| 1 |
On Mon, 2006-04-24 at 17:13 +0200, Marius Mauch wrote: |
| 2 |
> On Mon, 24 Apr 2006 07:04:13 -0700 |
| 3 |
> Brian <dol-sen@×××××.net> wrote: |
| 4 |
> |
| 5 |
> > On Mon, 2006-24-04 at 14:20 +0200, Marius Mauch wrote: |
| 6 |
> > > On Sun, 23 Apr 2006 08:55:58 -0700 |
| 7 |
> > > Brian <dol-sen@×××××.net> wrote: |
| 8 |
> > > |
| 9 |
> > > > I was thinking that /etc/portage/sets/glsa could be a symlink to |
| 10 |
> > > > set list in the current metadata/glsa directory of the portage |
| 11 |
> > > > tree. That file should be relatively easy to auto-generate from |
| 12 |
> > > > the existing glsa*.xml files there already. Perhaps a |
| 13 |
> > > > FEATURES="GLSA_SET" would generate that file on completion of an |
| 14 |
> > > > "emerge --sync" I could also then put a GLSA field into |
| 15 |
> > > > porthole's package Summary view as well as a GLSA notebook |
| 16 |
> > > > page(s) to display the appropriate glsa?.xml file(s). |
| 17 |
> > > |
| 18 |
> > > Too complicated. First you currently need gentoolkit for glsa.py, |
| 19 |
> > > and portage shouldn't depend on gentoolkit. |
| 20 |
> > |
| 21 |
> > I did not mean portage should and I din't want to depend on gentoolkit |
| 22 |
> > either. |
| 23 |
> |
| 24 |
> Not sure I understand your idea then, I was under the impression that |
| 25 |
> `FEATURE=GLSA_SET emerge --sync` would create that file, is that not |
| 26 |
> what you meant? |
| 27 |
> |
| 28 |
> > > Also you can't store |
| 29 |
> > > system-specific files in the tree. |
| 30 |
> > |
| 31 |
> > Yeah, that was a bit of a thought evolution while I was typing. I |
| 32 |
> > realized after I hit "send". At first I thought it could be included |
| 33 |
> > in the sync. Then thought it's only a duplication of the data already |
| 34 |
> > there, so why not generate it (save bandwidth), since the data will |
| 35 |
> > only change at sync time, just do it once then. |
| 36 |
> |
| 37 |
> Ehm, you couldn't include it in the sync as it's system specific. It |
| 38 |
> would have to be generated locally, or you have to treat it special |
| 39 |
> again (only update packages that are installed, don't install new |
| 40 |
> packages). |
| 41 |
|
| 42 |
One could use the new postsync hook for doing this via glsa-check |
| 43 |
or a modified copy already. |
| 44 |
|
| 45 |
> |
| 46 |
> > > And finally using an intermediate |
| 47 |
> > > file creates some additional issues (check for IO/FS problems, |
| 48 |
> > > checking permissions, etc). |
| 49 |
> > > Any reason you need a real file for this instead of just generating |
| 50 |
> > > the list on the fly? |
| 51 |
> > |
| 52 |
> > I thought a smaller stripped down glsa.py module could generate the |
| 53 |
> > file at completion of the sync. Then no special code is needed |
| 54 |
> > internal in porthole beyond checking for set inclusion, atom |
| 55 |
> > matching, just a glsa_flag=True to ignore members that are not |
| 56 |
> > already installed. |
| 57 |
> > |
| 58 |
> > Once portage was able to handle sets, it would almost automatically be |
| 59 |
> > able to handle a glsa set as well. The only difference is not |
| 60 |
> > installing a set member that is not already installed. |
| 61 |
> |
| 62 |
> *Shrug*, generating the list dynamically shouldn't take more than 10 or |
| 63 |
> 20 lines using glsa.py, basically it's |
| 64 |
> |
| 65 |
> pkg_list = [] |
| 66 |
> glsa_list = [Glsa(x) for x in get_glsa_list(glsadir, glsaconfig)] |
| 67 |
> for x in glsa_list: |
| 68 |
> if x.isVulnerable(): |
| 69 |
> pkg_list.extend(x.getMergelist()) |
| 70 |
> |
| 71 |
> plus some error handling. Add some dep_getkey() calls if you don't want |
| 72 |
> the glsa resolver logic of minimal intrusion (might be problematic |
| 73 |
> though). |
| 74 |
> If you need a file interface wrap the list in a StringIO instance. |
| 75 |
> It's really better to keep interdependencies to a minimum here, and |
| 76 |
> when portage gets set support it will generate the glsa update list |
| 77 |
> dynamically anyway, so portage wouldn't benefit from a file at all. |
| 78 |
> |
| 79 |
> Marius |
| 80 |
|
| 81 |
-- |
| 82 |
Ned Ludd <solar@g.o> |
| 83 |
Gentoo Linux |
| 84 |
|
| 85 |
-- |
| 86 |
gentoo-portage-dev@g.o mailing list |
Archives