Secrecy and user trust
Bill Davidsen
davidsen at tmr.com
Wed Sep 3 14:37:55 UTC 2008
Ralf Corsepius wrote:
> On Tue, 2008-09-02 at 17:27 +0100, Bill Crawford wrote:
>> On 02/09/2008, Bill Davidsen <davidsen at tmr.com> wrote:
>>
>>> If there is a known date before which packages can be trusted, that
>>> should be said. Users who lag the cutting edge will be reassured. People
>>> won't have to be checking security logs for a decade if the problem is
>>> more recent. People on distributions older than FC8 which are not
>>> maintained should be told if the problem goes back that far.
>> The infrastructure is up and running.
> FC-10/rawhides's infrastructure seems up and running.
>
> FC-9 and FC-8's cvs and buildsys are up again, but no pushes are
> happening. In a nutshell, this means FC-8/F-9's infrastructure is
> effectively down.
>
I tried to update a clean install (see below) and got metadata but no
packages. That may have just been a bad time, or even the old packages
may be unavailable. Fortunately for me I have every RPM I ever got, back
to FC4, and the FC1 KRUD relase as well. Unfortunately for me I'm not
sure I trust them. I wanted to D/L the current and compare with the old
I already have, and see if anything has changes.
Note on not downloading over and over... if you have multiple systems,
you can set one to keep the RPMs after use, then copy them to the same
location in /var/cache/yum in another machine. Just the RPMs, not the
metadata. This allows the metadata to come in from the network and the
RPMs to be local, helpful on a machine with slow network. For no network
at all, the rpm "freshen" command will update only what you have installed.
--
Bill Davidsen <davidsen at tmr.com>
"We have more to fear from the bungling of the incompetent than from
the machinations of the wicked." - from Slashdot
More information about the fedora-list
mailing list