[CentOS-devel] yum-security and CentOS-5 / 6

Wed Oct 3 10:17:17 UTC 2012
Baptiste AGASSE <baptiste.agasse at lyra-network.com>

Hi Karanbir,

> hi Baptiste,
> On 09/25/2012 03:47 PM, Baptiste AGASSE wrote:
> > Thanks you to plan to work on this point. If you need some help to
> > implement it, maybe i could help (for example on spacewalk
> > integration part).
> yes, I do need a bit of help with this - the spacewalk part would be
> cool to have working.
> >> step1: get a basic set of metadata online so that people can detect
> >> if
> >> an update is tag'd security, bugfix or enhancement
> > That's a good starting point.
> This is sort-of-working at this point, however, to be really useful we
> are going to need to have the metadata done in a way that it includes
> all RPMS released in the entire distro life. But, we dont store all
> in the mirror.centos.org network, we only retain the latest point
> release ( the amount of disk space needed for every rpm for a long
> running release like CentOS-5 is prohibitive.
> Keeping that in mind, its worth noting that we do have all RPMS
> released
> in the distro on vault.centos.org ( but not including the latest
> release
> ). So what I am going to look at is making vault also contain all the
> packages presently on mirror.centos.org and then build a super-repo (
> for the lack of a better name ), which contains metadata for every rpm
> released. And then add in the update info files needed for
> yum-security.
> btw, if we have a working yum-security layer, would that not be all
> that
> is needed for spacewalk? or would there be a need for anything else to
> be added in ? Would that be the same for say, pulp-project as well ?

Errata support in the current spacewalk version (1.7) seems to be broken (the only one repository that i use and provides errata is EPEL, and i use filters on it to synchronize only wanted packages).