Date: Wed, 14 Apr 2010 23:04:00 +0200 From: Marius Strobl <marius@alchemy.franken.de> To: Mark Linimon <linimon@lonesome.com> Cc: Miles Nordin <carton@Ivy.NET>, freebsd-sparc64@freebsd.org Subject: Re: freebsd-update(8) under sparc64? Why is it not available? Message-ID: <20100414210400.GA49403@alchemy.franken.de> In-Reply-To: <20100413013607.GA6417@lonesome.com> References: <20100324223809.GA34342@alchemy.franken.de> <4BAB4AB9.2090908@buffalo.edu> <1269526260.2007.3.camel@main.lerwick.hopto.org> <20100325233558.GI20888@alchemy.franken.de> <4BACCC0C.7010401@freebsd.org> <oqsk75p5t2.fsf@castrovalva.Ivy.NET> <20100410015309.GB19697@lonesome.com> <t2v9dd082311004092052mae35776fy17d679542bd5ba0@mail.gmail.com> <oqiq7wfkak.fsf@castrovalva.Ivy.NET> <20100413013607.GA6417@lonesome.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On Mon, Apr 12, 2010 at 08:36:07PM -0500, Mark Linimon wrote: > On Mon, Apr 12, 2010 at 05:11:31PM -0400, Miles Nordin wrote: > > Colin's position is totally ridiculous: people offer build resources > > of exotic, heavy, power-hungry hardware to the FreeBSD project, which > > already has scripts and frameworks for producing timely builds, but he > > believes these offers are conterproductive [...] > > The problem is that we're effectively guaranteeing that bits pushed out > via freebsd-update are secure. Our traditional view is that machines > that are loaned to us aren't sufficiently secure for us to be able to > stand behind that guarantee. I don't quite get why compiling on loaned hardware is okay for packages, which might very well run as root for example, but not for the base bits. It certainly makes everybody feel more warm and fuzzy when binaries of both kinds are built on machines that are at least owned and operated solely by committers. But for the truly paranoid binaries built on a machine in the Yahoo! data center are no use either as they have to check the code and compile everything themselves anyway. > > Right now the machines used to produce those bits are dedicated to that > purpose and that purpose only, and are physically and logistically > secure. > > If someone wants to donate a sufficiently capable sparc64 machine to the > project that can be installed under similar constraints, I'm all ears. > Right now we don't have one. > Do you mean donation of a machine that's supposed to be mounted in one of the data centers providing rackspace for the freebsd.org cluster or donation of metal plus housing? As pointed out earlier what I can provide is a V440 which is able to build world in about 70 minutes last time I checked and which is located in a data center in .de I trust. I don't see how that would result in binaries less "secure" than the release bits Ken is building on hardware at his university. What I'm certainly not going to do though is pay shipping of such machine to the US as a) as we've seen in the past donated hardware has a high tendency to end up not being used for the anticipated job or not used at all and b) it was impossible to get a 1u replacement for panther into the Yahoo! data center so I don't see why a 4u machine would get a better chance. Marius
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20100414210400.GA49403>