On Sat, 1 Aug 2015 07:33:39 -0400
Nico Kadel-Garcia <nkadel(a)gmail.com> wrote:
On Fri, Jul 31, 2015 at 3:14 PM, Richard Hughes
<hughsient(a)gmail.com>
wrote:
> On 31 July 2015 at 17:27, Radek Holy <rholy(a)redhat.com> wrote:
>> One can say that the mirrors should keep the older versions
>
> I would completely agree. As we can't rely that packages referenced
> in metadata just one day old still being on the mirrors means that
> PackageKit has to download hundreds of megabytes month more than it
> has to.
>
> Richard.
In the RHEL world, EPEL has bitten me really hard this way several
times, especially when packages are discarded and no longer present in
EPEL. So it's worth thinking about in general for RPM based systems.
So, here's the things to consider:
* Keeping 2 versions of every package will double mirror space. This
may result in some mirrors dropping things or stopping bothering
mirroring Fedora at all.
* repodata will likewise be 2x (or at least increased a great deal).
Resulting in a bunch more downloading for everyone not just the folks
who might want to downgrade sometimes.
* There could be some nasty issues with keeping known vulnerable/broken
packages around. ie, foo-1.0 has a severe security bug, foo-1.1 fixes
it. You now just need to trick someone into downgrading or directly
installing foo-1.0 (which is in normal repos and signed and
completely valid looking).
But it's not clear exactly what you 3 are proposing (or even if it's
the same thing). :) So, perhaps you could clarify what exactly you want
to do?
kevin