1 |
Hi! |
2 |
|
3 |
On Mon, Sep 12, 2005 at 06:52:31PM +0100, Ian P. Christian wrote: |
4 |
> The man page does cover this, but it's by no means made obvious - and I think |
5 |
> this is rather a large issue, as a log of users of gentoo probably don't know |
6 |
> this. |
7 |
|
8 |
Yep. :( And there exists some things which probably (was?) not covered by |
9 |
manuals - I've spend a lot of time reading forums to make clear how to |
10 |
use portage in SAFE way. I've summarized this information and post in |
11 |
forum, but, sorry, it's in russian - I've no time to translate it now. |
12 |
It's available here: http://gentoo.ru/node/193 (if somebody wanna translate). |
13 |
|
14 |
In short, to update system in __SAFE__ way: |
15 |
|
16 |
1. Check /var/lib/portage/world: |
17 |
- it shouldn't contain any libraries and software which YOU don't need |
18 |
and which is just dependent by some other packages |
19 |
- it shouldn't contain packages which are in 'system' |
20 |
- is shouldn't contain packages with version/revision number |
21 |
|
22 |
2. Check /etc/portage/* files because they can contain non-actual things |
23 |
which prevent you upgrade in right way now. |
24 |
|
25 |
3. Rarely, but profile update may be needed (usually when old profile |
26 |
become deprecated or when switching to hardened, etc.). |
27 |
|
28 |
4. USE flags for some packages may be changed. To detect this, run |
29 |
|
30 |
emerge -uDNpv world |
31 |
|
32 |
and review flags for all critical (for you) packages. |
33 |
|
34 |
5. If none from toolchain (linux-headers, glibc, binutils, gcc) packages |
35 |
wanna upgrade then just run |
36 |
|
37 |
emerge -uDNav world |
38 |
|
39 |
else things become more complicated because for a number of reasons |
40 |
it's good idea to recompile all system in this way: |
41 |
|
42 |
# clean $pkgdir in some way to optimize compilation speed by |
43 |
# building/using binary packages: |
44 |
pkgdir=$(portageq pkgdir) |
45 |
mv $pkgdir /tmp/portage-packages |
46 |
install -d -o portage -g portage $pkgdir |
47 |
# compile toolchain: first pass |
48 |
emerge linux-headers glibc binutils gcc-config gcc |
49 |
# select new gcc if it was installed in new SLOT |
50 |
gcc-config ... |
51 |
source /etc/profile |
52 |
# compile toolchain: second pass + make binary packages |
53 |
emerge -b glibc binutils gcc portage |
54 |
# recompile system (toolchain used from binary packages to save time) |
55 |
emerge -bke system |
56 |
# recompile world (system used from binary packages to save time) |
57 |
emerge -ke world |
58 |
|
59 |
6. Even after this there may exists not updated packages with security |
60 |
holes (in SLOTs), so: |
61 |
|
62 |
glsa-check -l | grep '\[N\]' |
63 |
emerge ... # manually update needed packages |
64 |
|
65 |
7. Remove unneeded dependencies: |
66 |
|
67 |
emerge -a depclean |
68 |
emerge -uDNav world # fix possible errors in depclean |
69 |
|
70 |
8. After updating libraries there may be needed to recompile something: |
71 |
|
72 |
rm /root/.revdep-rebuild*.?_* |
73 |
revdep-rebuild |
74 |
|
75 |
9. Update config files: |
76 |
|
77 |
dispatch-conf |
78 |
|
79 |
10. While updating package some ebuilds print important information |
80 |
(which is lost which batch update, of course). To review this |
81 |
information you need `enotice` or `portlog-info` tools. |
82 |
|
83 |
11. ... Joke! That's all, folks! :-)) |
84 |
|
85 |
|
86 |
Of course, not all these steps needed every day, but ... Anyway, without |
87 |
manual actions and a lot of attention it's impossible to update system |
88 |
in safe way. This isn't Gentoo problem, of course, same issues exists in |
89 |
other distributions, but they are mostly hidden and hit you when you |
90 |
don't expect. :( |
91 |
|
92 |
-- |
93 |
WBR, Alex. |