[Mageia-discuss] A possible risk ?
imnotpc at Rock3d.net
Thu Feb 9 01:08:34 CET 2012
On 02/08/2012 06:36 PM, David W. Hodgins wrote:
> On Wed, 08 Feb 2012 13:23:58 -0500, nicolas vigier
> <boklm at mars-attacks.org> wrote:
>> The problem is the bad update, not that it was allowed without root
>> password. Updates should not hose the system, and that's why there is a
>> policy on no new versions in update when possible, and qa tests.
> The main problem I've seen with updates breaking a system happens when
> there is a large number of updates (such as kde), and the mirror you're
> updating from synced in the middle of the main repositories being
> I think the best solution would require the primary repositories to have
> some sort of a lock, so that they cannot be synced from in the middle of
> an update, or better yet, some way to have all updates put into a hidden
> directory, until they have all been loaded, and then have a single
> that puts all of the updates into the active directories without allowing
> any downstream mirror to sync while that's happening.
> Regards, Dave Hodgins
I believe if you request/require mirrors to use rsync --delete-after
--delay-updates when they sync it will eliminate this issue since
changes shouldn't become visible until the sync in complete.
More information about the Mageia-discuss