On Fri, 23 Jul 2010, Ned Slider wrote: >> Tough. Not me, thank you. This is a labor of love, and if >> you want commercial SLA's you'll have to buy them from me. >> Prices on request of a serious offer to purchase >> http://www.owlriver.com/wings/ > I'm confused as to exactly what you are saying here. The CentOS Project > FAQ states: > > Q. How long after redhat publishes a fix does it take for CentOS to > publish a fix? > > A. Our goal is to have individual RPM packages available on the mirrors > within 72 hours of their release, and normally they are available within > 24 hours. > > https://www.centos.org/modules/smartfaq/faq.php?faqid=7 > Are you implying that you will provide security updates > under a paid SLA agreement but not to the wider CentOS > Community? Stop being coy and a trolling Bozo -- Of course I do, and have for many many years, long predating CentOS -- if you are unaware of that you have not thought through the timing and the history * shrug * But, not under a CentOS signing key. The web content at 'wings' was written and updated long before RHEL ever existed, let alone CentOS. Progeny and I have pretty conclusively demonstrated that there is (or at least was) not a sustainable market for enterprise distributions maintenance (and Jesse Keating later as to a 'all packages' backport of security fixes as to FL) as a standalone matter, but rather such sales of services and SLA's occur as a 'pull along' to other consultancy work Obviously other vendors are equally free to compete in the marketplace for selling such against me, just as I compete with Red Hat ... just as CentOS very consciously does NOT sell SLA backed update promises Under a contract with third parties and backed and signed by an Owl River key, I do and have provided and will continue to cross-builds of [in part] publicly released Red Hat's SRPMs in advance of matter CentOS may later issue, since long before CentOS or cAos existed. I review a nightly mirroring report with 'diffs', and feed my personal buildsystems accordingly My R side package module archive is several hundred large, covering essentially all of bioinformatics, finance, statistics and economics dependencies and all leaf nodes of merit for CRAN, RForge and Bioconductor. By comparison, RawHide seems to have 64 with indifferent attention to 'MAKE CHECK' at build time matters. The count is slightly high as this matches some non R content ls | grep ^R | wc My most recent blog post series will conclude with a piece as to SRPM building and build environment [gawd, yet again], rpm keys and signing, local side archive building, adjunct yum repostitory setup, and Release number bumping to address the broken [as to spamassassin bleeding] perl-Tar-Net the upstream issued in the last couple of weeks. All for free, free, free Paying customers of PMman have access to binaries, and all sources in the build chain, for a later git, the latest milter-greylist, other stuff. Some is similar to or based on parts from RPMforge, some to RawHide, and a lot is me doing dependency chain resolution, packaging, and content vetting to stablize such [herrold at trap SRPMS]$ ls diskcheck-1.6-3orc.src.rpm fail2ban-0.8.1-11orc.src.rpm fail2ban-0.8.1-12orc.src.rpm fail2ban-0.8.4-24orc.src.rpm git-1.6.5.2-1orc.src.rpm incron-0.5.8-1orc.src.rpm keystone-spamassassin-1.00-1orc.src.rpm perl-Crypt-OpenSSL-Bignum-0.03-3orc.src.rpm perl-Crypt-OpenSSL-Random-0.04-2orc.src.rpm perl-Crypt-OpenSSL-RSA-0.25-10orc.src.rpm perl-Devel-Symdump-2.07-5orc.src.rpm perl-Digest-SHA-5.48-1orc.src.rpm perl-Encode-Detect-1.01-1orc.src.rpm perl-Error-0.17016-1orc.src.rpm perl-ExtUtils-CBuilder-0.22-1.rf.src.rpm perl-ExtUtils-ParseXS-2.15-1orc.src.rpm perl-IP-Country-2.26-2orc.src.rpm perl-Mail-DKIM-0.37-2orc.src.rpm perl-Mail-DomainKeys-1.0-1.rf.src.rpm perl-Mail-SPF-Query-1.999.1-3orc.src.rpm perl-Mail-SPF-v2.007-1orc.src.rpm perl-Mail-SRS-0.31-1.rf.src.rpm perl-Module-Build-0.2806-2.rf.src.rpm perl-Module-Signature-0.55-3orc.src.rpm perl-NetAddr-IP-4.004-2orc.src.rpm perl-Net-CIDR-Lite-0.20-3orc.src.rpm perl-Net-DNS-Resolver-Programmable-v0.003-1orc.src.rpm perl-Net-Ident-1.20-1.rf.src.rpm perl-PAR-Dist-0.25-1.orc.src.rpm perl-PAR-Dist-0.34-2orc.src.rpm perl-Pod-Coverage-0.18-1.rf.src.rpm perl-Pod-Escapes-1.04-1orc.src.rpm perl-Pod-Readme-0.081-3orc.src.rpm perl-Pod-Simple-3.04-1orc.src.rpm perl-Test-Pod-1.26-4orc.src.rpm perl-Test-Pod-Coverage-1.08-6orc.src.rpm perl-Test-Portability-Files-0.05-6orc.src.rpm perl-version-0.69-1orc.src.rpm perl-YAML-0.66-3orc.src.rpm razor-agents-2.81-2.fc4.rf.src.rpm repodata spamassassin-3.3.0-0.29.rc1orc.src.rpm spamassassin-3.3.0-5orc.src.rpm spamassassin-3.3.1-2orc.src.rpm [herrold at trap SRPMS]$ note: 'trap' is named for the comment by Admiral Ackbar in the first Star Wars, as in: "It's a ..." I discontinued making signed binary content generally available, and withdrew general anonymous FTP access to such except as required by license, as a general rule, since before I captured this content [1] in '00 as part of implementing the strategy we came up with at the ORC Project 2000 retreat [2] or for a former ORC 'Live Wire' project. Certainly by RHL 6.2 days. What a nice release that was The statement on the CentOS site, seemingly placed by donovan in late 2004, relates to CentOS [and contains some spam whch I'll go kill off shortly]. Donovan came to CentOS via Lance as I recall, ex WhiteBox, and I do not know particularly that that I was aware of that content. If I were, I would have corrected the form and capitalization of 'redhat' to an accurate one -- Russ herrold [1] http://www.owlriver.com/clippings/2000-10-17.309.html [2] http://www.owlriver.com/2000/