[CentOS-devel] Missing security updates

Fri Jul 23 16:56:48 UTC 2010
Les Mikesell <lesmikesell at gmail.com>

On 7/23/2010 9:06 AM, Karanbir Singh wrote:
>> As an outsider, I'm having trouble understanding how you will ever be able to
>> solve this trust issue if you wait until you are short-handed to start. And
>> expecting to never be short-handed doesn't seem realistic.
> What makes you think its a case of waiting till the problem strikes
> before we look for people ?

All I know is what I've seen on the mail list which has seemed fairly 
hostile to any offers to help or even questions to better understand the 

> I think its a case of working out and making
> sure there are 'enough' people around to handle the 'process'. What is
> that number ? I dont know myself. But 1 is a good number to work with.
> We only really need no-more than 1 person around most times.

If you were designing a reliable computing process would you ever say 
that 1 instance is enough - or even one location?

> Also, I wonder if people on this list realise that only about 10%[1] of
> our time and effort is oriented towards packages. There is a whole lot
> of other stuff we do too! Like the mirror setup, infra stuff, the forums
> are well looked after, there are over a dozen services that are exposed
> from *.centos.org

No one is saying you don't work hard enough.  The questions are about 
whether the resources are balanced with the tasks (with some evidence 
that they aren't...) and what can be done to improve that.  Or perhaps 
how to adjust expectations to match reality if resources are 
overcommitted and going to stay that way.

   Les Mikesell
    lesmikesell at gmail.com