LISTSERV - SCIENTIFIC-LINUX-USERS Archives

SCIENTIFIC-LINUX-USERS Archives

July 2014

SCIENTIFIC-LINUX-USERS@LISTSERV.FNAL.GOV

	LISTSERV Archives
	SCIENTIFIC-LINUX-USERS Home
	SCIENTIFIC-LINUX-USERS July 2014

	Log In
	Register

	Subscribe or Unsubscribe

	Search Archives

Options:	Use Monospaced Font Show Text Part by Default Show All Mail Headers
Message:	[<< First] [< Prev] [Next >] [Last >>]
Topic:	[<< First] [< Prev] [Next >] [Last >>]
Author:	[<< First] [< Prev] [Next >] [Last >>]

Subject:	Re: Clarity on current status of Scientific Linux build
From:	Lamar Owen <[log in to unmask]>
Reply To:	Lamar Owen <[log in to unmask]>
Date:	Wed, 2 Jul 2014 10:12:02 -0400
Content-Type:	text/plain
Parts/Attachments:	text/plain (48 lines)

On 07/02/2014 12:18 AM, Patrick J. LoPresti wrote:
> On Tue, Jul 1, 2014 at 5:09 PM, jdow <[log in to unmask]> wrote:
>> On 2014-07-01 08:16, Patrick J. LoPresti wrote:
>>
>>> The *goal* of CentOS used to be binary compatibility, even if it was
>>> never 100% achieved. ...
>> Pat, this is nominally impossible with modern compilers as I discovered a
>> long time ago.
> Incorrect.
>

If it's so incorrect, then why is it mentioned in the gnu.org GPL FAQ?

> No, "traceability" is the irrelevant side issue here.

In NTP terms, if I can have a stratum 1 source that's nice, but a 
stratum 2 may be enough for the job at hand.  If I truly need real 
stratum 1 then I need to pay for the proper number and types of 
refclocks to obtain real stratum 1 capability (I have this exact need 
here, and am building out the necessary number and types of refclocks to 
achieve that goal; for non-astronomical purposes stratum 4 or 5 is more 
than sufficient as long as those are traceable to stratum 1 sources, 
such as tick and tock and the various standards maintained by NIST). A 
single GPS-disciplined clock, such as an HP/Agilent/Symetricom Z3816A or 
Z3805 is just not enough by itself.

> Once again, the only relevant question is whether and how Scientific
> Linux can be a rebuild of Red Hat Enterprise *and not CentOS*,...

This remains to be seen.  It may not be possible.  But in order for the 
SL team to accomplish this, traceability to Red Hat of the sources will 
be required, since it is apparent that source RPMs on a public ftp 
server are not coming back any time soon, if ever.  If this traceability 
means that the SL team internally audits against upstream's source RPMS 
obtained via subscription, and they silently release SL7 without 
publicly revealing the results of that audit, will that meet your 
standards?  (My gut feel is that only a rebuild of subscription-obtained 
SRPMs publicly released would meet your standards, but that may not be 
something anyone is willing to do.)

> I trust the Scientific Linux team. Obviously, I do not trust Red Hat
> which includes CentOS. Time will tell how well my trust is placed.
If you don't trust Red Hat then why use their obviously different from 
upstream sources in the first place?  Any straight rebuild of Red Hat's 
sources cannot be more trustworthy than Red Hat's sources, unless every 
line of source code being rebuilt is completely security audited, which 
goes way beyond a typical rebuild.

ATOM RSS1 RSS2

LISTSERV.FNAL.GOV