Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 310201 - net-firewall/ipset: don't use epatch_user
Summary: net-firewall/ipset: don't use epatch_user
Status: RESOLVED NEEDINFO
Alias: None
Product: Gentoo Linux
Classification: Unclassified
Component: New packages (show other bugs)
Hardware: All Linux
: High minor (vote)
Assignee: Peter Volkov (RETIRED)
URL:
Whiteboard:
Keywords:
Depends on:
Blocks:
 
Reported: 2010-03-19 12:21 UTC by Piotr Piróg
Modified: 2010-11-11 08:47 UTC (History)
1 user (show)

See Also:
Package list:
Runtime testing required: ---

Attachments
Patch for ipset ebuild (ipset-4.2.ebuild.patch,306 bytes, patch)
2010-03-19 12:26 UTC, Piotr Piróg 		Details | Diff
View All Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description Piotr Piróg 2010-03-19 12:21:45 UTC 
Ipset ebuild don’t apply user patches – src_unpack()/epatch_user is missing.

Reproducible: Always

Steps to Reproduce:
1. copy patch to /etc/portage/patches/net-firewall/ipset/
2. emerge ipset

Actual Results:  
user patches do not get applied

Expected Results:  
user patches should get applied
Comment 1 Piotr Piróg 2010-03-19 12:26:45 UTC 
Created attachment 224235 [details, diff]
Patch for ipset ebuild
Comment 2 Peter Volkov (RETIRED) gentoo-dev 2010-03-24 13:31:56 UTC 
Please provide use case where this is useful. Some packages, e.g. iptables, really need this to enable third party modules, while for ipset it looks like unnecessary.
Comment 3 Robin Johnson archtester Gentoo Infrastructure gentoo-dev Security 2010-03-25 20:20:07 UTC 
What user patches do you have for ipset?
Comment 4 Piotr Piróg 2010-03-26 11:13:33 UTC 
I write one (http://gigant.informel.pl/~pitek/ipset-4.2-matchall.patch).
There is any reason why epatch_user shouldn’t be enabled for all ebuilds?
Comment 5 Peter Volkov (RETIRED) gentoo-dev 2010-03-26 14:36:51 UTC 
We intensionally limit use of epatch_user since it'll be impossible to support systems where users start to use patches we don't have. Actually epatch_user is just a hack until somebody introduces something better.

That said, if you want to have epatch_user or similar enabled for all ebuild, you may try to write your own bashrc script. e.g. sometime ago I did that and ended with http://dev.gentoo.org/~pva/bashrc but you may wish to modify it ...

So, I think this bug should be closed as WONTFIX, but I'll let Robin to do whatever he wants to do here :)
Comment 6 Robin Johnson archtester Gentoo Infrastructure gentoo-dev Security 2010-03-26 18:27:02 UTC 
piotr:
can you write up some docs for it and attach a newer version, and also send upstream? being able to require matching all of a set is a nice addition :-)

pva:
any objections to including his matchall patch directly once it's got some docs?
Comment 7 Peter Volkov (RETIRED) gentoo-dev 2010-03-27 06:22:35 UTC 
(In reply to comment #6)
> pva:
> any objections to including his matchall patch directly once it's got some
> docs?

patch modifies kernel interface, so if somebody patched kernel manually with ipset sources this could became a problem. It's much better to send this patch upstream - Jozsef is rather fast and helpful.
Comment 8 Peter Volkov (RETIRED) gentoo-dev 2010-10-14 14:57:43 UTC 
Just noted this was submitted upstream and the only question left unanswered there: http://www.spinics.net/lists/netfilter-devel/msg12531.html Piotr, could you answer there, please?
Comment 9 Peter Volkov (RETIRED) gentoo-dev 2010-11-11 08:47:42 UTC 
Resolving bug as NEEDINFO since there no feedback from Piotr.