Bug 1086288

Summary: RFE: coordination with createrepo to enable faster yum --security check-update
Product: [Fedora] Fedora Reporter: Frank Ch. Eigler <fche>
Component: dnfAssignee: Packaging Maintenance Team <packaging-team-maint>
Status: CLOSED DUPLICATE QA Contact: Fedora Extras Quality Assurance <extras-qa>
Severity: unspecified Docs Contact:
Priority: unspecified    
Version: rawhideCC: admiller, fche, jsilhan, jzeleny, packaging-team-maint, pnemade, rholy, tim.lauridsen
Target Milestone: ---   
Target Release: ---   
Hardware: Unspecified   
OS: Unspecified   
Whiteboard:
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2014-11-19 12:14:55 UTC Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Bug Depends On: 850912    
Bug Blocks:    

Description Frank Ch. Eigler 2014-04-10 14:31:52 UTC 
At the present, the yum repo database mushes together security 
and non-security updates in such a way that makes it inefficient
to search just for high-priority security updates.  It would be
nice (tm) if createrepo and yum --security could coordinate a new
facility whereby security updates were also put into a separate,
stripped, smaller database that would allow more-nearly-instant
yum --security check-update.  This could lower the barrier against
more frequent checks/updates.
Comment 1 Jan Zeleny 2014-04-11 07:55:38 UTC 
Changing component to dnf, we don't plan to implement any features in yum unless they are critical for significant number of users.

For further evaluation I'll just say this. Let's disregard the "how" part and focus on the "what" part. If I understand it correctly, the request here is to lower the performance barriers for security updates to make users apply security updates more often.

The first step here would be to figure out how big those barriers really are, especially in dnf. The next thing would be to find out if there is something we can do about the situation without any hackish solutions.

Frank, if you provide more detailed information to justify your request in the context of dnf, it will be highly appreciated.
Comment 2 Ales Kozumplik 2014-04-11 10:43:12 UTC 
Indeed, Frank can you please provide the concrete use case? What limitation are you hitting with Yum and the same once bug 850912 is resolved for DNF? Thanks!
Comment 3 Frank Ch. Eigler 2014-04-11 11:06:57 UTC 
Ales, Jan, the idea is just as we both said above: to make it painless for
a security-update search to run effortlessly quickly, so a user does not
have to wait for dnf-cron multi-hour latencies, or multi-second large
downloads.  (Just the textual list of "yum --security list" names 
compresses down to about 40kb.)

So basically I'm imagining hourly or more frequent security check-updates.
Comment 4 Frank Ch. Eigler 2014-04-11 11:07:25 UTC 
... and something light enough to be done automatically during cloud-init / boot.
Comment 5 Honza Silhan 2014-11-19 12:14:55 UTC 

*** This bug has been marked as a duplicate of bug 850896 ***