From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from lists.gentoo.org ([140.105.134.102] helo=robin.gentoo.org) by nuthatch.gentoo.org with esmtp (Exim 4.43) id 1DyAcV-0002PI-Jv for garchives@archives.gentoo.org; Thu, 28 Jul 2005 15:48:28 +0000 Received: from robin.gentoo.org (localhost [127.0.0.1]) by robin.gentoo.org (8.13.4/8.13.4) with SMTP id j6SFkf7E007536; Thu, 28 Jul 2005 15:46:41 GMT Received: from rwcrmhc12.comcast.net (rwcrmhc14.comcast.net [216.148.227.89]) by robin.gentoo.org (8.13.4/8.13.4) with ESMTP id j6SFkd1k012869 for ; Thu, 28 Jul 2005 15:46:40 GMT Received: from [192.168.0.123] (pcp04370732pcs.nrockv01.md.comcast.net[69.140.218.245]) by comcast.net (rwcrmhc14) with ESMTP id <200507281547080140099ug5e>; Thu, 28 Jul 2005 15:47:08 +0000 Message-ID: <42E8FDFC.6000509@erols.com> Date: Thu, 28 Jul 2005 11:47:08 -0400 From: Matt Randolph User-Agent: Mozilla Thunderbird 1.0.6 (X11/20050723) X-Accept-Language: en-us, en Precedence: bulk List-Post: List-Help: List-Unsubscribe: List-Subscribe: List-Id: Gentoo Linux mail X-BeenThere: gentoo-amd64@gentoo.org Reply-to: gentoo-amd64@lists.gentoo.org MIME-Version: 1.0 To: gentoo-amd64@lists.gentoo.org Subject: Re: [gentoo-amd64] backups and world updates References: <1f81f7e005072806534ed43866@mail.gmail.com> <42E8EA25.2030302@cisco.com> In-Reply-To: <42E8EA25.2030302@cisco.com> Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit X-Archives-Salt: 9ab7691e-83d8-48fb-8b78-e027d2a2beb3 X-Archives-Hash: b7d45c64454776fa9c514d66efe98953 Roy Wright wrote: > Most of the time, I just open an konsole and do the > update. Occasionally I'll postpone if the update looks > really large or time consuming. For major gui components > like KDE or xorg, I'll exit KDE and emerge from the > command line over the weekend (ok, probably overly > cautious, but I was burned once). I have emerged kde and xorg-x11 from within kde without any problems. I was even emerging firefox while surfing the web. I probably played some Doom III too. > Occasionally I'll get a blocking condition. I really think > twice now before just unblocking via package.keywords. > I've found that waiting a day or two might result in > portage handling the unblocking. Firefox is a good example. When mozilla-firefox-1.0.5 came out in ~arch in response to a GLSA, it hit +arch within the next 24-36 hours, if I recall. I would just "ACCEPT_KEYWORDS='~amd64' emerge -a mozilla-firefox" in these situations rather than messing with package.keywords. Then, I'd just keep an eye out for new stable packages and emerge them as appropriate. If you unblock via package.keywords you will be resigning yourself to always using a testing version, thus exposing yourself to more new bugs than if you stayed in stable. However, if you simply wait a day or two, you are leaving yourself susceptible to exploits for that entire time. Think about how many spams arrive in thunderbird in that amount of time. It would only take one hastily written spam exploiting the right vulnerability and then POW! As unlikely as that may be, I'd rather install security updates the very instant I find out about them instead. -- "Pluralitas non est ponenda sine necessitate" - W. of O. -- gentoo-amd64@gentoo.org mailing list