[CentOS-devel] Missing security updates

Sat Jul 24 01:19:23 UTC 2010
lostson <lostson at lostsonsvault.org>

On Fri, 2010-07-23 at 13:59 +0100, Karanbir Singh wrote:
> Hi Marcus,
> On 07/22/2010 07:51 PM, Marcus Moeller wrote:
> > There is even no clear process of how (trusted) ppl could join up.
> > It's all about 'Expect to get invited when free slots in the testing
> > team are available'.
> Afaik, its not related to 'free slots' at all. And the process is clear, 
> you get recommended in by someone who is presently on the QA team and 
> thats that.
> We have, in the past, thought about having a more formal recruitment 
> process - thats still on the cards - for various specific niche roles 
> that need attention in the project. Lets see how we can accelerate that 
> process a bit in the near future.
> - KB

 I am normally a watcher here but I am afraid I cannot stay out of this
one. And I would like to call BALDERDASH! All this nonsense about not
being able to find volunteers is a bunch of baloney. I'm sure I can
search my archives the forums and even IRC logs where people have been
more than willing to help out. So it isn't that there is a lack of
volunteers at all. It may be that the core group doesn't like the
volunteers they are getting and if that is so then so be it they call
the shots so there is nothing I or anyone else can do about this.

 The fact is a thread like this starts about every 3 months or so and
goes on and on and on. And points on both sides I do agree with. I do in
some ways think that things are not very open in the cent camp. Coming
from other projects where things have been much more open I can see
where people are coming from. But I can also see where the core team is
coming from as well. They have a good thing going and it is their free
time they are contributing and to let just anyone run amuck in the
system they have created could bring forth less than stellar results. 

 As I don't follow rhel security releases very closely I could not tell
you if one was released yesterday and I got it today. I would agree
though that security releases should be a priority and that 24-72 hours
does seem very agreeable to me. And as far as I know this is mostly true
of Tru when he is able to be around and devote more of his time to the
project. Now if the man has things to do and life is busy then KB steps
in and takes over I see no problem with that either. Granted things may
be a bit slower than normal but is that really such a huge deal. I mean
cmon give people a break. It has been well stated that you can download
the src.rpms and build them for yourself if you feel that it is
imperative to get the security update as fast as possible. 

 To sum this mess up I feel that some changes would be nice and I would
like to see some things change but in the end so far my user and
personal experience with cent has been very good between the ML, forums
and IRC I have met alot of great people who are more than willing to
help out. Things may not be perfect but are they ever really. 

 These long drawn out threads of people throwing stones at each other
really accomplish nothing. I really saw nothing productive come out of
this thread at all just alot of pissing and moaning. We simply have a
few choices be productive and contribute, be creative offer solutions
not accusations. LISTEN when someone tells you something LISTEN before
speaking or typing for that matter. take into account all points before
making a decision. I for one enjoy cent do I agree with everything of
course not will I still continue to try and contribute positively where
I can and when I can of course I will.  

 Your other solution pack your bags and move along for there is nothing
for you to see here.

 my 2 freakn cents!

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 189 bytes
Desc: This is a digitally signed message part
URL: <http://lists.centos.org/pipermail/centos-devel/attachments/20100723/e7b15cec/attachment-0005.sig>