[pkg-go] Bug#1009776: podman: Packages uidmap and slirp4netns should be full dependencies

Faidon Liambotis paravoid at debian.org
Thu Apr 6 14:07:15 BST 2023

On Fri, Aug 19, 2022 at 02:16:19PM +0200, Andrej Shadura wrote:
> > I have to respectfully disagree here. In Debian, "Recommends"
> > relationships are installed by default, and your message indicates to me
> > that you have configured your system to not install them. It furthermore
> > seems to me that this bug is asking for a convenience that is making
> > your non-standard setup easier, while making other setups where podman
> > is used only in 'root' mode, impossible to install without idmap and
> > friends.
> > I'm going to leave this bug open to remind myself to think about this
> > from time to time, but I still wanted to document my thinking process
> > here more clearly.
> There’s another thing, which I mentioned but I should have made more clear.
> The upstream states the rootless mode is the main mode of operation, hence I
> think it should be available regardless of Recommends, don’t you think?
> Also, from what I gathered talking to Debian and Ubuntu users of podman who
> are not DDs, many of them are frustrated by papercuts like this one, so in
> general I think the package should be made to work as effortlessly as
> possible. So even if the user hasn’t got Recommends installation enabled,
> podman should probably be packaged not to make them stumble upon this.

It's months later and this is a drive-by comment but:

First of all, I'd say that rootless is the main differentiator from
Docker, but far from being a "main mode". Podman works equally well in
rootless and rootful configurations, with the latter being the mode that
one would use as a 1:1 Docker replacement, or in production environment
scenarios where more performant or advanced network configurations are

Second,  according to Policy § 7.2, "The Recommends field should list
packages that would be found together with this one in all but unusual
installations". If folks explicitly pass --no-install-recommends to apt
(or the equivalent preferences.d), then they get to keep the pieces when
things break; I wouldn't call that a papercut. The installation /is/
effortless out of the box, unless one decides that they want to do
something against the maintainer's recommendations, in which case they
should be able to, but with (a bit of) a price to pay.

Hard-Depending on dependencies that are not actually required in common
modes of operation, in this case e.g. servers using podman for
production services, doesn't serve our users -- it just forces
unnecessary cruft on their system, for little benefit to others.

Note that I'm not on a quest against rootless: a couple of years back,
on #987207, I argued to downgrade iptables from Depends to Recommends,
for the same reasosn but to the benefit of rootless users: to avoid the
cruft in rootless configurations :)

So I'm definitely +1 to mark this as wontfix, FWIW.


More information about the Pkg-go-maintainers mailing list