1 |
Andy Dustman schrieb: |
2 |
[snipp] |
3 |
> Some sort of management tool is going to be needed on the gentoo.org |
4 |
> side of things to make all this possible. We already have GLSAs, so |
5 |
> ebuild that implements a GLSA fix should go into security. |
6 |
You cannot just take random ebuilds and stick them into an overlay. |
7 |
Ebuilds have dependencies on other ebuilds and the dependency tree |
8 |
changes with USE flags set. There are no backports. That is, a security |
9 |
upgrade is a new version with (possibly) new dependencies. |
10 |
|
11 |
To generate a "security" tree you would need to pull from the tree: |
12 |
1. the package "foo" that fixes the glsa |
13 |
2. all packages package "foo" *requires* and is not in "baseline" |
14 |
3. point 2 for all possible combinations of USE flags for package "foo". |
15 |
|
16 |
I'm not sure this is feasible. |
17 |
|
18 |
Any other |
19 |
> changes from the baseline release would go into updates. Actually, |
20 |
> there are a couple different scenarios: |
21 |
> |
22 |
> 1) baseline and updates: baseline is static data from initial release, |
23 |
> updates contains any changed files. |
24 |
> |
25 |
> 2) baseline, updates, and security: As #1, except builds with security |
26 |
> updates go into security. |
27 |
> |
28 |
> 3) baseline, testing, updates, security: As #2, except any |
29 |
> testing-only ebuilds go into testing. |
30 |
> |
31 |
> 4) Variation on : Keep the existing single tree with everything in |
32 |
> addition to having release-specific trees. |
33 |
regardless what "labels" you want. You need to provide a method (read: |
34 |
implementation ;) )to split the tree (thats what you're doing) so that |
35 |
you don't break dependencies. |
36 |
|
37 |
cheers |
38 |
Paul |
39 |
|
40 |
|
41 |
-- |
42 |
gentoo-server@g.o mailing list |