Re: When the floodgates open ...

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

Todd Zullinger wrote:

Bill Davidsen wrote:

If there is a simple explanation of why these are not combined into
a single package, I would like to hear it.


Let's use Fedora 9 as an example.  I believe the current
fedora-release package in updates is 9-2.  That contains the old key
and yum repo files which point to the current URLs.  An updated
fedora-release package will contain the new key and repo files with
the new URLs (where all of the packages that have been re-signed with
the new key are located).

On the first yum update, this package will get installed (from the
current updates URL, and signed with the old key).  It will require a
second yum update to begin using the new repo files with the updated
URLs to see the newly signed packages (which will also cause yum to
import the new key¹).

A further update of fedora-release from the new location is expected
to remove the old key from the rpm database.


Thanks, that's dead clear, which my question was not :-(
I got the impression that the installation of the new key and the new repo location were the two steps you had in mind (two updates) followed by the actual installation of the latest updates. 


If it's complex or secret  that's fine, I don't see the obvious
problem combining them, but I don't  claim great RPM expertise.


No secret at all.  The plan is outlined at:

http://lists.fedoraproject.org/pipermail/rel-eng/2008-August/001627.html

¹ There is a possibility that this process could change slightly as
  currently PackageKit does not handle updating the new key properly.
Obviously, if you caught my other recent post on ISOs, the step 10 in that plan is the one I would like to include a respin ISO of everything, current as of the release of the new key, for ease of upgrade and install. However, what is proposed in the document is certainly workable, although some of the mirrors may wish for superconducting wire to handle the load when everyone upgrades.
If I might offer a further thought, if there are security updates in the queue, it might be desirable to release them and wait a day until people get the important stuff installed, 

--
Bill Davidsen <davidsen@xxxxxxx>
  "We have more to fear from the bungling of the incompetent than from
the machinations of the wicked."  - from Slashdot


--
fedora-list mailing list
fedora-list@xxxxxxxxxx
To unsubscribe: https://www.redhat.com/mailman/listinfo/fedora-list
Guidelines: http://fedoraproject.org/wiki/Communicate/MailingListGuidelines
[Index of Archives]     [Older Fedora Users]     [Fedora Announce]     [Fedora Package Announce]     [EPEL Announce]     [Fedora Magazine]     [Fedora News]     [Fedora Summer Coding]     [Fedora Laptop]     [Fedora Cloud]     [Fedora Advisory Board]     [Fedora Education]     [Fedora Security]     [Fedora Scitech]     [Fedora Robotics]     [Fedora Maintainers]     [Fedora Infrastructure]     [Fedora Websites]     [Anaconda Devel]     [Fedora Devel Java]     [Fedora Legacy]     [Fedora Desktop]     [Fedora Fonts]     [ATA RAID]     [Fedora Marketing]     [Fedora Management Tools]     [Fedora Mentors]     [SSH]     [Fedora Package Review]     [Fedora R Devel]     [Fedora PHP Devel]     [Kickstart]     [Fedora Music]     [Fedora Packaging]     [Centos]     [Fedora SELinux]     [Fedora Legal]     [Fedora Kernel]     [Fedora OCaml]     [Coolkey]     [Virtualization Tools]     [ET Management Tools]     [Yum Users]     [Tux]     [Yosemite News]     [Gnome Users]     [KDE Users]     [Fedora Art]     [Fedora Docs]     [Asterisk PBX]     [Fedora Sparc]     [Fedora Universal Network Connector]     [Libvirt Users]     [Fedora ARM]

  Powered by Linux