Yum: Status of 'yum-security' plugin for CentOS 5.4?

[gigglesworth]

Hello,

RedHat created the 'yum-security' plugin for Yum, which is [url=http://magazine.redhat.com/2008/01/16/tips-and-tricks-yum-security/]detailed here[/url].

What is the status of 'yum-security' in CentOS 5.4 ?

When I last checked, 'yum-security' was still not supported by CentOS, according to [url=http://lists.centos.org/pipermail/centos/2009-March/072919.html]this thread[/url] and http://bugs.centos.org/view.php?id=3578 . However, I have not been able to find much current information about this.

I read the Release Notes for CentOS 5.3 & 5.4, as well as the changelog for the yum-security RPM. Those are rather ambiguous. The post at http://lists.centos.org/pipermail/centos-announce/2009-October/016195.html suggests that this may be working soon.

"[quote]Starting with 5.4, we will also have all fast-track rpms from upstream available in the fasttrack repository hosted at mirror.centos.org. This will start getting packages in the next few weeks, and also means that we will be able to move towards having a functional yum-security setup in place. Details on these will be posted by the 15th of Nov 2009.[/quote]

However, I have not seen any updates about this functionality, although the details were to have been "posted by the 15th of Nov 2009".

Just checking in.

Thank you,

-= Stefan

[z00dax]

hi,

yum-security is something that needs a lot of infrastructure behind it - things that we dont have at this time and there exist no means to 'acquiring' the processed results from anywhere without getting into AUP infringements. So its something on the back burner.

On the question of fasttrack rpms - we are building those already for 5.4+, however the release process is fairly complex and I just want to make sure that this is nailed down in a way that its (a) robust and (b) sustainable long term, before we start pushing packages out. My initial estimate on how long this might take was clearly off the mark ( and there has been some level of feature creep as well, but am trying to keep that to minimal ). As things stand right now, the plan is to get fasttrack repo's populated in the next 3 weeks time, so it should be there when most people get back after the holiday season.

I'll try and get a more detailed update on exactly what the process is as well as how its working out and post it publicly, and url here, in the next few days ( mid-week next week would be a good target ).

- KB

[gigglesworth]

Thank you for the reply, Karanbir. It looks like you've been working hard on this. Many people may not understand the significance of this feature, and I appreciate your hard work.

For anyone who is following the conversation, the "CentOS-FastTrack" is described at [url=http://wiki.centos.org/AdditionalResources/Repositories#line-22]wiki.centos.org/AdditionalResources/Repositories : Available Repositories for CentOS: CentOS-Fasttrack[/url]. While the documentation mentions CentOS4, I believe this same information applies to CentOS5 as well.

-= Stefan

[gigglesworth]

I am reviving this old thread to see if anyone knew the status of this.

Does CentOS support 'yum-security'?

I have searched around CentOS.org, and I can't find any announcement for this feature or release notes, etc.

Thank you for your help,

-= Stefan Lasiewski

[gigglesworth]

This doesn't seem to be working on my CentOS 5.5 host, but I'm not sure if this is due to a problem with my host, or if the CentOS.org supports this feature at all.

[code]
[root@host1 ~]# cat /etc/*issue
CentOS release 5.5 (Final)

[root@host1 ~]# yum list-security
Loaded plugins: fastestmirror, replace, security
Loading mirror speeds from cached hostfile
* epel: linux.mirrors.es.net
* ius: www.applesauceman.com
list-security done
[root@host1 ~]#
[/code]


If this doesn't work currently, is there a plan to make this work in the future? I understand this is a non-trivial task. I've been unable to find any authoritative news about this, and I'm just trying to understand the status of this project.

[TrevorH]

It doesn't.

[gigglesworth]

Since this doesn't work currently, is there a plan to make this work in the future?