[Mageia-discuss] mageiaupdate and the list of updates

Sun Jul 3 01:40:37 CEST 2011

Anne nicolas a écrit :
+> 2011/7/2 Romain d'Alverny<rdalverny at gmail.com>:
+>> Le 2 juil. 2011 à 17:14, andre999<andr55 at laposte.net>  a écrit :
+>>> Suppose during the update process you have a check box to put a particular update on
+>>> the skip list, or another to uninstall the corresponding package.
+>>
+>> That would be an interesting option to investigate.
+>>
+>>> Note that if you can't uninstall a package because it is required, it is usually
+>>> inadvisable skip updates, unless you really understand the issues.
+>>
+>> So the user is stuck: unadvisable to skip the updates, unless she understands the issues
+>> =>  just make the update automatic in a background task by default then; one doesn't care
+>> about the issues - or won't have a single clue about it either, unless being a specific
+>> type of user that would know how to disable this auto update setting anyway).
+>>
+>>> Changing when the password is requested would reduce the security for the system, as
+>>> unauthorised users could see what is installed.
+>>
+>> Unauthorised users using an authorised session, to be more specific.
+
+Such a situation is far from rare in multi-user environments.
+But also if someone doesn't know the root password, currently they can't see 
+what is installed.  By delaying it until something is actually updated, they can 
+see everything.  So a remote user with limited privileges could more easily 
+compromise the system.
+
+>> Security is important. But that's orthogonal to a pleasant/efficient experience.
+>> Which is important too. We are aiming at making things for people.
+>>
+>>> This may not affect you personnally, but such an option would best not be the
+>>> default, to protect other systems.  So it could be more complicated than the
+>>> changes suggested above, and would only save you a few seconds.
+>>
+>> "a few seconds" is already a lot for everyone (and even more if the notification
+>> breaks your focus). Multiply this by the times such a notification occurs for a
+>> typical desktop system, you have a lot of valuable time wasted here.
+>>
+>> That's not such a ludicrous idea; improving the person experience with the system
+>> so she can focus on her task and not on the tool is clearly one of our goals.
+>
+>> But indeed, perhaps it only requires making this more obvious (that is, integrated
+>> in the user flow and interface), how to use the existing options.
+>
+> Imho those 2 things are bad ideas:
+>
+> - having updates in background: Interesting thing in Linux is to learn
+> people about their system. If they do not want details, then fine we
+> can just a way to switch from general mode to detailed one.
+
+That's one thing I like about Linux.  Being able to readily monitor updates in 
+detail.
+
+> - giving the possibility of adding easily packages to skip.list is the
+> best way to break updates of end users systems. They will skip some
+> updates when it's too long for example, without really being aware of
+> what they do.
+
+That was part of my concerns.
+
+> Then if an incoming update depends on a specific version
+> of skipped package it will just break.  I would rather add this as an
+> advanced option in rpmdrake
+
+I agree.
+Maybe an advanced mode, like in diskdrake.  (which I use judiciously)
+
+>>
+>> Romain
+
+-- 
+André
+