On 25/09/14 18:18, m.roth at 5-cent.us wrote: > Jake Shipton wrote: >> >> Guess it's the old "if it ain't American, it ain't right" >> attitude? :-). > > Don't be absurd. How 'bout "can we be sure that no one's inserted > nasties into the code?" How 'bout "who else has looked at and > compared the code to the project source?" > > *I* would trust Nux... but a) I can't speak or set policy for my > organization[1][2], and b) I wouldn't feel comfortable committing > my organization to use it, and urging it on my users of my > division, and then someone hacks his repo. > > As an admin I used to work with liked to say, he was paid to be > professionally paranoid. Fair enough, same reason I do not use Windows at all anywhere :-). >> >> A suggestion for your picky boss: Custom repository. > > We have our own repo. However, there's *2.x* of us (my manager's > working with another Institute too much of the time these days), > and we do NOT want to have to maintain packages (don't even *ask* > me about my packaging of BioPerl). We want to yum update from > trusted repos.... Yeah, I know the feeling of that, I am the only IT guy in our company my job usually includes: 1) Build systems 2) Configure servers 3) Maintain servers 4) Configure desktops 5) Maintain desktops 6) Develop any homemade applications when and where necessary 7) Develop and maintain website 8) Process and deliver online orders 9) Reply to customer support emails 10) Occasionally be on shop front (Mostly weekends) and directly deal with customers. 11) Anything else as and where needed. Basically.. everything as I am part of a 3-way business partnership which only has 3 people working (Self employed). I literally work from when I wake up to when I go to bed. So I know what it's like to not have many people doing stuff, and I know it can be done, so maintaining your own repository is actually quite easy when there is two of you if you set up email notifications etc of when new packages are released, and assuming you don't put far to many packages in your own repo and keep it to the odd one or two where needed you should be able to maintain it fairly easily. :-) > <snip> >> This way each machine has the repository, and can install the >> extra packages. > > *snicker* Each machine. Right, I'm going to put a repo on ever > single server and workstation... and then maintain it. When nobody > actually works on their workstation, the work is supposed to be > done on servers, with home directories NFS mounted.... > > You're joking, right? <snip> > Nope quite serious, regarding installing the repo on the machines, create your own "release" package, then it's just the case of yum install <rpm url>. If you use PXE booting for new installs, just include it on the kickstart file and it will automatically be installed to any new systems. After that initial setup, you just install and update the packages the same as you would with any other repository package. Besides, I'm just offering a simple solution to your problem... Kind Regards, Jake Shipton (JakeMS) GPG Key: 0xE3C31D8F GPG Fingerprint: 7515 CC63 19BD 06F9 400A DE8A 1D0B A5CF E3C3 1D8F