1 |
Yes, but it's possible to have packages on your machine that aren't in system or world. |
2 |
And you can also have packages on machine that aren't even dependecies of packages in |
3 |
system or world. This surprised me. But, I suppose it's bound to happen as packages mature |
4 |
and old dependencies go away. |
5 |
|
6 |
b |
7 |
|
8 |
z3rosix@×××××××.ch wrote: |
9 |
> Hello, |
10 |
> |
11 |
> maybe i'm wrong but doens't "emerge -pv world" include "emerge -pv |
12 |
> system" ??? |
13 |
> so you just need to "emerge world" |
14 |
> and bye the way you can use "emerge --sync -q" so you got only erros |
15 |
> emailed. |
16 |
> |
17 |
> |
18 |
> greetz |
19 |
> |
20 |
> alex |
21 |
> |
22 |
> On Mon, Sep 12, 2005 at 02:52:16PM -0500, Matthew Lange wrote: |
23 |
> |
24 |
>>I have the following as an emerge.sh script in my croon.daily directory. |
25 |
>> I used to have a lock file to prevent multiple copies from running, but |
26 |
>>I now use fcron, which has this feature built-in. By default, all |
27 |
>>output gets mailed to root, which I have aliased to me. |
28 |
>> |
29 |
>>---snip--- |
30 |
>> emerge sync 2>&1 > /dev/null |
31 |
>> echo 'emerge system:' |
32 |
>> emerge -pv --nocolor system |
33 |
>> echo 'emerge world:' |
34 |
>> emerge -pv --nocolor world |
35 |
>> /usr/bin/revdep-rebuild --pretend --quiet --nocolor |
36 |
>>---snip--- |
37 |
>> |
38 |
>>Unfortunately, ANSI color is hard-coded into the utilities, so I get a |
39 |
>>few control-characters in the output...but it works OK. |
40 |
>> |
41 |
>>I have a better one I wrote, but I'll need to find it...I'll post it later. |
42 |
>> |
43 |
>>Matt |
44 |
>> |
45 |
>> |
46 |
>> |
47 |
>>Ian P. Christian wrote: |
48 |
>> |
49 |
>>>I've recently been spending some time getting to know a little more about |
50 |
>>>portage, and I've run into a few issues. |
51 |
>>> |
52 |
>>>$ emerge --update --deep --newuse world |
53 |
>>> |
54 |
>>>It's reasonably well known that the above doesn't update all packages |
55 |
>>>installed on a system - I think it only updates packages that are in the |
56 |
>>>world file. Recently, this issue has left a server of mine with a insecure |
57 |
>>>version of apache (apache was installed due to a dependency caused by PHP, or |
58 |
>>>some application I installed that pulled in php, which in turn pulled in |
59 |
>>>apache.). |
60 |
>>>The man page does cover this, but it's by no means made obvious - and I think |
61 |
>>>this is rather a large issue, as a log of users of gentoo probably don't know |
62 |
>>>this. |
63 |
>>> |
64 |
>>>From the manual: |
65 |
>>> |
66 |
>>> "When you install a package with uninstalled dependencies and do not |
67 |
>>>explicitly state those dependencies in the list of parameters, they will not |
68 |
>>>be added to the world file. If you want them to be detected for world |
69 |
>>>updates, make sure to explicitly list them as parameters to emerge." |
70 |
>>> |
71 |
>>>It should have a big WARNING or something next to it IMO. |
72 |
>>> |
73 |
>>>emerge --depclean will point out what isn't in your world file for you, so you |
74 |
>>>can go ahead and add things to the world file manually. Having done this, |
75 |
>>>when you uninstall whatever it was that dragged that dependency in in the |
76 |
>>>first place, you will get unneeed packages on the system. |
77 |
>>> |
78 |
>>>Lets say for examples sake I install mail-client/squirrelmail. This will pull |
79 |
>>>in PHP, which will pull in apache. In this case, -uD will not update apache |
80 |
>>>should a new version appear. An emerge --depclean will show apache as being |
81 |
>>>removable- so apache will need manually adding to the world file. Now, when |
82 |
>>>I uninstall squirrrelmail, apache is no longer needed, but depclean won't |
83 |
>>>show that, because I was forced to add it to the world file. In a lot of |
84 |
>>>situations, the package might be a lot more obscure, perhaps some odd |
85 |
>>>libraries which now are in the world file, and will stay there, because |
86 |
>>>unless I manually look though the world file, and run an 'equery depends' on |
87 |
>>>each one, I won't notice they are no longer needed. |
88 |
>>> |
89 |
>>>So it seems that I either suffer packages not being updated, or am forced into |
90 |
>>>adding things into the world file and then face the problem that dependencies |
91 |
>>>will not be removable by depclean. |
92 |
>>> |
93 |
>>>Also, I don't understand why emerge --depclean will show a package, which upon |
94 |
>>>doing an 'equery depends' on that package will show that actaully that |
95 |
>>>package is needed. Why do these tools contradict each other? Surly depclean |
96 |
>>>should have the logic that equery uses to see when a dependency really is |
97 |
>>>needed? |
98 |
>>> |
99 |
>>>glsa-check goes some way to solving the problem, it does check to see if there |
100 |
>>>are outdated packages that have been effected by security issues - but it |
101 |
>>>doens't update libraries that were installed but aren't in the world file. |
102 |
>>> |
103 |
>>>Is there a script that's been developed to be cronned to email the sys admin a |
104 |
>>>report saying what packages need updating? I noticed that in the last month |
105 |
>>>on this list there has been some useful information about running glsa-check |
106 |
>>>and rsynicng just part of the portage tree. This kind of thing is intregal to |
107 |
>>>running a server, and if no such script exists in the portage tree, I will |
108 |
>>>attempt to write one. |
109 |
>>> |
110 |
>>>Kind Regards, |
111 |
>>> |
112 |
>> |
113 |
>>-- |
114 |
>>gentoo-server@g.o mailing list |
115 |
-- |
116 |
gentoo-server@g.o mailing list |