Re: isa-support -- exit strategy?

[Andrey Rahmatullin]

On Fri, Mar 25, 2022 at 11:34:17PM +0100, Adam Borowski wrote:
> While packages are allowed to not support entire architectures
> outright, there's a problem when some code requires a feature that is
> not present in the arch's baseline.  Effectively, this punishes an arch
> for keeping compatibility.  The package's maintainers are then required
> to conform to the baseline even when this requires a significant work
> and/or is a pointless exercise (eg.  scientific number-crunching code
> makes no sense to run on a 2002 box).
A partial arch (whatever that is, yeah) with the x86-64-v3 baseline, and
optionally raise the main amd64 baseline to x86-64-v2?
Assuming we don't want to mass-modify software to support code separation
into hwcaps etc. or runtime detection.

> With that in mind, in 2017 I added "isa-support" which implements
> install-time checks via a dependency.  Alas, this doesn't work as well
> as it should:
(that was expected tbh)

-- 
WBR, wRAR


signature.asc
Description: PGP signature

Re: isa-support -- exit strategy?

[Paul Wise]

Adam Borowski wrote:

> * new installs fail quite late into installation process, leaving you
>   with a bunch of packages unpacked but unconfigured; some apt
>   frontends don't take this situation gracefully.

Maybe install isa-support by default and add an apt hook similar to the
apt-listbugs one that blocks installation of unsupported packages
before the installation process starts.

> * upgrades when an existing package drops support for old hardware are
>   even worse.

As above, but this approach is pretty terrible with automated upgrades,
so there probably needs to be a way for hooks to communicate with
automated upgrade tools that certain packages should not be upgraded.

> * while a hard Depends: works for leafy packages, on a library it
>   disallows having alternate implementations that don't need the
>   library in question.  Eg, libvectorscan5 blocks a program that
>   uses it from just checking the regexes one by one.

Libraries really should do runtime CPU detection themselves and return
failure when the current CPU isn't supported, then applications using
them can fall back on alternative solutions.

> Suggestions?

Install time is a suboptimal time for deciding whether or not a certain
package is supported on the CPU installed during the current boot of a
system. Live images run on many different CPUs. I have run a regular
Debian install from an external USB hard drive on many different
computers at different internet cafes. People often move their hard
drive from an old/failed computer to a new computer.

A better option might be to always allow installation, but have an apt
hook or feature that warns or asks for confirmation when you install
packages that are not supported on your current CPU, along with an
executable that can check the CPU is supported, and print an error to
stderr/X11/Wayland as appropriate and execute the command otherwise.

An sse4-support symlink could point to an isa-support executable, which
could check $0 against the CPU and either do the warning or exec "$@",
then maintainers could call sse4-support from wrapper scripts etc.

The errors could be done by different executables so that the errors
fit in with the desktop that is currently in use if any.

It might be worth looking at how things like Steam and Flatpak/Snap
solve this issue, I expect games and proprietary apps often use CPU
features unsupported on old systems.

I also wonder if qemu could be used to emulate newer CPU features on
older systems. That would probably be unusably slow though.

It is probably worth initiating a cross-distro discussion about this.
The above idea could even become a cross-distro solution to this issue.

-- 
bye,
pabs

https://wiki.debian.org/PaulWise


signature.asc
Description: This is a digitally signed message part

Re: isa-support -- exit strategy?

[M. Zhou]

Hi Adam,

I think the problems that apt/dpkg
are trying to deal with is already complicated enough, and
the architecture specific code are still not significant
enough to introduce change there.

Indeed supporting number crunching programs on ancient
hardware is not meaningful, but the demand on Debian's
support for number crunching is not that strong according
to my years of observation.

For popular applications that can take advantage of above-baseline
instruction sets, they will eventually write the dynamic code
dispatcher and add the fallback.

For applications seriously need performance, they will
leave CPU and go to GPU or other hardware. If the user correctly
write the code and fully leverage GPU, the non-optimal CPU
code won't necessarily be a bottleneck.

For applications seriously need CPU performance, they are
possibly going to tell the users how to tweak compiling
parameters and how to compile locally.

Eventually, my thoughts about above-baseline support are
still either source-based package distribution like portage, or
small deb repository built with a customized dpkg-dev, like
I mentioned in the past.

On Fri, 2022-03-25 at 23:34 +0100, Adam Borowski wrote:
> Hi!
> While packages are allowed to not support entire architectures
> outright, there's a problem when some code requires a feature that is
> not present in the arch's baseline.  Effectively, this punishes an
> arch
> for keeping compatibility.  The package's maintainers are then
> required
> to conform to the baseline even when this requires a significant work
> and/or is a pointless exercise (eg.  scientific number-crunching code
> makes no sense to run on a 2002 box).
> 
> With that in mind, in 2017 I added "isa-support" which implements
> install-time checks via a dependency.  Alas, this doesn't work as
> well
> as it should:
> 
> * new installs fail quite late into installation process, leaving you
>   with a bunch of packages unpacked but unconfigured; some apt
>   frontends don't take this situation gracefully.
> 
> * upgrades when an existing package drops support for old hardware
> are
>   even worse.
> 
> * while a hard Depends: works for leafy packages, on a library it
>   disallows having alternate implementations that don't need the
>   library in question.  Eg, libvectorscan5 blocks a program that
>   uses it from just checking the regexes one by one.
> 
> Suggestions?
> 
> 
> Meow!

Bug#1008291: ITP: distrobox -- Another tool for containerized command line environments on Linux

[Michel Alexandre Salim]

Package: wnpp
Severity: wishlist
Owner: Michel Alexandre Salim 
X-Debbugs-Cc: debian-devel@lists.debian.org

* Package name: distrobox
  Version : 1.2.14
  Upstream Author : Luca Di Maio 
* URL : https://distrobox.privatedns.org/
* License : GPL
  Programming Lang: Bash
  Description : Another tool for containerized command line environments on 
Linux

Use any linux distribution inside your terminal. Enable both backward and
forward compatibility with software and freedom to use whatever distribution
you’re more comfortable with. 

 - usefulness
Much more flexible than Toolbx, which inspires it:
https://fedoramagazine.org/toolbx-a-developers-new-best-friend/ -
Toolbx requires specialized containers which currently are only
available for Fedora.

 - not a dependency for another package
 - I use it everyday, for compatibility testing on different distributions
   and releases

 - comparison with similar packages
   - more flexible than Toolbx
   - this wraps Podman and Docker and preconfigure the containers (e.g.
 giving them home directory access, installing the shell you use on
 the host on the container too) so it's much easier to use
 - maintenance
   - no packaging team seems to match, so I plan to maintain this
 individually. I'm new to Debian packaging (coming from Fedora where
 I'm the equivalent of a Debian Developer), so will be using
 https://mentors.debian.net/. I do have more packages to ITP, but
 want to start small with a package where the upstream author has
 expressed an interest in getting this packaged: 
https://github.com/89luca89/distrobox/issues/153
   - yes, I will need a sponsor

Bug#1008289: ITP: awsome-cis-checker -- CIS Benchmark checker for AWS

[Pedro Loami Barbosa dos Santos]

Package: wnpp
Severity: wishlist
Owner: Pedro Loami Barbosa dos Santos 

* Package name: awsome-cis-checker
  Version : 1.0
  Upstream Author : Secforce, David R. @Fiti
* URL : https://github.com/SECFORCE/awsome-cis-checker
* License : MIT
  Programming Lang: Python
  Description : CIS Benchmark checker for AWS

 AWSome CIS Checker is a tool designed to automate the whole process 
 of checking AWS configurations in accordance with one of the most 
 widely used industry best practice guides: the CIS Benchmarks.
 .
 Based on Boto3, an AWS SDK for Python, AWSome CIS Checker uses the 
 set of credentials provided on a local AWS Client configuration to 
 verify if the elements of a certain configuration are compliant with 
 CIS Benchmarks. This covers all the basic checks but also allows for 
 a “deeper” inspection of the configuration by investigating more 
 obscure options which could facilitate further attacks vectors. 


This package is useful to a pentester, or any other security aware
professional to identify potential security risks within their AWS
environment, by running a checklist based on CIS Benchmarks best
practice guides. Hopefully this tool will increase coverage during
security assessment and also will help sysadmins to understand better
their AWS infrastructure and consequently improve the security of 
their environments. More information about the tool and its developers
can be found here: https://www.secforce.com/blog/awsome-cis-checker/

This package will be maintened by me, with support of my mentor/
sponsor and in collaboration with the upstream.

Bug#1008288: ITP: golang-github-gobwas-httphead -- Tiny HTTP header value parsing lib (library)

[Guilherme de Paula Xavier Segundo]

Package: wnpp
Severity: wishlist
Owner: Guilherme de Paula Xavier Segundo 
X-Debbugs-Cc: debian-devel@lists.debian.org, guilherme@gmail.com

* Package name: golang-github-gobwas-httphead
  Version : 0.1.0-1
  Upstream Author : Sergey Kamardin 
* URL : https://github.com/gobwas/httphead
* License : Expat
  Programming Lang: Go
  Description : Tiny HTTP header value parsing lib (library)

 This library contains low-level functions for scanning HTTP RFC2616
 compatible header value grammars. Utils for parsing HTTP and
 HTTP-grammar compatible text protocols headers.

Re: DebConf22 registration and call for proposals are open!

[Tzafrir Cohen]

Hi,

On Fri, Mar 25, 2022 at 09:20:00PM +, Seth Arnold wrote:
> On Fri, Mar 25, 2022 at 11:38:01PM +0800, YS wrote:
> > Sorry. How to unsubscribe this thread?
> 
> Most mail lists insert headers that describe how to subscribe,
> unsubscribe, change settings, post, etc:
> 
> List-URL: 
> List-Post: 
> List-Help: 
> List-Subscribe: 
> 
> List-Unsubscribe: 
> 

The headers in that message were actually:
List-Id: 
List-URL: 
List-Post: 
List-Help: 
List-Subscribe: 

List-Unsubscribe: 


So either use the List-Unsubscribe email above or visit
https://lists.debian.org/debian-devel-announce/ and use the
"Unsubscribe" button.

-- 
mail / xmpp / matrix: tzaf...@cohens.org.il

isa-support -- exit strategy?

[Adam Borowski]

Hi!
While packages are allowed to not support entire architectures
outright, there's a problem when some code requires a feature that is
not present in the arch's baseline.  Effectively, this punishes an arch
for keeping compatibility.  The package's maintainers are then required
to conform to the baseline even when this requires a significant work
and/or is a pointless exercise (eg.  scientific number-crunching code
makes no sense to run on a 2002 box).

With that in mind, in 2017 I added "isa-support" which implements
install-time checks via a dependency.  Alas, this doesn't work as well
as it should:

* new installs fail quite late into installation process, leaving you
  with a bunch of packages unpacked but unconfigured; some apt
  frontends don't take this situation gracefully.

* upgrades when an existing package drops support for old hardware are
  even worse.

* while a hard Depends: works for leafy packages, on a library it
  disallows having alternate implementations that don't need the
  library in question.  Eg, libvectorscan5 blocks a program that
  uses it from just checking the regexes one by one.

Suggestions?


Meow!
-- 
⢀⣴⠾⠻⢶⣦⠀ Eight legs good, four legs bad! -- when your drider pwns a
⣾⠁⢠⠒⠀⣿⡁ smelly goodie centaur.
⢿⡄⠘⠷⠚⠋⠀ Rearkick OP -- my grandpa's brother-in-law got one-shotted
⠈⠳⣄ from full hp in RL, please nerf!

Bug#1008282: ITP: gl-image-display -- Image-display library backed by OpenGL. Provided are a C library and a FLTK widget with C++ and Python interfaces

[Dima Kogan]

Package: wnpp
Owner: Dima Kogan 
Severity: wishlist

* Package name: gl-image-display
  Version : 0.10
  Upstream Author : Dima Kogan 
* URL or Web page : https://github.com/dkogan/GL_image_display
* License : Apache 2.0
  Description : Image-display library backed by OpenGL. Provided are a C 
library and a FLTK widget with C++ and Python interfaces

This is a dependency of mrcal 2.2, which will be released soon, and
uploaded to Debian when this library makes it to the archive.

Re: DebConf22 registration and call for proposals are open!

[Seth Arnold]

On Fri, Mar 25, 2022 at 11:38:01PM +0800, YS wrote:
> Sorry. How to unsubscribe this thread?

Most mail lists insert headers that describe how to subscribe,
unsubscribe, change settings, post, etc:

List-URL: 
List-Post: 
List-Help: 
List-Subscribe: 
List-Unsubscribe: 


Your email program may call it "show headers", or "show raw email", or
perhaps something else. If your email program can't show the headers,
that's probably worth a bug report.

Thanks


signature.asc
Description: PGP signature

Re: DebConf22 registration and call for proposals are open!

[alberto fuentes]

Literally search on your favourite search engine:

how to unsubscribe from 

In this case, debconf-announce, and click on the first link

If you have any other questions in life such as how to walk or how to boild
an egg, dont hesitate to use search engines

They are great!



On Fri, 25 Mar 2022 at 16:54, YS  wrote:

> Sorry. How to unsubscribe this thread?
>
> Paulo Henrique de Lima Santana  於 2022年3月25日 週五 23:33 寫道：
>
>> Hi,
>>
>> Registration for DebConf22 [1] is now open.
>> The the 23rd edition of DebConf [2] will take place from July 17th to
>> 24th,
>> 2022 at the Innovation and Training Park (ITP) [3] in Prizren, Kosovo,
>> and will
>> be preceded by DebCamp, from July 10th to 16th.
>>
>> [1] https://debconf22.debconf.org
>> [2] https://www.debconf.org
>> [3] https://itp-prizren.com
>>
>> Along with the registration, the DebConf content team announced the call
>> for
>> proposals [4]. Deadline to submit a proposal to be considered in the main
>> schedule is April 15th, 2022 23:59:59 UTC (Friday).
>>
>> [4] https://debconf22.debconf.org/cfp
>>
>> DebConf is an event open to everyone, no matter how you identify yourself
>> or
>> how others perceive you. We want to increase visibility of our diversity
>> and
>> work towards inclusion at Debian Project, drawing our attendees from
>> people
>> just starting their Debian journey, to seasoned Debian Developers or
>> active
>> contributors in different areas like packaging, translation,
>> documentation,
>> artwork, testing, specialized derivatives, user support and many other. In
>> other words, all are welcome.
>>
>> To register for the event, log into the registration system [5] and fill
>> out
>> the form. You will be able to edit and update your registration at any
>> point.
>> However, in order to help the organizers have a better estimate of how
>> many
>> people will attend the event, we would appreciate if you could access the
>> system and confirm (or cancel) your participation in the conference as
>> soon as
>> you know if you will be able to come. The last day to confirm or cancel
>> is July
>> 1st, 2022 23:59:59 UTC. If you don't confirm or you register after this
>> date,
>> you can come to the DebConf22 but we cannot guarantee availability of
>> accommodation, food and swag (t-shirt, bag, and so on).
>>
>> [5] https://debconf22.debconf.org/register
>>
>> For more information about registration, please visit registration
>> information
>> [6].
>>
>> [6] https://debconf22.debconf.org/about/registration
>>
>> ## Submitting an event
>>
>> You can now submit an event proposal [7]. Events are not limited to
>> traditional
>> presentations or informal sessions (BoFs): we welcome submissions of
>> tutorials,
>> performances, art installations, debates, or any other format of event
>> that you
>> think would be of interest to the Debian community.
>>
>> [7] https://debconf22.debconf.org/talks/new
>>
>> Regular sessions may either be 20 or 45 minutes long (including time for
>> questions), other kinds of sessions (workshops, demos, lightning talks,
>> and so
>> on) could have different durations. Please choose the most suitable
>> duration
>> for your event and explain any special requests.
>>
>> In order to submit a talk, you will need to create an account on the
>> website.
>> We suggest that Debian Salsa account holders (including DDs and DMs) use
>> their
>> Salsa [8] login when creating an account. However, this isn't required,
>> as you
>> can sign up with an e-mail address and password.
>>
>> [8] https://salsa.debian.org
>>
>> ## Bursary for travel, accommodation and meals
>>
>> In an effort to widen the diversity of DebConf attendees, the Debian
>> Project
>> allocates a part of the financial resources obtained through sponsorships
>> to
>> pay for bursaries (travel, accommodation, and/or meals) for participants
>> who
>> request this support when they register.
>>
>> As resources are limited, we will examine the requests and decide who will
>> receive the bursaries. They will be destined:
>>
>>  * To active Debian contributors.
>>  * To promote diversity: newcomers to Debian and/or DebConf, especially
>> from
>>under-represented communities.
>>
>> Giving a talk, organizing an event or helping during DebConf22 is taken
>> into
>> account when deciding upon your bursary, so please mention them in your
>> bursary
>> application.
>>
>> For more information about bursaries, please visit applying for a bursary
>> to
>> DebConf [9].
>>
>> [9] https://debconf22.debconf.org/about/bursaries
>>
>> Attention: the registration for DebConf22 will be open until the
>> conference
>> starts, but the deadline to apply for bursaries using the registration
>> form
>> before May 1st, 2022 23:59:59 UTC. This deadline is necessary in order to
>> the
>> organizers use time to analyze the requests, and for successful
>> applicants to
>> prepare for the conference.
>>
>> DebConf would not be possible without the generous support of all our
>> sponsors,
>> especia

Re: DebConf22 registration and call for proposals are open!

[YS]

Sorry. How to unsubscribe this thread?

Paulo Henrique de Lima Santana  於 2022年3月25日 週五 23:33 寫道：

> Hi,
>
> Registration for DebConf22 [1] is now open.
> The the 23rd edition of DebConf [2] will take place from July 17th to 24th,
> 2022 at the Innovation and Training Park (ITP) [3] in Prizren, Kosovo, and
> will
> be preceded by DebCamp, from July 10th to 16th.
>
> [1] https://debconf22.debconf.org
> [2] https://www.debconf.org
> [3] https://itp-prizren.com
>
> Along with the registration, the DebConf content team announced the call
> for
> proposals [4]. Deadline to submit a proposal to be considered in the main
> schedule is April 15th, 2022 23:59:59 UTC (Friday).
>
> [4] https://debconf22.debconf.org/cfp
>
> DebConf is an event open to everyone, no matter how you identify yourself
> or
> how others perceive you. We want to increase visibility of our diversity
> and
> work towards inclusion at Debian Project, drawing our attendees from people
> just starting their Debian journey, to seasoned Debian Developers or active
> contributors in different areas like packaging, translation, documentation,
> artwork, testing, specialized derivatives, user support and many other. In
> other words, all are welcome.
>
> To register for the event, log into the registration system [5] and fill
> out
> the form. You will be able to edit and update your registration at any
> point.
> However, in order to help the organizers have a better estimate of how many
> people will attend the event, we would appreciate if you could access the
> system and confirm (or cancel) your participation in the conference as
> soon as
> you know if you will be able to come. The last day to confirm or cancel is
> July
> 1st, 2022 23:59:59 UTC. If you don't confirm or you register after this
> date,
> you can come to the DebConf22 but we cannot guarantee availability of
> accommodation, food and swag (t-shirt, bag, and so on).
>
> [5] https://debconf22.debconf.org/register
>
> For more information about registration, please visit registration
> information
> [6].
>
> [6] https://debconf22.debconf.org/about/registration
>
> ## Submitting an event
>
> You can now submit an event proposal [7]. Events are not limited to
> traditional
> presentations or informal sessions (BoFs): we welcome submissions of
> tutorials,
> performances, art installations, debates, or any other format of event
> that you
> think would be of interest to the Debian community.
>
> [7] https://debconf22.debconf.org/talks/new
>
> Regular sessions may either be 20 or 45 minutes long (including time for
> questions), other kinds of sessions (workshops, demos, lightning talks,
> and so
> on) could have different durations. Please choose the most suitable
> duration
> for your event and explain any special requests.
>
> In order to submit a talk, you will need to create an account on the
> website.
> We suggest that Debian Salsa account holders (including DDs and DMs) use
> their
> Salsa [8] login when creating an account. However, this isn't required, as
> you
> can sign up with an e-mail address and password.
>
> [8] https://salsa.debian.org
>
> ## Bursary for travel, accommodation and meals
>
> In an effort to widen the diversity of DebConf attendees, the Debian
> Project
> allocates a part of the financial resources obtained through sponsorships
> to
> pay for bursaries (travel, accommodation, and/or meals) for participants
> who
> request this support when they register.
>
> As resources are limited, we will examine the requests and decide who will
> receive the bursaries. They will be destined:
>
>  * To active Debian contributors.
>  * To promote diversity: newcomers to Debian and/or DebConf, especially
> from
>under-represented communities.
>
> Giving a talk, organizing an event or helping during DebConf22 is taken
> into
> account when deciding upon your bursary, so please mention them in your
> bursary
> application.
>
> For more information about bursaries, please visit applying for a bursary
> to
> DebConf [9].
>
> [9] https://debconf22.debconf.org/about/bursaries
>
> Attention: the registration for DebConf22 will be open until the conference
> starts, but the deadline to apply for bursaries using the registration form
> before May 1st, 2022 23:59:59 UTC. This deadline is necessary in order to
> the
> organizers use time to analyze the requests, and for successful applicants
> to
> prepare for the conference.
>
> DebConf would not be possible without the generous support of all our
> sponsors,
> especially our Platinum Sponsors Lenovo [10] and Infomaniak [11].
>
> [10] https://www.lenovo.com
> [11] https://www.infomaniak.com.
>
> DebConf22 is accepting sponsors; if you are interested, or think you know
> of
> others who would be willing to help, please get in touch 12]!
>
> [12] https://debconf22.debconf.org//sponsors/become-a-sponsor
>
> On behalf of The Debian Publicity Team,
>
> --
> Paulo Henrique de Lima Santana (phls)
> Curitiba - Brasil
> Debian Developer