On Tue, 2003-11-04 at 17:43, Ingo T. Storm wrote: > - package maintainership: I share the view that there won't be that many > packages that need errata. A quick scan over the last 6 months of errata to > RH7.3 revealed: little over 1 weekly erratum that touches the kernel, core > OS functionality (e.g. fileutils, unzip) or crucial network services (squid, > openssh, apache). So it's no use assigning maintainers to the 800+ SRPMS > RH7.3 is built of. I'd rather have pairs or triples of people with certain > dutys and/or skills so that vacations or job burdens don't let a high > profile exploit be unnoticed by the project for too long. Two/three people > should be on vendor-sec. In addition two/three people should monitor mailing > lists of each "functionality group" like e.g. "apache/php/mysql/postgresql", > "openssl/openssh", "core utilities", "kernel/netfilter". If and ONLY if you > have too many volunteers, add mozilla, evolution, xfree86, gnome, kde... The > potential backporters need not be identical with the monitors. I'd rather > favor that all the "backporters" maintain a personal wiki page with their > skills/experiences, "last job done", current and expected spare time, so > that the "monitors" have a pool to chose from. > Another thing to keep in mind -- in many cases, the backport work will already be done by Red Hat, for Red Hat Enterprise Linux 2.1. So in many cases it will just be QA'ing that package (retrieved from the SRPM archive) on 7.3. (RHEL 2.1 is based on 7.2 and has most of the same features as 7.3.) --Jeremy -- /---------------------------------------------------------------------\ | Jeremy Portzer jeremyp@xxxxxxxxx trilug.org/~jeremy | | GPG Fingerprint: 712D 77C7 AB2D 2130 989F E135 6F9F F7BC CC1A 7B92 | \---------------------------------------------------------------------/
Attachment:
signature.asc
Description: This is a digitally signed message part
