First off this could sound as a shameful plug of GLEP 19. On Thursday 10 February 2005 18:39, Wendall Cada wrote: > <snip> > > > So I guess this is amended to portage just doing its best and telling > > me when it can't do it. That way I'm the sysadmin making the decision > > what to do with a changed machine - eg, I could decided to update the > > whole system and re-QA it. > > </snip> > > Very good discussion. I think this would be an excellent approach as > well. If I am understanding correctly, the process would be as follows: > > 1. emerge sync. > 2. run script against portage to protect stable packages You could lock versions in your own profile.
> 3. update normally > > This would have many major benefits. Especially if major package version > changes for stable packages can be done on a quarterly/semi-annual > basis. With only security patches being applied in the interim. With your own profile you can accomplish what you're outlining above. If you're lazy like me you could wait for GLEP 19. <snip> > It would also be nice if one had to manually change to a new stable tree > via make.conf. This way, an admin knows exactly when they will be making > major version changes. In this scenario, if I make the change in > make.conf, emerge sync and re-QA the tree against the new profile, I can > run an emerge -uDp world against my current setup and take a look at > what I'm getting myself into. I can then make decisions on what can or > will break and possibly choose to roll back to the previous snapshot > until I have a day available to update and test correctly. Planned bi-annual release of stable tree provided by GLEP 19. <snip> > The only area I see potential problems is with python apps. (Correct me > if I'm wrong) Portage depends on stable and fairly specific versions of > python. Some python apps may be pushed beyond where they should, or held > back based on the portage version of python. I don't know if python is > slottable or not yet, but if it isn't, this may be something to bring > up, since I think this is and has been a problem. The way many packages > work around this is to include their own copy of python. Not something I > really like, but appears to be the solution at present. As previously mentioned eclasses are constantly updated with your scenario.. -- Sune Kloppenborg Jeppesen Gentoo Linux Security Team
pgpOw3S4sT1rQ.pgp
Description: PGP signature
