On Fri, May 25, 2018 at 03:20:50PM +0200, Alexander Bluhm wrote: > On Tue, May 22, 2018 at 07:32:29AM +0200, Harald Dunkel wrote: > > Do you think this is worth a syspatch? > > You are asking this question for three times. The answer is no. > > Errata and syspatch are for security issues that can be triggered > remotely or by a local non-root user. If we would fix every panic > in stable, we could not concentrate on developing OpenBSD current. > Doing errata involves at least five people who could spend their > time on creating new features instead. We provide security fixes, > may handle stability issues, but will not bug fix old releases. > > Bugs like this one show lack of release testing. So instead of > asking to repair old stuff, please help us to make new things better. > By testing snapshots and diffs on production or production-like > systems, the community can improve OpenBSD releases. > > bluhm >
Adding to this: It is impossible for the project to provide syspatches on any sort of guaranteed timescale because this is a project run by volunteers. Nagging volunteers repeatedly about a syspatch is counterproductive. If you rely on syspatches you'll have to respect the schedule and priorities of the volunteers who create them. If you have requirements for putting specific fixes into production as soon as possible, one option is to follow the release(8) man page and compile your own snapshots from the -stable tree with any patches from -current you need. Then you can run those snapshots on your production machines and you are in full control of which bug already patched in -current gets patched on your -stable machines and when. I do this for some of the systems I maintain. Of course, the trade-off is that if something breaks on your production system with custom changes, you get to keep the pieces. There are good reasons why we, as volunteers, are asking for bug reports against -current snapshots, instead of against builds with custom patches.
