[CentOS] Repositories in CentOS 5.8

Wed May 23 13:00:03 UTC 2012
Les Mikesell <lesmikesell at gmail.com>

On Wed, May 23, 2012 at 2:12 AM, Markus Falb <markus.falb at fasel.at> wrote:
>
>>> There are a lot of 3rd party repositories around, and my understanding
>>> is that the only sane way is not to trust a whole repository but only
>>> selected and therefore tested packages. Consequently though you will
>>> have to maintain your own repository.
>>
>> But with EPEL and others with policies to not overwrite base packages,
>> you won't get anything that you didn't explicitly install (assuming
>> you trust them to follow their policy...).
>
> There are repositories that might not have such policies.
> There are rpm downloads that are not yum-ified.

Agreed - and the most likely source of conflicts is when you have
installed packages from  2 different 3rd party repositories or
unrelated sources.  Normally any single source will test against a
stock RHEL base, but not other 3rd party packages, and when package
dependencies change in future updates you have the potential for
conflicts.   Not even copying packages to your own repository can
ensure that packages from multiple different sources will be able to
track future updates without conflicts.

But, EPEL is fairly safe by itself and has a huge number of packages
that are maintained pretty well.

-- 
   Les Mikesell
     lesmikesell at gmail.com