On 10/01/2014 10:07 PM, Kevin Stange wrote: > Somehow this information is apparently useful, supported and functional > in Fedora and SL. What are they doing to make sure it's not half-baked > and broken? Anyone from SL or Fedora here that could answer that question? Fedora is a complete enclosed distro - their proposition is different. For SL - they publish the metadata and hope for the best, maybe that is fine with their userbase but winging it and keeping fingers crossed is really not how I'd want to run my systems. While there is still a firewall between us and the RHEL QE / RelEngg ; but based on the conversations we've had and what I've seen happening - its pretty clear the the SL guys are pushing confidence around things that they need to own - and as far as I can tell there is no effort to actually validate any of it; even to the point that when heartbleed happened - I had to go remind them that every SL version and every user instance was exploiteable; unlike RHEL and CentOS where only folks who had updated in the few weeks leading upto the issue being reported. If you want to see this issue resolved, then blindly throwing something over the wall and hoping for the best isnt the way to do it - there are fairly tangiable pieces of work that need to be done, find the time, do the work. We can all gain from it. Besides, if its a case of winging it, why not wing it with a 'yum update \*' - atleast you are then winging it with a tested process ( upstream and to -some- extent in centos.org too ). -- Karanbir Singh +44-207-0999389 | http://www.karan.org/ | twitter.com/kbsingh GnuPG Key : http://www.karan.org/publickey.asc