On Mon, Jun 30, 2008 at 10:19 PM, Michael Stone <[EMAIL PROTECTED]> wrote: > On Mon, Jun 30, 2008 at 04:58:33PM -0400, C. Scott Ananian wrote: > >> + yum -yt --nogpgcheck install $pkgs > > 1. As an earlier commenter hinted, you want localinstall because > otherwise yum may try to talk to the network in order to download its > header cache and to look for newer versions of packages that satisfy > dependencies of the installation set.
k, thx. >> @@ -212,6 +228,11 @@ __EOF__ >> echo "olpc-configure: replaying rainbow spool..." >> /usr/sbin/rainbow-replay-spool >> fi >> + >> + # developer customizations. >> + if /usr/bin/olpc-test-devkey -q ; then >> + install_customization_packages > > 2. Do we need a guard for the existence and executability of > olpc-test-devkey? it's in the Requires clause for the package, but also bash does not echo 'yes' given: $ if /asdasd ; then echo yes ; fi > 3. Why do we care whether there's a devkey? We would actually be better > off checking that all the RPMs we're installing are owned by uid 0, > this being the exact privilege that we're attempting to safeguard. because we're also trying to enforce P_SF_RUN and a whole bunch of other random things; all of which everyone seems to agree can be subsumed under "you're a developer, you can shoot yourself in the foot if you want to". The loosey-goosey "but this is highly likely to break when you upgrade between major releases" objection, for instance, is answered by the foot-shooting permission. --scott -- ( http://cscott.net/ ) _______________________________________________ Devel mailing list Devel@lists.laptop.org http://lists.laptop.org/listinfo/devel