> "KD" == Kamil Dudka writes:
KD> Exactly. libcurl conflicts with libcurl-minimal, which means that
KD> exactly one of them will be installed on any Fedora system at a
KD> time. On a regular system (server, desktop, etc.) it will always be
KD> li
On 2016-03-18, Kamil Dudka wrote:
> On Thursday, March 17, 2016 14:44:21 Przemek Klosowski wrote:
>
> According to Fedora Packaging Guidelines, unversioned shared library files
> should be installed by -devel packages:
>
> https://fedoraproject.org/wiki/Packaging:Guidelines?rd=Packaging/Guideline
Kamil Dudka (kdu...@redhat.com) said:
> > - "Minimizing the fedora docker base image footprint" (by yanking dnf et.al.
> > into a seprate container, making size of it much more irrelevant) - "DNF
> > into C initiative started" (enabling a much larger depythoning that doesn't
> > require differing
1 - 100 of 108 matches
Mail list logo
