| |||||||||||||
|
| |||||||||||||
An update on Fedora's "issues"An update on Fedora's "issues"Posted Aug 16, 2008 21:50 UTC (Sat) by ESRI (subscriber, #52806)Parent article: An update on Fedora's "issues"
Lots of speculation going on. The one thing I'm sure of is that this must be a very serious issue. Were it anything less, the Fedora Project would likely not risk the potential negative fallout from how the issue is being handled (ie only a very few know what is going on). I think Fedora has earned enough good will with its users and development community that people trust that there is a very good reason for things being handled the way they are. Most everyone is antsy, but able to hang on and wait a little longer for information.
(Log in to post comments)
An update on Fedora's "issues" Posted Aug 16, 2008 22:16 UTC (Sat) by me@jasonclinton.com (subscriber, #52701) [Link] We'll really just have to wait until they disclose what happened. If this turns out to be a security issue, I don't think anyone will ever trust them again (given the lack of disclosure). OTOH, it could just be failed hardware. Hard to tell without some actual information.
An update on Fedora's "issues" Posted Aug 17, 2008 0:35 UTC (Sun) by ofeeley (subscriber, #36105) [Link] That depends on what the security issue actually is and who is affected by it. Full disclosure is attractive when I'm the one affected, but if the problem solely affects the Fedora Project entity then they have a right to restrict information as they see fit. However, it's pointless to speculate at this stage (and believe me I've been searching the lists and bug-tickets for possible clues!) and may be something mundane involving running out of resources for crucial infrastructure servers or completely broken packages being made available for updates. It's hard to guess why such causes would not simply be stated as a reason though.
An update on Fedora's "issues" Posted Aug 17, 2008 14:14 UTC (Sun) by AlexHudson (guest, #41828) [Link] Full disclosure only works when you are able to disclose a work-around or some kind of other fix. If you disclose and there's nothing (or only very painful solutions) that people can implement, that's a pretty bad idea.
An update on Fedora's "issues" Posted Aug 17, 2008 14:54 UTC (Sun) by jengelh (subscriber, #33263) [Link]
>We'll really just have to wait until they disclose what happened. If this turns out to be a
security issue, I don't think anyone will ever trust them again (given the lack of
disclosure). OTOH, it could just be failed hardware. Hard to tell without some actual
information.
"Please don't update" with failed hardware? No, if the hardware failed they'd just let it go
("server is busted, please use a mirror"). This smells much like the Debian intrusion in July
2006.
An update on Fedora's "issues" Posted Aug 17, 2008 2:04 UTC (Sun) by zlynx (subscriber, #2285) [Link] Maybe they don't *know* what the problem is yet. They could be running forensics, trying to find if there was a hardware or software failure or if they had a security failure.
Mystery problems in complex systems Posted Aug 17, 2008 16:01 UTC (Sun) by tialaramex (subscriber, #21167) [Link] Yeah. Definitely a possibility. We had a machine built (with CentOS 5) a little while back, handed over to us as working. We discovered it didn't have a compiler installed (perils of letting non-developers specify the machine). So 'yum install gcc' and Yum immediately segfaults. Tried manually updating the kernel because someone suggested a recent AMD bugfix could be related. Still segfaults. Well, that was bad news, so I tried replacing Yum RPMs manually, got nothing. Eventually we found that RPM libraries were corrupted somehow, replaced those, and Yum was working, but soon after installing GCC I ran 'less' and that segfaulted. While investigating this, the disk became read only and the kernel reported serious ext3 corruption. So we turned it off and handed it back over as faulty hardware, suspected RAM or disk failure. But the hardware guys ran every diagnostic they could think of, found nothing and re-installed CentOS. And now it seems fine (we have some fairly hard-core correctness tests still to run on the finished system of software + hardware). So what happened there? Corrupted install media? Cosmic rays? Some new type of malware? Just good old PEBCAK? Normally I would want to understand, but in this case hunting for the answers seems likely to be fruitless. If the Fedora people have some mystery symptoms it would be nice if they set themselves (and told us) a deadline where they'll declare it just another unsolved mystery, like a headless torso washed up on a beach with no identifying marks.
Mystery problems in complex systems Posted Aug 17, 2008 16:38 UTC (Sun) by vonbrand (subscriber, #4458) [Link] Those symthoms are very similar to what I had way back with a Western Digital disk + DMA: The filesystem got slowly corrupted, and in the end nothing worked. Also when in a machine the IDE cable was wrapped around the power cables. Bad disk, controller? Bad RAM? CPU overheats (bad fan)?
Mystery problems in complex systems Posted Aug 17, 2008 23:10 UTC (Sun) by jengelh (subscriber, #33263) [Link] >Also when in a machine the IDE cable was wrapped around the power cables. Bad disk, controller? Bad RAM? CPU overheats (bad fan)? Sounds like bad spirits and particles. 80-pin cables have at least 40 grounds just to combat the crosstalk. And then there is also the magnetic field around the Molex line. The combination sounds hardly good.
An update on Fedora's "issues" Posted Aug 17, 2008 14:49 UTC (Sun) by sbergman27 (subscriber, #10767) [Link] """ I think Fedora has earned enough good will with its users and development community that people trust that there is a very good reason for things being handled the way they are. """ That is very much a matter of personal opinion. I've had too many systems bitten by Fedora's playing fast and loose with updates, and am not particularly surprised at the fact that they are having this problem (which is almost certainly security related, else they would not be so tight-lipped) or by the way they are handling it. In the mean time, I continue my planned migrations of existing Fedora servers to CentOS and Ubuntu Server.
An update on Fedora's "issues" Posted Aug 17, 2008 22:12 UTC (Sun) by BeS (subscriber, #43108) [Link] >I've had too many systems bitten by Fedora's playing fast and loose with updates That's probably the downside of having a bleeding-edge distribution. Personally i enjoy this character of Fedora on my personal desktop systems. Sure from time to time a update can break something but in my experience this is really seldom and happen to my more often with Debian testing (which i used before) But... >In the mean time, I continue my planned migrations of existing Fedora servers ... imho you should never use Fedora for a server because both the bleeding-edge characteristic and the short support cycle is not really suitable for a server. For a server i would always choose CentOS or RedHat if i want something like "Fedora for the server" or Debian if it could/should be something complete different than Fedora.
An update on Fedora's "issues" Posted Aug 18, 2008 13:22 UTC (Mon) by vonbrand (subscriber, #4458) [Link] In the end, it is better to stay with one line of distributuions for desktop + server, be it Debian(ish) or Fedora + CentOS/RHEL. The trouble you get into because you don't remember how to handle some configuration in one or the other, or subtle inconsistencies due to different software strains, just isn't worth it.
|
|
||||||||||||