'Re: [gentoo-dev] minimalistic emerge'

[prev in list] [next in list] [prev in thread] [next in thread] 

List:       gentoo-dev
Subject:    Re: [gentoo-dev] minimalistic emerge
From:       Ian Stakenvicius <axs () gentoo ! org>
Date:       2014-08-08 17:30:54
Message-ID: 53E5094E.5050501 () gentoo ! org
[Download RAW message or body]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

On 08/08/14 12:27 PM, Igor wrote:
> Hello Ian,
> 
> Friday, August 8, 2014, 7:45:56 PM, you wrote:
> 
> 
> *> -----BEGIN PGP SIGNED MESSAGE-----
>> Hash: SHA256
> 
>> Igor - you need to read the emerge man page.
> 
>> "emerge -uDNav @world" is the recommended way to update your
>> system, because then you will stay in sync with all appropriate
>> updates in the portage tree.  However, if you don't want to do
>> this, just "emerge -u @world" -- that will only update packages
>> in your world file, and will only force dependency updates when
>> the new version is required (based on minimum versions in package
>> dependencies).  And if you only want to upgrade things piecemeal,
>> then use "--exclude [pkg]" to skip updates, or "emerge -1 [pkg]"
>> to only update an explicit list, or use /etc/portage/package.mask
>> to avoid updating to newer versions.
> 
> *It's unreliable, if you update system on daily basis - the system
>  will get unstable and eventually will not even boot. It will be 
> up-to-date but not functional. UDEV was the latest example :-( The
> updated system requires constant human assistance and the number of
> CRITICAL bugs is always constant (heart beat bug affected the
> latest systems but not old). I know no server that is automatically
> updated with -uDNav @world and works for more than 6 months.
> 
> I would do it but I know that each time @world updated - I'm in a
> possible trouble. I need to check all config files, all daemons for
> changes, boot managers, mdadmin, web servers, mysql, udev, and the
> surprise will happen when you boot next time. May be in in 300
> days, then you try to remember what was changed in 100 days, it's
> close to a hell.

Of course.  Gentoo in and of itself does not provide a distro that is
out-of-the-box functioning at all times, like Debian or RHEL
does/tries-to*.  Updates do and always will require administrative
maintenance, emerge (and paludis and pkgcore) is not a tool that's
meant to be used in an automated fire-and-forget way, and the portage
tree doesn't provide packages in such a fashion either.  You will
always have to use your head when packages upgrade, as to the effect
that they will have on your system as a whole.

If you do want to push (server) updates in an automated way, then you
should have your own staging system that will build and host binpkg's,
including the necessary (manually vetted) configuration updates, and
have your servers pull those updates from the staging system.  That
way, you're still doing the due diligence that is required for updates
- -and- you have a means of rolling these updates out in a
mostly-automated fashion across multiple systems (whether they be
homogeneous or not).

[* this is only my perception of those projects, i have little
knowledge of them, and what knowledge i do have is a decade out-of-date]

> 
> Maintainers - don't have time to test packages against old 
> versions, they just pull in the new versions in e-build with > each
> is doing that and the resulting update is an enormous surplus.
> 

If a maintainer bumps the minimum version of an ebuild's dependencies,
then it's done so for a reason and this really shouldn't be
circumvented.  However, standard portage updates (via --deep) will
upgrade those dependencies to the latest stable in-tree version
regardless of what the minimum version is in the ebuild.  So the issue
that you seem to be complaining about here doesn't have anything to do
with maintainers and rather has to do with the way you're using emerge.


> *> If you're asking for something even lighter than what 'emerge
> -u
>> @world' will provide, on an automagic system-wide level, then i
>> think you'll need to author some detailed specifications as to
>> exactly what it is you want this new updating feature to do.
> 
>> Please note, though, that we as Gentoo developers can't guarantee
>> that your system is going to remain stable if you don't update
>> --deep, because we can't test every possible combination of
>> every stable-keyworded dependency version against every package
>> -- not even a tinderbox makes that particularly feasible, there's
>> just too many permutations.  I also am not sure at this time if
>> 'emerge -u' would
> 
> *You need to know what packages are installed and how they're
> installed world wide. That is the only way to stabilize Gentoo 
> architecture. Firing updates not knowing what happened - is the
> lack of feedback that is hurting gentoo development.
> 

What?  No.  We are not going to only commit new ebuilds (or only
stabilize ebuilds) for libraries on the basis of what versions other
distros are currently using as stable, and building their entire
package tree against.  If you want that, then what's the point of
using Gentoo in the first place?  Gentoo's strength is in its ability
to use arbitrary library versions (within certain restraints as
specified by their consumers) for any dependency, and update them as
new updates (with new features or bug fixes) are released upstream,
and rebuild (when necessary) the packages that depend on them, so that
you obtain and maintain an integrated system image.


> 
> *> upgrade dependencies when the version installed was removed from
> the
>> portage tree, and this may have multiple adverse effects on your 
>> system long-term depending on why that older version was dropped
>> from the tree.
> 
>> So, the recommendation remains that one should update the entire 
>> system via -uDN in order to receive all of the updates available
>> for your entire dependency tree.
> 
> *Is there any warranty that updated with -uDN system will remain 
> full functional for 1 year? I have 100% warranty that not updated 
> system is going to remain functional for 5 or 6 years. I have some
> with 7 years uptime.

If you -uDN daily/every other day/twice a week/weekly/monthly/whatever
*and* you *maintain* the system by doing the necessary configuration
changes and updates as you go, restarting services as necessary after
updates, etc. etc., then the system certainly can remain fully
functional.  You *do* have to -maintain- the systems though.  Read the
news items before updating so you know what configuration changes may
be expected of you, be proactive in putting those changes in place (or
push back some of those changes when they aren't necessary), pay
attention to what upgrades happen so that you arent blindly installing
a -major- package update (ie, a samba3 to samba4 type upgrade), and
you should be fine.

That said, no there is absolutely no warranty or guarantee.  Gentoo
does not provide a linux OS "appliance" -- it provides all the tools
an parts you need to build your own appliance with very little manual
intervention (compared to doing it all on your own), but the
management and maintenance of that appliance is in your hands.

It's like by-hand kernel updating -- yes, technically you could 'make
olddefconfig && make install && reboot' (or similar) blindly, but the
likliness of your system continuing to work optimally or even properly
gets pretty slim over time if you don't pay attention to how things
have changed from one version to the next.

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2

iF4EAREIAAYFAlPlCU4ACgkQ2ugaI38ACPCcugEAl558Gs6jdcHbeT5J46Ty38cN
eMeYa3MLIcUuhggUmW0A/0yGvjpaQeZaD15Owjit/27h9GzPSYaU8EMjlQn9W1ii
=nHCM
-----END PGP SIGNATURE-----

[prev in list] [next in list] [prev in thread] [next in thread]
Configure | About | News | Add a list | Sponsored by KoreLogic