[CentOS] CentOS Project Infrastructure

Johnny Hughes johnny at centos.org
Sun Aug 9 12:37:23 UTC 2009

Ian Murray wrote:
> << I've rambled on too long. But seriously, what is you want? CentOS is a
> great Linux distribution, so what's the problem? >>
> The 'progress' I am talking about it making those 4 million installs
> into 5 million installs, if that is important. (I wish 4 mill installs
> hadn't been raised, because on that basis, we should all do it the MS
> way because they win on seat count.) Or the ability to release errata
> updates while a dot release is pending (see below.) From a fragility
> point of view, I guess its always been present but it is highlighted in
> the open-letter and the delay of 5.3. In the letter, there is talk of
> CentOS dying if developers walk away, etc. Emotive language, no doubt
> born from frustration, but still sent a chill down my spine. I think I
> did read somewhere on the list that errata aren't addressed when a dot
> release is due, but rather rolled up into said dot release (correct me
> if I am wrong). I didn't realise that and that represents a risk to any
> one that relies on CentOS. Maybe if the process was more open, then that
> activity could be spun out to some new guys or more ideally a mixture of
> old and new. What a don't want to do is to pile more and more work on
> the current guys. That's when ppl do walk away because it starts
> affecting their life outside of CentOS, e.g. work, family, etc.
> There is nothing wrong with the distribution itself, long may it live.
> My concern is that it is too reliant on individuals. A concern the devs
> raised themselves through the open letter. I am raising the same concern
> about the 'core' that the 'core' raised about Lance, that's all.
> If updates and upgrades stopped coming and there was no impact to you,
> then my words will not mean much to you. If however it does have an
> impact, then you may start to consider which basket you have put your
> eggs in. If the CentOS project is not interested in retaining the
> latter, then carry on as you are.

WRT to the one valid issue that you raise ... let me explain the
TECHNICAL reason why you can not release these things hodge podge.

First ... Red Hat releases point releases at regular intervals (3-4
times per year).

Second ... we do not release anything that does not pass our checks and
is linked to the same libraries as upstream.

Now, when the upstream provider does a point release, that means they
have released a whole bunch of NEW libraries.  It also means that every
single update that comes out after their point release is built against
the NEW libraries and not the OLD libraries.

We can NOT build and release the security updates you talk about against
the OLD libraries that you have installed on your machine (prior to the
point release) as it will make the NEW updates we are building NOT like
they are upstream.

We have to build the new updates against the point release instead.  The
point release will either not be done yet (it takes time to build) or in
testing/qa and not yet released.  When we build against it, we will have
to release all the pieces that are required to also get the updates you
are talking about.

That is the problem ... therefore, we HAVE to finish the point release
and get it out before we can build new updates released after the point
release.  This is not new, it has been an issue since the first rebuild
more than 5 years ago.

People who do not understand the technical issues involved do not see
why we can't just snap our fingers and put out the packages ... well, we

Johnny Hughes

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 252 bytes
Desc: OpenPGP digital signature
URL: <http://lists.centos.org/pipermail/centos/attachments/20090809/3b182fcc/attachment.sig>

More information about the CentOS mailing list