Date: Fri, 6 Oct 2000 18:01:48 -0500 From: "Matthew D. Fuller" <fullermd@futuresouth.com> To: Jordan Hubbard <jkh@winston.osd.bsdi.com> Cc: Robert Watson <rwatson@FreeBSD.ORG>, John Baldwin <jhb@FreeBSD.ORG>, freebsd-security@FreeBSD.ORG, cvs-committers@FreeBSD.ORG Subject: Re: Stable branch Message-ID: <20001006180148.B29088@futuresouth.com> In-Reply-To: <3175.970802405@winston.osd.bsdi.com>; from jkh@winston.osd.bsdi.com on Thu, Oct 05, 2000 at 08:20:05PM -0700 References: <rwatson@FreeBSD.org> <3175.970802405@winston.osd.bsdi.com>
next in thread | previous in thread | raw e-mail | index | archive | help
[trim on the CC's a bit] On Thu, Oct 05, 2000 at 08:20:05PM -0700, a little birdie told me that Jordan Hubbard remarked > > I'm not sure I see the n-way merge. > > .. > > When a fix is required, you merge it into -STABLE, and then if > > appropriate, into the release branch also. > > Which is the n-way aspect. You've just increased the amount of > merging by n, where n is each active "release branch" you choose to > support rather than being able to merge once to the branch head and > point people at that. Sure, you can say it's only for the most minor > patches and such and merge work will be minimal, but in order to > support a user assumption that they can install release x and then > stay on the release x branch from there on out, someone still has > to remember to merge to several locations rather than one now. Ick. As someone who doesn't have to deal directly with it, I feel perfectly free to make the following comments from the sidelines ;) A) The way we're doing it now works for us. B) Obviously a lot of people want some change to provide a differentation between plain-old -STABLE and production machines, because of a real or percieved idea that -STABLE isn't also so. C) A lot of people want to stick with a -RELEASE, but still have access to security fixes (above all, though many will want serious bugfixes as well) Any idea to expand into this realm is going to be painful. The idea of creating 'branches' for each release sounds like the least painful of the group to me, however. Summary: - Each -RELEASE is a branch, onto which security (not bug, unless it's a *BIIIIIIIIIIIIIIIG* bug, like printf() not working) fixes go onto as they become necessary. - Users who want to stick with a set system, but get security fixes and keep up to date on such track the -RELEASE branch for their release, each update along which updates a 'patchlevel' or something in their version so they (and we when they bitch) know what they have fixes for. - Users who want the more 'normal' and 'minor' bugfixes track -STABLE, just like they do now. - Those of us who like to have fun track -CURRENT, like we do now. I think it might actually be easier to suck up and branch each release, and stick security fixes on the branch, than to shoot this idea down every few months for the rest of our lives ;) -- Matthew Fuller (MF4839) | fullermd@over-yonder.net Unix Systems Administrator | fullermd@futuresouth.com Specializing in FreeBSD | http://www.over-yonder.net/ "The only reason I'm burning my candle at both ends, is because I haven't figured out how to light the middle yet" To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20001006180148.B29088>