1 |
Alex Efros wrote: |
2 |
|
3 |
> Yeah, this is truth. I've tried to install only security updates for |
4 |
> about a year, and after ~8 month I found it impossible to continue |
5 |
> installing security updates without updating some packages I don't wanna |
6 |
> update at that time... and some time later - without toolchain upgrade |
7 |
> and complete system recompilation as result. |
8 |
|
9 |
> So, I think not using ~arch and (in critical cases) freezing versions |
10 |
> of some important packages (like MySQL) PLUS continuously updates is best |
11 |
> way to ensure server security and stability. |
12 |
|
13 |
Disappearing packages, especially ones being used in production, have really |
14 |
bitten me in the ass. Kernels and dropped versions of vmware-workstation |
15 |
come to mind... |
16 |
|
17 |
I get around this problem by patching in a "--nodelete" option for emerge. |
18 |
It is a very simple hack, all it does is _not_ add the --delete --force |
19 |
--delete-after arguments to rsync if I run emerge --sync --nodelete. |
20 |
|
21 |
Attached is a patch for emerge and emergehelp.py (portage-2.0.54) that adds |
22 |
this option, if anyone is interested. |
23 |
|
24 |
To apply: |
25 |
# cd /usr/lib/portage/bin |
26 |
# patch -bp0 </wherever/emerge-nodelete.patch |
27 |
# cd /usr/lib/portage/pym |
28 |
# patch -bp0 </wherever/emergehelp-nodelete.patch |
29 |
|
30 |
The second patch just adds a description of the argument to emerge --help... |