1 |
On Thu, 2006-09-07 at 15:30 -0400, Andy Dustman wrote: |
2 |
> gentoo-server is probably not the best list for this discussion, but I |
3 |
> suspect many or most of the people on it will have an interest in |
4 |
> this, so it is somewhat-on-topic. If there's any interest/traction, |
5 |
> then I'll redo this as a GLEP. If you like the idea but think it |
6 |
> should be discussed off this list, contact me directly. |
7 |
> |
8 |
> There are two main issues with the Portage tree as I see it: |
9 |
> |
10 |
> 1) There's no way to get just security updates. |
11 |
|
12 |
I run this script every hour: |
13 |
|
14 |
#!/bin/sh |
15 |
glsa-check -f new 2>/dev/null |
16 |
[[ $? -eq 0 ]] || echo "glsa-check: error" |
17 |
|
18 |
Does this not do what you're looking for? |
19 |
|
20 |
> |
21 |
> 2) Even with recent metadata cache update improvements, it still takes |
22 |
> a long time, and a lot of resources, to sync the tree. |
23 |
|
24 |
I do my updates early in the morning when I'm asleep, so I don't really |
25 |
care how long they take (as long as it's less than 4 hours). |
26 |
|
27 |
Why does update speed matter to you? |
28 |
|
29 |
--- Vladimir |
30 |
|
31 |
> |
32 |
> Now while I firmly believe Gentoo has the best build system and |
33 |
> packagement management bar none, I think there are still a few good |
34 |
> ideas out there in other systems to be borrowed/stolen. |
35 |
> |
36 |
> Currently, emerge --sync (typically) does an rsync off one of the |
37 |
> Gentoo rsync mirrors and then updates the metadata cache. This process |
38 |
> involves examining every file in the Portage tree on both sides of the |
39 |
> connection (stat). This is fixed overhead which is linearly |
40 |
> proportional to the number of files in the tree, regardless of how |
41 |
> many actual updates there may be. Fortunatelly, there is an |
42 |
> optimization that checks a specific timestamp file on the mirror and |
43 |
> skips the real sync if it matches the local timestamp. |
44 |
> |
45 |
> Compare this with the Debian/Ubuntu method (I'll follow Ubuntu's |
46 |
> conventions, since I'm more familiar with it): Each time there is is a |
47 |
> new release, you get a new dist, plus dist-updates, and dist-security, |
48 |
> and a couple others I'll ignore for now. For example, Ubuntu's current |
49 |
> release is dapper, so there is also dapper-updates and |
50 |
> dapper-security. |
51 |
> |
52 |
> Now the beauty of this is that once a release is actually final, the |
53 |
> main release files (i.e. dapper) *do not change*; any updated package |
54 |
> specs go into the -updates or -security directories. If most of the |
55 |
> packages do not change during the update life of a distribution, i.e. |
56 |
> updates are a relatively small percentage, then this is a big win. |
57 |
> (AFAIK, apt-get and other methods check remote timestamps before |
58 |
> downloading.) |
59 |
> |
60 |
> How can this idea be applied to Portage? In this sort of scheme, you'd |
61 |
> have something analogous to an apt.sources line in Debian in profile's |
62 |
> make.defaults: |
63 |
> |
64 |
> SYNC="rsync://rsync.gentoo.org/gentoo-releases" |
65 |
> RELEASE="2006.1" |
66 |
> RELEASE_OVERLAYS="updates security" |
67 |
> |
68 |
> Doing a emerge --sync would then perform the following: |
69 |
> |
70 |
> * rsync://rsync.gentoo.org/gentoo-releases/2006.1 to $PORTDIR |
71 |
> * rsync://rsync.gentoo.org/gentoo-releases/2006.1-updates to $PORTDIR-updates |
72 |
> * rsync://rsync.gentoo.org/gentoo-releases/2006.1-security to $PORTDIR-security |
73 |
> |
74 |
> $PORTDIR-updates and $PORTDIR-security could then be treated as |
75 |
> implicit PORTDIR_OVERLAYs. SYNC could be overridden in /etc/make.conf |
76 |
> as it is now. If you wanted only security updates, then you could set |
77 |
> RELEASE_OVERLAYS="security" in make.conf. |
78 |
> |
79 |
> This is now three trees to sync against instead of one, but the |
80 |
> important feature is that the primary tree is now static data, once it |
81 |
> is done as a final release, so there is only the timestamp check; and |
82 |
> the other two trees should be relatively small. Obsolete ebuilds need |
83 |
> only be removed when there is a new release, and this happens in a |
84 |
> different tree. Potentially, only packages with at least one stable |
85 |
> arch flag could go in updates; anything that is all ~arch or masked |
86 |
> could go into a separate testing overlay. |
87 |
> |
88 |
> Known Issues: |
89 |
> |
90 |
> * Gentoo infrastructure changes are going to be required, particularly |
91 |
> in the mirror system and repoman and the Portage CVS tree. However, it |
92 |
> should not require major surgery on Portage/emerge. |
93 |
> |
94 |
> * End-users will have to change their configuration a bit, or at least |
95 |
> SYNC. Note that I changed the SYNC location from gentoo-portage to |
96 |
> gentoo-releases, since releases would need to be rooted outside the |
97 |
> existing tree (resulting disaster left as an exercise for the reader). |
98 |
> The existing tree may still be useful to keep for developers, testers, |
99 |
> and good old backwards-compatibility (set RELEASE=""). |
100 |
> |
101 |
> -- |
102 |
> This message has been scanned for memes and |
103 |
> dangerous content by MindScanner, and is |
104 |
> believed to be unclean. |
105 |
> -- |
106 |
> gentoo-server@g.o mailing list |
107 |
> |
108 |
-- |
109 |
Vladimir G. Ivanovic <vgivanovic@×××××××.net> |
110 |
|
111 |
-- |
112 |
gentoo-server@g.o mailing list |