Hi Sage, On 07/22/2018 04:07 PM, Sage Weil wrote: > 4- Once the release was out and known to be bad, we didn't have a way > to revert the repo to prevent people from installing the bad version. > Even if they were aware, in some cases (deb) there wasn't a way for > them to explicitly get the older packages. (I think.) I think we > should discuss this with #1 this week to brainstorm possible > solutions. Perhaps something as simple as keeping full copies of the > published repos for each release and linking to the latest/best one > via symlinks? That sounds like a good approach to me. Being able to quickly revert to a previous state of the package repository is essential. Using a symlink makes this a quick and atomic operation. If published packages have turned out to be bad, there must be an easy way to pull them to avoid further damage. If fixed packages are available, their version/build number must be higher than the previous bad ones, to indicate these are rebuilds (and to trigger updates on systems that installed the bad ones before). Lenz -- SUSE Linux GmbH - Maxfeldstr. 5 - 90409 Nuernberg (Germany) GF:Felix Imendörffer,Jane Smithard,Graham Norton,HRB 21284 (AG Nürnberg)
Attachment:
signature.asc
Description: OpenPGP digital signature
