| 1 |
Andy Dustman schrieb: |
| 2 |
[snipp] |
| 3 |
> Some sort of management tool is going to be needed on the gentoo.org |
| 4 |
> side of things to make all this possible. We already have GLSAs, so |
| 5 |
> ebuild that implements a GLSA fix should go into security. |
| 6 |
You cannot just take random ebuilds and stick them into an overlay. |
| 7 |
Ebuilds have dependencies on other ebuilds and the dependency tree |
| 8 |
changes with USE flags set. There are no backports. That is, a security |
| 9 |
upgrade is a new version with (possibly) new dependencies. |
| 10 |
|
| 11 |
To generate a "security" tree you would need to pull from the tree: |
| 12 |
1. the package "foo" that fixes the glsa |
| 13 |
2. all packages package "foo" *requires* and is not in "baseline" |
| 14 |
3. point 2 for all possible combinations of USE flags for package "foo". |
| 15 |
|
| 16 |
I'm not sure this is feasible. |
| 17 |
|
| 18 |
Any other |
| 19 |
> changes from the baseline release would go into updates. Actually, |
| 20 |
> there are a couple different scenarios: |
| 21 |
> |
| 22 |
> 1) baseline and updates: baseline is static data from initial release, |
| 23 |
> updates contains any changed files. |
| 24 |
> |
| 25 |
> 2) baseline, updates, and security: As #1, except builds with security |
| 26 |
> updates go into security. |
| 27 |
> |
| 28 |
> 3) baseline, testing, updates, security: As #2, except any |
| 29 |
> testing-only ebuilds go into testing. |
| 30 |
> |
| 31 |
> 4) Variation on : Keep the existing single tree with everything in |
| 32 |
> addition to having release-specific trees. |
| 33 |
regardless what "labels" you want. You need to provide a method (read: |
| 34 |
implementation ;) )to split the tree (thats what you're doing) so that |
| 35 |
you don't break dependencies. |
| 36 |
|
| 37 |
cheers |
| 38 |
Paul |
| 39 |
|
| 40 |
|
| 41 |
-- |
| 42 |
gentoo-server@g.o mailing list |
Archives