| 1 |
On Thu, 2006-09-07 at 15:30 -0400, Andy Dustman wrote: |
| 2 |
> gentoo-server is probably not the best list for this discussion, but I |
| 3 |
> suspect many or most of the people on it will have an interest in |
| 4 |
> this, so it is somewhat-on-topic. If there's any interest/traction, |
| 5 |
> then I'll redo this as a GLEP. If you like the idea but think it |
| 6 |
> should be discussed off this list, contact me directly. |
| 7 |
> |
| 8 |
> There are two main issues with the Portage tree as I see it: |
| 9 |
> |
| 10 |
> 1) There's no way to get just security updates. |
| 11 |
|
| 12 |
I run this script every hour: |
| 13 |
|
| 14 |
#!/bin/sh |
| 15 |
glsa-check -f new 2>/dev/null |
| 16 |
[[ $? -eq 0 ]] || echo "glsa-check: error" |
| 17 |
|
| 18 |
Does this not do what you're looking for? |
| 19 |
|
| 20 |
> |
| 21 |
> 2) Even with recent metadata cache update improvements, it still takes |
| 22 |
> a long time, and a lot of resources, to sync the tree. |
| 23 |
|
| 24 |
I do my updates early in the morning when I'm asleep, so I don't really |
| 25 |
care how long they take (as long as it's less than 4 hours). |
| 26 |
|
| 27 |
Why does update speed matter to you? |
| 28 |
|
| 29 |
--- Vladimir |
| 30 |
|
| 31 |
> |
| 32 |
> Now while I firmly believe Gentoo has the best build system and |
| 33 |
> packagement management bar none, I think there are still a few good |
| 34 |
> ideas out there in other systems to be borrowed/stolen. |
| 35 |
> |
| 36 |
> Currently, emerge --sync (typically) does an rsync off one of the |
| 37 |
> Gentoo rsync mirrors and then updates the metadata cache. This process |
| 38 |
> involves examining every file in the Portage tree on both sides of the |
| 39 |
> connection (stat). This is fixed overhead which is linearly |
| 40 |
> proportional to the number of files in the tree, regardless of how |
| 41 |
> many actual updates there may be. Fortunatelly, there is an |
| 42 |
> optimization that checks a specific timestamp file on the mirror and |
| 43 |
> skips the real sync if it matches the local timestamp. |
| 44 |
> |
| 45 |
> Compare this with the Debian/Ubuntu method (I'll follow Ubuntu's |
| 46 |
> conventions, since I'm more familiar with it): Each time there is is a |
| 47 |
> new release, you get a new dist, plus dist-updates, and dist-security, |
| 48 |
> and a couple others I'll ignore for now. For example, Ubuntu's current |
| 49 |
> release is dapper, so there is also dapper-updates and |
| 50 |
> dapper-security. |
| 51 |
> |
| 52 |
> Now the beauty of this is that once a release is actually final, the |
| 53 |
> main release files (i.e. dapper) *do not change*; any updated package |
| 54 |
> specs go into the -updates or -security directories. If most of the |
| 55 |
> packages do not change during the update life of a distribution, i.e. |
| 56 |
> updates are a relatively small percentage, then this is a big win. |
| 57 |
> (AFAIK, apt-get and other methods check remote timestamps before |
| 58 |
> downloading.) |
| 59 |
> |
| 60 |
> How can this idea be applied to Portage? In this sort of scheme, you'd |
| 61 |
> have something analogous to an apt.sources line in Debian in profile's |
| 62 |
> make.defaults: |
| 63 |
> |
| 64 |
> SYNC="rsync://rsync.gentoo.org/gentoo-releases" |
| 65 |
> RELEASE="2006.1" |
| 66 |
> RELEASE_OVERLAYS="updates security" |
| 67 |
> |
| 68 |
> Doing a emerge --sync would then perform the following: |
| 69 |
> |
| 70 |
> * rsync://rsync.gentoo.org/gentoo-releases/2006.1 to $PORTDIR |
| 71 |
> * rsync://rsync.gentoo.org/gentoo-releases/2006.1-updates to $PORTDIR-updates |
| 72 |
> * rsync://rsync.gentoo.org/gentoo-releases/2006.1-security to $PORTDIR-security |
| 73 |
> |
| 74 |
> $PORTDIR-updates and $PORTDIR-security could then be treated as |
| 75 |
> implicit PORTDIR_OVERLAYs. SYNC could be overridden in /etc/make.conf |
| 76 |
> as it is now. If you wanted only security updates, then you could set |
| 77 |
> RELEASE_OVERLAYS="security" in make.conf. |
| 78 |
> |
| 79 |
> This is now three trees to sync against instead of one, but the |
| 80 |
> important feature is that the primary tree is now static data, once it |
| 81 |
> is done as a final release, so there is only the timestamp check; and |
| 82 |
> the other two trees should be relatively small. Obsolete ebuilds need |
| 83 |
> only be removed when there is a new release, and this happens in a |
| 84 |
> different tree. Potentially, only packages with at least one stable |
| 85 |
> arch flag could go in updates; anything that is all ~arch or masked |
| 86 |
> could go into a separate testing overlay. |
| 87 |
> |
| 88 |
> Known Issues: |
| 89 |
> |
| 90 |
> * Gentoo infrastructure changes are going to be required, particularly |
| 91 |
> in the mirror system and repoman and the Portage CVS tree. However, it |
| 92 |
> should not require major surgery on Portage/emerge. |
| 93 |
> |
| 94 |
> * End-users will have to change their configuration a bit, or at least |
| 95 |
> SYNC. Note that I changed the SYNC location from gentoo-portage to |
| 96 |
> gentoo-releases, since releases would need to be rooted outside the |
| 97 |
> existing tree (resulting disaster left as an exercise for the reader). |
| 98 |
> The existing tree may still be useful to keep for developers, testers, |
| 99 |
> and good old backwards-compatibility (set RELEASE=""). |
| 100 |
> |
| 101 |
> -- |
| 102 |
> This message has been scanned for memes and |
| 103 |
> dangerous content by MindScanner, and is |
| 104 |
> believed to be unclean. |
| 105 |
> -- |
| 106 |
> gentoo-server@g.o mailing list |
| 107 |
> |
| 108 |
-- |
| 109 |
Vladimir G. Ivanovic <vgivanovic@×××××××.net> |
| 110 |
|
| 111 |
-- |
| 112 |
gentoo-server@g.o mailing list |
Archives