Profile include support

Greg Hudson ghudson at MIT.EDU
Mon Aug 23 17:37:48 EDT 2010

On Mon, 2010-08-23 at 16:03 -0400, Russ Allbery wrote:
> >   Note that because of the profile library architecture, it cannot
> >   generate extended errors.

> That's sufficiently bad that I think you should consider finding some way
> to fix that as part of this work.

After looking at the profile code a bit, I think that's about a 3x
expansion in scope.  The least invasive approach would be to create a
new variant of profile_init() which takes a struct errinfo * argument,
and then to revise a bunch of internal APIs so that it can be used by
the bottom-level code which does the actual parsing.

I'm still pondering whether I think my schedule can accomodate that
amount of scope creep.

> For the record, most software that I'm familiar with implements only
> include <file> and include <directory>, where the latter includes
> every file in the directory except for those meeting some exclusion
> criteria [...]

I think that would be fine, and I hadn't considered it; I had assumed
globbing support was the only good way to avoid including .rpmsave and ~

That approach is probably more code than using glob() (though, of
course, much less code than implementing glob() on any hypothetical
platforms which don't have it).  It does have the virtue of simplifying
the error cases.

> We recently ran into a bug that took us a full day to track down to 
> krb5.conf not being world-readable; at no point did we get useful
> error messages out of the version of Kerberos being used (whatever
> came with RHEL 4, I believe).

That's probably a bug.  profile_init() treats ENOENT, EACCESS, and EPERM
as non-fatal errors, when it should probably only treat ENOENT as
non-fatal.  I'll fix that right now since it's a one-liner.

More information about the krbdev mailing list