Package Management Blows Goats (use cases)

Nicolas Mailhot nicolas.mailhot at
Mon Aug 13 18:46:05 UTC 2007

BTW, on the same topic. Another reason our package management sucks is
its propagation time. Builds are composed in koji. Then after a while
propagated to a master serveur. Then after some hours or days synced by
several layers of mirrors. Then at last installed on user systems. So
you have this huge delay between packager action and package

In particular that means when a faulty package is released (cough
rawhide cough) it continues to be installed by users hours or days after
the packager has identified there's a problem and started to work on a
fix. Meanwhile users flood the support channels with the same questions
(or not, since so many people hit the same problems they just hope
someone else already reported them and keep quiet)

Since everyone feeding from the same instantaneously-updated root server
won't happen, the next best thing would be not to add a wiki with info
on known problems (difficult to keep up to date and no one will read it
before hitting problems anyway), but rss-like blacklist support in yum.
(just a signed known-bad package list in a central location yum would
consult before considering new packages)

PROs :
- such a list can be updated in real-time with little effort (just put a
FAS-protected webform somewhere before the blacklist generator)
- such a list would be small, so there's no reasons user yums can not
consult it directly instead of going through the big-latency mirror
hierarchy (additionnally I'm sure the people counting fedora users would
like this)
- blacklisting bad packages gives packagers some time to fix problems
- blacklisting bad packages means support channels are not flooded with
the same repeated questions
- working real-time blacklisting means testers know that if they hit a
problem it's probably not been reported yet, so doing it is helpful to
the project

I don't see any


Nicolas Mailhot
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 197 bytes
Desc: Ceci est une partie de message num?riquement sign?e
URL: <>

More information about the fedora-devel-list mailing list