But you're always going to see things like this when a company is involved in creating the product. I think if you want full open-source support for respins (not license compliance - everyone should comply with licenses - but real support and making it easy), you have to start with a non - company distro. Probably Debian Stable or the like...
--
James Pulver
CLASSE Computer Group
Cornell University
-----Original Message-----
From: [log in to unmask] [mailto:[log in to unmask]] On Behalf Of Dag Wieers
Sent: Wednesday, September 03, 2014 2:57 PM
To: R P Herrold
Cc: Nico Kadel-Garcia; [log in to unmask]
Subject: Re: Questions about SL 7.0
On Wed, 3 Sep 2014, R P Herrold wrote:
> On Wed, 3 Sep 2014, Nico Kadel-Garcia wrote:
>
>> It's quite galling: the current semi-manual re-assembly of local
>> branches, based on "git log" entries, is winding up lauded as
>> sufficient and superior because, frankly, it's the only thing that's
>> currently supported.
>
> Nico
>
> I get it -- you are unhappy about unsigned SRPMS. I am located in the
> US and so readily subject of the reach the upstream as a target for
> litigation on perceived EULA / terms of use / etc violations. I won't
> be exposing such a tool publicly, but then ...
>
> If you (seemingly offshore from the upstream) really cannot afford the
> funds for a subscription, and will do the coding of a mrepo /
> satellite / whatever proxy to retrieve the signed sources, please ...
> pass the hat, buy a subscription, and just sit down and write the
> code. It would seem (but you should satisfy yourself) that your
> downside risk is that they will turn off such a subscription
>
> But is is not productive (for you) to carp over and over without
> taking steps to address your concern, nor (for others) reading mailing
> lists to wade through 're-runs' of your concern
So the solution is anonymous donations of signed SRPMS in an automated fashion ? Has Open Source come to this ? And to what end ?
Nico has a good point, and the only course of action is to make this absurd situation clear to the public. The only other two options are:
paying and voiding you Red Hat contract or trusting Centos/infra/tooling.
If all this is done only to make RHEL and CentOS more compelling offerings (than Oracle Linux, Scientific Linux, ...), it does leave a bad taste :-/
--
Dag
|