On 01/21/2015 05:05 AM, Michał Górny wrote: > Hello, developers. > > As you may recall, the main blocker for wide-establishment of > FEATURES=network-sandbox prohibiting network access within the build > environment is distcc. Since all connectivity is disabled, distcc can > no longer reach other distcc servers and build efficiently. I therefore > find it important to figure out a solution. > > ... > > Any other ideas? >
We probably won't avoid the fact that some features are incompatible forever. Why not just let the combination be broken? Distcc isn't enabled by default, so having network-sandbox enabled won't immediately cause problems. We can document that, when enabling distcc, you have to set FEATURES="-network-sandbox". No one will read it, so that leaves the question of what to do when both are enabled. 1. Break normally. We can point people to the man page. 2. Disable network-sandbox and emit a warning. 3. Disable distcc and emit a warning. The third is my favorite, since it's the non-default feature and the warning will be more helpful: "to enable distcc, you must add "-network-sandbox" to your FEATURES in make.conf..." If the point of network-sandbox is to catch mistakes, having it enabled for 95% of users is just as good as 100%.
