Julian H. Stacey
2019-May-15 14:25 UTC
FreeBSD flood of 8 breakage announcements in 3 mins.
Hi core@, cc hackers@ & stable@ PR headline : "FreeBSD flood of 8 breakage announcements in 3 mins." https://lists.freebsd.org/pipermail/freebsd-announce/2019-May/date.html Volunteers who contribute actual fixes are very much appreciated; But those styled as 'management' who delay announcements to batch floods damage us. As they've previously refused to stop, it's time to sack them. Just send each announcement out when ready, no delays to batch them. No sys admins can deal with 8 in 3 mins: Especially on multiple systems & releases. Recipients start mitigating, then more flood in, & need review which are most urgent to interrupt to; While also avoiding sudden upgrades to many servers & releases, to minimise disturbing server users, bosses & customers. Cheers, Julian -- Julian Stacey, Consultant Systems Engineer, BSD Linux Unix, Munich Aachen Kent http://stolenvotes.uk Brexit ref. stole votes from 700,000 Brits in EU. Lies bought; Groups fined; 1.9 M young had no vote, 1.3 M old leavers died.
On Wed, May 15, 2019 at 8:26 AM Julian H. Stacey <jhs at berklix.com> wrote:> > Hi core@, > cc hackers@ & stable@ > > PR headline : "FreeBSD flood of 8 breakage announcements in 3 mins." > > https://lists.freebsd.org/pipermail/freebsd-announce/2019-May/date.html > > Volunteers who contribute actual fixes are very much appreciated; > But those styled as 'management' who delay announcements to batch floods > damage us. As they've previously refused to stop, it's time to sack them. > > Just send each announcement out when ready, no delays to batch them. > No sys admins can deal with 8 in 3 mins: > Especially on multiple systems & releases. Recipients start > mitigating, then more flood in, & need review which are > most urgent to interrupt to; While also avoiding sudden upgrades > to many servers & releases, to minimise disturbing server users, > bosses & customers. > > Cheers, > Julian > -- > Julian Stacey, Consultant Systems Engineer, BSD Linux Unix, Munich Aachen Kent > http://stolenvotes.uk Brexit ref. stole votes from 700,000 Brits in EU. > Lies bought; Groups fined; 1.9 M young had no vote, 1.3 M old leavers died.I disagree, Julian. I think SAs are easier to deal with when they're batched. True, I can't fix the first one in less than 3 minutes. But then I probably wouldn't even notice it that fast. Batching them all together means fewer updates and reboots. -Alan
Hi!> PR headline : "FreeBSD flood of 8 breakage announcements in 3 mins." > > https://lists.freebsd.org/pipermail/freebsd-announce/2019-May/date.html > > Volunteers who contribute actual fixes are very much appreciated; > But those styled as 'management' who delay announcements to batch floods > damage us.8 announcements and one freebsd-update is easier on the admin and the re-team than 8 announcements and 8 freebsd-update runs. That's probably why they are batched. Because all of the fixes are bundled in one update. If the re-team-capacity is limited, what would be the alternative? -- pi at opsec.eu +49 171 3101372 One year to go !
On 2019-05-15 7:25, Julian H. Stacey wrote:> Hi core@, > cc hackers@ & stable@ > > PR headline : "FreeBSD flood of 8 breakage announcements in 3 mins." > > https://lists.freebsd.org/pipermail/freebsd-announce/2019-May/date.html > > Volunteers who contribute actual fixes are very much appreciated; > But those styled as 'management' who delay announcements to batch floods > damage us. As they've previously refused to stop, it's time to sack them. > > Just send each announcement out when ready, no delays to batch them. > No sys admins can deal with 8 in 3 mins: > Especially on multiple systems & releases. Recipients start > mitigating, then more flood in, & need review which are > most urgent to interrupt to; While also avoiding sudden upgrades > to many servers & releases, to minimise disturbing server users, > bosses & customers.Admins attentive to security issues will already be tracking CVEs for the software they use and mitigating or solving the vulnerability by all means available. By batching updates, FreeBSD is making administrative decisions for other people's systems. Some folks don't need to worry about scheduling downtime and will benefit from faster update availability. Folks who need to worry about scheduling downtime are already going to batch updates and should be allowed to make those decisions for themselves. Batched SAs help in neither case. Example: the ntpd CVE is more than two months old, and was rapidly fixed in ports. I was able to switch my systems to the ports ntpd during a scheduled downtime window in March instead of doing it this weekend. So not only did I benefit from the faster update availability, I was able to make my own decision about my own systems and significantly reduce my exposure. Don't be Microsoft. Don't sit on security updates.