Another plug... On Friday 11 February 2005 03:28, stephen white wrote: > On 11/02/2005, at 5:50 AM, Sune Kloppenborg Jeppesen wrote: > glsa-check should over-ride my make.profile/packages configuration > though? That's a minor detail though... the important thing is for me > to be able to lock down my own stable packages, because I don't believe > that using an external stable tree will provide help against deployment > specific issues - hence QA is always the user's problem. > > > What's a good lazy way of locking all the stable packages in my > profile? I'm a bit worried about dumping 90,000 lines into > make.profile/packages since I expect portage will slow down and choke > (will have to try and see!). Let me know if there's any interest and > I'll report back with the results and likely a document detailing how > to use portage with this approach. While considering the alternatives for GLEP 19, someone wrote a script to grap stable packages and lock them in a profile. We only locked top level packages so everything was not locked. But the way I would do it is to simply not sync the main Portage tree. Instead maintain a small security/bug fix/custom overlay.
-- Sune Kloppenborg Jeppesen Gentoo Linux Security Team
pgp2jpRRhvxHS.pgp
Description: PGP signature
