From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: (qmail 22565 invoked from network); 21 Jul 2004 16:27:14 +0000 Received: from smtp.gentoo.org (156.56.111.197) by lists.gentoo.org with AES256-SHA encrypted SMTP; 21 Jul 2004 16:27:14 +0000 Received: from lists.gentoo.org ([156.56.111.196] helo=parrot.gentoo.org) by smtp.gentoo.org with esmtp (Exim 4.34) id 1BnJw1-0006p1-8v for arch-gentoo-dev@lists.gentoo.org; Wed, 21 Jul 2004 16:27:13 +0000 Received: (qmail 19910 invoked by uid 89); 21 Jul 2004 16:27:12 +0000 Mailing-List: contact gentoo-dev-help@gentoo.org; run by ezmlm Precedence: bulk List-Post: List-Help: List-Unsubscribe: List-Subscribe: List-Id: Gentoo Linux mail X-BeenThere: gentoo-dev@gentoo.org Received: (qmail 17036 invoked from network); 21 Jul 2004 16:27:12 +0000 From: Dylan Carlson Reply-To: absinthe@gentoo.org To: gentoo-dev@lists.gentoo.org Date: Wed, 21 Jul 2004 12:26:22 -0400 User-Agent: KMail/1.6.2 References: <20040721152507.296CE3F03@latitude.mynet.no-ip.org> <40FE8DE8.1090003@gentoo.org> In-Reply-To: <40FE8DE8.1090003@gentoo.org> MIME-Version: 1.0 Content-Disposition: inline Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: 7bit Message-Id: <200407211226.22065.absinthe@gentoo.org> Subject: Re: [gentoo-dev] Revisiting GLEP 19 X-Archives-Salt: 34fecb4a-300a-4d48-95d0-43fe2ebdf897 X-Archives-Hash: 8761bafcad3da9567d3ec91ac26e87e0 On Wednesday 21 July 2004 11:38 am, Lina Pezzella wrote: > I agree completely with this suggestion. Personally at my workplace, my > boss was considering going with debian because you could specify to only > update for security reasons (through only placing security repositories > in sources.list). Fortunately for me, he had a few bad experiences with > debian developers and went with gentoo despite the lack of the > security-updates-only option. Adding an [S] option to emerge -pv would > certainly make our lives easier here, and at many corporations who don't > see the need to update regularly. > Friends, making Gentoo enterprise-ready is bigger in scope than just handling security updates. If all you want to do is to check for security updates, merge gentoolkit and use 'glsa-check'. It would be good to clarify what the goals are here, and what the specific issues are that need addressing. For the many of the IT shops who need more than a way to isolate security updates, I'll try to summarize with one word (I think) fits: predictable. That means: - knowing what each release contains (in detail, with version #s) - understanding what pkgs will get enhancements, and which ones will only get security updates & major bugfixes. - having enough information to know what a change specifically contains - a regular, time-based release schedule (such as every six months); thus an organization can time & plan its infrastructure changes with expected OS updates. - knowing that Gentoo does regression testing of security updates & major bugfixes back through old (but supported) releases before committing. ... and etc, etc. This isn't a quick tweak to 'emerge', or a gentoolkit utility. I wish it were that simple. It involves improving Gentoo's practices and procedures, as well as enhancing portage to accommodate the necessary functions an enterprise customer receives currently with other operating systems, and expects ... (short of having paid commercial support). There are some things we can do-- because of Portage itself-- that set us apart from other distributions. Minimize the need for paid support. That should be, IMO, the underlying goal of this effort -- to give the users the enterprise tools they need to be self-reliant (i.e., not shoot one's self in the foot). Beyond that we need to start looking helping sites with large numbers of Gentoo machines with deployment and administration tools. No need to write our own stuff, the tools are already out there. We just need to package and integrate them with how we do things in Gentoo, and write enough supporting documentation. Cheers, Dylan Carlson [absinthe@gentoo.org] Public Key: http://pgp.mit.edu:11371/pks/lookup?op=get&search=0x708E165F -- gentoo-dev@gentoo.org mailing list