[softwaremgmt] assign lower priority to newly added repositories
User added repositories should have a lower priority than the core distro repos (change request). Usually these repositories contain additional software not available anywhere else but are less trustworthy than the core distro packages. f.i. I do not want packages to be installed from Packman if they are available in the core distro as well. If there are certain packages that should rather be taken from Packman than OpenSuse-OSS I wanna select them manually. Even worse giving newly added repos a higher priority by default will make all those temporarily added repos that just were intended to install a single package or a few override the core distro packages. The security implications are really just too bad. So even if someone would like Packman to have a higher priority than the core distro packages that should not automatically be applied to all temporarily added repos. Even worse some users will desire to add Suse11.0-repos to a Suse 11.1 installation, because a couple of packages are not available in 11.1 as it is not a major release. -- To unsubscribe, e-mail: opensuse-softwaremgmt+unsubscribe@opensuse.org For additional commands, e-mail: opensuse-softwaremgmt+help@opensuse.org
On Thursday 26 March 2009 20:05:38 Elmar Stellnberger wrote:
User added repositories should have a lower priority than the core distro repos (change request). Usually these repositories contain additional software not available anywhere else but are less trustworthy than the core distro packages. f.i. I do not want packages to be installed from Packman if they are available in the core distro as well. If there are certain packages that should rather be taken from Packman than OpenSuse-OSS I wanna select them manually. Even worse giving newly added repos a higher priority by default will make all those temporarily added repos that just were intended to install a single package or a few override the core distro packages. The security implications are really just too bad. So even if someone would like Packman to have a higher priority than the core distro packages that should not automatically be applied to all temporarily added repos. Even worse some users will desire to add Suse11.0-repos to a Suse 11.1 installation, because a couple of packages are not available in 11.1 as it is not a major release.
The source of confusion are IMO malformed controll.xml files located on the installation media. They are evaluated by yast and lead to update repos with priority 20, and 11.1 repos with low priority 100. Both is pretty bad. The install media should not define any repo priority. Repos should be created with the default priority (99). Whether and how repo priorities are used should be decision of the local admin. Everything else leads to confusion. I'd suggest to change at least all the 'priority=100' repos back to the default: sudo sed -i 's/^priority=100//' /etc/zypp/repos.d/* -- cu, Michael Andres +------------------------------------------------------------------+ Key fingerprint = 2DFA 5D73 18B1 E7EF A862 27AC 3FB8 9E3A 27C6 B0E4 +------------------------------------------------------------------+ Michael Andres YaST Development ma@novell.com SUSE LINUX Products GmbH, GF: Markus Rex, HRB 16746 (AG Nuernberg) Maxfeldstrasse 5, D-90409 Nuernberg, Germany, ++49 (0)911 - 740 53-0 +------------------------------------------------------------------+ -- To unsubscribe, e-mail: opensuse-softwaremgmt+unsubscribe@opensuse.org For additional commands, e-mail: opensuse-softwaremgmt+help@opensuse.org
Well, I think there is pretty good reason to give the update repository a high priority like 20. Besides this I would prefer the default repos (repo-oss, repo-non-oss) to have a higher priority say 40 than user added ones (99) for the reasons of security. Core distro packages are more trustworthy than those from 2nd hand repos or temporarily added repos. The installation DVD may have a priority of 30 in order to save the user from downloading packages which are available on the DVD. This will even speed up installation for those users who have a broadband connection. It is generally no good idea to leave over priority assignment to the sys admin because in most cases there will simply be no admin. Desktop users expect their system to work out of the box. They should never need to reassign priorities. Michael Andres schrieb:
On Thursday 26 March 2009 20:05:38 Elmar Stellnberger wrote:
User added repositories should have a lower priority than the core distro repos (change request). Usually these repositories contain additional software not available anywhere else but are less trustworthy than the core distro packages. f.i. I do not want packages to be installed from Packman if they are available in the core distro as well. If there are certain packages that should rather be taken from Packman than OpenSuse-OSS I wanna select them manually. Even worse giving newly added repos a higher priority by default will make all those temporarily added repos that just were intended to install a single package or a few override the core distro packages. The security implications are really just too bad. So even if someone would like Packman to have a higher priority than the core distro packages that should not automatically be applied to all temporarily added repos. Even worse some users will desire to add Suse11.0-repos to a Suse 11.1 installation, because a couple of packages are not available in 11.1 as it is not a major release.
The source of confusion are IMO malformed controll.xml files located on the installation media. They are evaluated by yast and lead to update repos with priority 20, and 11.1 repos with low priority 100. Both is pretty bad.
The install media should not define any repo priority. Repos should be created with the default priority (99). Whether and how repo priorities are used should be decision of the local admin. Everything else leads to confusion.
I'd suggest to change at least all the 'priority=100' repos back to the default: sudo sed -i 's/^priority=100//' /etc/zypp/repos.d/*
-- To unsubscribe, e-mail: opensuse-softwaremgmt+unsubscribe@opensuse.org For additional commands, e-mail: opensuse-softwaremgmt+help@opensuse.org
On Friday 27 March 2009 13:01:22 Elmar Stellnberger wrote:
Well, I think there is pretty good reason to give the update repository a high priority like 20. Besides this I would prefer the default repos (repo-oss, repo-non-oss) to have a higher priority say 40 than user added ones (99) for the reasons of security. Core distro packages are more trustworthy than those from 2nd hand repos or temporarily added repos. The installation DVD may have a priority of 30 in order to save the user from downloading packages which are available on the DVD. This will even speed up installation for those users who have a broadband connection. It is generally no good idea to leave over priority assignment to the sys admin because in most cases there will simply be no admin. Desktop users expect their system to work out of the box. They should never need to reassign priorities.
It's security vs. convenience. At the time you add a repo you have to think about it's role and assign the priority accordingly. At the end there should probaly be some option to somehow configure it. control.xml could describe the role of the repos (update,core,user,..), and some sytem configuration file translates this into priorities: 20, 40, 99,... or 99, 99, 99,... As one likes it. -- cu, Michael Andres +------------------------------------------------------------------+ Key fingerprint = 2DFA 5D73 18B1 E7EF A862 27AC 3FB8 9E3A 27C6 B0E4 +------------------------------------------------------------------+ Michael Andres YaST Development ma@novell.com SUSE LINUX Products GmbH, GF: Markus Rex, HRB 16746 (AG Nuernberg) Maxfeldstrasse 5, D-90409 Nuernberg, Germany, ++49 (0)911 - 740 53-0 +------------------------------------------------------------------+ -- To unsubscribe, e-mail: opensuse-softwaremgmt+unsubscribe@opensuse.org For additional commands, e-mail: opensuse-softwaremgmt+help@opensuse.org
Why not keep the current priority auto-labeling by YaST? At the moment 99 is labeled as (Standard) by YaST although (user) may be a better nomenclation thatfor. We would just need auto labelling for 20(Update), 40(core repo online) and evtl. 30(core install dvd). Michael Andres schrieb:
On Friday 27 March 2009 13:01:22 Elmar Stellnberger wrote:
Well, I think there is pretty good reason to give the update repository a high priority like 20. Besides this I would prefer the default repos (repo-oss, repo-non-oss) to have a higher priority say 40 than user added ones (99) for the reasons of security. Core distro packages are more trustworthy than those from 2nd hand repos or temporarily added repos. The installation DVD may have a priority of 30 in order to save the user from downloading packages which are available on the DVD. This will even speed up installation for those users who have a broadband connection. It is generally no good idea to leave over priority assignment to the sys admin because in most cases there will simply be no admin. Desktop users expect their system to work out of the box. They should never need to reassign priorities.
It's security vs. convenience. At the time you add a repo you have to think about it's role and assign the priority accordingly.
At the end there should probaly be some option to somehow configure it. control.xml could describe the role of the repos (update,core,user,..), and some sytem configuration file translates this into priorities:
20, 40, 99,... or 99, 99, 99,...
As one likes it.
-- To unsubscribe, e-mail: opensuse-softwaremgmt+unsubscribe@opensuse.org For additional commands, e-mail: opensuse-softwaremgmt+help@opensuse.org
On Friday 27 March 2009 16:40:27 Elmar Stellnberger wrote:
Why not keep the current priority auto-labeling by YaST?
Look at the situation: The install media (not YaST !) defines priority 100 for the core repos. Although it's not appropriate for your system, you can't help it. It's hardcoded on the DVD.
At the moment 99 is labeled as (Standard) by YaST although (user) may be a better nomenclation thatfor. We would just need auto labelling for 20(Update), 40(core repo online) and evtl. 30(core install dvd).
Yes. But fixing the DVD to define reasonable priority values does not help, unless the same value fits all systems. But I don't think this is true. That's why I'd suggest to use symbolic names on the DVD, and locally map them to priority values. In case our defaults don't match your needs, you can change it. -- cu, Michael Andres +------------------------------------------------------------------+ Key fingerprint = 2DFA 5D73 18B1 E7EF A862 27AC 3FB8 9E3A 27C6 B0E4 +------------------------------------------------------------------+ Michael Andres YaST Development ma@novell.com SUSE LINUX Products GmbH, GF: Markus Rex, HRB 16746 (AG Nuernberg) Maxfeldstrasse 5, D-90409 Nuernberg, Germany, ++49 (0)911 - 740 53-0 +------------------------------------------------------------------+ -- To unsubscribe, e-mail: opensuse-softwaremgmt+unsubscribe@opensuse.org For additional commands, e-mail: opensuse-softwaremgmt+help@opensuse.org
Michael Andres schrieb:
On Friday 27 March 2009 16:40:27 Elmar Stellnberger wrote:
Why not keep the current priority auto-labeling by YaST?
Look at the situation: The install media (not YaST !) defines priority 100 for the core repos. Although it's not appropriate for your system, you can't help it. It's hardcoded on the DVD.
We will not be able to change standard repository priorities until up to the next release; iter est OpenSuSE 11.2
At the moment 99 is labeled as (Standard) by YaST although (user) may be a better nomenclation thatfor. We would just need auto labelling for 20(Update), 40(core repo online) and evtl. 30(core install dvd).
Yes. But fixing the DVD to define reasonable priority values does not help, unless the same value fits all systems. But I don't think this is true.
We just want to predefine priorities for a standard desktop installation the unsuspecting user should be able to make use of out of the box without having to know about complicated things like repository priorities.
That's why I'd suggest to use symbolic names on the DVD, and locally map them to priority values. In case our defaults don't match your needs, you can change it. No I don't like the idea of an additional repo priority mapping because it makes things more complicated rather than easier.
The goal should be to preassign repo priorities in a way so that the unsuspecting user does not have to change them. The reason why I am suggesting default repo priorities is that things should work out of the box. Look at bug https://bugzilla.novell.com/show_bug.cgi?id=489124. Fallacies like these are really unnecessary and can even hit an expert user hacking compilers like me. The default repo priority issue is not a private issue of me or you. We must think about what the occasional user will be able to work with. Reassigning priorities for special system setups is always possible also without an addtional mapping. We do not want to make a nerd or hacker distro, do we? If you wish, you would be better served with Gentoo or something similar, I believe. -- To unsubscribe, e-mail: opensuse-softwaremgmt+unsubscribe@opensuse.org For additional commands, e-mail: opensuse-softwaremgmt+help@opensuse.org
On Mon, Mar 30, 2009 at 03:09:54PM +0100, Elmar Stellnberger wrote:
No I don't like the idea of an additional repo priority mapping because it makes things more complicated rather than easier.
The goal should be to preassign repo priorities in a way so that the unsuspecting user does not have to change them.
Right.
The reason why I am suggesting default repo priorities is that things should work out of the box. Look at bug https://bugzilla.novell.com/show_bug.cgi?id=489124. Fallacies like these are really unnecessary and can even hit an expert user hacking compilers like me.
But those bugs wouldn't happen if all repos had priority=99 as a default. Everything else gets in the way of local policies set by the system admin. Cheers, Michael. -- Michael Schroeder mls@suse.de SUSE LINUX Products GmbH, GF Markus Rex, HRB 16746 AG Nuernberg main(_){while(_=~getchar())putchar(~_-1/(~(_|32)/13*2-11)*13);} -- To unsubscribe, e-mail: opensuse-softwaremgmt+unsubscribe@opensuse.org For additional commands, e-mail: opensuse-softwaremgmt+help@opensuse.org
Michael Schroeder schrieb:
On Mon, Mar 30, 2009 at 03:09:54PM +0100, Elmar Stellnberger wrote:
No I don't like the idea of an additional repo priority mapping because it makes things more complicated rather than easier.
The goal should be to preassign repo priorities in a way so that the unsuspecting user does not have to change them.
Right.
The reason why I am suggesting default repo priorities is that things should work out of the box. Look at bug https://bugzilla.novell.com/show_bug.cgi?id=489124. Fallacies like these are really unnecessary and can even hit an expert user hacking compilers like me.
But those bugs wouldn't happen if all repos had priority=99 as a default. Everything else gets in the way of local policies set by the system admin.
Perhaps these things should not happen if all repos have the same priority; but they still can: Yust imagine an update for program X is released sooner for OpenSuse11.0 than for OpenSuse11.1 (normally that should not happen, but in practice if something can go wrong it will go wrong). Then program X will be replaced for the OpenSuse11.0 version instead of waiting for the same update as an Opensuse11.1 version. This is not what we actually want. I would suggest user added repos to have a lower priority i.e. a higher number (how confusing) because these sources are generally less trustworthy (Packman, SW self compiled by Opensuse-users , 3rd party SW). This is also a security issue; and Opensuse has some kind of pent-up demand for more security (http://en.opensuse.org/Security). Besides this security may still be a reason to switch from Windows to Linux. We should not destroy our security concept by a slackness like this.
Cheers, Michael.
-- To unsubscribe, e-mail: opensuse-softwaremgmt+unsubscribe@opensuse.org For additional commands, e-mail: opensuse-softwaremgmt+help@opensuse.org
On Mon, Mar 30, 2009 at 03:47:24PM +0100, Elmar Stellnberger wrote:
Perhaps these things should not happen if all repos have the same priority; but they still can: Yust imagine an update for program X is released sooner for OpenSuse11.0 than for OpenSuse11.1 (normally that should not happen, but in practice if something can go wrong it will go wrong). Then program X will be replaced for the OpenSuse11.0 version instead of waiting for the same update as an Opensuse11.1 version. This is not what we actually want.
No, because the 11.0 package has a lower version-release than the 11.1 package.
I would suggest user added repos to have a lower priority i.e. a higher number (how confusing) because these sources are generally less trustworthy (Packman, SW self compiled by Opensuse-users , 3rd party SW).
But all opensuse repos and the opensuse update repos have same priority? Good, that's one point we're agreeing on.
This is also a security issue; and Opensuse has some kind of pent-up demand for more security (http://en.opensuse.org/Security). Besides this security may still be a reason to switch from Windows to Linux. We should not destroy our security concept by a slackness like this.
You're not getting all the bug reports like "zypper dup is downgrading all my packman packages to opensuse"... Cheers, Michael. -- Michael Schroeder mls@suse.de SUSE LINUX Products GmbH, GF Markus Rex, HRB 16746 AG Nuernberg main(_){while(_=~getchar())putchar(~_-1/(~(_|32)/13*2-11)*13);} -- To unsubscribe, e-mail: opensuse-softwaremgmt+unsubscribe@opensuse.org For additional commands, e-mail: opensuse-softwaremgmt+help@opensuse.org
Michael Schroeder schrieb:
On Mon, Mar 30, 2009 at 03:47:24PM +0100, Elmar Stellnberger wrote:
Perhaps these things should not happen if all repos have the same priority; but they still can: Yust imagine an update for program X is released sooner for OpenSuse11.0 than for OpenSuse11.1 (normally that should not happen, but in practice if something can go wrong it will go wrong). Then program X will be replaced for the OpenSuse11.0 version instead of waiting for the same update as an Opensuse11.1 version. This is not what we actually want.
No, because the 11.0 package has a lower version-release than the 11.1 package.
I would suggest user added repos to have a lower priority i.e. a higher number (how confusing) because these sources are generally less trustworthy (Packman, SW self compiled by Opensuse-users , 3rd party SW).
But all opensuse repos and the opensuse update repos have same priority? Good, that's one point we're agreeing on.
All opensuse repos and the opensuse repos should have the same priority. I agree, if there is no real need to assign different priorities we should not make an artificial difference. However I guess there has been good reason in giving the update repo the highest priority. In general I think if we can install the core package from DVD and apply a delta-rpm or patch from the update source thereupon then we should do that because not all users may have an unlimited internet access with huge bandwidth (perhaps we wanna let the user make a choice upon this on sys-install in the future). That would at least mean to give the update-repo and the DVD a higher priority than the online repos by default, wouldn`t it?
This is also a security issue; and Opensuse has some kind of pent-up demand for more security (http://en.opensuse.org/Security). Besides this security may still be a reason to switch from Windows to Linux. We should not destroy our security concept by a slackness like this.
You're not getting all the bug reports like "zypper dup is downgrading all my packman packages to opensuse"... ... but a well downgraded system will work better and contain fewer errors!
Cheers, Michael.
-- To unsubscribe, e-mail: opensuse-softwaremgmt+unsubscribe@opensuse.org For additional commands, e-mail: opensuse-softwaremgmt+help@opensuse.org
Elmar Stellnberger schrieb:
Michael Schroeder schrieb:
Perhaps these things should not happen if all repos have the same priority; but they still can: Yust imagine an update for program X is released sooner for OpenSuse11.0 than for OpenSuse11.1 (normally that should not happen, but in practice if something can go wrong it will go wrong). Then program X will be replaced for the OpenSuse11.0 version instead of waiting for the same update as an Opensuse11.1 version. This is not what we actually want. No, because the 11.0 package has a lower version-release than the 11.1
On Mon, Mar 30, 2009 at 03:47:24PM +0100, Elmar Stellnberger wrote: package.
I would suggest user added repos to have a lower priority i.e. a higher number (how confusing) because these sources are generally less trustworthy (Packman, SW self compiled by Opensuse-users , 3rd party SW). But all opensuse repos and the opensuse update repos have same priority? Good, that's one point we're agreeing on.
All opensuse repos and the opensuse repos should have the same priority. I agree, if there is no real need to assign different priorities we should not make an artificial difference. However I guess there has been good reason in giving the update repo the highest priority. In general I think if we can install the core package from DVD and apply a delta-rpm or patch from the update source thereupon then we should do that because not all users may have an unlimited internet access with huge bandwidth (perhaps we wanna let the user make a choice upon this on sys-install in the future). That would at least mean to give the update-repo and the DVD a higher priority than the online repos by default, wouldn`t it?
This is also a security issue; and Opensuse has some kind of pent-up demand for more security (http://en.opensuse.org/Security). Besides this security may still be a reason to switch from Windows to Linux. We should not destroy our security concept by a slackness like this. You're not getting all the bug reports like "zypper dup is downgrading all my packman packages to opensuse"... ... but a well downgraded system will work better and contain fewer errors!
Of course, that should not happen. When selecting a different than the standard installation source when installing via YaST the packages should become locked in order to be updated from the same source only. Is this not the way things work? There should not be any problem in continually drawing a user defined set of packages from another possibly lower prioritized source like Packman? So what kind of priority assignment would you propose/agree on?
Cheers, Michael.
-- To unsubscribe, e-mail: opensuse-softwaremgmt+unsubscribe@opensuse.org For additional commands, e-mail: opensuse-softwaremgmt+help@opensuse.org
On Wednesday 01 April 2009 19:48:05 Elmar Stellnberger wrote:
You're not getting all the bug reports like "zypper dup is downgrading all my packman packages to opensuse"...
... but a well downgraded system will work better and contain fewer errors!
Of course, that should not happen. When selecting a different than the standard installation source when installing via YaST the packages should become locked in order to be updated from the same source only. Is this not the way things work?
There's a slight difference between zypper up and zypper dup Assume: priority(packman) < priority(openSUSE) 'up' tries to update installed packages with respect to the packages architecture and vendor. An already installed packman package will stay packman, but it will not migrate installed openSUSE packages to packman, nor will it use packman for new packages also available in openSUSE. 'dup' is free to change architecture and vendor, and even able to dowgrade packages. It will try to adjust all packages according to the repository priorities. Thus and already installed packman package may even be downgraded to openSUSE. (mls may correct me if this is not exact)
There should not be any problem in continually drawing a user defined set of packages from another possibly lower prioritized source like Packman?
Unless you use 'zypper dup'. And maybe most trouble originates from this. If you want to follow some development, like KDE4, people assign a high priority and use 'zypper dup', because it will bring in all the KDE4 packages. But unfortunately 'zypper dup' may also remove packages from low priority repos. So 'dup' is not exactly what you want, but all you have. Maybe 'zypper dup' should be deprecated and replaced by some command that simply 'dup's one repo: zypper follow-repo KDE4 // raise KDE4 prio and update the packages. and then you continue to use zypper up to keep the system up-to-date
So what kind of priority assignment would you propose/agree on?
I guess without 'zypper dup' less people would mind having e.g. 3 levels HIGH : special cases like development repos. NORMAL : OpenSuse and Updates LOW : default for new repos -- cu, Michael Andres +------------------------------------------------------------------+ Key fingerprint = 2DFA 5D73 18B1 E7EF A862 27AC 3FB8 9E3A 27C6 B0E4 +------------------------------------------------------------------+ Michael Andres YaST Development ma@novell.com SUSE LINUX Products GmbH, GF: Markus Rex, HRB 16746 (AG Nuernberg) Maxfeldstrasse 5, D-90409 Nuernberg, Germany, ++49 (0)911 - 740 53-0 +------------------------------------------------------------------+ -- To unsubscribe, e-mail: opensuse-softwaremgmt+unsubscribe@opensuse.org For additional commands, e-mail: opensuse-softwaremgmt+help@opensuse.org
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Michael Andres wrote:
On Wednesday 01 April 2009 19:48:05 Elmar Stellnberger wrote:
You're not getting all the bug reports like "zypper dup is downgrading all my packman packages to opensuse"... ... but a well downgraded system will work better and contain fewer errors! Of course, that should not happen. When selecting a different than the standard installation source when installing via YaST the packages should become locked in order to be updated from the same source only. Is this not the way things work?
There's a slight difference between zypper up and zypper dup
Assume: priority(packman) < priority(openSUSE)
'up' tries to update installed packages with respect to the packages architecture and vendor. An already installed packman package will stay packman, but it will not migrate installed openSUSE packages to packman, nor will it use packman for new packages also available in openSUSE.
'dup' is free to change architecture and vendor, and even able to dowgrade packages. It will try to adjust all packages according to the repository priorities. Thus and already installed packman package may even be downgraded to openSUSE.
(mls may correct me if this is not exact)
There should not be any problem in continually drawing a user defined set of packages from another possibly lower prioritized source like Packman?
Unless you use 'zypper dup'. And maybe most trouble originates from this.
If you want to follow some development, like KDE4, people assign a high priority and use 'zypper dup', because it will bring in all the KDE4 packages.
But unfortunately 'zypper dup' may also remove packages from low priority repos. So 'dup' is not exactly what you want, but all you have.
Maybe 'zypper dup' should be deprecated and replaced by some command that simply 'dup's one repo:
zypper follow-repo KDE4 // raise KDE4 prio and update the packages.
As per earlier discussion, i plan to add --from <repo> option to several commands, including dup. zypper dup --from repo1 --from repo2 ... would make a dup on those repos, while still having the rest of the repos loaded to satisfy dependencies. OTOH, the existing --repo option only loads the given repos and disregards the rest completely (which works, as long as you don't need to satisfy deps from the other repos). - -- cheers, jano Ján Kupec YaST team - ---------------------------------------------------------(PGP)--- Key ID: 637EE901 Fingerprint: 93B9 C79B 2D20 51C3 800B E09B 8048 46A6 637E E901 - ---------------------------------------------------------(IRC)--- Server: irc.freenode.net Nick: jniq Channels: #zypp #yast #suse #susecz - ---------------------------------------------------------(EOF)--- -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.11 (GNU/Linux) Comment: Using GnuPG with SUSE - http://enigmail.mozdev.org iEYEARECAAYFAknUs3wACgkQgEhGpmN+6QG9nQCdGC/Y6qKda75Vwuz04H8zU9f6 BWUAn0k/BGXnJ/Cnmgi0O3KbhQGAYire =rltl -----END PGP SIGNATURE----- -- To unsubscribe, e-mail: opensuse-softwaremgmt+unsubscribe@opensuse.org For additional commands, e-mail: opensuse-softwaremgmt+help@opensuse.org
On Thursday 02 April 2009 14:45:48 Jan Kupec wrote:
Michael Andres wrote:
Maybe 'zypper dup' should be deprecated and replaced by some command that simply 'dup's one repo:
zypper follow-repo KDE4 // raise KDE4 prio and update the packages.
As per earlier discussion, i plan to add --from <repo> option to several commands, including dup.
zypper dup --from repo1 --from repo2 ...
Yes, but 'zypper dup' still has a "dangerous" default behavior, if priorities are present. We could require a --from argument and use --from-all for the current behavior. 'zypper dup' without arg could print a message to educate. -- cu, Michael Andres +------------------------------------------------------------------+ Key fingerprint = 2DFA 5D73 18B1 E7EF A862 27AC 3FB8 9E3A 27C6 B0E4 +------------------------------------------------------------------+ Michael Andres YaST Development ma@novell.com SUSE LINUX Products GmbH, GF: Markus Rex, HRB 16746 (AG Nuernberg) Maxfeldstrasse 5, D-90409 Nuernberg, Germany, ++49 (0)911 - 740 53-0 +------------------------------------------------------------------+ -- To unsubscribe, e-mail: opensuse-softwaremgmt+unsubscribe@opensuse.org For additional commands, e-mail: opensuse-softwaremgmt+help@opensuse.org
Jan Kupec schrieb:
Michael Andres wrote:
On Wednesday 01 April 2009 19:48:05 Elmar Stellnberger wrote:
You're not getting all the bug reports like "zypper dup is downgrading all my packman packages to opensuse"... ... but a well downgraded system will work better and contain fewer errors! Of course, that should not happen. When selecting a different than the standard installation source when installing via YaST the packages should become locked in order to be updated from the same source only. Is this not the way things work? There's a slight difference between zypper up and zypper dup
Assume: priority(packman) < priority(openSUSE)
'up' tries to update installed packages with respect to the packages architecture and vendor. An already installed packman package will stay packman, but it will not migrate installed openSUSE packages to packman, nor will it use packman for new packages also available in openSUSE.
'dup' is free to change architecture and vendor, and even able to dowgrade packages. It will try to adjust all packages according to the repository priorities. Thus and already installed packman package may even be downgraded to openSUSE.
(mls may correct me if this is not exact)
There should not be any problem in continually drawing a user defined set of packages from another possibly lower prioritized source like Packman? Unless you use 'zypper dup'. And maybe most trouble originates from this.
If you want to follow some development, like KDE4, people assign a high priority and use 'zypper dup', because it will bring in all the KDE4 packages.
But unfortunately 'zypper dup' may also remove packages from low priority repos. So 'dup' is not exactly what you want, but all you have.
Maybe 'zypper dup' should be deprecated and replaced by some command that simply 'dup's one repo:
zypper follow-repo KDE4 // raise KDE4 prio and update the packages.
As per earlier discussion, i plan to add --from <repo> option to several commands, including dup.
zypper dup --from repo1 --from repo2 ...
would make a dup on those repos, while still having the rest of the repos loaded to satisfy dependencies. OTOH, the existing --repo option only loads the given repos and disregards the rest completely (which works, as long as you don't need to satisfy deps from the other repos).
What shall be the difference between zypper dup --from and -r be? Why not add a --from-deps switch to only satisfy dependencies fromout of all the other activated repos? i.e. zypper --from-deps -r repo or zypper --from-deps --from repo ... where --from is a synonym to -r I believe a pure 'zypper dup' should be forbidden at all. It is very risky and I can not imagine a case where this should really be necessary. If a user should really desire a zypper dup -r * then he will have to list all enabled repos. The only way I have used zypper dup so far is with a singleton repository in order to override the default packages with packages from the build service repo of a certain app. f.e. radeonhd, X11: or so. -- To unsubscribe, e-mail: opensuse-softwaremgmt+unsubscribe@opensuse.org For additional commands, e-mail: opensuse-softwaremgmt+help@opensuse.org
On Thursday 02 April 2009 14:45:48 Jan Kupec wrote:
Michael Andres wrote:
Maybe 'zypper dup' should be deprecated and replaced by some command
simply 'dup's one repo:
zypper follow-repo KDE4 // raise KDE4 prio and update the packages. As per earlier discussion, i plan to add --from <repo> option to several commands, including dup.
zypper dup --from repo1 --from repo2 ...
Yes, but 'zypper dup' still has a "dangerous" default behavior, if
Michael Andres schrieb: that priorities
are present.
We could require a --from argument and use --from-all for the current behavior. 'zypper dup' without arg could print a message to educate.
Michael Schroeder schrieb:
On Mon, Mar 30, 2009 at 03:47:24PM +0100, Elmar Stellnberger wrote:
Perhaps these things should not happen if all repos have the same priority; but they still can: Yust imagine an update for program X is released sooner for OpenSuse11.0 than for OpenSuse11.1 (normally that should not happen, but in practice if something can go wrong it will go wrong). Then program X will be replaced for the OpenSuse11.0 version instead of waiting for the same update as an Opensuse11.1 version. This is not what we actually want.
No, because the 11.0 package has a lower version-release than the 11.1 package.
I would suggest user added repos to have a lower priority i.e. a higher number (how confusing) because these sources are generally less trustworthy (Packman, SW self compiled by Opensuse-users , 3rd party SW).
But all opensuse repos and the opensuse update repos have same priority? Good, that's one point we're agreeing on.
This is also a security issue; and Opensuse has some kind of pent-up demand for more security (http://en.opensuse.org/Security). Besides this security may still be a reason to switch from Windows to Linux. We should not destroy our security concept by a slackness like this.
You're not getting all the bug reports like "zypper dup is downgrading all my packman packages to opensuse"...
Cheers, Michael.
I see zypper up does not change the source a package is installed from as I have suspected (no difference between dvd, update and repo-oss, non-oss i.e. the sysrepos assumed). Consequently package priority assignments are for installation time only (at least as long as we do not use zypper dup on all repos which maybe should be forbidden at all). Now let us agree on a default priority table for the next release. The tables I have proposed so far look like the following: ----------------------------------------------- 20 updates (unchanged) 30 DVD 40 repo-oss, repo-non-oss 99 user repos install precedence: 1. priority 2. version updates: 1. look for newer version in the same issuer/vendor-group (20/30/40:suse, 99:packman, 99:vendor2) evtl. only for repos with same or higher priority than the initially installed repo - should not make any difference in here if a package can be installed from DVD it should be installed from DVD because not all users have a broadband internet connection. if a user does not have his DVD handy, it should be possible to disable the DVD-repo by an alert box temporarily and simply continue the current YaST installation run. The update repo is supposed to contain updates and delta.rpms only so that it is not considered as an initial installation. i.e. 30 DVD < 40 repo-oss, repo-non-oss Can we agree on giving the user repos the lowest priority for reasons of security and clean design? If a user wants a package offered by the core distro to be alternatively installed from packman (amarok f.i.) zypper up should not change this anyway. Selecting certain packages to be installed from a different repo should be possible via YaST or simply by zypper in amarok -r packman [--from-deps - use all active repos for dependency resolution; this could become the default; i.e. if not desired specify --no-deps] i.e. sys repos < 99 user repos --------------------------------------------------- 20 updates 40 DVD, repo-oss, repo-non-oss 99 user repos alternatively the user may select at installation time to have a high speed internet connection so that a newer package should be downloaded directly from an online repo rather than at first being installed from DVD and later on being updated. install precedence: 1. priority 2. version 3. local repos precede remote repos i.e. DVD<repo-* ----------------------------------------------- Michael Schroeder, you have asked to give the update repo the same priority as all the other sys-repos? Technically seen as I have defined things up to now that should make no difference: 30 DVD, updates 40 repo-oss, repo-non-oss 99 user repos ** or ** (( if user selects broadband internet )) 40 DVD, repo-oss, repo-non-oss, updates 99 user repos Up to now we have assumed that the update repo does not contain full packages and that complete packages of newer version are supposed to be made available at repo-oss & repo-non-oss. However if the update repo should contain complete packages as well the shrinked priority tables should even work better to achieve the described behaviour (install from DVD first, then update). -- To unsubscribe, e-mail: opensuse-softwaremgmt+unsubscribe@opensuse.org For additional commands, e-mail: opensuse-softwaremgmt+help@opensuse.org
participants (4)
-
Elmar Stellnberger -
Jan Kupec -
Michael Andres -
Michael Schroeder