Forum: Cfengine Help Subject: Re: How to remove packages not explicity whitelisted? Author: mikec Link to topic: https://cfengine.com/forum/read.php?3,18929,19006#msg-19006
Aleksey Tsalolikhin Wrote: ------------------------------------------------------- > Does anybody have a recipe for, or would like to > make one, for > removing packages not explicitly whitelisted? > > In other words, if we provide a variable of type > slist that contains a > list of packages we expect to be present on the > system, do the > following: > > a) make sure all packages listed are installed, > and > b) remove any packages that are installed but not > listed. > > I'm asking about (b). I don't know enough about what you're trying to do, but my gut reaction to wanting to do this is "why?" If you want to provide a white-list, then you're also going to have to ensure that any dependencies of packages in the white-list are also in the white-list. Your white-list is going to get big, and difficult to maintain -- you'll have to manually track additions and deletions of dependencies [*] for all package updates . That may be feasible in certain environments but it would seem to negate many of the advantages of managing software using package management for not a lot of benefit. Assuming you really do need this behavior, you could create a module which returns a list of the non-white-listed packages, but this is probably going to be an ``expensive'' promise to keep, and likely need 1 variant for each packaging system in use. Mike [*] Some package managers allow you to delete a package without affecting dependencies but those packages would continue to show up in subsequent runs until added to a white-list manually. _______________________________________________ Help-cfengine mailing list Help-cfengine@cfengine.org https://cfengine.org/mailman/listinfo/help-cfengine
