Yum packages (again)
Patrick O'Callaghan
pocallaghan at gmail.com
Fri Feb 29 14:29:28 UTC 2008
On Fri, 2008-02-29 at 12:04 +0100, Michael Schwendt wrote:
> On Thu, 28 Feb 2008 10:23:38 -0430, Patrick O'Callaghan wrote:
>
> > [...] It would not be beyond reason for Yum to know that certain
> > repos work well with each other and others don't,
>
> That is not feasible.
>
> Whether repositories are compatible with each other depends on their
> contents, not on their repo ids. Users can give repositories arbitrary
> names in the yum config files. Should Yum blacklist unknown repositories
> by default? Once something has been installed from an unidentified repo,
> it may be too late, because the system may have become incompatible with
> other packages already.
>
> Nowhere it is defined which repositories do work with each other. All are
> supposed to be compatible with Fedora, because they are built for Fedora.
> But there is a serious lack of man-power to ensure that all possible
> subsets of repositories work with each other all of the time, too.
>
> Sometimes they break things accidentally, and that alone can result in
> a hard problem for the "naive user" you referred to. Because the
> "naive user" doesn't ask for good help. The really "naive user" either
> gives up (I've seen some who installed from scratch, avoiding extra
> repos like the plague) or use Google to come up with a dangerous or
> even malicious work-around like "rpm --force" installs or linking
> libraries with different sonames to each other.
>
> > and to warn the user when conflicts might occur. A plugin perhaps?
>
> Yum cannot look into the future.
>
> Normal conflicts, such as explicit "Conflicts:" tags in the packages
> and file conflicts found during the RPM transaction check, are fatal
> error conditions already. But it is not enough to prevent future
> conflicts caused by adding repos.
>
> Even if Yum ran an expensive repoclosure calculation whenever the
> repository configuration changed would not protect from future breakage.
Fair enough, but does anyone know if the apt-get system in Ubuntu also
suffers from these problems, and if not why not?
poc
More information about the fedora-list
mailing list