search

BlackArch / blackarch

An ArchLinux based distribution for penetration testers and security researchers.
https://www.blackarch.org
Other
2.78k stars 552 forks source link

linux-headers used as dependency of some tools #3744

Open D3vil0p3r opened 1 year ago

D3vil0p3r commented 1 year ago

Type: Question

Question

I'm using an Arch Linux system with Linux Zen kernel and I was seeing that some BA tools have linux-headers (related to the "vanilla" linux kernel) as dependency. Is it correct that linux or linux-headers are used as dependencies on these tools despite they can be used on other kinds of kernel? Or is it better they are removed as depenencies since the packages that use linux-headers as dependency don't have linux as dependency, with the risk to create some conflict if the user has another kernel pkg installed?

Tools using "linux-headers" as dependency arptools batman-adv binflow chipsec eresi libpfring libpjf pcileech pfring-dkms python-pysctp radare2-keystone scamper sylkie tracedump tyton vpnpivot wolpertinger

Tools using "linux" as dependency backports-patched

noraj commented 1 year ago

There is no kernel or kernel header group or meta package that could let the user choose it's own kernel. Among all those tools I don't know if some need the headers to build a module or if they just need the headers to find some data in the code.

Maybe a workaround would be to replace linux-headers dependency to a list of all headers as optional dependencies.

-depends=('linux-headers')
+optdepends('linux-headers' 'linux-lts-headers' 'linux-hardened-headers' 'linux-rt-headers' 'linux-rt-lts-headers' 'linux-zen-headers')
D3vil0p3r commented 1 year ago

What I could do is to build each one of those packages without linux-headers dependency and check if the build fails or not. I noted also that, if the user is using actively another kernel type, and decide then to delete linux and linux-headers packages, this removal will delete boot entries of the OS you are using. If I don't get errors, I can use optdepends as you suggested or, by reading the project page, if that dependency is not specified, to remove it.

ikstream commented 1 year ago

As we ship linux by default and the diifferent header don't conflict, I would say, we keep the linux-headers dependency and add the other headers as dependency. That way, we avoid issues for the regular users and provide an option for user with different kernel builds. Only a build check might not be enough to figure out if the tool works properly without them imo.

Have you experienced any issues with the requirements so far @D3vil0p3r ?

D3vil0p3r commented 1 year ago

As we ship linux by default and the diifferent header don't conflict, I would say, we keep the linux-headers dependency and add the other headers as dependency. That way, we avoid issues for the regular users and provide an option for user with different kernel builds. Only a build check might not be enough to figure out if the tool works properly without them imo.

Have you experienced any issues with the requirements so far @D3vil0p3r ?

Currently I built and run several tools on which I opened PR and they seem to work correctly by moving linux-headers (and similar) to optdepends. I tested them on linux-zen and I noted that during the building some kernel modules could be missing for non-linux kernels. And I didn't open PRs of the tools with this behavior.

I think that some old tools (like networking tools) use linux-headers as dependency because they use some usual header files needed for networking that should be present also on other linux-xxx-headers packages.

In my opinion, a further reason that using linux-headers as dependency is not useful is that, if I have another kernel type, and then the pkg installs linux-headers as dependency, the kernel modules will be builded by the already installed kernel headers and no the linux-headers one.