Re: RELENG_4_3 calls itself -RELEASE?
On Sat, Aug 04, 2001 at 12:35:44PM -0700, Chad R. Larson wrote: > On Sat, Aug 04, 2001 at 09:47:32AM -0400, Jonathan Chen wrote: > > 1) Have the cvs scripts add the latest commit date/time to a version.h > >everytime a commit occurs in a branch. Display/use it accordingly. > > I suggested that a couple of years ago. I thought "newvers.sh" > should get updated by any CVS commit. > > It was met with something between indifference and hostility. The > most valid (IMHO) objection is that people were regularly building > the kernel without building world (or vice versa), something that I > believe happens less often now with the new build tools. Then, > unless you had a version.h for every kernel module and perhaps even > every userland program, you still didn't know exactly what you had. This wouldn't be a problem if, say, the make process automagically adds the "version.o" (or call it whatever) object to any linked executable. version.[ch?] would of course contain something like: static const char* __foo_version __attribute__ ((unused)) "foo"; and be properly depended on to build whenever updated. This shouldn't be more than a trivial change in the global bsd .mk files. My only concern would be CVS repo bloat. Perhaps a cvs meister would care to comment on this issue? I don't suppose there is a way to tell CVS to not worry about deltas or logs, is there? Were there any other objections to this before? If this sounds like a good idea, and if the cvs bloat won't be too much, I can start hacking this together soon. (Though it is highly unlikely this will be in 4.4, so there still needs to be a resolution as to what to do there) > Although you'd still be ahead of todays "I'm running a system supped > about dinnertime yesterday" kind of identifications. "What timezone are you in, and when do you eat dinner?" :) To Unsubscribe: send mail to [EMAIL PROTECTED] with "unsubscribe freebsd-stable" in the body of the message
Re: RELENG_4_3 calls itself -RELEASE?
Why not 4.4.1-RELEASE, 4.4.2-RELEASE, etc It's simple, to the point. Implies upgrades. Allows you to quickly determine exactly how current a particular system is with regards to patches, and follows long-standing conventions. Just my $.02 -Bill Andrew Boothman wrote: > > [Boy do I wish I hadn't started this now!] > On Friday 03 August 2001 7:49 pm, Jordan Hubbard wrote: > > > I like -BEET. It's short, means nothing, and is red. What more could > > > you ask for? :P > > > > Indeed! Well put. Unless I hear truly strong and well-reasoned > > sentiments to the contrary, I will tag and document this as the > > 4.4-BEET branch when the time comes to create it. > > While I'm usually all for nonsensical names (my own machine is called > spatula), I think we should try and pick something related, but clear. > > How do we feel about 4.4-RELEASE-PATCH1, 4.4-RELEASE-p1 or 4.4-RELEASEp1 for > the first commit RELENG_4_4 and 4.4-RELEASE-p2 for the second ? > > This idea has already been mentioned by various other people, but seems to > have been largely ignored by the rest of the conversation which, quite > understandably, became more interested in vegetables and flightless birds. :-) > > I think this is the best option for several reasons : > > 1) It makes it clear that the version you are running is basically > 4.4-RELEASE plus 'something'. > > 2) We can tell at a glance whether you are patched against a spacific > vulnerability. Security advisories can say "patched in 4.4-RELEASE-p5 simply > type 'uname -r' to determine if your system has been updated since the > vulnerability was patched" > > My original problem with the concept with the -SECURITY name was that you > can't tell if you have been patched against something. Of course, just > calling it -SECURITY doesn't make it any more obvious, but the patch numbers > do make it obvious. > > So calling a system -BEET, as much as I like the name, only addresses one of > my original concerns. Patch numbers would address both. > > -- > Andrew Boothman <[EMAIL PROTECTED]> > http://sour.cream.org > > To Unsubscribe: send mail to [EMAIL PROTECTED] > with "unsubscribe freebsd-stable" in the body of the message -- "Where's the robot to pat you on the back?" To Unsubscribe: send mail to [EMAIL PROTECTED] with "unsubscribe freebsd-stable" in the body of the message
Re: RELENG_4_3 calls itself -RELEASE?
Fri$ Not to beat a -deadhorse, but here are my $.02 The only sensible suggestion I've seen so far is 4_3_x_RELEASE. The reason is that all the proposals I've seen (with the exception of the above and 4_3_RELEASEplX, which is not lexically bigger than 4_3_RELEASE) is merely a cosmetic change with no effect beyond the first security fix. Anyone who wants to find out whether their system has been patched will still have to resort to the old method. But there are still problems with checking the build date. Consider the following example: Admin X receives a security notification, and immediately goes to update his FreeBSD machines. Here, several scenarios can happen: 1) The cvsup server used does updates every 6 hours and/or missed the last update. Admin believes he has updated version. Admin's copy of SirCam is read by noisy hacker. 2) Two advisories are released in close proximity. Admin believes he has second fix when he in fact only has the first. Admin's site becomes the newest warez distribution point. 3) Another admin recompiles kernel for new driver. Admin X later receives advisory, and seeing that the machine is compiled post correction date, he believes that another admin fixed the problem. Site is compromised, and admin loses job/house/car/wife/kids. Here, I can offer several suggestions: 1) Have the cvs scripts add the latest commit date/time to a version.h everytime a commit occurs in a branch. Display/use it accordingly. 2) Embed the cvs $id/$FreeBSD strings in every binary. A security update tool can then be used to automagically determine whether a system has pending security issues. [I have no problems writing the aforementioned tool if we do decide to go this route] 3) Do nothing, and perhaps give more instructions in security advisories. -Jon To Unsubscribe: send mail to [EMAIL PROTECTED] with "unsubscribe freebsd-stable" in the body of the message
Re: RELENG_4_3 calls itself -RELEASE?
On Fri, Aug 03, 2001 at 09:54:02AM -0400, Bob K wrote: > > I like -BEET. It's short, means nothing, and is red. What more could > you ask for? :P Suggest -FOO has a long standing meaning of nonsense in computer lingo. Or -FOOBAR. -- David Kelly N4HHE, [EMAIL PROTECTED] = The human mind ordinarily operates at only ten percent of its capacity -- the rest is overhead for the operating system. To Unsubscribe: send mail to [EMAIL PROTECTED] with "unsubscribe freebsd-stable" in the body of the message
Re: RELENG_4_3 calls itself -RELEASE?
On Fri, Aug 03, 2001 at 10:00:49AM -0400, Antoine Beaupre (LMC) wrote: > Go for RUTABAGA. It's cute. > > Besides, Debian does it and everybody likes it. It allows us to pick > names in honor of dead people. Yay. ;) I like this, and vote for -POUL for this branch, to forever pay homage to a recently departed writer. > We should scrap -STABLE for a more meaningless name, but I won't get > into this. > > Is it me or this thing comes up about twice a month? Yup. Conversely, that doesn't make it less of an issue, but I am .not. going down that path. :) Jamie > A. To Unsubscribe: send mail to [EMAIL PROTECTED] with "unsubscribe freebsd-stable" in the body of the message
Yet again changing branch names? (Re: RELENG_4_3 calls itself -RELEASE?)
Garance A Drosihn wrote: > At 7:07 PM -0700 8/2/01, Chad R. Larson wrote: > >> On Fri, Aug 03, 2001, Andrew Boothman wrote: >> > I prefer -SECURITY, because it makes it clear this is the >> > branch dedicated to security fixes and nothing else. >> >> Yes, but then the newbies would think this was some special >> release with extra security features. And complain when they >> get rooted. We go through "why isn't -STABLE really stable" >> three or four times per year. ?? s/year/month/ ! >> I'd rather a tag that didn't imply some kind of promise. >> >> But I agree, it should be something other than -RELEASE. > > I agree it should change, and should not be -SECURITY or -SECURE. > In the interest of keeping it simple and yet nondescript, I would > prefer something like -RELEASE+ or -RELEASE-PLUS > > While something like BEET or RUTABAGA is also nondescript, I think > that's a little too silly for this branch. I know several sysadmin's > who have been very happy to have this branch around. I could see > changing the *stable* branch to a name like beet, rutabaga, or maybe > rawcarrot (which is then "cooked" for release... :-). Maybe that > would finally get rid of the confusion of people who read too much > into the name "stable". Yah. -stable is really great, but it's gotta go. We have to *force* people to read the doc. It's the bottom line. When I discovered Debian, I heard of Potato, Slinky and stuff like that. I had no clue of what the heck they were talking about. I read. I learned. :) > For that matter, perhaps we should name the "security-fixes" branch > as -stable, and then change the branch we currently call stable to > be -kitchen, and change -current to be -frontier or -scarymovie. hmm... Here's what I think: 1. The security breanch could just be named what it is: -SECURITY_FIXES or -SECFIX. 2. "-stable" gotta go. Any fruit, household item, room, whatever name will fit. The problem we'll find is with the doc and the infrastructure (this list) that we can't change to follow changing names. 3. "-current" should also be renamed. "Evil dark overlord planning to take over the earth" could be a better name (but it might attract too much people). I suggest "-crap". That'll keep wanderers away. :) Not that we don't want people to use -current, we don't want people to use -current without knowing what they're doing. 4. And how about naming our releases? I know there are a lot of them (3/4 a year), but I like the idea of dedicating releases or naming them to funny names. :) > [really, any naming scheme is fine by me personally. I'd just like > to see if we could come up with something so we didn't have to debate > some branch-name every three or four months. So, I hope that by > tossing several disparate ideas out, maybe something will make sense. > Note: 'disparate', not 'desperate' :-) ] Here too. I could stay just like that. But I can't bear the freaking noise of having this thing over and over again. -- Antoine Beaupré Jambala TCM team Ericsson Canada inc. mailto:[EMAIL PROTECTED] To Unsubscribe: send mail to [EMAIL PROTECTED] with "unsubscribe freebsd-stable" in the body of the message
Re: RELENG_4_3 calls itself -RELEASE?
Antony T Curtis <[EMAIL PROTECTED]> wrote: >"Antoine Beaupre (LMC)" wrote: >> >> Go for RUTABAGA. It's cute. > >We cannot use -APPLE, -APRICOT, -CHERRY nor -ORANGE or some company >would get very sour... > >But there is -BANANA, -PEAR, -GRAPE, -NECTARINE, -TOMATO, -MELON, >-STRAWBERRY, -RASPBERRY... > >Or maybe more exotically, -DUREN, -LYCHEE, -RUMBUTANG, -STARFRUIT... I think as long as we specifically avoid -LEMON things will be fine. Personally I think the idea of all this name changing is silly. I was one of those newbies to this list not very long ago and I once asked those questions "why is stable not stable?" If we go mucking about with the names, we're certain to be asked questions like "Okay, is -RAISIN the patched -GRAPE?" and "Why do you call it -BANANA? Why not just call it -RELEASE?" I think a version of FreeBSD which incorporates only patches that can be applied BOTH by CVSup and by simply adding patches one at a time, which seems to me is what the RELENG_4_3 branch is trying to do, is the same as applying any other system patch, and doesn't deserve a rename of the base OS. All that will do is for certain confuse scripts that use 'uname -a' to determine the installed OS. -- The idea that Bill Gates has appeared like a knight in shining armour to lead all customers out of a mire of technological chaos neatly ignores the fact that it was he who, by peddling second-rate technology, led them into it in the first place. - Douglas Adams (1952-2001) To Unsubscribe: send mail to [EMAIL PROTECTED] with "unsubscribe freebsd-stable" in the body of the message
Re: RELENG_4_3 calls itself -RELEASE?
On Fri, Aug 03, 2001 at 12:51:30PM -0500, Mike Meyer wrote: > David Kelly <[EMAIL PROTECTED]> types: > > On Fri, Aug 03, 2001 at 09:54:02AM -0400, Bob K wrote: > > > I like -BEET. It's short, means nothing, and is red. What more could > > > you ask for? :P > > Suggest -FOO has a long standing meaning of nonsense in computer lingo. > > Or -FOOBAR. > > It's not a nonsense word, it's a placeholder. If you do that, I can no > longer talk about tracking -FOO (or -FOOBAR) when I want to talk about > tracking any of the branches. OK, then back to the fruits and vegetables, which rot when left sitting around and need to be replaced before then. I propose -TOMATO as its the favorite of rotten fruit throwers. Or -EGG for that which isn't ready to hatch yet (isn't that what we are really talking about, that iffy place between -STABLE and -RELEASE?) and then we could say of the one who broke it, has -EGG on his face? I'm getting too silly for -STABLE. -- David Kelly N4HHE, [EMAIL PROTECTED] = The human mind ordinarily operates at only ten percent of its capacity -- the rest is overhead for the operating system. To Unsubscribe: send mail to [EMAIL PROTECTED] with "unsubscribe freebsd-stable" in the body of the message