| From: | Robert Treat <xzilla(at)users(dot)sourceforge(dot)net> |
|---|---|
| To: | pgsql-www(at)postgresql(dot)org |
| Cc: | Liraz Siri <liraz(at)turnkeylinux(dot)org>, Peter Eisentraut <peter_e(at)gmx(dot)net>, Josh Berkus <josh(at)agliodbs(dot)com>, Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us>, jd(at)commandprompt(dot)com, Dave Page <dpage(at)pgadmin(dot)org>, Chander Ganesan <chander(at)otg-nc(dot)com>, turnkey-discuss(at)lists(dot)turnkeylinux(dot)org, Robert Bernier <robert(at)pg-live(dot)info> |
| Subject: | Re: TurnKey security updates |
| Date: | 2008-12-10 15:42:45 |
| Message-ID: | 200812101042.46566.xzilla@users.sourceforge.net |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-www |
On Wednesday 10 December 2008 03:31:54 Liraz Siri wrote:
> Peter Eisentraut wrote:
> > Robert Treat wrote:
> >> Since turnkey doesnt update packages themselves (they just grab ubuntu
> >> feeds), do they need a contact for the list? Or would that preclude
> >> them from being listed on the download page? (I'd also note that
> >> Robert Bernier is not on the -packagers list (afaik) , but he now has
> >> a distribution listed as well (pg_live))
> >
> > Well, does he produce a new release on time for every source release? Or
> > is it more like when the conference schedule calls for it?
>
> Conference schedules? Sorry, we don't have any plans to attend any, so
> we have to use a different system to determine our when to do updates.
>
Peter was reffering to Robert, who maintains pg_live, which is often
distributed at various conferences.
Robert (now that you are CC'd on this), what is your policy for new releases
of pg_live (especially with regards to security updates).
> To the point. While new releases do in fact include the latest package
> updates as part of the build process, we don't need to release a new
> software appliance each time a single package gets updated, because the
> package manager is configured to take care of that for you. The
> appliance is configured to auto-update security patches daily, directly
> from Ubuntu's security repositories.
> We also have our own security repository (archive.turnkeylinux.org) but
> we only issue updates for our custom packages there.
>
> This is kind of how Ubuntu and Debian handle updates. You wouldn't
> expect them to make a new release for every package that gets updated,
> and it wouldn't really be very useful if they did anyhow because it
> wouldn't take care of already installed systems.
>
> Again, I'd like to stress that under the hood TurnKey appliances are
> simply an Ubuntu system that has been pre-integrated and optimized to
> satisfy a specific usage scenario.
>
It certainly clarifies your process, now I think we just need to decide what,
if any, relationship there needs to be between folks listed on the download
page, and who needs to be on -packagers.
--
Robert Treat
Conjecture: http://www.xzilla.net
Consulting: http://www.omniti.com
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Robert Treat | 2008-12-10 15:59:04 | Re: [Fwd: Re: [ANNOUNCE] spreading the word on new PostgreSQL software appliance] |
| Previous Message | Emanuel Calvo Franco | 2008-12-10 15:39:37 | Re: [pgsql-es-fomento] Pootle server request |