melodrama at CentOS?

Flaherty, Patrick pflaherty at wsi.com
Mon Aug 3 14:02:36 EDT 2009


> >>> ... control of the domain name ...
> >>> So, trust and brand value are at risk.
> >>
> >> ... massive organizational clusterfsck that would ensue ...
> >
> > You should be using a local mirror!!! Update one rsync script and 
> > you're done.
> 
>   The various files that control package management 
> explicitly mention centos.org as the master all over the 
> place.  Take a look at the config files for YUM.  (Debian 
> zealots, note that APT has the same
> problem.)
>
>   To say nothing of the fact that, if the project had to 
> fork, they'll almost certainly change the very name.
I was trying to be funny, but since you're being fuddy. It wouldn't be
anything more than a semantic name change. There's no forking going on,
there's no forking going on, there's no forking going on. The guy who
registered the domain name, controls it's dns, and runs their paypal
stuff was being uncooperative. According to the centos mailing list and
front page that's no longer the case. The worst case scenario (which
isn't even going to happen) they need to get a new domain name to use
for a homepage (my suggestion is centos-hates-lance.org)

The only files that yum cares about are yum.conf (no mention of centos)
and any repo files included via /etc/yum.repos.d (multiple centos
reference). It's true that you may have to run sed -i
's/mirrors.centos.org/mirrors.centos-ng/g' /etc/yum.repos.d/*, but that
would be it. The yum plugins don't mention centos.org, the docs don't
mention centos.org, nothing that I've ever seen is dependant on
centos.org but the repo file (which i don't have to use because I point
my servers at spacewalk</smug>). Even if someone were to jack the domain
name, the build machines are the ones with the signing key for packages,
the hijacker wouldn't have it, and the packages wouldn't verify on your
machine. 

> > If you have lots of centos boxes, try using spacewalk, works pretty 
> > well.
> 
>   When I was working at a consulting firm, a lot of our work 
> was maintaining Linux servers, one per customer.  I never had 
> any luck adapting management tools to that sort of situation. 
>  The tools all assume strong management from a single point, 
> which you don't have with a consulting engagement.  Of 
> course, that was at least six years ago I last looked, so 
> things could well be different now.

Spacewalk is sorta like wsus, machines check in tell you what their
patch level is. You can approve new patch levels and push them out to
the machines. It's the upstream for RedHat network, but it is rather
centralized.

Patrick



More information about the gnhlug-discuss mailing list