From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: (qmail 49662 invoked by alias); 8 Apr 2019 18:25:55 -0000 Mailing-List: contact cygwin-help@cygwin.com; run by ezmlm Precedence: bulk List-Id: List-Subscribe: List-Archive: List-Post: List-Help: , Sender: cygwin-owner@cygwin.com Mail-Followup-To: cygwin@cygwin.com Received: (qmail 49655 invoked by uid 89); 8 Apr 2019 18:25:55 -0000 Authentication-Results: sourceware.org; auth=none X-Spam-SWARE-Status: No, score=-2.4 required=5.0 tests=AWL,BAYES_00,RCVD_IN_DNSWL_LOW,SPF_PASS autolearn=ham version=3.3.1 spammy=company, offer X-HELO: vsmx011.vodafonemail.xion.oxcs.net Received: from vsmx011.vodafonemail.xion.oxcs.net (HELO vsmx011.vodafonemail.xion.oxcs.net) (153.92.174.89) by sourceware.org (qpsmtpd/0.93/v0.84-503-g423c35a) with ESMTP; Mon, 08 Apr 2019 18:25:53 +0000 Received: from vsmx003.vodafonemail.xion.oxcs.net (unknown [192.168.75.197]) by mta-5-out.mta.xion.oxcs.net (Postfix) with ESMTP id 6926C3E0320 for ; Mon, 8 Apr 2019 18:25:50 +0000 (UTC) Received: from Rainer.invalid (unknown [87.185.221.231]) by mta-7-out.mta.xion.oxcs.net (Postfix) with ESMTPA id 31E6430025D for ; Mon, 8 Apr 2019 18:25:47 +0000 (UTC) From: Achim Gratz To: cygwin@cygwin.com Subject: Re: base-files revisited References: <87r2aczb9a.fsf@Rainer.invalid> Date: Mon, 08 Apr 2019 18:25:00 -0000 In-Reply-To: (John Morrison's message of "Mon, 8 Apr 2019 18:37:44 +0100") Message-ID: <87ef6cz74l.fsf@Rainer.invalid> User-Agent: Gnus/5.13 (Gnus v5.13) Emacs/26.1 (gnu/linux) MIME-Version: 1.0 Content-Type: text/plain X-SW-Source: 2019-04/txt/msg00071.txt.bz2 John Morrison writes: > The company won't allow anything to be installed directly from the internet. > We were going to create a local mirror repo of the things which are allowed > to be installed along with a 'package script' which will call setup with > the appropriate commands. That sounds more or less exactly like my own place of work. > The company specifics we were planning to have as another, separate, local > 'mirror' and get setup to merge them. It works, not very pretty though. If > you know of a better strategy I'm all ears! What I'm doing is that I have a Perl script that is controlled by a setup.conf file and can use any number of local repos and merge them into a local install directory (it now also mirrors from the upstream repos just those files I really need instead of all of them). The reason for doing it that way was mainly to be able to inject arbitrary extra categories that I can then install (I have different types of installs for different users). I can also lock package versions for those days when I need to delay a package update (or want to pull in a test package). I still plan to clean that up enough so I can release it, but I'm continually out of round tuits on that. I also compile my own setup.exe and have replaced the PGP key in there plus made the signature check mandatory so nobody can use a setup.ini I haven't signed, which in turn means no packages I haven't put in the local repo. The setup is also run in a way that it leaves the installation with exactly those packages I specified for each install type, so if an installation is downgraded it'll remove any extra or reinstall uprev packages. Another less intrusive option is to just place a few packages in your mirror that "depend" on all the leaf packages you want to install and then just let setup install that single package and pull in the actual installation via dependencies. That will not allow you to easily remove packages when they are no longer needed, but if your installations aren't expected to change that way then this works. > They don't get a choice, although we might open the default mirror up > sufficiently for folks to request specific additional packages added to the > installation. Best we're allowed to offer. That's why I'm having different install types. The normal users don't want or need the development tools and even among the developers only I myself install with all the debuginfo packages and only on the package build machine. > I didn't think about installed last... I could get the postinstall to > append to the actual files (/etc/defaults/skel or /etc/skel) directly... Leave /etc/defaults alone or you defeat the detection of altered defaults. More generally, don't edit or overwrite files installed from any package, as removing or re-installing the package will nix all your changes. > The base-files- package was already adding some additional > /etc/skel/.rc files, what I really wanted was a way of adding the to > /etc/skel/.bashrc and /etc/skel/.inputrc so that might work. I think some > defaults for mintty were mentioned as well (we have fairly high spec > monitors and everyone ends up boosting the font size). Once you change files in /etc/skel, you are continually responsible for them yourself. Packages never install there directly and if they are changed from the default they won't get touched again. Regards, Achim. -- +<[Q+ Matrix-12 WAVE#46+305 Neuron microQkb Andromeda XTk Blofeld]>+ SD adaptation for Waldorf microQ V2.22R2: http://Synth.Stromeko.net/Downloads.html#WaldorfSDada -- Problem reports: http://cygwin.com/problems.html FAQ: http://cygwin.com/faq/ Documentation: http://cygwin.com/docs.html Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple