From mboxrd@z Thu Jan  1 00:00:00 1970
From: Marius Bakke <mbakke@fastmail.com>
Subject: Re: Disabling SELinux support in GLib?
Date: Tue, 28 Jan 2020 00:08:06 +0100
Message-ID: <87zhe8qyzt.fsf@devup.no>
References: <87k15csggf.fsf@devup.no> <87wo9ctuf7.fsf@elephly.net>
Mime-Version: 1.0
Content-Type: multipart/signed; boundary="=-=-=";
 micalg=pgp-sha512; protocol="application/pgp-signature"
Return-path: <guix-devel-bounces+gcggd-guix-devel=m.gmane-mx.org@gnu.org>
Received: from eggs.gnu.org ([2001:470:142:3::10]:55234)
 by lists.gnu.org with esmtp (Exim 4.90_1)
 (envelope-from <mbakke@fastmail.com>) id 1iwDUK-0008Tc-Im
 for guix-devel@gnu.org; Mon, 27 Jan 2020 18:08:13 -0500
Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71)
 (envelope-from <mbakke@fastmail.com>) id 1iwDUJ-0000Kq-Kb
 for guix-devel@gnu.org; Mon, 27 Jan 2020 18:08:12 -0500
Received: from wout1-smtp.messagingengine.com ([64.147.123.24]:33829)
 by eggs.gnu.org with esmtps (TLS1.0:DHE_RSA_AES_256_CBC_SHA1:32)
 (Exim 4.71) (envelope-from <mbakke@fastmail.com>) id 1iwDUJ-0000KH-8d
 for guix-devel@gnu.org; Mon, 27 Jan 2020 18:08:11 -0500
In-Reply-To: <87wo9ctuf7.fsf@elephly.net>
List-Id: "Development of GNU Guix and the GNU System distribution."
 <guix-devel.gnu.org>
List-Unsubscribe: <https://lists.gnu.org/mailman/options/guix-devel>,
 <mailto:guix-devel-request@gnu.org?subject=unsubscribe>
List-Archive: <https://lists.gnu.org/archive/html/guix-devel>
List-Post: <mailto:guix-devel@gnu.org>
List-Help: <mailto:guix-devel-request@gnu.org?subject=help>
List-Subscribe: <https://lists.gnu.org/mailman/listinfo/guix-devel>,
 <mailto:guix-devel-request@gnu.org?subject=subscribe>
Errors-To: guix-devel-bounces+gcggd-guix-devel=m.gmane-mx.org@gnu.org
Sender: "Guix-devel"
 <guix-devel-bounces+gcggd-guix-devel=m.gmane-mx.org@gnu.org>
To: Ricardo Wurmus <rekado@elephly.net>
Cc: guix-devel@gnu.org

--=-=-=
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: quoted-printable

Ricardo Wurmus <rekado@elephly.net> writes:

> Hi Marius,
>
>> The 'glib' package gained SELinux support back in commit
>> 6c237a2d7bfa3c7be02c069e5c24a2b401a51864.  We do not currently support
>> SELinux in Guix System, so I'm not sure if it is worth having it in
>> GLib.  Perhaps it can be useful on foreign distributions?
>
> I=E2=80=99m pretty sure that I added it back then because it was needed by
> something else down the line.  Unfortunately, I do not recall what that
> may have been.

Right.  I haven't tried building anything with SELinux disabled yet.

Arch does not enable SELinux support in GLib, so we can look at how they
tackled the issues that arise.

>> It does not add a lot to the GLib size (~3.8 MiB), but it is a
>> propagated dependency that can be easily avoided.
>
> Can we somehow avoid propagation instead?

The reason I started looking at this was because I want to remove
propagated inputs that are in "Requires.private" in the pkg-config
files, as they should only be necessary when linking statically.

Unfortunately libselinux can only be built statically (AFAICT), so I
suspect most GLib dependents end up embedding libselinux.a, which I did
not account for in the initial size calculation.  :-)

(libselinux also fails to cross-compile, but then so does GLib)

--=-=-=
Content-Type: application/pgp-signature; name="signature.asc"

-----BEGIN PGP SIGNATURE-----

iQEzBAEBCgAdFiEEu7At3yzq9qgNHeZDoqBt8qM6VPoFAl4vbVYACgkQoqBt8qM6
VPqUWQf+JcTcAiTCRsx4HvymX3qdNEis2WuB5qPqHIl/5XAdZHnDi8kkTYG1t12b
7JVil1jmPVNVPM/OtXGyzAyZg8WQ18LPUV85anJlvG0K97cEKM+Lojrn3lygqqfH
TG9R1Tiiday8srheR2bDF9agh5GjGfpsQGVm4HK4SugHnJWhCpBPP1pEyeB5Zhgy
rCghTEhbG1YXYEKdEHlLvS7xD/gooCyHjy+bSnBZKuOE4urulrRYN9HNVl/rnzBG
LDPY7iFpI4RZvw3XWpcoHyN5Zj+pVbKPHMpdVpb5O+SL6ygJk1KVK7OuwrFYsZlo
q9c0Zru078JhnazZdVt/Obh+Clc8hg==
=fO7E
-----END PGP SIGNATURE-----
--=-=-=--