1 |
-----BEGIN PGP SIGNED MESSAGE----- |
2 |
Hash: SHA1 |
3 |
|
4 |
Rafael Fernández López wrote: |
5 |
> Hi, |
6 |
> |
7 |
> This is not flame war. I love Gentoo, and it is the distribution |
8 |
> that |
9 |
> fits me perfectly, but I've been wondering this last year what things |
10 |
> can be improved in this wonderful distro. |
11 |
> |
12 |
> The first thing that I'd change is "etc-update" or |
13 |
> "dispatch-conf". I'd |
14 |
> suggest to create some kind of tool like "dpkg-reconfigure" in Debian. |
15 |
> More intuitive than reading /etc files and writing them by hand that is |
16 |
> more probably to be mistaken when writing. |
17 |
|
18 |
I do agree that these tools fall slightly short of the goal - which |
19 |
IMHO it to effectively "manage" config files when updating packages, |
20 |
and to "dumb down" the management process. |
21 |
|
22 |
I've noticed that a majority of the *.conf updates (especially |
23 |
recently) tend to be changing the date(s) in the Gentoo copyright |
24 |
notice (from 2005 -> 2006) and/or cvs document version header updates |
25 |
(e.g. v1.5 to v1.6). I typically use dispatch-conf, so maybe this is |
26 |
what etc-update calls "trivial updates". Without going into too many |
27 |
specifics (since the thread wasn't started in a specific manner), one |
28 |
of my pet peeves about dispatch-conf is that the new, unmodified |
29 |
*.conf files take precedence. I know there's the "merge" option, and |
30 |
admittedly, I haven't quite figured out how to use that effectively. |
31 |
But if a new *.conf file is presented, shouldn't/couldn't it diff the |
32 |
new with the old and automatically incorporate the differences into |
33 |
the new *.conf file? |
34 |
|
35 |
More to the point, as I'm not familiar with "dpkg-reconfigure", or |
36 |
debian for that matter, why not point out specific short-comings of |
37 |
the existing tools? Or propose a better approach to solving the |
38 |
*.conf file management issue (philosophically or technically - i.e. |
39 |
write one)? |
40 |
|
41 |
> |
42 |
> Second thing that I'd improve is a security one. I know that |
43 |
> "emerge" |
44 |
> is a very cared package, but it is a script. Suppose that someone |
45 |
> commits portage with a emerge failure in its code (he forgot a comma |
46 |
> !!)... if someone updates portage won't be able to update it again |
47 |
> because it will fail ever and ever again... So I suggest to have a |
48 |
> backuped emerge script that we are sure that worked (like the last |
49 |
> emerge tool that was used), and if the new emerge tool is mistaken (so |
50 |
> that user doesn't need to know python) only has to run "regenemerge" for |
51 |
> example, and will have the latest emerge working tool. |
52 |
> |
53 |
> |
54 |
I don't know if this is technically a "security issue", moreso an |
55 |
availability issue (which, yes, technically falls under security in |
56 |
terms of confidentiality-integrity-availability, but in my mind falls |
57 |
slightly outside of the umbrella). While you present a valid concern, |
58 |
I believe this is addressed by the whole masking/testing process that |
59 |
is currently architected into portage. If a portage developer managed |
60 |
to leave out a comma when doing a cvs commit, it's *very* likely going |
61 |
to be found before portage is moved to the stable tree. Worst case |
62 |
scenario, if something like this *were* to fall through the cracks, |
63 |
grab your trusty install-CD and revert to a known-good portage |
64 |
snapshot. Between the lists/forums/announcements/wiki/etc., I'm sure |
65 |
that something like this would surface /immediately/. |
66 |
|
67 |
Just my 2¢... |
68 |
|
69 |
> |
70 |
> -- |
71 |
> gentux |
72 |
> echo "hfouvyyAhnbjm/dpn" | perl -pe 's/(.)/chr(ord($1)-1)/ge' |
73 |
> |
74 |
> gentux's gpg fingerprint ==> 5495 0388 67FF 0B89 1239 D840 4CF0 |
75 |
> 39E2 18D3 4A9E |
76 |
-----BEGIN PGP SIGNATURE----- |
77 |
Version: GnuPG v1.4.4 (GNU/Linux) |
78 |
|
79 |
iD8DBQFErsVqTPA54hjTSp4RApBDAKC9nlQd45p1UkwM8nD+WGOh+ZLewwCgrX9q |
80 |
DvV9ZNnD3GQjYEtd4DeCR0w= |
81 |
=sguh |
82 |
-----END PGP SIGNATURE----- |
83 |
|
84 |
-- |
85 |
gentoo-user@g.o mailing list |