Re: pm-utils - ATrpms updates a system package on the stable branch

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]



On Tue, Jul 08, 2008 at 12:17:58PM -0500, Lanny Marcus wrote:
> On Tue, Jul 8, 2008 at 9:50 AM, Johnny Hughes <jhughes@xxxxxxxxxxxx> wrote:
> 
> > Axel Thimm wrote:
> >
> >> On Mon, Jul 07, 2008 at 04:20:30PM -0600, Kenneth Burgener wrote:
> >>
> >>> On 7/7/2008 2:26 PM, Scott Silva wrote:
> >>>
> >>>> on 7-7-2008 12:45 PM Kenneth Burgener spake the following:
> >>>>
> >>>>> "The CentOS 5/RHEL 5 repository from atrpms.net is safe to use, if you
> >>>>> only use the stable version. Packages in there do not overwrite system
> >>>>> packages." [1]
> >>>>>
> >>>>> [1] http://wiki.centos.org/AdditionalResources/Repositories/
> >>>>>
> >>>> You need to use the priorities plugin if you are going to use 3rd party
> >>>> repos. There is no other safe way about it.
> >>>>
> >>>
> >> Using client side filtering is not recommended, it creates more bugs,
> >> than it can solve. The proper thing is to take care of it on the
> >> server side, where the package owners are supposed to know how to
> >> structure the repos.
> >>
> >
> > Client filtering is not recommended by some people ... but highly
> > recommended by others :-D
> >
> > I would be one of the highly recommended votes
> >
> 
> If you want to protect your box, use priorities, as Johnny and many
> others here recommend.. Nobody else is going to protect your box for
> you. You set the priorities and you protect it. To be polite, I
> believe the 4 line blurb above, about client side filtering is
> B.S. It is your box, it is your job to protect your box.  Do not
> trust anyone else to protect your box, whether it is security
> related or related to repos for packages.

So, if it is indeed B.S. may I entitle you officer of resolving
phantom bugs that emerge out of this? Imagine package foo requiring
bar and both packages falling into the wrong client side filtering ...
Or google for partial and/or selective filtering of repos.

At any rate this is moot for CentOS5 anyway as the repo is indeed
(trying to) keep the base w/o any replacements, so you will never
trigger these filtering features^Wbugs. But once you start using the
full repo *and* filtering, all bug reports go Cc: to Lanny :)
-- 
Axel.Thimm at ATrpms.net
_______________________________________________
CentOS mailing list
CentOS@xxxxxxxxxx
http://lists.centos.org/mailman/listinfo/centos

[Index of Archives]     [CentOS]     [CentOS Announce]     [CentOS Development]     [CentOS ARM Devel]     [CentOS Docs]     [CentOS Virtualization]     [Carrier Grade Linux]     [Linux Media]     [Asterisk]     [DCCP]     [Netdev]     [Xorg]     [Linux USB]
  Powered by Linux