[Yum-devel] post 3.2.0 things to think about

Michael E Brown Michael_E_Brown at dell.com
Wed May 2 17:54:42 UTC 2007


On Wed, May 02, 2007 at 01:37:39PM -0400, seth vidal wrote:
> Some other brainstorms as I've been sitting around and talking to folks
> on jabber and irc. Some of these are things to add into yum, others are
> just things to implement as yum-utils - but feedback on the stupidity of
> some of these items is welcome, in no particular order:
> 
> 1. supporting gpg/x509 signatures detached from repomd.xml on each repo
> - so we can check the content for validity

Yay. End-to-end verification is a good thing. I *just* started looking
at apt stuff last week, and noticed that they sign their stuff at the
top and let all the verification flow downwards as well.

Also would probably want to integrate this into createrepo. Have it take
a "-k keyid" parameter to tell it to sign with a specific key, or "-s"
to sign with default key.

> 
> 2. yum-util system-sync - to make two systems more or less identical
> pkg-wise to each other (maybe also spit out a %packages section to a
> ks.cfg, too)
> 
> 3. taking the 'tolerant' config option in yum and using it to implement
> what the --skip-broken plugin does (more or less) but internal to yum

Makes it easier to do upgrades when somebody's repo has done ill-advised
things like replace distro packages. I'm for this.

> 4. in general look at the plugins and utils and see what features would
> be better off in the base code or vice-versa. Is there core code that
> should really go live in a plugin
> 
> 5. yum-gate - take the code that rnorwood posted and maybe work on
> making it more releasable for folks to use as an authenticated yum repo.
> Alternatively, look at one of the other system-config-mgmt tools to work
> for that. 

This would be nice. (yum-gate is not a very good google search term,
though.) I'm not sure we (Dell) would set something like this up, but
I've had some inquiries.

> 6. YumBase.install() has a pattern=pkgglob kwarg it takes, remove() and
> update() don't. I want to fix that. If for no other reason than to make
> the yum cli code simpler.
> 
> Any of those things seem cool or silly?

Well, this is yum, so of course they are all silly.
--
Michael



More information about the Yum-devel mailing list