| From: | Bruce Momjian <bruce(at)momjian(dot)us> |
|---|---|
| To: | Robert Haas <robertmhaas(at)gmail(dot)com> |
| Cc: | Stephen Frost <sfrost(at)snowman(dot)net>, Chad Sellers <csellers(at)tresys(dot)com>, "David P(dot) Quigley" <dpquigl(at)tycho(dot)nsa(dot)gov>, Josh Berkus <josh(at)agliodbs(dot)com>, Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us>, KaiGai Kohei <kaigai(at)ak(dot)jp(dot)nec(dot)com>, jd(at)commandprompt(dot)com, David Fetter <david(at)fetter(dot)org>, Itagaki Takahiro <itagaki(dot)takahiro(at)oss(dot)ntt(dot)co(dot)jp>, KaiGai Kohei <kaigai(at)kaigai(dot)gr(dot)jp>, pgsql-hackers(at)postgresql(dot)org |
| Subject: | Re: Adding support for SE-Linux security |
| Date: | 2009-12-09 00:58:20 |
| Message-ID: | 200912090058.nB90wKw15505@momjian.us |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-hackers |
Robert Haas wrote:
> Sorry. I spent a lot of time for both CommitFest 2008-11 and
> CommitFest 2009-07 in the hopes of getting something committable, and
> I wasn't successful. I'm just at the end of my rope. It seems fairly
> clear that Tom isn't going to commit any piece of SE-PostgreSQL at
> all, ever. So who's going to do it? It doesn't make any sense to
> continue trucking along with this patch into the indefinite future if
> it has no hope of being committed.
>
> Frankly, I think this comes down to money. There are several
> PostgreSQL companies which employ very capable PostgreSQL committers.
> When someone is willing to pony up enough money to get those people
> interested (as, I gather, has happened with block-checksumming) then
> this will happen. Until then, I don't believe anyone is going to
> volunteer to be responsible for a 10,000-line patch in their free
> time. Tom is the only one crazy enough for that, and he said no.
I have offered to review/commit the patch. I don't promise my effort
will be pretty, but I will get the job done. I have not started yet
because I think we are still unclear if the feature is worth the
additional code maintenance.
I frankly think the patch should be thought of as the SE-Linux-specific
directory files, which KaiGai can maintain, and the other parts, which I
think I can handle.
> The next time someone submits a huge, unsolicited patch to do
> ANYTHING, we should do them a favor and tell them this up front,
> rather than a year and a half later. Then they could have the
> appropriate conversations with the appropriate people and determine
> whether to budget for it or give up. What has happened with this
> patch has not served KaiGai well, or improved the image of this
> community.
Yes, this has not been our finest hour. :-(
I think the causes have been explained already:
o early patches did not have community buy-in
o we are unclear about the size of the user community
o we are unclear what the end user will want
o the feature is complex
o the features is in an unfamiliar problem-domain
--
Bruce Momjian <bruce(at)momjian(dot)us> http://momjian.us
EnterpriseDB http://enterprisedb.com
+ If your life is a hard drive, Christ can be your backup. +
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Fujii Masao | 2009-12-09 01:01:22 | Re: Streaming replication, some small issues |
| Previous Message | KaiGai Kohei | 2009-12-09 00:19:28 | Re: Adding support for SE-Linux security |