Please follow the KISS principle
Christian Pearce
pearcec at commnav.com
Wed Dec 31 14:01:42 UTC 2003
On Wed, 2003-12-31 at 06:59, Johnny Strom wrote:
> Warren Togami wrote:
> > I am trying to remember... I believe this means we would need to
> > maintain two separate sets of package management tools, as apt compiled
> > for rpm-4.1 and rpm-4.1.1 are different. I could be wrong though.
> >
> > I dislike the idea of splitting bugfix and security updates because it
> > would further add complexity to the client configuration, as well as add
> > more unnecessary work to the project. If the concern is that we will go
> > wild with arbitrary bugfix packages, this is totally not the case.
> > Bugfixes will be very rare in Legacy, and only in cases where there is
> > no credible opposition.
> >
> > (Actually, non-critical bugfixes will probably go into the "stable"
> > channel of fedora.us, which is not by default part of Legacy's default
> > channels.)
> >
> > Regarding RPM specifically, it is a losing proposition to even suggest
> > using RH8 without an RPM upgrade. And don't worry about the stability
> > of that RPM upgrade, as it is very well understood and tested for a very
> > great amount of time and analysis involved. We at fedora.us have been
> > arguing about this all year now. This is nothing new, like people here
> > seem to think it is.
> >
> > Warren
>
> Hi
>
> I was thinking that the bugfixes that are rear should be separated
> so that it would be opptional for users to go and download them
> manually from ftp or http. If it is done like that then the bugfixes
> will not make any extra trouble for the primary security fixes and no
> changes would be needed to any client or am I wrong about that?.
>
> In this way we would follow the KISS method and still make ppl
> happy that want to fix some bugs.
>
I think what Warren is trying to say is that the RPM upgrade is a
special bug fix that makes sense moving forward. It makes sense to
perform this fix because it affects the system by which we upgrade our
servers. Plus it is a special case and it is well understood.
If it takes upgrading rpm for RedHat 8.0 and RedHat 9 to keep interest
in the project I am for it. I think we are intelligent enough to manage
this. I personally plan on moving all my machines over to 8.0 and 9.
So I rather have the rpm stability.
BTW: What is progeny doing? I think if people are interested in a pure
play security fix for there servers they might want to consider them. I
think Fedora Legacy intended to be a little more than that.
Help blurb: While I think I will have time to do patching and packages,
I am not certain I have the proper knowledge of C (in most cases) to
perform the proper backported security patch. I have a great
understanding of rpm packaging. So if there are not enough people to
make this happen I am certainly willing to try. But I can only hope
that our QA people are equally as diligent. My offer also extends to
QAing packages. I work for a software shop that has a very decent build
and QA process. It wouldn't be difficult for me to test new packages
and give them a thorough testing.
--
Christian Pearce
http://www.commnav.com
More information about the fedora-legacy-list
mailing list