[Nix-dev] Improving security updates
Roger Qiu
roger.qiu at polycademy.com
Sat Apr 11 01:13:48 CEST 2015
The page https://nixos.org/wiki/Security_Updates isn't very user friendly.
It requires too much of the user (treats servers like pets and not like
cattle):
1. Monitor package vulnerabilities.
2. Manually override the packages that have vulnerabilities. Rebuild.
3. Manually remove the the override when it no longer needs it. Rebuild.
Multiply that by each server.
It really should be automatic or at least through one command that is
prompted. Secondly I'd prefer step 3 to not be required. Once its
overridden, and if/when the channel catches up it shouldn't cause another
change.
The bot idea sounds great.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.science.uu.nl/pipermail/nix-dev/attachments/20150411/ed4bae62/attachment.html
More information about the nix-dev
mailing list