Ühel kenal päeval, E, 01.04.2019 kell 20:41, kirjutas Bill Kenworthy: > > Are there more than one version in use? And why? > > I would guess: > > 1. that the portage version is meant for the internal use of portage > (hence why its "in an odd spot") and is divorced from the user > package. > > 2. gentoolkit has the user version as "equery f gentoolkit" shows a > /usr/bin/symlink.
The portage version is used for implementing the @security set, which I believe is a dynamic set that pulls in packages that "glsa-check -l affected" would report too. It has a glsa-check too, as it was supposed to all be unified in there eventually, but last I knew, that work has stalled and so there's almost the same backend code for this both in portage and gentoolkit. Use glsa-check from gentoolkit for manual calls and know that there is a @security set available (but research how exactly it works before relying on it for any security safety. Mart
