LISTSERV - SCIENTIFIC-LINUX-USERS Archives

SCIENTIFIC-LINUX-USERS Archives

September 2014

SCIENTIFIC-LINUX-USERS@LISTSERV.FNAL.GOV

	LISTSERV Archives
	SCIENTIFIC-LINUX-USERS Home
	SCIENTIFIC-LINUX-USERS September 2014

	Log In
	Register

	Subscribe or Unsubscribe

	Search Archives

Options:	Use Monospaced Font Show Text Part by Default Show All Mail Headers
Message:	[<< First] [< Prev] [Next >] [Last >>]
Topic:	[<< First] [< Prev] [Next >] [Last >>]
Author:	[<< First] [< Prev] [Next >] [Last >>]

Subject:	Re: Questions about SL 7.0
From:	R P Herrold <[log in to unmask]>
Reply To:	R P Herrold <[log in to unmask]>
Date:	Wed, 3 Sep 2014 15:16:09 -0400
Content-Type:	text/plain
Parts/Attachments:	text/plain (50 lines)

On Wed, 3 Sep 2014, Dag Wieers wrote:

> On Wed, 3 Sep 2014, R P Herrold wrote:

> > But is is not productive (for you) to carp over and over
> > without taking steps to address your concern, nor (for others)
> > reading mailing lists to wade through 're-runs' of your
> > concern

> So the solution is anonymous donations of signed SRPMS in an automated fashion
> ? Has Open Source come to this ? And to what end ?

Who mentioned 'anonymous donations'?  Be up front, and buy a 
subscription, and see, if one is comfortable doing so.  There 
are very few 'free lunches' in the world, and if the absence 
of signed SRPMs in the latest incarnation offends, see how to 
address it.  The unified patched kernel at 6 was only slightly 
different, and we came to live with it.  Point the finger at 
the commercial entitles that scraped the upstream's 
knowledge base to death, if you want to point at a bad actor

No, Dag, the solution is to stop whineing, to assess risk, and 
if one is comfortable, sit down and code and publish a 
'verifying tool' if that is his 'beef'.  It is useless to 
continue to seek a change which is clearly NOT coming from the 
upstream

> Nico has a good point, and the only course of action is to make this absurd
> situation clear to the public. The only other two options are: paying and
> voiding you Red Hat contract or trusting Centos/infra/tooling.

I do (and did) not speak to what may or may not be done with 
SRPMS; in the past I have seen them posted 'offshore' to me 

... I just say: I *personally* choose not be to be a target or 
walk close to edges of cliffs

> If all this is done only to make RHEL and CentOS more compelling offerings
> (than Oracle Linux, Scientific Linux, ...), it does leave a bad taste :-/

One does have to wonder about tone-deaf-ness at the upstream, 
yes.  The market has seemed to like their product back when 
OS'es mattered.  Times change.  Perhaps only a few people care 
about making sure a trusted chain of authenticity links back 
to the community's sources, any more.  If not, code around it

With my regards,

-- Russ herrold

ATOM RSS1 RSS2

LISTSERV.FNAL.GOV