Keeping older packages versions in entropy [Solved]

Discuss all artwork and development - Suggestions needed

Moderator: Moderators

alcalde
Simple Hen
Posts: 69
Joined: Sun Jul 29, 2007 18:59

Re: Keeping older packages versions in entropy

Post by alcalde » Sun Feb 27, 2011 20:41

Fitzcarraldo wrote:RPM used to have a package rollback feature: see the May 2004 Linux Journal article Transactions and Rollback with RPM. The only trouble was: it didn't always work (see e.g. Qs on RPM Rollbacks) and was subsequently dropped. If it was simple to do, all the package managers would do it.

If the major Linux distributions, with all their resources (including many paid developers), cannot produce a reliable package rollback function, then it can't be in the least bit easy.

I think a more viable solution in the case of Linux is the use of a file system that supports snapshots. When Btrfs finally replaces ext4 as the main Linux file system this could become a possibility, providing the creation and restoration of snapshots can be made simple enough for the average user to perform.
It seems that it's not the idea that's unreliable so much as poor packages that may execute scripts that change files. A rollback mechanism for entropy doesn't need to be 100% foolproof in order to be a blessing and potential disaster-averter. A mechanism to compensate for this would be something I've already seen done in Windows... scan the system file areas and the home directory (or registry as the Windows program worked), install package, rescan and see which files have changed. Still probably not 100% foolproof, but again, it's not complex and already being done today (think Intrusion Detection Systems like Samhain). Afick is a small utility that can find new/changed/deleted files.

Sometimes it's not that things can't be done as simply that no one wants to do them or they have higher/different priorities. For instance, openSUSE on ARM - not only have other distros ported to ARM, openSUSE's build service is capable of compiling all of openSUSE for ARM now. However, there's the work of fixing packages that assume only x86 or need patches and applying the patches that probably already exist for the Fedora/Debian ARM ports. It was talked about since 2009 and some work was done, but there's just really no one (with ARM knowledge) interested in going the last mile to polish and test an ARM port, so it still doesn't exist even though it would be easier than other distros to port thanks to the build service.

Fitzcarraldo I remember you were the only one who took my ideas for rollback seriously when I (pleadingly :cry: ) brought them up the first time. At that time rather than recommending btrfs you told me all about the NILFS filesystem instead. :D It's a great idea and the best method as long as you can do partial rollbacks (rolling back system files but not data). Unfortunately neither of these filesystems are solid enough for reliable deployment today.

What about something like rsnapshot?
http://rsnapshot.org

alcalde
Simple Hen
Posts: 69
Joined: Sun Jul 29, 2007 18:59

Re: Keeping older packages versions in entropy

Post by alcalde » Sun Feb 27, 2011 21:01

Now you've got me wondering about making a proof-of-concept wrapper program for equo that would record new packages added since a given date and use equo's tgz creation ability to back up before upgrading a package and then could use this information and equo to roll the system back to a given point. :D Too much coding in Linux is about making things easier for the developers rather than the end user :evil: ... I believe this just needs a combination of existing technology/tools and a bit of cleverness. A rollback that's even 80% effective would be more than welcome when the system's unrecoverable by normal means (no backup exists, etc.)

alcalde
Simple Hen
Posts: 69
Joined: Sun Jul 29, 2007 18:59

Re: Keeping older packages versions in entropy

Post by alcalde » Sun Feb 27, 2011 21:25

I also found this....
Another way to detect modification of system files is to use a version control system such as www.bazaar-vcs.org
You then create one or more projects to track you system files. For instance, put all of /etc into a project and all of /sbin into a different project. Any changes that get made are clearly visible. You can then decide to approve the change as valid or roll it back to the previous version. As a bonus you get a revision history of any upgrades that are made to the system. You just have to run a check-in after any updates. Of course if the rootkit is already in control then a simple roll-back won't work, not from within the compromised OS. But if you boot another OS and use a trusted copy of the Bazaar project, then you can rollback to any version of the OS that you like.

User avatar
Fitzcarraldo
Sagely Hen
Posts: 8186
Joined: Sat Mar 10, 2007 5:40
Location: United Kingdom
Contact:

Re: Keeping older packages versions in entropy

Post by Fitzcarraldo » Sun Feb 27, 2011 23:17

alcalde wrote:It seems that it's not the idea that's unreliable so much as poor packages that may execute scripts that change files.
I think you are drawing an unwarranted conclusion there: the word "arbitrary" is not synonymous with "poor".

timothyRlamora
Growing Hen
Posts: 102
Joined: Tue Dec 28, 2010 6:15
Location: Logsden,Oregon
Contact:

Re: Keeping older packages versions in entropy

Post by timothyRlamora » Mon Feb 28, 2011 22:43

Is there a way to take a snapshot of your system so when you run into glitches you can revert back to that snapshot???

Matte88
Technological Hen
Posts: 399
Joined: Wed Dec 29, 2010 14:37
Location: @/etc/entropy/repositories.conf.d/entropy_sabayon-limbo

Re: Keeping older packages versions in entropy

Post by Matte88 » Mon Feb 28, 2011 22:44

timothyRlamora wrote:Is there a way to take a snapshot of your system so when you run into glitches you can revert back to that snapshot???
dd your partition to ISO
Image
When I became the sun,
I shone life into the man's hearts.

timothyRlamora
Growing Hen
Posts: 102
Joined: Tue Dec 28, 2010 6:15
Location: Logsden,Oregon
Contact:

Re: Keeping older packages versions in entropy

Post by timothyRlamora » Tue Mar 01, 2011 5:22

How do you go about doing that- Thanks Tim

Matte88
Technological Hen
Posts: 399
Joined: Wed Dec 29, 2010 14:37
Location: @/etc/entropy/repositories.conf.d/entropy_sabayon-limbo

Re: Keeping older packages versions in entropy

Post by Matte88 » Tue Mar 01, 2011 23:04

timothyRlamora wrote:How do you go about doing that- Thanks Tim
is a process that I've never done!!! :mrgreen: :eye:
Mine was only a suggestion (better, an idea) on the basis operations you can do with dd... :bom:
:!: USE AT YOUR OWN RISK: MAY NOT WORK OR EVEN BREAK the backup (not the installed Saby) :!:

Code: Select all

# dd if=/dev/sdXn of=backup.iso
dd the partition where you know there is enough space!!! :eye:
Image
When I became the sun,
I shone life into the man's hearts.

timothyRlamora
Growing Hen
Posts: 102
Joined: Tue Dec 28, 2010 6:15
Location: Logsden,Oregon
Contact:

Re: Keeping older packages versions in entropy

Post by timothyRlamora » Wed Mar 02, 2011 19:31

Thank you!!!

micia
Sagely Hen
Posts: 2718
Joined: Wed Nov 26, 2008 16:41
Contact:

Re: Keeping older packages versions in entropy

Post by micia » Thu Mar 10, 2011 12:59

Now, this:
http://lxnay.wordpress.com/2011/03/09/a ... epository/
is some great news!!! :mrgreen:

A big thank you to the Sabayon team, I am really impressed by their efforts to get better and better every day.

[Edit 14-jul-2011] I left this thread open in the evenience that someone had new ideas or suggestions for the new repository, but I think that it is now time to mark this as solved, thanks again for the new weekly repository. :)

Post Reply