unofficial mirror of guix-devel@gnu.org 
 help / color / mirror / code / Atom feed
* Thoughts on making Guix even better
@ 2020-02-23  2:49 Raghav Gururajan
  2020-02-23 20:28 ` Jonathan Frederickson
  2020-03-08 20:54 ` Ludovic Courtès
  0 siblings, 2 replies; 7+ messages in thread
From: Raghav Gururajan @ 2020-02-23  2:49 UTC (permalink / raw)
  To: guix-devel

Hello Guix!

I have been thinking about this for a long time and would like to share it now.

The transactional upgrades and roll-backs are available to both Guix Package and Guix System. But I see a important difference which might be crucial to guix's development and use.

GUIX PACKAGE:

The guix package transactions are MODULAR. That is, you can upgrade packages selectively. For example, you can upgrade all packages except one/few (or) only upgrade one/few.

GUIX SYSTEM:

The guix system transactions are NON-MODULAR. That is, you cannot selectively reconfigure certain parts of the system. For example, you either reconfigure the system as a whole (or) you do not reconfigure the system at all.

IMPLICATIONS:

Lets assume we have 5 packages in profile. Package 1, 3 and 5 has non-critical updates. Package 4 has non-critical update but it breaks. Package 2 has critical update (CVE). We can either upgrade all packages except package 4 (or) we can upgrade only package 2.

Lets assume we have 5 services/packages in system. Package/Service 1, 3 and 5 has non-critical updates. Package/Service 4 has non-critical update but it breaks. Package/Service 2 has critical update (CVE). Now, when we reconfigure the system, all packages/services will upgrade, package/service 4 will break the system. We can of course do '--roll-back' and take the system to previous working state. But that will leave the system with critical vulnerability. Therefore, we cannot reconfigure package/service 2 or any other parts of the system, until the package/service 4 is fixed. This window/gap puts guix system at great risk and instability.

SUGGESTION:

We can brain-storm and implement a way to make guix system transactions modular. Any ideas?

Thank you!

Regards,
Raghav "RG" Gururajan.

^ permalink raw reply	[flat|nested] 7+ messages in thread
[parent not found: <24c65c56c37b309c108f75fb9e3e4681866e7fac.camel@student.tugraz.at>]

end of thread, other threads:[~2020-03-09  7:28 UTC | newest]

Thread overview: 7+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2020-02-23  2:49 Thoughts on making Guix even better Raghav Gururajan
2020-02-23 20:28 ` Jonathan Frederickson
2020-03-08 20:54 ` Ludovic Courtès
2020-03-09  6:18   ` Gábor Boskovits
2020-03-09  7:28     ` Konrad Hinsen
     [not found] <24c65c56c37b309c108f75fb9e3e4681866e7fac.camel@student.tugraz.at>
2020-02-23 17:14 ` Leo Prikler
2020-03-01 10:26 ` Raghav Gururajan

Code repositories for project(s) associated with this public inbox

	https://git.savannah.gnu.org/cgit/guix.git

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).