On 11/09/2018 20:35, Ed Maste wrote: > On 11 September 2018 at 07:35, Tomoaki AOKI <junchoon_at_dec.sakura.ne.jp> wrote: >> I prefer releng, rather than stable, to make it default. >> Binary releases requiring reproducible builds are built from >> release and releng branches. > > This might be the reasonable long-term strategy, but we don't yet have > experience running through the release process with it enabled. I > would like to enable it by default on the branch, at least initially, > to avoid discovering issues only immediately prior to the release. Hi, Personally I think this should (after testing on -current) be enabled only where binary-only updates (for everything) are anticipated. Then again, I don't run a binary-only system despite having to manage more than 16 systems. One reason is the hardware is all different, so different things are enabled in the kernel. The other reason is that I can reduce a machines security overhead if only what is required is available. This all requires source builds. So, I want to know where and when each system was compiled. Why lose this information by default? thanks, -- J.Received on Thu Sep 27 2018 - 08:46:11 UTC
This archive was generated by hypermail 2.4.0 : Wed May 19 2021 - 11:41:18 UTC