1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
|
+-------------------------------------+
| ;;;;;;;;;;;;;|
| XORG ;\;;;\\;;;|;;|
| ;\\;;|;|;;|||
| ;'| ' ;||
| .---. | | | ||
|;;; [ ] ;;@ | | ' ||
|@;@;; | X | ;@;;;;_/ | \|
|;;;@;;@ | | ;;;;;;@/ /;;\ |
+-------------------------------------+
Subject KISS LINUX
From Dylan Araps <dylan@kisslinux.org>
Date Sun, 11 Jul 2020 15:00:00 +0100
Hello,
Exactly two weeks have passed since my return to the development of KISS. In
this time period, I have made a collective 600+ commits to the project. KISS
has also moved from LibreSSL to OpenSSL and from Xorg to Wayland. The purpose
of this blog post is to highlight the changes.
The move to Wayland was always planned, it was just not possible at the time
KISS was created. The ability to compile Firefox in a wayland-only environment
is a relatively new development for example.
I understand if some users are unhappy - this is a non-issue. Users are free to
continue to use Xorg and LibreSSL, the official repositories will simply no
longer provide them (see #/faq#3.0).
This post will be in bullet form (in non-exhaustive, changelog-like fashion)
Check the git commit logs for a full list of changes. If you have any questions,
or issues do not hesitate to get in touch (see #/contact) :).
The distribution
________________________________________________________________________________
* As stated in previous posts, development will continue as normal from now on.
The official KISS Linux website is https://kisslinux.org and development is at
its original location on GitHub ($/kisslinux).
* The IRC channel and subreddit will remain community operated (and are
therefore unaffiliated with the project). My focus will be solely on
development (what I love). I can be reached via #/contact
* The community repository ($/kisslinux/community) will not reopen. KISS will
simply provide a small, extensible base for users. I want to instead foster
the growth of the community and the ecosystem of repositories/ideas *outside*
of the project (rather than shoehorning users into a set of rigid ideals).
OpenSSL
________________________________________________________________________________
* Python 3.10+ drops support for LibreSSL (and all other "alternative") SSL
libraries (BoringSSL, older versions of OpenSSL, etc). This extends beyond
just the _ssl module as Python also makes use of the libcrypto library.
- https://www.python.org/dev/peps/pep-0644/
- https://lwn.net/Articles/841685/
- https://lwn.net/Articles/841664/
- https://discuss.python.org/t/pep-644-require-openssl-1-1-or-newer/5584
* NodeJS now uses the system's SSL library rather than bundling its own. NodeJS
does not support LibreSSL so it would compile its own OpenSSL and statically
link it. Expect a reduction in package size and compilation times.
* LibreSSL breaks ABI biannually which causes some short-term pain downstream as
many packages need rebuilds. OpenSSL does not break ABI as often.
- https://abi-laboratory.pro/?view=timeline&l=libressl
- https://abi-laboratory.pro/?view=timeline&l=openssl
* I was never comfortable with patches touching SSL code to fix
incompatibilities between LibreSSL and OpenSSL. I can not be sure that the
patches are actually /correct/ and do not introduce issues of their own.
Wayland
________________________________________________________________________________
* The KISS Wayland environment is entirely free from Xorg (other than xkbcommon
and xkeyboard-config which were adopted also by wayland). Basically, we have
a full wayland environment with firefox (VAAPI, etc) and /no/ Xorg.
* This environment is still free from dbus, polkit, (e)logind, pulseaudio, etc
and is fully functional without them (yes, sound works in the latest Firefox
with alsa). Wayland is not a pathway towards their inclusion.
* The KISS wiki has been updated with initial Wayland pages. I expect this to
improve over time as contributions are made by myself and other users.
See #/wiki/wayland
* The NVIDIA issues with Wayland are not applicable here as proprietary software
is unsupported by KISS. Regardless, the proprietary drivers do not run under
musl (nouveau works fine however).
* Firefox (as of this post) requires patches to achieve a full Xorg-less build.
The patches are more or less just some #ifdefs and the issue is being worked
on upstream. https://bugzilla.mozilla.org/show_bug.cgi?id=1661450
* GTK+3 on Wayland requires schema files for gsettings to function (under Xorg
it makes use of Xresources). The GTK+3 package has been updated to fix this
issue. This is the cause of the notorious hand2 issue plaguing many Firefox
users on Wayland. https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=253742
* Sway is the default display server and comes in three flavours.
1. 'sway': The package as upstream intended. Requires the 'seatd' daemon to
function - comes with all the bells and whistles.
2. 'sway-no-seat': No seat daemon requirement whatsoever. Rootless in the
same fashion as our xorg-server was (user in video group only, server
setgid input). Otherwise identical to 'sway'.
3. 'sway-tiny': 'sway-no-seat' plus removal of additional dependencies on
pango, cairo, json-c and pcre. Provides only the sway binary. This is a
fork of sway for KISS so refrain from sending bug reports upstream.
* Foot is the default terminal emulator and comes in two flavours. The regular
'foot' package and a 'foot-pgo' package which does profile guided
optimizations inside a running wayland session.
Repository Highlights
________________________________________________________________________________
* The fribidi package has been removed from the repositories. I have patched its
usage out of firefox, libass, pango and gtk+3. It is no longer needed by
anything.
* Portability improvements to build files including full removal of non-standard
'sed -i' usage and full removal of UNIX 'install' usage.
* Reduced the size of the ncurses package from 14MB to 3MB by providing a
custom, trimmed-down terminfo database.
* The 'mtdev' and 'libevdev' packages have been removed from the repositories
and are instead vendored in the 'libinput' package. The 'libevdev' dependency
has also been patched out of sway.
Package Manager Changes
________________________________________________________________________________
* Simplified library path resolution in pkg_fix_deps().
* Fixed confirmation prompt being skipped if packages were downgraded to
dependencies after resolution.
* Added detection for circular dependencies. The package manager now aborts with
an error instead of crashing and burning.
* Fixed packages not being installed in the right order during updates.
* Removal of packages now includes broken directory symlinks. These were
previously skipped as their (safe) removal was tricky. The package manager
now queues all non-top-level directory symlinks and removes them at the end
of the process (but only if broken).
* kiss-chroot now mounts /dev/shm, /dev/pts, /tmp and /run.
* Fixed many issues with how paths were being used internally. The package
manager now ensures that any paths it joins together don't result in '//'
and don't end in (any number of) '/'.
* Git clones are now use --filter=tree:0 instead of --depth=1 to allow usage
of 'git describe' which doesn't work with shallow clones. In other words,
a less shallow clone is now done to obtain slightly more information.
* Removed many instances of unneeded function calls. The package manager would
look for repository files when unneeded (caller has the same information for
example).
* Fixed handling of duplicate packages given to 'kiss b'. Duplicates are now
correctly filtered out and the total package count includes any filtering.
* The package manager now shows you which packages are explicit (passed on the
command-line) or implicit (dependencies). You can now also see if any
explicit packages were downgraded to implicit.
* Empty repositories (KISS_PATH=:::: (multiple colons in a row)) are now
correctly handled by the package manager.
* Fixed issue where the package manager would randomly drop the wrong packages
from its build queue.
* as_root() is now bypassed if the user is already root and the destination user
is also root (root -> root).
* All applicable arguments to the package manager are now sorted by dependence.
This ensures the same order is passed to functions regardless of input.
* Removed many uses of cd, subshells and pipes which were unnecessary. There
/should/ be a performance increase here.
* Fixed rare global variable conflict between pkg_build and pkg_list.
* kiss-chroot now displays every command it executes.
* Arguments to the package manager now undergo stricter validation to prevent
invalid input. This will be further extended in the future.
* When a package is missing files referenced in its manifest, the package
manager will now show all missing files rather than just the first one.
* Checksum verification has been rewritten to remove awk, pipes and subshells.
This also fixed a rare bug where checksums with mismatched lines would always
be considered a match.
* The checksum verification changes also open a pathway to supporting multiple
checksum types in the future (in a non-breaking way). Blake3 is something I
am very interested in.
* Handling of sources has been rewritten with path finding logic unified for
use throughout the package manager (instead of being duplicated).
* Fixed bug with tar extraction which collapsed nested directories of the same
name (fcft/fcft -> fcft). The package manager now skips directories it has
seen before (which also improves performance with large tarballs).
* Fixed bug during package installation where a failed 'cp' of metadata could
cause the previous package's manifest to bleed into other packages in the
queue. Very bad in other words.
* The package manager will now take KISS_COMPRESS into account when pulling
binaries out of the cache. If not found, a glob is used (old behavior).
* Added pre-remove user hook.
* Exposed build queue numbers to user hooks.
* Fixed bug where insufficient permissions to the log directory would cause
confusing behavior on build completion.
* The kiss-help utility now does a search when it cannot find a page by its
relative path. This means that 'kiss help wiki/software/firefox' and
'kiss help firefox' result in the same page being opened.
The Future
________________________________________________________________________________
* The next major change planned for the future is manual page consistency. All
packages will provide manual pages by default and this will be configurable by
users (per manual page, per package, etc). $/kisslinux/repo/issues/273
* Support for additional checksum types /may/ be added. Early numbers using
blake3 show an immense runtime improvement over sha256 for medium to large
tarballs.
* LLVM/Clang should become first class citizens and the repositories should be
fully functional when compiled with them. Users should have the option between
the two (though installation tarballs will continue to use GCC).
* GCC will eventually include a rust codegen backend (and quite possibly a rust
frontend). These will be interesting to play around with once they become
usable.
* The C package manager implementation is still in the works though its
development process has changed. A library will be created and slowly over
time individual components of the shell package manager will be replaced with
C equivalents (while the library matures at the same time).
Users will be able to opt-in to running parts of the package manager (the slow
components especially) in C. This allows users to benefit from faster
implementations of components as they become available.
Once the library reaches a good level of usability, a full C package manager
implementation will be made available alongside the shell implementation.
A test-suite will also be created and will be used both by the shell and C
package manager implementations to ensure that no regressions are made between
changes.
* BearSSL is very interesting and I have experimented with a full bearssl
system (to the extent it is possible). A lot of work in this area is being
done by Michael Forney (including the support in curl, openssh, and possibly
python in the future).
Closing words
________________________________________________________________________________
It's good to be back doing what I love. I am very excited for the future and I
hope you are too. Stay tuned for more updates. :)
Dylan
PS On another note, I will begin writing regular blog posts to my personal
domain (https://dy1an.xyz/) about KISS, technology and whatever else
interests me. If it tickles your fancy, check it out.
|