-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 I finally got my stuff together to add verifies to a couple of packages (openssh, httpd) in 'updates-testing' last night. Here are some thoughts on the matter: - I have only the one FC box, and it is my production mailserver, as well as serving as DNS / webserver for a number of low-volume domains with reasonable availability constraints. - I rent the box from an ISP, which makes it much scarier to update the "core" packages than if I had it physically available. - I was only confident enough to update the box because I first did a dry-run of the updates against a recently-built "mockup" image I built using VMWare's new "VMWare Server" product (freely available from their site). - I didn't feel comfortable issuing a VERIFY solely on the basis of installing the packages in the VMWare replica, mostly because of the interations with the parts of the system (virtual domains, etc.) which I haven't been able or willing to replicate; nonetheless, having the replica available to do initial testing (particularly for openssh) enabled me to proceed with confidence. I am therefore very much inclined to back the idea that Legacy offer "minimal" images as starting points for would-be QA volunteers, along with directions on how to set up either VMWare's Server or Player products to use them. We might need to give people clues about using the "snapshot" facilities provided by the tools to ease the process, as well. Tres. - -- =================================================================== Tres Seaver +1 202-558-7113 tseaver@xxxxxxxxxxxxx Palladion Software "Excellence by Design" http://palladion.com -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.1 (GNU/Linux) Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org iD8DBQFD8z5++gerLs4ltQ4RAlsdAJwPKGILp4+opJ5Xp9LY24LAFZuLJwCgqusF f1tgVNtjlSjIu5sFsHpku38= =NW+d -----END PGP SIGNATURE----- -- fedora-legacy-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/fedora-legacy-list