Drawing lessons from fatal SELinux bug #1054350
Ralf Corsepius
rc040203 at freenet.de
Fri Jan 24 15:40:01 UTC 2014
On 01/24/2014 04:06 PM, Reindl Harald wrote:
> Am 24.01.2014 15:55, schrieb Ralf Corsepius:
>> On 01/24/2014 01:39 PM, Kevin Kofler wrote:
>>> Adam Williamson wrote:
>>>> Even if we can do it on the mirrors, we have no way to 'recall' a
>>>> package from systems where it's already been installed (of course in the
>>>> current case that wouldn't have worked anyway, but we're discussing the
>>>> generic case here).
>>>
>>> Crazy idea of the day: Maybe our update tools should default to distro-sync
>>> rather than update?
>> No, for 2 reasons:
>>
>> a) This would blow away all installed packages, which aren't available in permanently enabled repos
>
> that is not true, try it out
Been there many times.
Real world example with a package I maintain, which currently has an
update pending in updates-testing:
# yum install gumbo-parser
...
Installing : gumbo-parser-1.0-0.2.20131001gitd90ea2b.fc20.x86_64
...
[Note: updates-testing is disabled in
/etc/yum.repo.d/fedora-updates-testing.repo]
Now temporarily enable updates-testing to pull in the package from
updates-testing for testing:
# yum update --enablerepo=updates-testing gumbo-parser
...
Updating : gumbo-parser-1.0-0.2.20131204git87b99f2.fc20.x86_64
...
# yum distro-sync
...
Downgrading:
gumbo-parser x86_64
1.0-0.2.20131001gitd90ea2b.fc20 fedora
...
Removed:
gumbo-parser.x86_64 0:1.0-0.2.20131204git87b99f2.fc20
Installed:
gumbo-parser.x86_64 0:1.0-0.2.20131001gitd90ea2b.fc20
...
=>
qed
Ralf
More information about the devel
mailing list