[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Good bye, Fedora Legacy!



After having slept on it, for me it's time to unsubscribe and discontinue
any Fedora Legacy activities. Hence I wave "Good bye!" to the few people
involved so far.

If I were enough of a geek and found myself interesting enough to run my
own blog, I would bitch about it in there. But I'm not. And so I post a
few impressions here.

It just doesn't work, when even trivial fixes or patches ripped off of Red
Hat Enterprise Linux errata don't receive proper attention and the update
packages sit in the queue for months without anyone posting clearsigned
reviews or approvals, respectively.

Future fixes won't be as easy as taking patches from RHEL without
modification and applying them to Red Hat Linux 7.3. It may be necessary
to do real backporting and prepare and test upgrades as a last resort.

No, it's not that updates are prioritized and more important updates
occupy all available resources. It's not hardware and server maintenance
induced delays either, because the bugzilla system is available and the
packages can be prepared meanwhile independently of mirror/server
logistics.

It's that the Fedora Legacy community has not decided on publish criteria
and minimal formalism on how to review and approve packages (in particular
the good bits of the fedora.us policies and guidelines). Therefore,
neither packagers or reviewers know what exactly is required to get a
package published _in time_.

It's not even known how to get a package into "updates-testing" and how
long it will be kept in there. Additionally, non-existing updates for less
popular distributions (e.g. rh80) hold up reviewed and approved updates
for popular distributions, e.g. rh73. A developer, who looks into security
advisories and patches today, doesn't want to repeat the same work 2-3
months later -- when finally it's decided the time has come to push out
another update which has been neglected for several weeks or when the next
weakness must be dealt with and the fix for the previous one has not been
approved yet. Developers and reviewers want to finish something and move on.

The early support for rh73 has been an opportunity to practice doing
legacy updates, in particular with official patches from RHEL which make
that a lot easier. This chance has not been taken.

So long,
Michael

Attachment: pgp00028.pgp
Description: PGP signature


[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]