Uploaded image for project: 'Core Server'
  1. Core Server
  2. SERVER-3488

RPM packages from 10gen installs yum repository

    XMLWordPrintableJSON

Details

    • Icon: Bug Bug
    • Resolution: Done
    • Icon: Minor - P4 Minor - P4
    • None
    • None
    • Packaging
    • None
    • CentOS 5/6
    • Linux

    Description

      The packages from http://downloads-distro.mongodb.org/repo/redhat/os/ installs your yum repository without prompting or permission.

      This is bad because:

      • production systems generally cannot connect to the outside thus leaving them in an undesired state
      • it's likely to breach many peoples security policies
      • you only keep the latest version in your repos which does not serve customer needs as a full fledged yum repo for production use, its not possible to ensure all mongo servers are at the same version using your repository
      • by having just the latest version and adding your repos without permission you promote user error - someone running yum update will also immediately get your latest release
      • its simply a very nasty thing to do, package sources and policies should be left to the administrators of a site

      Thanks.

      Attachments

        Activity

          People

            ernie.hershey@mongodb.com Ernie Hershey
            ripienaar R.I.Pienaar
            Votes:
            0 Vote for this issue
            Watchers:
            3 Start watching this issue

            Dates

              Created:
              Updated:
              Resolved: