> I would be interested in these scripts too You can obtain rpmalert from: http://www.chiark.greenend.org.uk/~peterb/rpms/ You can also find other older versions in various places (google finds several), but that is the author's current version. Peter hasn't released rpmstream (or the old code I still use for repository maintenance, and install-tree building; which he also wrote), so I don't feel comfortable posting it. I'll check with him and see if he minds others seeing it yet... Since at least one other person mentioned the "redhad iso howto" the info in there is correct (as far as I remember), and the rh_buildtree code essentially does: rsync over the latest updates + local updates into local disk use rpmalert to get a list of updated versions, link into a union-directory containing all versions of all packages in the output tree run rpmalert to see what versions are newer in union for each of the new packages sig-check them and if they pass hard-link them into place. clean up the output tree to remove older versions/avoid duplicates etc (using rpmalert again) generate an rpmalert xref-file of the latest versions make the tree suitable for use as an (nfs) install tree as described in the rh iso howto: # pass 1 no order list (yet) genhdlist --hdlist RedHat/base/hdlist.new "$PWD" mv RedHat/base/hdlist.new RedHat/base/hdlist mv RedHat/base/hdlist.new2 RedHat/base/hdlist2 # make order file; depends on hdlist PYTHONPATH=/usr/lib/anaconda pkgorder . i386 > RedHat/base/orderlist # pass 2 uses order list genhdlist --fileorder RedHat/base/orderlist --hdlist RedHat/base/hdlist.new "$PWD" mv RedHat/base/hdlist.new RedHat/base/hdlist mv RedHat/base/hdlist.new2 RedHat/base/hdlist2 We don't bother with the other steps needed to make iso images since we always do network-installs. Apparently you have to be somewhat careful that you use the RH-X anaconda to make files which work properly with that version. Once you have an up-to-date tree you can probably make it into a yum/atp repository fairly easily too but I have no experience with those (yet). We use a script rpm-upgrade which is a wrapper round rpmalert and performs upgrades of those rpms which have been manually checked as ok (and don't clash with sets of "altered" files etc). It does checks on in-use shared-libs, setuid-file changing (we keep a tripwire-like database), etc. It has a nasty tendency to think that machines need rebooting to re-start running daemons etc even if they don't really -- with a bit more work that could probably be fixed up. Since I wrote that (hack though it is), I'll gladly post a pointer to it. I have a patch (not yet applied) which fixes rpm-update to check that packages which contain %config(noreplace) files which are listed in our "don't touch" list of files won't prevent the package being updated. In case anyone wants to read though the scripts and pick them to pieces they can be found at: http://www.damtp.cam.ac.uk/user/jp107/rh80-updates/ which also has rpms/srpms for the "local" updates we apply to our RH80 machines. -- Jon -- fedora-legacy-list@xxxxxxxxxx http://www.redhat.com/mailman/listinfo/fedora-legacy-list
