LISTSERV - SCIENTIFIC-LINUX-USERS Archives

SCIENTIFIC-LINUX-USERS Archives

January 2010

SCIENTIFIC-LINUX-USERS@LISTSERV.FNAL.GOV

	LISTSERV Archives
	SCIENTIFIC-LINUX-USERS Home
	SCIENTIFIC-LINUX-USERS January 2010

	Log In
	Register

	Subscribe or Unsubscribe

	Search Archives

Options:	Use Monospaced Font Show Text Part by Default Show All Mail Headers
Message:	[<< First] [< Prev] [Next >] [Last >>]
Topic:	[<< First] [< Prev] [Next >] [Last >>]
Author:	[<< First] [< Prev] [Next >] [Last >>]

Subject:	Re: SL and EPEL experiences?
From:	Garrett Holmstrom <[log in to unmask]>
Reply To:	Garrett Holmstrom <[log in to unmask]>
Date:	Thu, 28 Jan 2010 20:36:01 -0600
Content-Type:	text/plain
Parts/Attachments:	text/plain (52 lines)

On Jan 27, 2010, at 18:45, Michael Mansour wrote:
> The main thing
> that annoys me about EPEL is their refusal to add a repo tag on
> their packages, that is, for an RPMforge package (or any other repo
> like ATrpms, and the myriads of others) I always know their packages
> from the package name eg:
> 
> perl-Mail-DKIM-0.37-1.el5.rf.noarch
> 
> That "rf" tells me it's from RPMforge. ATRpms is "at", other repo's
> have their own tags. Packages I build personally have my own tags.
> 
> With EPEL you have little idea what you used from their repo as
> their package naming is no different to Red Hat's package naming.
> Scanning for the RPM info (-qi) is little help as that's also
> non-conclusive.
> 
> If you want some history on this you can web search for discussion's
> between Dag/RPMforge and EPEL maintainers on this topic.
> 
> I like to strictly maintain servers I manage. No single repo will
> supply every package I need, so for me, it's imperative I know which
> 3rd party packages I use from which repo. When that is clouded by
> not properly tagging package filenames then the many servers that
> I manage become less manageable in my view an trouble-shooting bugs
> and problems becomes that much harder.

There are many ways you can deal with that:
 * Use ``yum list —-showduplicates $pkgname'' to find out where a

   package could have originated.
 * If you just use the binary packages directly from EPEL, inspect
   their build hosts or GPG signatures.
 * If you build the binary packages yourself, set the value of %dist
   to something more to your liking when you build them.
 * Place packages in subdirectories that correspond to where they
   came from.  createrepo recurses into directories, after all.

I once wrote a script that prints which packages are signed by each
GPG key on the system.  I could dig it out if you would find it
helpful.

Recent versions of yum keep track of what repositories each package
comes from.  Hopefully that feature will make it into 6.0.

Hope that helps!

--
Garrett Holmstrom
University of Minnesota School of Physics and Astronomy
Systems Staff

ATOM RSS1 RSS2

LISTSERV.FNAL.GOV