From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from lists.gentoo.org (pigeon.gentoo.org [208.92.234.80]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by finch.gentoo.org (Postfix) with ESMTPS id 06824138334 for ; Fri, 12 Oct 2018 07:28:42 +0000 (UTC) Received: from pigeon.gentoo.org (localhost [127.0.0.1]) by pigeon.gentoo.org (Postfix) with SMTP id E59CAE09C3; Fri, 12 Oct 2018 07:28:36 +0000 (UTC) Received: from smtp.gentoo.org (dev.gentoo.org [IPv6:2001:470:ea4a:1:5054:ff:fec7:86e4]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by pigeon.gentoo.org (Postfix) with ESMTPS id 765F4E087F for ; Fri, 12 Oct 2018 07:28:36 +0000 (UTC) Received: from sf (trofi-1-pt.tunnel.tserv1.lon2.ipv6.he.net [IPv6:2001:470:1f1c:a0f::2]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) (Authenticated sender: slyfox) by smtp.gentoo.org (Postfix) with ESMTPSA id F0795335CEB; Fri, 12 Oct 2018 07:28:32 +0000 (UTC) Date: Fri, 12 Oct 2018 08:28:28 +0100 From: Sergei Trofimovich To: gentoo-dev@lists.gentoo.org Cc: arm@gentoo.org, zerochaos@gentoo.org, blueness@gentoo.org, dilfridge@gentoo.org, dlan@gentoo.org, maekke@gentoo.org, nerdboy@gentoo.org, vapier@gentoo.org, xmw@gentoo.org, zlogene@gentoo.org Subject: Re: [gentoo-dev] net-dns/dnssec-root: Blind stable on arm, critical bug 667774 Message-ID: <20181012082828.7fba265c@sf> In-Reply-To: References: <673fa7bc-c3f6-9c76-5675-783754ce3e9a@gentoo.org> <20181012003801.61bae709@sf> X-Mailer: Claws Mail 3.17.1 (GTK+ 2.24.32; x86_64-pc-linux-gnu) Precedence: bulk List-Post: List-Help: List-Unsubscribe: List-Subscribe: List-Id: Gentoo Linux mail X-BeenThere: gentoo-dev@lists.gentoo.org Reply-to: gentoo-dev@lists.gentoo.org MIME-Version: 1.0 Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit X-Archives-Salt: f57edcbc-affb-44da-86d2-bb7cff9584cf X-Archives-Hash: edd3a8bd725420d106b22be17368acbb On Fri, 12 Oct 2018 02:40:38 +0200 Thomas Deutschmann wrote: > On 2018-10-12 01:38, Sergei Trofimovich wrote: > >> Maybe it is time to destabilize ARM on Gentoo to stop the impression > >> that we really support ARM. > > > > [ CC: arm@ ] > > > > A few points to think about: > > > > 1. I have read this as a direct statement that ARM is not maintained. > > I don't think it is a fair (or constructive) assessment of team's work > > on ARM front. > > See the ARM bug queue for stable requests. ARM is always last and behind > since we dropped HPPA. I agree it lags. I disagree it's not maintained (I disagree HPPA is not maintained either but let's leave it for another day). Let's wait for arm@ input. I'm CCing all members as listed in https://wiki.gentoo.org/wiki/Project:ARM directly: zerochaos@ [skip alicef@ (kernel stabilization)] blueness@ dilfridge@ dlan@ maekke@ nerdboy@ vapier@ xmw@ zlogene@ And asking a few the questions directly (zerochaos@ as a lead and the arm@ team): a) If you are not planning to do any arm@ work in short term can you remove yourself from project's wiki page? b) Can you update your status in arm project to mention if you are doing any stabilization work so people could contact you occasionally? c) Is it in your opinion worth keeping arm@ stable? (Do you use stable, do you expect people to use stable, etc.) Thanks! > > 2. The bug was created less than a week ago and was not communicated > > explicitly as urgent on #gentoo-arm. I see failure to handle the bug > > as a communication failure and not a team's death signal. > > > > Were there any attempts to reach out to the teams or just arm users? > > Bug was assigned highest priority in bugzilla. But it looks like ARM arch > team is ignoring set priority. I personally don't filter emails by priority either. I guess I should now :) > *I* didn't asked in #gentoo-arm but I pinged project several times in > #gentoo-dev channel. https://wiki.gentoo.org/wiki/Project:ARM explicitly lists #gentoo-arm. In my experience there are quite a few active users of arm. > Disclaimer: I am not the maintainer of unbound nor dnssec-root package. I took > action last week after I noticed that there was a time bomb ticking and > nobody cared. I fully agree that an updated dnssec-root package could have been > made available one year ago giving everyone enough time... Do we do anything about it? Post GLSA, news item, gento-users@, anything to get users notified? Or just leave them uninformed? > > 4. net-dns/dnssec-root is used by a single(ish) package in tree: net-dns/unbound > > > > Which is: not a system package, not a default package, not suggested by handbook > > package, can operate without DNSSEC enabled. > > Unbound is a popular resolver and many Gentoo users are operating ARM-based > routers. I don't get your point. Of course you could disable DNSSEC and DNS > will resume working. But is this really your point? > > > While annoying it's not going to lock users out or corrupt their data. > > Right, it doesn't cause data corruption. But when your Gentoo-based router > will stop working this can be a problem. Don't forget about remote systems. > Again, people who know how to deal with problems like that aren't the > problem. But why do we care about stable packages if we assume that everyone > knows what to do when experiencing problems? My point that this bug is not critical. Broken software happens all the time. I can understand why you think otherwise. > > 5. net-dns/dnssec-root is a plain-text file package. It should have been ALLARCHES > > stablewithout involvement of arm@. > > It wasn't about dnssec-root package. Of course this could have been stabilized > under ALLARCHES policy. It wasn't because package has a new dependency > (>=dev-perl/XML-XPath-1.420.0 + deps) which was lacking stable keywords, too. Thank you! That was not clear from the bug. > If ARM can keep up I am quiet. But please, be honest. We don't need another > HPPA. Nobody will win something if we tell world "ARM is a first class citizen > in Gentoo" when it isn't (anymore). But if people would know it is ~ARCH, we > would not disappoint expectations. I think arm@ is the best decider here. -- Sergei