Metasploit mailing list archives
packaging issue: how to update?
From: volkov.peter at gmail.com (Peter Volkov)
Date: Wed, 30 Jan 2008 20:35:32 +0300
Hello, list. I'm looking for some suggestion on how to resolve the problem in Gentoo (and I suppose other distributions are affected too) with framework updates[1]. We provide ebuild for metasploit-3.1 which installed dependencies, Framework itself + init scripts to start msfweb3. But together with that we needed to remove all .svn file to preclude updates using subversion. Live update of files managed by package manager is not very good idea because, not taking into account reasons mention in [2], it's impossible to track such updates for package manager and it's very possible that such updates create mess on user system. One possible scenario to create such mess is: 1. User installed Framework-3.1 from metasploit-3.1.ebuild and updates it with snv update. 2. After that gentoo developer fixed bug in init script and to propagate changes to user systems increased revision number of ebuild (metasploit-3.1-r1.ebuild) 3. After users updates his/her system to metasploit-3.1-r1 all files in package became overwritten with old copies. Now new files which were added by Framework developers are now not under svn control and further updates with svn update will not work as supposed. Thus providing package with installs Framework with .svn files is not a viable solution for package manager in Gentoo (and I suppose in other distributions too). But what alternatives do we have? Is it possible to release Framework more frequently whenever required updates were added? Is it possible to separate and update exploit database separately for the program itself? References: [1] bugs.gentoo.org/show_bug.cgi?id=195924 [2] devmanual.gentoo.org/ebuild-writing/functions/src_unpack/cvs-sources/index.html -- Peter.
Current thread:
- packaging issue: how to update? Peter Volkov (Jan 30)
- packaging issue: how to update? H D Moore (Feb 01)
- packaging issue: how to update? H D Moore (Feb 01)