[CentOS] Dag repository...

Mon Jan 8 20:08:18 UTC 2007
Johnny Hughes <mailing-lists at hughesjr.com>

On Mon, 2007-01-08 at 06:20 +0900, John Summerfield wrote:
> Stephen John Smoogen wrote:
> > On 1/7/07, John Summerfield <debian at herakles.homelinux.org> wrote:
> > 
> >> Fabian Arrotin wrote:
> >> > On Fri, 2007-01-05 at 15:10 -0500, David A. Woyciesjes wrote:
> >> >
> >> >>      A bit of a new guy around these parts...
> >> >>
> >> >>      I've done a bit of looking, and haven't found any newbie-friendly
> >> >>instructions on how to add the Dag repository to my CentOS4 box. Could
> >> >>somebody help me out and point me in the right direction? Thanks...
> >> >>
> >> >
> >> > Have searched on the wiki ? :
> >> > http://wiki.centos.org/Repositories/RPMForge
> >> >
> >>
> >>
> >> Some time ago, when I was using Debian/Woody, and Woody was creaking
> >> with age, I added third-party repos for various things including newer
> >> KDE, Mozilla....
> >>
> >> It later occurred to me this was imprudent, and not just because I got a
> >> system that became hard to maintain. What, I asked, was there to prevent
> >> the maintainers of the KDE debs to insert a brummy kernel?
> >>
> >> I asked, and the answer is that apt-get has the ability to control (it's
> >> called pinning) what comes from where.
> >>
> > 
> > You can install the yum-protectbase rpm as a starter. You then say
> > "protect the rpms in this base". Someone could write a more
> > complicated one (per package protection), or they could write another
> > plugin that did weighting so you could select which archives have
> > precedence over others.
> 
> In the interests of security, this needs to be made standard behaviour, 
> with the standard repos protected.
> 
> A more likely example than mine someone polluting their repos with good 
> intent. For examile, Ximian (We can do Gnome better than Red Hat can), 
> or someone packaging content management software (eg phpgroupware, 
> egroupware, ezpublish [ez.no]) and providing "everything you need."
> 
> Their package for RHEL requires PHP5 & MySQL 5, so they just pop PHP5 & 
> MySQL5 into the repo "for your greater convenience."

This is available already.

There is yum-plugin-priorities.

You can set a priority from 1-99 on each repository ... and also use
"exclude=" and "includepkgs=" inside each repository to pinpoint control
of where each individual package comes from.

See:
http://wiki.centos.org/PackageManagement/Yum

Links off that page for Priorities, Fastestmirror, and Protectbase.

(You should choose EITHER protectbase or priorities ... I use
priorities).

All those plugins are easily installable  ... set plugins=1
in /etc/yum.conf and then modify the /etc/yum.repos.d/*.repo file to
your liking.



-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 189 bytes
Desc: This is a digitally signed message part
URL: <http://lists.centos.org/pipermail/centos/attachments/20070108/b81e70e4/attachment-0005.sig>