1 |
On Sep 10, 2005, at 4:37 PM, W.Kenworthy wrote: |
2 |
|
3 |
> use "glsa-check -f package" on each offender first. It will safely |
4 |
> remove the bad packages. |
5 |
> |
6 |
> Due to its history of breaking systems, depclean should be left until |
7 |
> absolutely necessary. |
8 |
> |
9 |
> BillK |
10 |
> |
11 |
> On Sat, 2005-09-10 at 15:35 -0700, Ben Munat wrote: |
12 |
> |
13 |
>> Owen Ford wrote: |
14 |
>> |
15 |
>>> On Sat, 2005-09-10 at 11:49 -0700, Ben Munat wrote: |
16 |
>>> |
17 |
>>> |
18 |
>>>> First, glsa-check claims that I'm vulnerable to 200412-02 and |
19 |
>>>> 200505-01. The first is |
20 |
>>>> pdflib and the second is various horde packages. However, I have |
21 |
>>>> the current versions of |
22 |
>>>> these installed -- the versions that the glsa says I need to |
23 |
>>>> solve the vulnerability. So, |
24 |
>>>> why would glsa-check say I'm vulnerable when I'm not? |
25 |
>>>> |
26 |
>>> |
27 |
>>> |
28 |
>>> There are probably versions of those packages slotted. I use |
29 |
>>> emerge -Cp |
30 |
>>> package to see which are installed. |
31 |
>>> |
32 |
>>> |
33 |
>> |
34 |
>> Very good... exactly the problem. Thanks. |
35 |
>> |
36 |
>> As for dealing with all my orphaned packages, I'm figuring on |
37 |
>> going through the output of |
38 |
>> "emerge --depclean" and unmerging everything that comes up with no |
39 |
>> dependencies under |
40 |
>> "equery depends" and is something that I don't think I'll use. |
41 |
>> Does that sound reasonable? |
42 |
>> |
43 |
>> Oh, and I'm assuming that "equery depends" just checks for |
44 |
>> installed packages that depend |
45 |
>> on the given package... anyone know any way to check a package's |
46 |
>> dependency against the |
47 |
>> entire portage tree? |
48 |
>> |
49 |
>> b |
50 |
>> |
51 |
> -- |
52 |
> gentoo-server@g.o mailing list |
53 |
> |
54 |
> |
55 |
|
56 |
Absolutely agreed with BillK. As I said in my first mail, I have had |
57 |
BAD experiences with --depclean. His solution is best. However, glsa- |
58 |
check --fix is not the most trustworthy of solutions. On a production |
59 |
system always check the ChangeLog and use your own best judgment. |
60 |
|
61 |
-- |
62 |
gentoo-server@g.o mailing list |