Skip to main content

Keep Fedora "less-moving" using yum-security plugin

Fedora updates repository moves very fast. A few months after the release of F8, hundreds of MBs of packages have been updated. Some people, especially those who came from the less-moving world of Debian and Ubuntu, might found this ridiculous. They are used to receiving only important updates during the stable lifecycle of a release and are not used to Fedora ways of going-forward and adding new enhancement and features to the stable release.

Sometimes, from that many updates, regression problem happened, which is fun to some, but annoying to the others. (I know someone who kept complaining about that - /me glares at a certain person @ #myoss )

I personally does not keep my stable Fedora installations up-to-date to the latest updates, and I hand-pick those packages which I think might have fixed some bugs which I'm encountering. Yes, some people find that tedious :).

For those weak-hearted who are not used to Fedora update release speed, you can opt to only update for security fixes using the yum-security plugin. For the other packages, "If its not broken, why update?". I have known this plugin exist since F7, but didn't really bother to try it, but yesterday I tried it and its awesome!. Yum-security plugin will automatically filter the updates to only security related updates for you.

Using it to update your system is easy, just 'yum install yum-security' and update using 'yum --security update'. More tricks in this Red Hat Magazine post.

This way, you can keep your Fedora installation with less moving parts for your production desktop/server use while keeping it secure.

Btw, looking @ yum-security code, and the updateinfo.xml.gz, it looks to me like its possible to also create a yum plugin to only pull packages which are bugfixes for reported bugs. Is such plugin already exist? I'm planning to look into the possibility, but I don't want to do a duplicate effort - furthermore, I am still not that confident with my ability to work with existing codes. IMO, this can be a good approach or airbag for users who are having trouble of too many updates from Fedora which randomly breaks their system. Users who only want bugfixes and security updates can reduce their updates through this type of filter, and (hopefully) reduce their risk of facing regression of enhancement updates. On the same time, new enhancements can still be continually added into the stable Fedora updates.

edit: fixed RH Mag link

Popular posts from this blog

Adding simple popup to Plone frontpage

Here is a little guide for those who want to add a simple popup to the Plone frontpage for some purpose (eg: announcements, advertisements, etc).

Create a basic html file containing the content you want to appear in the popup. Upload it into $PLONE_SITE/portal_skins/custom (as Page Template) and for the sake of this example, name it popup.html

Afterward, create a Javascript file with your Pop-Up loader script. For example , this script:

function popup(mylink, windowname)
if (! window.focus)return true;
var href;
if (typeof(mylink) == 'string')
href=mylink.href;, windowname, 'width=220,height=400,scrollbars=no');
return false;

popup('popup.html', 'My Popup');

Also upload this file into $PLONE_SITE/portal_skins/custom (as Page Template too). For this example, name it as popup.js

Afterward, in $PLONE_SITE/portal_javascripts , add popup.js as a new script into portal_javascripts…

Tee'ing Python subprocess.Popen output

A little hack for python coders out there who wanted to have a functionality similar to the unix's tee command for redirecting output to multiple places.

import sys
from subprocess import Popen,PIPE
p = Popen(['put','command','and','arguments','here'],stdout=PIPE)

while True:
o = p.stdout.readline()
if o == '' and p.poll() != None: break
# the 'o' variable stores a line from the command's stdout
# do anything u wish with the 'o' variable here
# this loop will break once theres a blank output
# from stdout and the subprocess have ended

HOWTO: Mirroring Yum repositories using Yum-Utils

As promised before in one of my previous post, a Howto on how to mirror and manage yum repositories using some of the utilities in yum-utils.

The first step is, well, of course, is to get yum-utils from fedora repository
yum install yum-utils

Reposync is a utility for mirroring and synchronizing local copy of a yum/rpmmetadata repository.

This utility is very useful if you wanted to make a yum repository mirror. Before this, I used "wget -R -np -N" but this method is a little bit tedious and it doesnt work with repos that didn't use directory listing. Plus, it also download together additional site stuff that I don't need/want and it doesn't verify checksum of the downloaded packages.

Mirroring a repo using this utility is easy, just execute this command
reposync -r <repoid> -a <arch> -n
and the repo will be mirrored in a folder with the same name of the repoid in the directory you executed the command. Eg: you executed the command in /mnt/storage/mi…