Postgres Pro
Downloads
Home   >   mailing lists

Re: TurnKey security updates - Mailing list pgsql-www

From Robert Treat
Subject Re: TurnKey security updates
Date
Msg-id 200812101042.46566.xzilla@users.sourceforge.net
Whole thread Raw
In response to TurnKey security updates  (Liraz Siri <liraz@turnkeylinux.org>)
List pgsql-www
Tree view 
On Wednesday 10 December 2008 03:31:54 Liraz Siri wrote:
> Peter Eisentraut wrote:
> > Robert Treat wrote:
> >> Since turnkey doesnt update packages themselves (they just grab ubuntu
> >> feeds), do they need a contact for the list?  Or would that preclude
> >> them from being listed on the download page? (I'd also note that
> >> Robert Bernier is not on the -packagers list (afaik) , but he now has
> >> a distribution listed as well (pg_live))
> >
> > Well, does he produce a new release on time for every source release? Or
> > is it more like when the conference schedule calls for it?
>
> Conference schedules? Sorry, we don't have any plans to attend any, so
> we have to use a different system to determine our when to do updates.
>

Peter was reffering to Robert, who maintains pg_live, which is often 
distributed at various conferences.  

Robert (now that you are CC'd on this), what is your policy for new releases 
of pg_live (especially with regards to security updates). 

> To the point. While new releases do in fact include the latest package
> updates as part of the build process, we don't need to release a new
> software appliance each time a single package gets updated, because the
> package manager is configured to take care of that for you. The
> appliance is configured to auto-update  security patches daily, directly
> from Ubuntu's security repositories.
> We also have our own security repository (archive.turnkeylinux.org) but
> we only issue updates for our custom packages there.
>
> This is kind of how Ubuntu and Debian handle updates. You wouldn't
> expect them to make a new release for every package that gets updated,
> and it wouldn't really be very useful if they did anyhow because it
> wouldn't take care of already installed systems.
>
> Again, I'd like to stress that under the hood TurnKey appliances are
> simply an Ubuntu system that has been pre-integrated and optimized to
> satisfy a specific usage scenario.
>

It certainly clarifies your process, now I think we just need to decide what, 
if any, relationship there needs to be between folks listed on the download 
page, and who needs to be on -packagers. 

-- 
Robert Treat
Conjecture: http://www.xzilla.net
Consulting: http://www.omniti.com

pgsql-www by date:

Previous
From: "Emanuel Calvo Franco"
Date:
Subject: Re: [pgsql-es-fomento] Pootle server request
Next
From: Robert Treat
Date:
Subject: Re: [Fwd: Re: [ANNOUNCE] spreading the word on new PostgreSQL software appliance]