From: "Ludovic Courtès" <ludo@gnu.org>
To: Raghav Gururajan <raghavgururajan@disroot.org>
Cc: guix-devel@gnu.org
Subject: Re: Thoughts on making Guix even better
Date: Sun, 08 Mar 2020 21:54:31 +0100 [thread overview]
Message-ID: <87o8t68t4o.fsf@gnu.org> (raw)
In-Reply-To: <e3bb8df9372b1992d1e669db08e4e0b5@disroot.org> (Raghav Gururajan's message of "Sun, 23 Feb 2020 02:49:12 +0000")
Hi,
"Raghav Gururajan" <raghavgururajan@disroot.org> skribis:
> The guix system transactions are NON-MODULAR. That is, you cannot selectively reconfigure certain parts of the system. For example, you either reconfigure the system as a whole (or) you do not reconfigure the system at all.
>
> IMPLICATIONS:
>
> Lets assume we have 5 packages in profile. Package 1, 3 and 5 has non-critical updates. Package 4 has non-critical update but it breaks. Package 2 has critical update (CVE). We can either upgrade all packages except package 4 (or) we can upgrade only package 2.
>
> Lets assume we have 5 services/packages in system. Package/Service 1, 3 and 5 has non-critical updates. Package/Service 4 has non-critical update but it breaks. Package/Service 2 has critical update (CVE). Now, when we reconfigure the system, all packages/services will upgrade, package/service 4 will break the system. We can of course do '--roll-back' and take the system to previous working state. But that will leave the system with critical vulnerability. Therefore, we cannot reconfigure package/service 2 or any other parts of the system, until the package/service 4 is fixed. This window/gap puts guix system at great risk and instability.
On one hand, I agree that it’d be nice to be able to update just parts
of the system, like you explain.
On the other hand, that would lead to an unknown and possibly
unreproducible system state, which defeats what declarative
(“non-modular”) system upgrades bring.
Besides, I don’t see how one could introduce this “imperative” approach
at the system level, technically.
All in all, it would be best if the situations that make “modular system
upgrades” appear necessary didn’t occur in the first place.
Thoughts?
Ludo’.
next prev parent reply other threads:[~2020-03-08 20:54 UTC|newest]
Thread overview: 7+ messages / expand[flat|nested] mbox.gz Atom feed top
2020-02-23 2:49 Thoughts on making Guix even better Raghav Gururajan
2020-02-23 20:28 ` Jonathan Frederickson
2020-03-08 20:54 ` Ludovic Courtès [this message]
2020-03-09 6:18 ` Gábor Boskovits
2020-03-09 7:28 ` Konrad Hinsen
[not found] <24c65c56c37b309c108f75fb9e3e4681866e7fac.camel@student.tugraz.at>
2020-02-23 17:14 ` Leo Prikler
2020-03-01 10:26 ` Raghav Gururajan
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
List information: https://guix.gnu.org/
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=87o8t68t4o.fsf@gnu.org \
--to=ludo@gnu.org \
--cc=guix-devel@gnu.org \
--cc=raghavgururajan@disroot.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
Code repositories for project(s) associated with this public inbox
https://git.savannah.gnu.org/cgit/guix.git
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).