X-Git-Url: https://git.donarmstrong.com/?a=blobdiff_plain;f=914897_merged_usr%2Fballot.md;h=089950d5a8b08227b47a04c7374c576d4c891c86;hb=0c0281a43ef2101267c1edca8966a1b8bc249064;hp=d4705c252952ca9599a161f1b81298c5e0b102b1;hpb=741f1c57af14296af132feb2aec04259af011542;p=debian-ctte.git diff --git a/914897_merged_usr/ballot.md b/914897_merged_usr/ballot.md index d4705c2..089950d 100644 --- a/914897_merged_usr/ballot.md +++ b/914897_merged_usr/ballot.md @@ -4,7 +4,7 @@ ## What is "merged `/usr`" -"Merged `/usr`" describes a possible future standard directories scheme in which the `/{bin,sbin,lib}/` directories have been made superfluous, either through replacing them by symlinks to their `/usr` equivalents (/usr/{bin,sbin,lib}) or by removing them entirely. +"Merged `/usr`" describes a possible future standard directories scheme in which the `/{bin,sbin,lib*}/` directories have been made superfluous through replacing them by symlinks to their `/usr` equivalents (/usr/{bin,sbin,lib*}). The motivation to get Debian systems to converge towards such a scheme is vastly documented elsewhere ([FDO's TheCaseForTheUsrMerge][0], [wiki.d.o UsrMerge][1]) but can be summarized as the following points: * having separate `/` and `/usr` filesystems has been useful in the past for booting without initramfs onto a minimal root filesystem that carried just enough to mount the `/usr` filesystem later in the boot process. Given the evolution of physical hosts' capabilities, initramfs'es have been default in Debian (and elsewhere) for a long time, and most systems no longer have an intermediate state during boot in which they have only `/`, but not `/usr`, mounted. @@ -17,19 +17,23 @@ The motivation to get Debian systems to converge towards such a scheme is vastly The arguments against moving the base directories' scheme towards "merged `/usr`" are as follows: * there's no gain in disrupting something that is not inherently broken; -* `/{bin,sbin,lib}/` → `/usr/{bin,sbin,lib}/` symlinks create confusing views of the system (`/bin/cat` and `/usr/bin/cat` are the same file), and dpkg doesn't support this situation cleanly [#134758](https://bugs.debian.org/134758). +* `/{bin,sbin,lib*}/` → `/usr/{bin,sbin,lib*}/` symlinks create confusing views of the system (`/bin/cat` and `/usr/bin/cat` are the same file), and dpkg doesn't support this situation cleanly [#134758](https://bugs.debian.org/134758). [0]: https://www.freedesktop.org/wiki/Software/systemd/TheCaseForTheUsrMerge/ [1]: https://wiki.debian.org/UsrMerge +The compatibility symbolic links `/lib` → `/usr/lib` and `/lib64` → `/usr/lib64` are required by the various CPUs' platform ABIs (for example i386 requires `/lib/ld-linux.so.2` to resolve to glibc's `ld.so`, and amd64 requires `/lib64/ld-linux-x86-64.so.2`) so there are no plans to remove them altogether. Similarly, removing `/bin` is not under consideration because it would break the assumption that `/bin/sh` exists, and removing `/sbin` would break the assumption that `/sbin/fsck.*` and `/sbin/mount.*` exist. + ## "merged `/usr`" in Debian -In Debian buster, the current testing suite, "merged `/usr`" is only considered for implementation with symlinks (there are no proposals for simply dropping `/{bin,sbin,lib}`) and is implemented in two distinct ways: +In Debian buster, the current testing suite, "merged `/usr`" is only considered for implementation with symlinks (there are no proposals for simply dropping `/{bin,sbin,lib*}`) and is implemented in two main ways: * existing hosts can be made to have a "merged `/usr`" by installing the [usrmerge][2] package; -* new hosts get the `/{bin,sbin,lib}/`→ `/usr/{bin,sbin,lib}/` symlinks by default when using debootstrap >= 1.0.102. +* new hosts get the `/{bin,sbin,lib*}/`→ `/usr/{bin,sbin,lib*}/` symlinks by default when using debootstrap >= 1.0.102. + +The usrmerge package contains a `/usr/lib/convert-usrmerge` perl executable that runs in `postinst`, that will move the contents of `/{bin,sbin,lib*}/` and replace these directories with symlinks when empty. -The usrmerge package contains a `/usr/lib/convert-usrmerge` perl executable that runs in `postinst`, that will move the contents of `/{bin,sbin,lib}/` and replace these directories with symlinks when empty. +It is also possible to merge `/usr` in other ways, for example with `debootstrap --merged-usr` or by bootstrapping into a chroot that already contains the necessary symlinks. [2]: https://tracker.debian.org/pkg/usrmerge @@ -52,19 +56,33 @@ Two initiatives are worth mentioning at this point: Various valid long-term desireable situations coexist, and while discussing immediate countermeasures, it is useful to keep the long-term outcome that those are most likely to produce. -These are three possible situations for the fleet of bullseye (buster + 1) hosts: +These are the five possible situations at the time of bullseye (buster + 1): + +* `none`: "merged `/usr`" has been reverted +* `weak`: both directory schemes are allowed, packages only built on classical hosts +* `middle`: both directory schemes are allowed, packages can be built anywhere +* `hard`: both directory schemes are allowed, packages only built on "merged `/usr`" hosts +* `all`: only "merged `/usr`" directory schemes are allowed, packages only built on "merged `/usr`" hosts + +It can be summarized by the following table: -* `none`: "merged `/usr`" has been reverted; no bullseye hosts have `/{bin,sbin,lib}/`→ `/usr/{bin,sbin,lib}/` symlinks; only `cat` only exists at `/bin/cat`; -* `weak`: bullseye hosts can have any of "merged `/usr`" or "classical" directory schemes; official packages are only built on "classical" directory schemes; packages built on "merged `/usr`" are allowed to break on "classical" directory schemes. -* `hard`: bullseye hosts can have any of "merged `/usr`" or "classical" directory schemes; official packages are built on either "merged `/usr`" or "classical" directory schemes; packages built on either are forbidden to break on either directory schemes. -* `all`: bullseyes hosts all have "merged `/usr`"; official packages are built on "merged `/usr`"; packages built on "classical" directory schemes are allowed to break on "classical" directory schemes. +``` +| | Host types that are allowed | Are merged-/usr | Official packages are built on | Packages built on … can break on the other | +| Codename | classical hosts | merged-/usr hosts | symlinks allowed | classical hosts | merged-/usr hosts | classical hosts | merged-/usr hosts | +|----------|-----------------|-------------------|------------------|—----------------|-------------------|---------------------|----------------------| +| none | yes | no | no | yes | no | yes | yes | +| weak | yes | yes | yes | yes | no | no | yes | +| middle | yes | yes | yes | yes | yes | no | no | +| hard | yes | yes | yes | no | yes | no | no | +| all | no | yes | yes | no | yes | yes | no | +``` ## Immediate actions Given that hosts with different top-level directory schemes already exist; there are various ways forward that would allow for Debian to converge to a desireable situation: * Flag-day to get all hosts on "merged `/usr`", through a base-files version; probably in buster+1 (bullseye) -* Disallow "merged `/usr`", let users who ran `usrmerge` on their own +* Disallow "merged `/usr`", leave users who already have merged `/usr` in an unsupported situation * Let Debian converge to a situation where non-"merged `/usr`" Debian hosts are equivalent to symlinked "merged `/usr`" hosts; do this through upgrading all packages shipping files outside of /usr (but exceptions) to stop doing this. Could be achieved by setting policy for buster+1 (should) and buster+2 (must), or maybe even shorter. This would make the symlink "shortcut" migration redundant. * Support both "merged `/usr`" and non-"merged `/usr`" systems forever: this implies that our packaging tools need to either support countering effects of "merged `/usr`" (e.g. through manipulating PATH for builds to detect files only in their .deb paths) or identifying tainted packages, and letting installing users decide (warn or error out at install time).