yum

Seth Vidal skvidal at fedoraproject.org
Thu Oct 22 14:35:04 UTC 2009 


On Thu, 22 Oct 2009, John Summerfield wrote:

> I have been thinking, and not everyone thinks that's a good thing to do.
>
> What I have been thinking is about something Debian does better.
>
> apt-get and (presumably) other tools such as aptitude have a list of critical 
> packages, or maybe critical packages are so marked in the package header.
>
> One cannot easily remove those packages accidentally.
>
> In our context, those packages would include the kernel, glibc, rpm. Maybe 
> the yum group would not be critical, because a system can be maintained 
> without it - many of use used to get along without it.
>
> Python might not be marked as critical, rpm requires it and so would prevent 
> its accidental removal.
>
> I see two ways of flagging packages that are essential, one a list in a 
> configuration file, the other a mark or priority field in the rpm metadata.
>
> The list would require careful review for each release, including version 
> upgrades in RHEL, probably more often in Fedora. On the other hand, it could 
> be implemented pretty much immediately, and maybe seeded with the minimum set 
> of installed packages.
>
> Marking the packages would require changes to rpm (which, I think, has its 
> own release schedule and its own bureaucracy) including a new keyword in the 
> spec file, and would only take effect when all packages are rebuilt - F13 and 
> RHEL6 at the earliest. On the other hand, it would  likely be easier to 
> maintain once done.
>
> For packages builders, I suggest anything that installs into /bin, /sbin, 
> /lib{,64} is probably critical, anything that does not probably is not 
> critical.
>
> The question arose in my mind when I tried to remove some package, I don't 
> recall what it was now, but yum wanted to remove rpm as well.
>
> The change that I suggest is that, if a critical package is to be removed, 
> yum does not do it without asking even i '-y' is specified. I suggest one or 
> both of these:
> Ask, do so if confirmed and stdin is a tty.
> Do so if "--force" is specified.
>
> If stdin is not a tty, don't ask, but do it if "--force" so that it can still 
> be scripted.
>

yum has the protect-packages plugin.

It does more or less what you mention above.

-sv

More information about the fedora-test-list mailing list