Am Mittwoch 16 August 2006 15:12 schrieb Paul Kölle: > Jan Meier wrote: > > I would be willing to start such a stable tree, I am thinking of taking a > > current portage tree, delete all ~arch ebuilds and create an overlay. > > Every time a security announcement is fired up I will add the newer > > ebuild to the overlay, checking for any really needed depencies. > > ~arch doesn't hurt, so the main difference to glsa-check+standard tree > would be old ebuilds not being deleted right?
No, the advantage would be that new ebuilds would not come into the portage tree. Only security relevant ebuilds, formerly which fix security holes, would come into the tree (kernel, php, mysql, apache, etc. should not be stopped from entering the portage tree). This has the advantage that there would be less packages to update when the system has to be updated. And if there are security relevant updates there would not be as much dependency updates as with the normal tree. Take a look here: http://www.gentoo.org/proj/en/glep/glep-0019.html Regards Jan -- [email protected] mailing list
