Les wrote: > On Mon, 2007-09-24 at 08:43 -0600, Frank Cox wrote: >> On Mon, 24 Sep 2007 14:03:28 +0200 (CEST) >> Jim van Wel <jim@xxxxxxxxxxxxx> wrote: >> >>> rpm -e --nodeps packagename >> Eek and egad. Every time I see someone recommending "--nodeps" or "--force" >> to install any rpm it gives me a shiver down my spine.... > Hi, Frank, > I am new to Fedora (about 1 year now), but I understand some of the > problem, but perhaps you should elucidate for the new users or > uninitiated folks about the results that can occur from these options > and also when it is reasonable to use one of them. There are reasons on > both sides I am sure, but I don't yet know all the "ins and outs" of the > process, so don't feel competent to advise any one on this issue. > > Thanks, > Les H > Using "--nodeps" or "--force" can result in anything from a program that will not run all the way up to breaking RPM itself, or a system that will not boot. It depends on the package being installed/upgraded/removed. Looking at the list of programs that will break if you do not use these options is a good start in determining if it is safe. But the list may not be complete, because there can be other packages that depend on the packages you are breaking. Also, not all package list all the packages they depend on. Yum does a better job of listing the packages you will break, because it follows the chain of program dependencies. But it takes longer to produce the list. This is why you sometimes gets a list of 50 packages that will be removed when you tell yum to remove one package. I do not know of any simple rule that can tell you when it is safe to use "--nodeps" or "--force", and when it is not. When it is a "top level" program, it usually fairly safe. If it is a program needed for system operation, it probably isn't. When you are talking about libraries, you have to know what the library is used for. It is usually safe when the new package only update the minor version number. (2.5.3 to 2.5.4) This is not susposed to break any thing. Changing the mid-level version is more of a gamble. (2.5.1 to 2.6.1) It may not be backward compatible. Changing the major version will almost always break things. (2.5.1 to 3.0.1) This is why the version numbers are constructed the way they are. But not everyone follows them. If a package says it needs package a.b.c, it will usually work with a.b.d, but this is not a hard and fast rule. You should read the release notes to make sure. The reverse may not be true. A package that says it needs a.b.d or greater is probably not going to work with a.b.c. If it says a.b.c or less, it probably is not going to work with a.b.d - the program is probably counting on something that changed in the updated version. (Usually because of a bug or undocumented function that is not longer there.) I hope this helps. This is one area where experience is necessary to make the proper decisions, and you are still taking a risk. You just have a better idea of the risk level. Mikkel -- Do not meddle in the affairs of dragons, for thou art crunchy and taste good with Ketchup!
Attachment:
signature.asc
Description: OpenPGP digital signature
