| 1 |
Am Mittwoch 16 August 2006 16:11 schrieb Paul Kölle: |
| 2 |
> Jan Meier wrote: |
| 3 |
> > Am Mittwoch 16 August 2006 15:12 schrieb Paul Kölle: |
| 4 |
> >> Jan Meier wrote: |
| 5 |
> >>> I would be willing to start such a stable tree, I am thinking of taking |
| 6 |
> >>> a current portage tree, delete all ~arch ebuilds and create an overlay. |
| 7 |
> >>> Every time a security announcement is fired up I will add the newer |
| 8 |
> >>> ebuild to the overlay, checking for any really needed depencies. |
| 9 |
> >> |
| 10 |
> >> ~arch doesn't hurt, so the main difference to glsa-check+standard tree |
| 11 |
> >> would be old ebuilds not being deleted right? |
| 12 |
> > |
| 13 |
> > No, the advantage would be that new ebuilds would not come into the |
| 14 |
> > portage tree. Only security relevant ebuilds, formerly which fix security |
| 15 |
> > holes, would come into the tree (kernel, php, mysql, apache, etc. should |
| 16 |
> > not be stopped from entering the portage tree). |
| 17 |
> |
| 18 |
> Sorry, I don't get it. Why are you concerned about packages in the tree |
| 19 |
> you don't use? Is it about space savings? |
| 20 |
|
| 21 |
Eh, no. In my opinion it is clear what I want to say, so I have nothing to |
| 22 |
add. |
| 23 |
|
| 24 |
> > This has the advantage that there would be less packages to update when |
| 25 |
> > the system has to be updated. And if there are security relevant updates |
| 26 |
> > there would not be as much dependency updates as with the normal tree. |
| 27 |
> |
| 28 |
> The depgraph of a bumped package does not depend on being bumped due to |
| 29 |
> a GLSA or not. If you only use glsa-check, you will get GLSA triggered |
| 30 |
> upgrades only and glsa-check will emerge the lowest safe version |
| 31 |
> possible. Keeping old versions around is sufficient to prevent unneeded |
| 32 |
> upgrades. If you want something like "emerge -u --stable world", well |
| 33 |
> then you would need a dedicated tree for --stable but thats way more |
| 34 |
> work than just deleting ~arch ebuilds you wouldn't use anyway. |
| 35 |
|
| 36 |
The ~arch ebuilds are not the point, the stable ebuilds which potentially be |
| 37 |
upgraded are the point. If you say that glsa-check does only update the |
| 38 |
package which is security relevant and tries not to update the dependencies |
| 39 |
then this is what I want. |
| 40 |
|
| 41 |
Regards |
| 42 |
|
| 43 |
Jan |
| 44 |
|
| 45 |
|
| 46 |
-- |
| 47 |
gentoo-server@g.o mailing list |
Archives