One option smart needs to conquer the world
Tim Fenn
fenn at stanford.edu
Wed Feb 22 21:54:38 PST 2006
On Wed, Feb 22, 2006 at 11:58:59PM +0100, Pascal Bleser wrote:
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
> Gustavo Niemeyer wrote:
> >> Alternative Policies for 'smart upgrade' would probably be a good
> >> thing. For instance, I would really like a policy similar to 'apt
> >> upgrade' that does not Remove packages. (apt dist-upgrade is used for
> >> an upgrade that can install and remove packages)
> >>
> >> If there was an option that would prevent downgrading, then the
> >> packager of smart for fedora could choose to enable it by default, if
> >> they are so concerned. But users could choose what they want.
>
> Keep in mind that there is always a good reason for removing or
> downgrading packages, it doesn't happen just for fun (unless there
> would be a bug in smart's upgrade logic, which I doubt at this
> point).
>
> The user is saying: I want to upgrade this and that. Well, smart
> tries hard to do exactly that, even if it includes downgrading or
> removing other packages.
>
> That sounds like exactly the correct behaviour.
>
I believe this as well, but it poses a major reason why distros like
Fedora haven't adopted smart as a mainline tool (I tried to argue with
the fedora crowd in favor of smart, but failed miserably and got
burned):
https://www.redhat.com/archives/fedora-devel-list/2005-November/msg01197.html
The problem is that downgrading something to solve a dependency could
be bad from a security standpoint (among other minor issues), and
hence why some distros shy away from smart.
I honestly don't know of a good solution - which should the sysadmin
prefer: security or zero dependency problems? I'd vote for the
former, but I certainly sympathize with the latter. Is there any
middle ground short of adding the option in smart?
Regards,
-Tim Fenn
More information about the Smart
mailing list