Feature changed by: Ned Ulbricht (ned_ulbricht) Feature #310233, revision 9 Title: skip repo update when installing packages with zypper openFATE: Unconfirmed Priority Requester: Important Requested by: Denny Beyer (lumnis) Description: When installing a new package with zypper etc. everytime you run zypper, repos are getting updated and the user has to wait for that process to be finished. Because a general user needs several extra repos, this waiting time always seems to be too long. Why not running 'zypper ref' as a low priority task after startup/time intervall has passed and give the user immidiate access to zypper to install a software package? The picture I have in mind is someone just wants to install a package. Discussion: #1: Jan Engelhardt (jengelh) (2010-07-25 13:14:49)
Because a general user needs several extra repo No he does not.
#2: Denny Beyer (lumnis) (2010-07-25 16:20:28) (reply to #1) and you are THE general user to have the worlds wisdom to judge that .... why don't you leave that decision up to openfate users to vote? #3: Ned Ulbricht (ned_ulbricht) (2010-07-25 18:13:07) You don't want someone unknowingly installing a vulnerable package after a security update has been released. #4: Denny Beyer (lumnis) (2010-07-25 22:44:32) (reply to #3) Please explain, I don't see any difference it would make to weather I wait for zypper or not. #6: Ned Ulbricht (ned_ulbricht) (2010-07-25 23:10:35) (reply to #4) Let's take this explanation a little piece at a time. So first, say there's a package on the DVD, call it foo-1.0-1.i586.rpm . Now, since the last time you've refreshed your repos, there's been a awful security flaw found and patched. The updates repo has foo-1.1-1. i586.rpm available. (Never mind delta rpms, let's keep this simple.) What do you think should happen when you execute.... # zypper install foo ??? If libzypp hasn't refreshed the updates repo, how is libzypp supposed to know that foo-1.1-1.i586.rpm exists? Computer telepathy? Take a swing at answering this, please. #5: Stefanos Kotsonis (kotsonis) (2010-07-25 22:57:27) (reply to #3) Agreed, but those are going to show up on the desktop via the updater applet. The idea of having zypper keeping itself refreshed via a daemon makes a lot of sense to me. + #7: Ned Ulbricht (ned_ulbricht) (2010-07-25 23:19:48) (reply to #5) + How big of a vulnerability window do you want? + + I normally back off to repo.refresh.delay = 60 in /etc/zypp/zypp.conf + . I wouldn't recommend that as a default. But it's convenient for me, + and I know I put that value in there, so it doesn't surprise me. + + Compare that hour to refreshing metadata in the background every + hour. How much bandwidth do you want to spend? The load gets heavier + if leave the default at 10 minutes. -- openSUSE Feature: https://features.opensuse.org/310233