| 1 |
-----BEGIN PGP SIGNED MESSAGE----- |
| 2 |
Hash: SHA1 |
| 3 |
|
| 4 |
Rafael Fernández López wrote: |
| 5 |
> Hi, |
| 6 |
> |
| 7 |
> This is not flame war. I love Gentoo, and it is the distribution |
| 8 |
> that |
| 9 |
> fits me perfectly, but I've been wondering this last year what things |
| 10 |
> can be improved in this wonderful distro. |
| 11 |
> |
| 12 |
> The first thing that I'd change is "etc-update" or |
| 13 |
> "dispatch-conf". I'd |
| 14 |
> suggest to create some kind of tool like "dpkg-reconfigure" in Debian. |
| 15 |
> More intuitive than reading /etc files and writing them by hand that is |
| 16 |
> more probably to be mistaken when writing. |
| 17 |
|
| 18 |
I do agree that these tools fall slightly short of the goal - which |
| 19 |
IMHO it to effectively "manage" config files when updating packages, |
| 20 |
and to "dumb down" the management process. |
| 21 |
|
| 22 |
I've noticed that a majority of the *.conf updates (especially |
| 23 |
recently) tend to be changing the date(s) in the Gentoo copyright |
| 24 |
notice (from 2005 -> 2006) and/or cvs document version header updates |
| 25 |
(e.g. v1.5 to v1.6). I typically use dispatch-conf, so maybe this is |
| 26 |
what etc-update calls "trivial updates". Without going into too many |
| 27 |
specifics (since the thread wasn't started in a specific manner), one |
| 28 |
of my pet peeves about dispatch-conf is that the new, unmodified |
| 29 |
*.conf files take precedence. I know there's the "merge" option, and |
| 30 |
admittedly, I haven't quite figured out how to use that effectively. |
| 31 |
But if a new *.conf file is presented, shouldn't/couldn't it diff the |
| 32 |
new with the old and automatically incorporate the differences into |
| 33 |
the new *.conf file? |
| 34 |
|
| 35 |
More to the point, as I'm not familiar with "dpkg-reconfigure", or |
| 36 |
debian for that matter, why not point out specific short-comings of |
| 37 |
the existing tools? Or propose a better approach to solving the |
| 38 |
*.conf file management issue (philosophically or technically - i.e. |
| 39 |
write one)? |
| 40 |
|
| 41 |
> |
| 42 |
> Second thing that I'd improve is a security one. I know that |
| 43 |
> "emerge" |
| 44 |
> is a very cared package, but it is a script. Suppose that someone |
| 45 |
> commits portage with a emerge failure in its code (he forgot a comma |
| 46 |
> !!)... if someone updates portage won't be able to update it again |
| 47 |
> because it will fail ever and ever again... So I suggest to have a |
| 48 |
> backuped emerge script that we are sure that worked (like the last |
| 49 |
> emerge tool that was used), and if the new emerge tool is mistaken (so |
| 50 |
> that user doesn't need to know python) only has to run "regenemerge" for |
| 51 |
> example, and will have the latest emerge working tool. |
| 52 |
> |
| 53 |
> |
| 54 |
I don't know if this is technically a "security issue", moreso an |
| 55 |
availability issue (which, yes, technically falls under security in |
| 56 |
terms of confidentiality-integrity-availability, but in my mind falls |
| 57 |
slightly outside of the umbrella). While you present a valid concern, |
| 58 |
I believe this is addressed by the whole masking/testing process that |
| 59 |
is currently architected into portage. If a portage developer managed |
| 60 |
to leave out a comma when doing a cvs commit, it's *very* likely going |
| 61 |
to be found before portage is moved to the stable tree. Worst case |
| 62 |
scenario, if something like this *were* to fall through the cracks, |
| 63 |
grab your trusty install-CD and revert to a known-good portage |
| 64 |
snapshot. Between the lists/forums/announcements/wiki/etc., I'm sure |
| 65 |
that something like this would surface /immediately/. |
| 66 |
|
| 67 |
Just my 2¢... |
| 68 |
|
| 69 |
> |
| 70 |
> -- |
| 71 |
> gentux |
| 72 |
> echo "hfouvyyAhnbjm/dpn" | perl -pe 's/(.)/chr(ord($1)-1)/ge' |
| 73 |
> |
| 74 |
> gentux's gpg fingerprint ==> 5495 0388 67FF 0B89 1239 D840 4CF0 |
| 75 |
> 39E2 18D3 4A9E |
| 76 |
-----BEGIN PGP SIGNATURE----- |
| 77 |
Version: GnuPG v1.4.4 (GNU/Linux) |
| 78 |
|
| 79 |
iD8DBQFErsVqTPA54hjTSp4RApBDAKC9nlQd45p1UkwM8nD+WGOh+ZLewwCgrX9q |
| 80 |
DvV9ZNnD3GQjYEtd4DeCR0w= |
| 81 |
=sguh |
| 82 |
-----END PGP SIGNATURE----- |
| 83 |
|
| 84 |
-- |
| 85 |
gentoo-user@g.o mailing list |
Archives