Fedora Updates: whole packages vs patches

Aleksandar Milivojevic amilivojevic at pbl.ca
Thu Dec 9 22:10:20 UTC 2004 

Rick Wagner wrote:
> Another problem though, is recreating the base if you remove the patch.  So 
> say you install the base: "rpm -Uvh foo1".  Then apply the patch: "rpm -Uvh 
> foo1-patch1".  This over writes the original libfoo with the new one.  What 
> happens if you try to remove foo1-patch1?  RPM could refuse, because doing so 
> would delete libfoo, leaving a broken package.  It could have maybe 
> squirreled the original away, then put it back.  Or maybe request the 
> location of the original package, and restore the needed parts from there.
> 
> Not insurmountable problems; but not as simple as just shipping patches 
> either.

Jumping in the discussion late.  What OP suggested is basically the way 
patches were handled in Solaris.  With exception that they are not named 
foo-patch1, but rater 232187-06 and you are left to guess which 
package(s) that patch will patch ;-)

Anyhow, all the problems discussed are solvable (and are solved in 
Solaris packaging system).  However, the real question is: is it worth 
the trouble implementing the (non-trivial) changes.

Both approaches have advantages and disadvantages.  On one hand some 
bandwith is saved, but on the other hand there's complexity to it.  On 
Linux you can always back out particular patch revision simply by 
reinstalling appropriate package.  On Solaris, you can do the same if 
you had enough disk space to save backout files.  If not, it is a dirty 
work to get rid of a patch.

I guess anybody on dialup would vote for Solaris-style patches approach 
any day (although those can get just as big as original packages).  Most 
people with high speed connections would probably opt for simplicity of 
the way it is currently done.

How about this idea, that would be something like in the middle. 
Implementing a tool that could replace changed files inside binary RPM, 
producing new RPM (with bumped version) as output.  That way you can 
either download a patch, or new RPM.  If you download the patch, you 
generate new RPM by applying the patch against original distribution 
RPM.  The only difference from downloaded updated package would be 
missing signature.  This isn't a big deal because there were signatures 
on both the patch and the original RPM, and user can sign resulting RPM 
with his own PGP key.  The rest of the patching process is the same as 
now (install updated RPM, either downloaded one, or the one generated 
using the patch).

-- 
Aleksandar Milivojevic <amilivojevic at pbl.ca>    Pollard Banknote Limited
Systems Administrator                           1499 Buffalo Place
Tel: (204) 474-2323 ext 276                     Winnipeg, MB  R3T 1L7

More information about the fedora-list mailing list