This is the mail archive of the elfutils-devel@sourceware.org mailing list for the elfutils project.

Index Nav:	[Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav:	[Date Prev] [Date Next]	[Thread Prev] [Thread Next]
Other format:	[Raw text]

Re: patch 2/2 debuginfod server etc.

From: "Frank Ch. Eigler" <fche at redhat dot com>
To: Mark Wielaard <mark at klomp dot org>
Cc: elfutils-devel at sourceware dot org, amerey at redhat dot com
Date: Tue, 19 Nov 2019 16:15:03 -0500
Subject: Re: patch 2/2 debuginfod server etc.
References: <20191028190438.GC14349@redhat.com> <20191028190602.GD14349@redhat.com> <20191028190726.GE14349@redhat.com> <8d0b26865cc18838c24ea57c09f4ee5af713af16.camel@klomp.org> <20191114122953.GC873@redhat.com> <c5adf263d267e711d83e1bf74a94cb2d7887c8ea.camel@klomp.org> <20191118184108.GC2880@redhat.com> <52e9358695f8486af6e4e467660c971a1e97c02f.camel@klomp.org> <20191119161348.GB4911@redhat.com> <20191119201128.GA3494@wildebeest.org>

Hi -


> [...] What I want is simply make it easy for the user to say where
> they expect the sources are. So there is no surprises.

If this were a mandate, it would be a hassle, for any build that's
more than one directory wide.


> > The -F mode is suitable for sharing build trees.  By definition, the
> > content is going to be up to the runtime whims of the system, because
> > even non-/usr/include files may change between one build and the next.
> > This is okay, it is just like running gdb on an older binary when the
> > source trees have changed.  (We even propagate mtimes to the client,
> > so gdb can notice it the same way as if it were local.)
> 
> -F mode does indeed seem suitable for sharing local build trees.  If
> we add a big warning about it possibly sharing all local files.

OK, will add a cautionary blurb to the man page.


> > The compiled-in default for the binary is off.  The systemd service
> > default, it happens to be on, but it's configured to serve only
> > privileged directories that people with bad compilers cannot sneak
> > binaries into.  People running personal servers can/should use -F as
> > they see fit.  In the context of a normal workgroup - it's fine.
> 
> So -F seems fine for the later, just not for the former.

IMHO, even the former seems okay and even desirable:

    debuginfod -F /usr/lib/debug

is a safe & easy way to relay the contents of all the debuginfo rpms
that were installed, to nearby clients.  All those binaries come from
packages/distros, so are at least as high quality & trustworthiness as
the user's own.  Again I offer to do an audit of some distro debuginfo
that all their source refs are milquetoast like /usr/include or
/usr/src/debug.


> > System certs do not serve to authenticate clients.  Client
> > certificates are per-user things that come with their own management
> > headaches.  Will think about authentication matters in the future.
> 
> I thought ca-certificates.crt were normally used to authenticate
> remote servers.

ca-certificates.crt types of files (or /usr/share/pki/ files) are the
trust roots for validating the *servers'* certificates.  They are
generally provided by the distro, so can't possibly serve as unique
*client* authentication.


- FChE

Follow-Ups:
- Re: patch 2/2 debuginfod server etc.
  - From: Mark Wielaard

References:
- patch 0/2 debuginfod submission
  - From: Frank Ch. Eigler
- patch 1/2 debuginfod client
  - From: Frank Ch. Eigler
- patch 2/2 debuginfod server etc.
  - From: Frank Ch. Eigler
- Re: patch 2/2 debuginfod server etc.
  - From: Mark Wielaard
- Re: patch 2/2 debuginfod server etc.
  - From: Frank Ch. Eigler
- Re: patch 2/2 debuginfod server etc.
  - From: Mark Wielaard
- Re: patch 2/2 debuginfod server etc.
  - From: Frank Ch. Eigler
- Re: patch 2/2 debuginfod server etc.
  - From: Mark Wielaard
- Re: patch 2/2 debuginfod server etc.
  - From: Frank Ch. Eigler
- Re: patch 2/2 debuginfod server etc.
  - From: Mark Wielaard

Index Nav:	[Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav:	[Date Prev] [Date Next]	[Thread Prev] [Thread Next]