Re: A proposal for Fedora updates

2015-04-20 Thread Sérgio Basto
On Ter, 2015-03-31 at 23:53 +0100, Sérgio Basto wrote: > On Ter, 2015-03-31 at 16:11 -0600, Kevin Fenzi wrote: > > On Tue, 31 Mar 2015 10:55:38 +0200 > > Miroslav Suchý wrote: > > > > > On 03/27/2015 01:49 PM, Kevin Fenzi wrote: > > > > * releng person gathers list of pending update requests from

Re: A proposal for Fedora updates

2015-04-07 Thread Kevin Fenzi
On Mon, 6 Apr 2015 19:20:10 -0500 Bruno Wolff III wrote: > On Thu, Mar 26, 2015 at 23:28:15 +, > Bojan Smojver wrote: > >Kevin Fenzi scrye.com> writes: > > > >Imagine a regular Fedora user - the one that has no idea about koji. > >This regular user wants to contribute by testing packages

Re: A proposal for Fedora updates

2015-04-06 Thread Bruno Wolff III
On Thu, Mar 26, 2015 at 23:28:15 +, Bojan Smojver wrote: Kevin Fenzi scrye.com> writes: Imagine a regular Fedora user - the one that has no idea about koji. This regular user wants to contribute by testing packages as they are built. This At that point I don't think they are a regular u

Re: A proposal for Fedora updates

2015-03-31 Thread Sérgio Basto
On Ter, 2015-03-31 at 16:11 -0600, Kevin Fenzi wrote: > On Tue, 31 Mar 2015 10:55:38 +0200 > Miroslav Suchý wrote: > > > On 03/27/2015 01:49 PM, Kevin Fenzi wrote: > > > * releng person gathers list of pending update requests from bodhi. > > > (a few minutes) > > > > > > * releng person looks

Re: A proposal for Fedora updates

2015-03-31 Thread Kevin Fenzi
On Tue, 31 Mar 2015 10:55:38 +0200 Miroslav Suchý wrote: > On 03/27/2015 01:49 PM, Kevin Fenzi wrote: > > * releng person gathers list of pending update requests from bodhi. > > (a few minutes) > > > > * releng person looks over list for anything out of the ordinary or > > off. (another few

Re: A proposal for Fedora updates

2015-03-31 Thread Corey Sheldon
Sanity of the key vault as i understand it as its air-gapped (the no ssh part) Corey W Sheldon Freelance IT Consultant, Multi-Discipline Tutor (p) 310.909.7672 G+: LinkedIn: Github:

Re: A proposal for Fedora updates

2015-03-31 Thread Miroslav Suchý
On 03/27/2015 01:49 PM, Kevin Fenzi wrote: > * releng person gathers list of pending update requests from bodhi. > (a few minutes) > > * releng person looks over list for anything out of the ordinary or > off. (another few minutes) > > * releng person tells sigul to sign that list of packages

Re: A proposal for Fedora updates

2015-03-27 Thread Bojan Smojver
Kevin Fenzi scrye.com> writes: > So, IMHO, another repo wouldn't help us here. Perhaps it would save > time on the signing, but it wouldn't on the mashing step, and it would > add to confusion and things we need to make and care about. I'd much > rather try and land all the improvements above and

Re: A proposal for Fedora updates

2015-03-27 Thread Kalev Lember
On 03/27/2015 05:22 PM, Kevin Fenzi wrote: > However, I'll note that the recent texlive updates were security as > well. ;) If texlive packaging is causing issues with update pushes, could maybe ask the texlive maintainers to rework the packaging? Right now texlive has a 16 MB (!) spec file, pro

Re: A proposal for Fedora updates

2015-03-27 Thread Kevin Fenzi
On Fri, 27 Mar 2015 15:40:44 +0200 Alexander Bokovoy wrote: > Is there a way to see if there are going to be huge updates? Not that I know of. We have something like 1500 package maintainers and ~17,000 packages. Some of them are large, some of them update more often than others, etc. > Perhap

Re: A proposal for Fedora updates

2015-03-27 Thread Kevin Fenzi
On Fri, 27 Mar 2015 14:31:35 +0100 Kalev Lember wrote: > On 03/27/2015 01:59 PM, Kevin Fenzi wrote: > > We could drop drpms? > > Do they have to be generated at the same time as the normal push? > Could maybe do a push, sync it to mirrors, and then a separate > process runs and generates drpms a

Re: A proposal for Fedora updates

2015-03-27 Thread Sérgio Basto
On Sex, 2015-03-27 at 09:06 +1100, Bojan Smojver wrote: > Hi there, > > I've been a bit perplexed by the Fedora updates recently (talking about > F-21 specifically). Many of them appear to be obsolete the moment they > hit stable, sometimes even testing. > > Take the kernel, for instance. 3.19.2-

Re: A proposal for Fedora updates

2015-03-27 Thread Kevin Fenzi
On Fri, 27 Mar 2015 10:35:50 -0500 Jason L Tibbitts III wrote: > > "KF" == Kevin Fenzi writes: > > KF> Right, as I noted at the end of that other long mail, there's > KF> discussion about a 'urgent updates' repo for security updates. > > Why not, when going to mash, mash only updates marke

Re: A proposal for Fedora updates

2015-03-27 Thread Jason L Tibbitts III
> "KF" == Kevin Fenzi writes: KF> Right, as I noted at the end of that other long mail, there's KF> discussion about a 'urgent updates' repo for security updates. Why not, when going to mash, mash only updates marked a security and get those out immediately, then mash everyhing else. Is the

Re: A proposal for Fedora updates

2015-03-27 Thread Alexander Bokovoy
On Fri, 27 Mar 2015, Kevin Fenzi wrote: On Fri, 27 Mar 2015 15:03:59 +0200 Alexander Bokovoy wrote: My primary worry is CVE handling. These delays are not helping in getting security fixes delivered. I'm not fighting for dropping certain type of content but rather for prioritization. Right,

Re: A proposal for Fedora updates

2015-03-27 Thread Kalev Lember
On 03/27/2015 01:59 PM, Kevin Fenzi wrote: We could drop drpms? Do they have to be generated at the same time as the normal push? Could maybe do a push, sync it to mirrors, and then a separate process runs and generates drpms and syncs them out to mirrors separately afterwards? This would allo

Re: A proposal for Fedora updates

2015-03-27 Thread Kevin Fenzi
On Fri, 27 Mar 2015 15:03:59 +0200 Alexander Bokovoy wrote: > My primary worry is CVE handling. These delays are not helping in > getting security fixes delivered. I'm not fighting for dropping > certain type of content but rather for prioritization. Right, as I noted at the end of that other lo

Re: A proposal for Fedora updates

2015-03-27 Thread Alexander Bokovoy
On Fri, 27 Mar 2015, Kevin Fenzi wrote: On Fri, 27 Mar 2015 10:42:07 +0200 Alexander Bokovoy wrote: Any way to get the push actually working? I've submitted yesterday a security update mid day EST for F21 and F22 and it is not yet even considered for a push ~14-15 hours after. https://admin.f

Re: A proposal for Fedora updates

2015-03-27 Thread Kevin Fenzi
On Fri, 27 Mar 2015 10:42:07 +0200 Alexander Bokovoy wrote: > Any way to get the push actually working? I've submitted yesterday a > security update mid day EST for F21 and F22 and it is not yet even > considered for a push ~14-15 hours after. > > https://admin.fedoraproject.org/updates/freeipa

Re: A proposal for Fedora updates

2015-03-27 Thread Kevin Fenzi
On Thu, 26 Mar 2015 23:55:31 + (UTC) Bojan Smojver wrote: > M. Edward (Ed) Borasky znmeb.net> writes: > > > As a bleeding-edge user I'd be in favor of this, although I thought > > that was what 'updates-testing' was. > > Maybe I'm misunderstanding how things work, but I think every package

Re: A proposal for Fedora updates

2015-03-27 Thread Alexander Bokovoy
On Thu, 26 Mar 2015, Kevin Fenzi wrote: On Thu, 26 Mar 2015 23:15:16 + (UTC) Bojan Smojver wrote: Corey Sheldon gmail.com> writes: > those ARE mirror list links the master mirror servers to be exact. Really not a file distribution problem I'm trying to get at here. If you check out thes

Re: A proposal for Fedora updates

2015-03-26 Thread Stephen John Smoogen
On 26 March 2015 at 17:28, Bojan Smojver wrote: > Kevin Fenzi scrye.com> writes: > > > If you wish to test something before it's fully pushed to testing, you > > can download it directly from the buildsystem via the web interface, > > koji command line or bodhi client command line. > > I am full

Re: A proposal for Fedora updates

2015-03-26 Thread M. Edward (Ed) Borasky
On Thu, Mar 26, 2015 at 4:55 PM, Bojan Smojver wrote: > Maybe I'm misunderstanding how things work, but I think every package in > updates-testing is signed by a human, on an "offline" machine (i.e. someone > has to walk the RPM to it using physical media, sign it and then bring it > back and uplo

Re: A proposal for Fedora updates

2015-03-26 Thread Bojan Smojver
M. Edward (Ed) Borasky znmeb.net> writes: > As a bleeding-edge user I'd be in favor of this, although I thought > that was what 'updates-testing' was. Maybe I'm misunderstanding how things work, but I think every package in updates-testing is signed by a human, on an "offline" machine (i.e. some

Re: A proposal for Fedora updates

2015-03-26 Thread M. Edward (Ed) Borasky
On Thu, Mar 26, 2015 at 4:28 PM, Bojan Smojver wrote: > Kevin Fenzi scrye.com> writes: > >> If you wish to test something before it's fully pushed to testing, you >> can download it directly from the buildsystem via the web interface, >> koji command line or bodhi client command line. > > I am fu

Re: A proposal for Fedora updates

2015-03-26 Thread Bojan Smojver
Kevin Fenzi scrye.com> writes: > If you wish to test something before it's fully pushed to testing, you > can download it directly from the buildsystem via the web interface, > koji command line or bodhi client command line. I am fully aware of that. I'm making a different point entirely here.

Re: A proposal for Fedora updates

2015-03-26 Thread Adam Williamson
On Fri, 2015-03-27 at 09:06 +1100, Bojan Smojver wrote: > Hi there, > > I've been a bit perplexed by the Fedora updates recently (talking > about > F-21 specifically). Many of them appear to be obsolete the moment > they > hit stable, sometimes even testing. > > Take the kernel, for instance. 3

Re: A proposal for Fedora updates

2015-03-26 Thread Kevin Fenzi
On Thu, 26 Mar 2015 23:15:16 + (UTC) Bojan Smojver wrote: > Corey Sheldon gmail.com> writes: > > > those ARE mirror list links the master mirror servers to be exact. > > Really not a file distribution problem I'm trying to get at here. If > you check out these two URLs: > > https://admin.

Re: A proposal for Fedora updates

2015-03-26 Thread Bojan Smojver
Corey Sheldon gmail.com> writes: > those ARE mirror list links the master mirror servers to be exact. Really not a file distribution problem I'm trying to get at here. If you check out these two URLs: https://admin.fedoraproject.org/updates/FEDORA-2015-4457/kernel-3.19.2-201.fc21 https://admin.

Re: A proposal for Fedora updates

2015-03-26 Thread Corey Sheldon
those ARE mirror list links the master mirror servers to be exact. Corey W Sheldon Freelance IT Consultant, Multi-Discipline Tutor (p) 310.909.7672 G+: LinkedIn: Github:

Re: A proposal for Fedora updates

2015-03-26 Thread Bojan Smojver
Chris Murphy colorremedies.com> writes: > That might be normal in that it takes a while for mirrors to update, > although I'm not sure how long (it could be days). Just to avoid confusion, I am not talking about mirrors. I am talking about updates not appearing at all (i.e. here: http://dl.fedor

Re: A proposal for Fedora updates

2015-03-26 Thread Corey Sheldon
1) Things take awhile most times as its using a queue system.2) Just because it's available in testing or stable does not mean its ready as it still takes time for the mirrors (where you are likely grabbing from unless not using the meta link) to see and sync with them and the fact that these hap

Re: A proposal for Fedora updates

2015-03-26 Thread Chris Murphy
On Thu, Mar 26, 2015 at 4:06 PM, Bojan Smojver wrote: > Hi there, > > I've been a bit perplexed by the Fedora updates recently (talking about > F-21 specifically). Many of them appear to be obsolete the moment they > hit stable, sometimes even testing. > > Take the kernel, for instance. 3.19.2-201