grub / grub2 conflicts

Peter Jones pjones at redhat.com
Thu Sep 15 14:46:34 UTC 2011


On 09/15/2011 10:27 AM, Richard W.M. Jones wrote:
> This is about:
>
> https://bugzilla.redhat.com/show_bug.cgi?id=737261
> "F16 TC2 DVD grub/grub2 conflict"
>
> The grub package in F16 has a "Conflicts: grub2" line.  There are no
> actual file conflicts, but this was added in order to workaround some
> bugs in grubby, including:

As mjg59 said - it's really not reasonable to have multiple bootloaders
installed on a system (especially by default, as you're essentially asking!)
It greatly increases the complexity in our tooling, as well as greatly
increasing the chances somebody accidentally bricks a box by running tools
for the bootloader they're not using.

> - https://bugzilla.redhat.com/show_bug.cgi?id=725185
> - https://bugzilla.redhat.com/show_bug.cgi?id=731226
>
> Now the problem is that libguestfs provides a way for people to use
> grub-install (and in the future grub2-install) on guests.  Think for
> example if you had a mix of Fedora 15 and Fedora 16 guests on your
> host.
>
> libguestfs, as I guess is well known, uses tools from the host in
> order to manage guests.

Honestly I don't think this is that well known, and looking at it I'm amazed
this passed package review.  Why aren't you guys using any of the tools we've
got to build images from packages instead of installing things on the host?
This is terribly bad behavior.

>  This is done so that we don't have to
> separately package all the tools, which would be a security headache
> (if there's a security issue discovered in grub-install, just updating
> the host package is enough to fix it -- you don't have to track down a
> separate copy statically bundled in libguestfs).

Trading half of one security problem (since you're not eliminating the
problem of security bugs already being installed in a guest) for the
problem of installing lots of extra packages on the host?  Not a win.

> Even if you don't care about libguestfs, you might well wish to
> loop-mount an old guest and run grub-install --root-directory=...  on
> it.

Nice strawman, but in that case grub-install will already be on any properly
installed guest.

> So I propose that we drop this conflicts and fix grubby instead.

We certainly can't do that without at least first fixing other problems. It'd
also be good to think about how we can fix libguestfs's terrible behavior.

> However the maintainer of grub is unwilling to do this, which is why
> I've escalated this issue here.

I've been asking you to explain why you need this and you stopped
participating in the conversation and started this thread instead. There are
a number of problems with this, not least that it's not how engineering
"escalations" even work.  In any case, I *still* haven't said I'm unwilling
to remove the conflicts (though we do need to debug the real problem and see
if it's solvable first), though in general I think it's a correct thing to
have there. I wanted to understand why you needed it first. You've been
mighty uncooperative at getting your own problem solved.

-- 
         Peter

Power corrupts.  Absolute power is kind of neat.
		-- John Lehman, Secretary of the Navy, 1981-1987


More information about the devel mailing list