1 |
Am Mittwoch 16 August 2006 16:11 schrieb Paul Kölle: |
2 |
> Jan Meier wrote: |
3 |
> > Am Mittwoch 16 August 2006 15:12 schrieb Paul Kölle: |
4 |
> >> Jan Meier wrote: |
5 |
> >>> I would be willing to start such a stable tree, I am thinking of taking |
6 |
> >>> a current portage tree, delete all ~arch ebuilds and create an overlay. |
7 |
> >>> Every time a security announcement is fired up I will add the newer |
8 |
> >>> ebuild to the overlay, checking for any really needed depencies. |
9 |
> >> |
10 |
> >> ~arch doesn't hurt, so the main difference to glsa-check+standard tree |
11 |
> >> would be old ebuilds not being deleted right? |
12 |
> > |
13 |
> > No, the advantage would be that new ebuilds would not come into the |
14 |
> > portage tree. Only security relevant ebuilds, formerly which fix security |
15 |
> > holes, would come into the tree (kernel, php, mysql, apache, etc. should |
16 |
> > not be stopped from entering the portage tree). |
17 |
> |
18 |
> Sorry, I don't get it. Why are you concerned about packages in the tree |
19 |
> you don't use? Is it about space savings? |
20 |
|
21 |
Eh, no. In my opinion it is clear what I want to say, so I have nothing to |
22 |
add. |
23 |
|
24 |
> > This has the advantage that there would be less packages to update when |
25 |
> > the system has to be updated. And if there are security relevant updates |
26 |
> > there would not be as much dependency updates as with the normal tree. |
27 |
> |
28 |
> The depgraph of a bumped package does not depend on being bumped due to |
29 |
> a GLSA or not. If you only use glsa-check, you will get GLSA triggered |
30 |
> upgrades only and glsa-check will emerge the lowest safe version |
31 |
> possible. Keeping old versions around is sufficient to prevent unneeded |
32 |
> upgrades. If you want something like "emerge -u --stable world", well |
33 |
> then you would need a dedicated tree for --stable but thats way more |
34 |
> work than just deleting ~arch ebuilds you wouldn't use anyway. |
35 |
|
36 |
The ~arch ebuilds are not the point, the stable ebuilds which potentially be |
37 |
upgraded are the point. If you say that glsa-check does only update the |
38 |
package which is security relevant and tries not to update the dependencies |
39 |
then this is what I want. |
40 |
|
41 |
Regards |
42 |
|
43 |
Jan |
44 |
|
45 |
|
46 |
-- |
47 |
gentoo-server@g.o mailing list |