On Tuesday 20 September 2005 01:12, gentuxx wrote: > >>If every security fix comes out with "--oneshot" being recommended, > >>how do I know if it's a dependency of a package in world, or an entity > >>in world? (This seems like an extension of the questioning above.) > > > >What does it matter in the context of a security update? > > Well, I'm trying to see if I can get a better understanding of how it > all fits together. But, I want to make sure that I don't have 2 > packages running around on the system (1 patched, and 1 NOT patched).
A version of a package can only be installed once. --oneshot does not change any behaviour in this regard. All it changes is whether the package is added to (or confirmed to be already in) the world list or not. > >>Also, for the most recent firefox update, I would run the command as > >>recommended with the "-p" flag, and it would see the package. If I > >>run "emerge -Dupv mozilla-firefox" I only get a few of the (supposed) > >>dependencies, and not the package itself, while the package installed > >>(when I do "emerge search mozilla-firefox") is 1.0.6-r5. > > > >If that is the case then 1.0.6-r5 is the latest version available for > > you with respect to your current snapshot of the tree. > > Well, I did an "emerge sync" right before issuing the command above. > I would think that if the updated package is available for > "--oneshot", it would be available when I run "emerge -Du(p)v world". > But that didn't seem to be the case. --oneshot does not prevent the installation of a package that has not been installed already. If --oneshot shows the package as new, there's no reason to install it. If it shows it as an upgrade, your world file must be incomplete. Take a look at /var/lib/portage/world and check the output of `emerge -p depclean` to be sure. -- Jason Stubbs
pgpFXkvs3iOuU.pgp
Description: PGP signature
