LWN.net Logo

Not logged in

Log in now

Create an account

Subscribe to LWN

Recent Features

LWN.net Weekly Edition for May 16, 2013

A look at the PyPy 2.0 release

PostgreSQL 9.3 beta: Federated databases and more

LWN.net Weekly Edition for May 9, 2013

(Nearly) full tickless operation in 3.10

Printable page
Weekly edition Kernel Security Distributions Contact Us Search
Archives Calendar Subscribe Write for LWN LWN.net FAQ Sponsors

better clone workflow | volunteering | "complete audit"

better clone workflow | volunteering | "complete audit"

Posted Aug 23, 2008 17:19 UTC (Sat) by gvy (guest, #11981)
In reply to: kbsingh@? hm by dowdle
Parent article: CentOS on the systems intrusions at Red Hat

> You don't seem to understand CentOS.
Indeed. I'm stupid enough project manager, you see.

If RH clones had brains, they might try and come up with workflow like:
- own bugtracker
- cloned (stable) repo
- unstable/proposals repo which might have packages diverging from original
- process of proposing patches/spec fixes/version updates via bugzilla.redhat.com

This way, there might occur reasonable development sense in a project, not just an "affordable repackaging" one (am I closer to "understanding CentOS" with this statement? ;-).

> [...] CentOS doesn't have any kernel developers
Kernel developers don't jump out of thin air, they grow up (just like with any profession). In this particular example, figuring out which of the patches in similarly 2.6.18-based but working kernel might be reasonable exercise for a kernel hacker wannabe (in a good sense :-) -- given that hardware access off a separate HDD/LiveCD could be organized quite easily.

If a volunteer effort would pair with another volunteer effort (like kernelnewbies), I bet that those growing up with more or less simple situations would find even better job soon. Should definitely do no harm to efforts as well.

But then again, I've only done one silly little kernel patch nine years ago, and it was such an obvious re-hardwiring that I didn't even bother anyone (it got fixed properly with CONFIG_ handle that year anyways).

Back to bugzilla, we have quite a few bugs assigned to nobody@ which does help with finding something to wrestle in one's spare time. Assigning lots of bugs *manually* to one's self just to forget them isn't going to work but rather leads to "buried alive under a pile of bugreports".

> It is a bit tacky of you to criticize a volunteer who is in
> a position of leadership and obviously gives a lot of his time
> to the community.
Heh, I'm a volunteer in a sort of leadership with quite some time spent exactly on connecting creative people in community with opportunities to grow up, that is bugs and not-yet-done stuff :-) And yes, guiding people who might write a good bugreport in a mailing list to post it to bugzilla.

Thanks for your way better tempered comment, still when I would have written replies like "get lost" and people published them and got me to understand _my_ fault I found myself thankful to them in the longer run.

Back to the original matter, I still don't trust any claim of "complete audit" by volunteers who don't have time to close kernel bugs at least as WONTFIX; and that was largely the point, not just insulting folks around.

Hope that intruders were too busy with RH/Fedora and didn't get around to try their hand at the third target, whatever they used... had to redo one system from scratch after 2003's openssh adventure, no joy.

(Log in to post comments)

better clone workflow

Posted Aug 23, 2008 21:05 UTC (Sat) by louie (subscriber, #3285) [Link]

Sounds like CentOS has a new volunteer to be bugmaster for them! I'm sure it'll be a long, fruitful partnership.

better clone workflow | volunteering | "complete audit"

Posted Aug 23, 2008 22:09 UTC (Sat) by dowdle (subscriber, #659) [Link]

CentOS has some additional repos where they offer some additional kernel flavors as well as some additional packages. They also have a repo for upcoming updates that are in testing. As previously noted, they have a bugzilla. So, I guess my point is that they already have a workflow similar to the one you recommend.

Given the popularity of CentOS, it's good reputation because it has a goal and it sticks to it, the large number of distros that are based on it (including a few prominent pay ones), and it's lasting success, I don't think they really need any advice from you... but I'm just a user. What do I know?

There are a number of clones I know less about... some of them even charge for timely updates. Perhaps you could advise them?

[wontfix] better clone workflow

Posted Aug 26, 2008 13:10 UTC (Tue) by gvy (guest, #11981) [Link]

> So, I guess my point is that they already have a workflow
> similar to the one you recommend.
Having repos and a bugtracker isn't enough for having a workflow... (btw I rather "suggested" rather than "recommended" that, since it usually takes some time of doing/using something myself to recommend that)

> Given the popularity of CentOS, it's good reputation
> because it has a goal and it sticks to it
I'd rather say its popularity/reputation is >99% a job of redhat.com folks (development, packaging, QA, security response) and <1% a job of centos.org folks. Not to put down those who finally managed to create "the" RH clone but to put things in perspective.

> I don't think they really need any advice from you...
I don't think they'll take any.

> Perhaps you could advise them?
I'd probably better care for 32 ALT bugs assigned to myself (looks like that's almost minimum of them usually) than chasing clones and advising them to be a bit more like humans :) rather ranting... I don't consider clones a viable point of considerable development having watched ASP Linux for many years with my 5-years-old predictions coming true one after another, and having begun my Linux practice with WGS Linux Pro back in RH4 days. :)

Copyright © 2013, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds