"The upstream maintainer of yum, Seth Vidal, had the following to say about 'yum priorities' in September 2009: Gosh, I hope people do not set up yum priorities. There are so many things about priorities that make me cringe all over. It could just be that it reminds me of apt 'pinning' and that makes me want to hurl." This note was placed on the wiki (PackageManagement/Yum?Priorities) without any explanation why yum-priorities isn't a good idea. yum-priorities doesn't appear in RHEL 5.4 but protectbase does. Is that the better choice and if so why? Thanks, Dennisk -- "Free as in Freedom" Free Software Foundation
On Sun, Nov 22, 2009 at 11:27 AM, Dennis Kibbe <dennisk at sahuaro.us> wrote:> "The upstream maintainer of yum, Seth Vidal, had the following to say > about 'yum priorities' in September 2009: > > Gosh, I hope people do not set up yum priorities. There are so many things > about priorities that make me cringe all over. It could just be that it > reminds me of apt 'pinning' and that makes me want to hurl." > > This note was placed on the wiki (PackageManagement/Yum?Priorities) > without any explanation why yum-priorities isn't a good idea. > > yum-priorities doesn't appear in RHEL 5.4 but protectbase does. Is that > the better choice and if so why?yum-priorities is now available for CentOS 5.4 in the extras repository. See: http://bugs.centos.org/view.php?id=3923 My understanding is that, between yum-priorities and protectbase, yum-priorities has been recommended over protectbase by CentOS devs. As to why the priorities plugin is given the negative comment, I cannot answer (don't know well enough). In my humble opinion, the wiki article should provide ample explanation. Failing that, it should at least offer alternative methods (for example, use of exclude= etc ?). If not, it would be basically saying, "do not use 3rd party repositories". People come to this page because they need/want/have to resort to 3rd party repos. When asked in the CentOS forums, I refer them to the Repositories article and I continue to advise them to use the priorities plugin. Akemi
On Sun, Nov 22, 2009 at 12:27:51PM -0700, Dennis Kibbe wrote:> "The upstream maintainer of yum, Seth Vidal, had the following to say > about 'yum priorities' in September 2009: > > Gosh, I hope people do not set up yum priorities. There are so many things > about priorities that make me cringe all over. It could just be that it > reminds me of apt 'pinning' and that makes me want to hurl." > > This note was placed on the wiki (PackageManagement/Yum?Priorities) > without any explanation why yum-priorities isn't a good idea.I use yum-priorities on all boxen that have non-CentOS repos configured; I've not hit a single snag with it yet. YMMV.> yum-priorities doesn't appear in RHEL 5.4 but protectbase does. Is that > the better choice and if so why?It has been pushed out, I believe, to the extras repo and is currently available there: repoquery --repoid=base --repoid=updates --repoid=extras --qf "%-20{repoid} %{name}" yum-priorities extras yum-priorities For some reason it was not in the base 5.4 distribution. John -- Anybody can win unless there happens to be a second entry. -- George Ade (1866 - 1944), American writer, newspaper columnist, and playwright -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 189 bytes Desc: not available URL: <http://lists.centos.org/pipermail/centos/attachments/20091122/2466d232/attachment-0003.sig>
On Sun, Nov 22, 2009 at 2:27 PM, Dennis Kibbe <dennisk at sahuaro.us> wrote:> "The upstream maintainer of yum, Seth Vidal, had the following to say > about 'yum priorities' in September 2009: > > Gosh, I hope people do not set up yum priorities. There are so many things > about priorities that make me cringe all over. It could just be that it > reminds me of apt 'pinning' and that makes me want to hurl." > > This note was placed on the wiki (PackageManagement/Yum?Priorities) > without any explanation why yum-priorities isn't a good idea. > > yum-priorities doesn't appear in RHEL 5.4 but protectbase does. Is that > the better choice and if so why?It's not really yum-priorities, so much as what it does and how it acts. In a perfect world, you would not need to add additional repositories to get all the software you want. However that's rarely the case. What ends up happening is that you have multiple repositories that provide the same thing, sometimes under different names. You end up mixing dependencies between repositories, so some things are protected, some pull in deps from the wrong repository... fire and brimstone, dead rising from graves, dogs and cats start living together. The whole mess introduces some really odd logic edge cases for yum that should in theory never be encountered. It's basically a software solution to a management problem. If you're careful about what you're doing, it's fine. If you enable every single repository you can find for centos, it's going to end up causing you some issues. The long and short of it boils down to how rpm is implemented, how different packagers package things, and how ignorant the average user wants to be to the internal workings of the system. Most folks just to have it work, end of story. Yum gets caught in the middle, and priorities, while good, is a hack that allows user freedom that comes with some really ugly thinking. -- During times of universal deceit, telling the truth becomes a revolutionary act. George Orwell
On Sun, 22 Nov 2009, Dennis Kibbe wrote:> "The upstream maintainer of yum, Seth Vidal, had the following to say > about 'yum priorities' in September 2009: > > Gosh, I hope people do not set up yum priorities. There are so many things > about priorities that make me cringe all over. It could just be that it > reminds me of apt 'pinning' and that makes me want to hurl." > > This note was placed on the wiki (PackageManagement/Yum?Priorities) > without any explanation why yum-priorities isn't a good idea.Hi, Dennis That page is outlinked from the general discussion on Respositories, which runs through a discussion of 'exclude' and 'includepkg' as earlier options to consider before these two non-stock install addons to yum that you mentioned. The problem with priorities, and pinning generally, is that it cannot anticipate the growth of package dependencies, and tries to solve with a static rule, a shifting problem. It may work to get what is initially wanted, but it is a durable solution, nor the right solution, because eventually, some combination of enhanced weighting will cause an unintended consequence, blocking some more important upgrade [a point version bump, or worse a security async update]. We see it a lot in the IRC channel with people who don't or won't read, and with the intermitent availability of some non-CentOS archives, and yet want the system to solve integrating encumbered sound driver codecs and extensions. They do, sometimes withthis approach, or forcing or much worse --nodeps, and later have the 'wheels come off' when some library dependency on a main archive is blocked by an upgrade path not anticipated or tested by the adjunct archive maintainer. It is usually safe to drill in a binary package out at the leaf nodes from an external archive -- but these encumbered packages have a witches brew of libraries they need as well, and when upgrades on the main line are issued, one can end up with an unsolvable set of dependencies for the old, and requirements by the new. 'priorities' falls over and dies at that point from self-induced dependency hell, and CentOS is blamed for it in the back splatter. I was the wiki article editor who initially added that caveat section, after seeing priorities being pushed as the 'best' alternative. It is not. It is more like Russian roulette without peeking at the state of the chamber, for your installation. The mentioned 'exclude' and 'includepkg' approach is more correct, but also requires reading the yum and rpm man pages, and gaining some understanding of dependencies. -- Russ herrold