On Wed, 3 Sep 2014, Dag Wieers wrote:
> On Wed, 3 Sep 2014, R P Herrold wrote:
> > But is is not productive (for you) to carp over and over
> > without taking steps to address your concern, nor (for others)
> > reading mailing lists to wade through 're-runs' of your
> > concern
> So the solution is anonymous donations of signed SRPMS in an automated fashion
> ? Has Open Source come to this ? And to what end ?
Who mentioned 'anonymous donations'? Be up front, and buy a
subscription, and see, if one is comfortable doing so. There
are very few 'free lunches' in the world, and if the absence
of signed SRPMs in the latest incarnation offends, see how to
address it. The unified patched kernel at 6 was only slightly
different, and we came to live with it. Point the finger at
the commercial entitles that scraped the upstream's
knowledge base to death, if you want to point at a bad actor
No, Dag, the solution is to stop whineing, to assess risk, and
if one is comfortable, sit down and code and publish a
'verifying tool' if that is his 'beef'. It is useless to
continue to seek a change which is clearly NOT coming from the
upstream
> Nico has a good point, and the only course of action is to make this absurd
> situation clear to the public. The only other two options are: paying and
> voiding you Red Hat contract or trusting Centos/infra/tooling.
I do (and did) not speak to what may or may not be done with
SRPMS; in the past I have seen them posted 'offshore' to me
... I just say: I *personally* choose not be to be a target or
walk close to edges of cliffs
> If all this is done only to make RHEL and CentOS more compelling offerings
> (than Oracle Linux, Scientific Linux, ...), it does leave a bad taste :-/
One does have to wonder about tone-deaf-ness at the upstream,
yes. The market has seemed to like their product back when
OS'es mattered. Times change. Perhaps only a few people care
about making sure a trusted chain of authenticity links back
to the community's sources, any more. If not, code around it
With my regards,
-- Russ herrold
|