[Yum-devel] post 3.2.0 things to think about
seth vidal
skvidal at linux.duke.edu
Thu May 3 21:00:48 UTC 2007
On Wed, 2007-05-02 at 22:07 -0400, Jeremy Katz wrote:
> On Wed, 2007-05-02 at 13:37 -0400, seth vidal wrote:
> > 1. supporting gpg/x509 signatures detached from repomd.xml on each repo
> > - so we can check the content for validity
>
> Sounds like a good thing to have
>
> > 2. yum-util system-sync - to make two systems more or less identical
> > pkg-wise to each other (maybe also spit out a %packages section to a
> > ks.cfg, too)
>
> Not entirely sure how useful this really is since configuration is also
> a huge part of systems being identical, but meh.
I've been asked for it quite a bit and while i've told folks - no no -
just use kickstart the number of folks who don't want to do that is
oddly larger than I would expect. Mostly folks afraid of messing with
the 'other stuff' on a machine their not familiar with, probably.
> > 3. taking the 'tolerant' config option in yum and using it to implement
> > what the --skip-broken plugin does (more or less) but internal to yum
>
> Lots of people seem to want this. I'm not sure I'm sold on it since I'd
> really rather stop the problems before they get to users. But at the
> same time, we can't really do that for all combinations of repos I
> guess. The tricky thing will be doing this in a way that can work
> nicely with pirut, yumex, etc
Well we should be able to step around conflicts a bit easier in the
future, I think. Unresolveable deps shouldn't be impossible, either. I
think it's just a matter of making sure we work on the error/results
codes well so pirut,yumex,etc can report things quasi-sensibly.
Alternatively, we can just shove it into the logs :)
> > 5. yum-gate - take the code that rnorwood posted and maybe work on
> > making it more releasable for folks to use as an authenticated yum repo.
> > Alternatively, look at one of the other system-config-mgmt tools to work
> > for that.
>
> Yeah, it'd be nice to get something good here. I think that there are
> likely a lot of people out there who'd jump on it if we put out an easy
> way of doing it
I like what tim just posted of ssl client certs. That makes what
yum-gate does pretty simple. If you combined the client certs with the
yumvars-redefintion we added in 3.1.7 via postconfig hook then you could
do custom repos with authentication. That handles a good portion of
yum-gate - though we could definitely make it simpler to implement
w/some docs.
> > 6. YumBase.install() has a pattern=pkgglob kwarg it takes, remove() and
> > update() don't. I want to fix that. If for no other reason than to make
> > the yum cli code simpler.
>
> That's just silliness ;-)
I talk w/the crazy!
-sv
More information about the Yum-devel
mailing list