Hi Karanbir, > hi Baptiste, > > On 09/25/2012 03:47 PM, Baptiste AGASSE wrote: > > Thanks you to plan to work on this point. If you need some help to > > implement it, maybe i could help (for example on spacewalk > > integration part). > > yes, I do need a bit of help with this - the spacewalk part would be > cool to have working. > >> step1: get a basic set of metadata online so that people can detect > >> if > >> an update is tag'd security, bugfix or enhancement > > That's a good starting point. > > This is sort-of-working at this point, however, to be really useful we > are going to need to have the metadata done in a way that it includes > all RPMS released in the entire distro life. But, we dont store all > RPMS > in the mirror.centos.org network, we only retain the latest point > release ( the amount of disk space needed for every rpm for a long > running release like CentOS-5 is prohibitive. > > Keeping that in mind, its worth noting that we do have all RPMS > released > in the distro on vault.centos.org ( but not including the latest > release > ). So what I am going to look at is making vault also contain all the > packages presently on mirror.centos.org and then build a super-repo ( > for the lack of a better name ), which contains metadata for every rpm > released. And then add in the update info files needed for > yum-security. > > btw, if we have a working yum-security layer, would that not be all > that > is needed for spacewalk? or would there be a need for anything else to > be added in ? Would that be the same for say, pulp-project as well ? Errata support in the current spacewalk version (1.7) seems to be broken (the only one repository that i use and provides errata is EPEL, and i use filters on it to synchronize only wanted packages). Regards. Baptiste.