On 04/24/2011 01:14 AM, Runa A. Sandvik wrote: > On Sun, Apr 24, 2011 at 3:55 AM, Jacob Appelbaum <[email protected]> wrote: >> On 04/23/2011 04:32 PM, Erinn Clark wrote: >>> * Jacob Appelbaum <[email protected]> [2011:04:21 11:54 -0700]: >>>> It's a question for what we as a project can handle supporting - when a >>>> new Tor is released, we'll need to build it unless we rely on upstream >>>> builds. Runa and I suggest that we (Tor) may want our own OpenWRT >>>> repository - that by default seems to fall directly on our main build >>>> person, I think. >>> >>> Jake and I discussed this on IRC and the basic summary is that for now we'll >>> wait and see -- probably longer term we can support maintaining a >>> repository, >>> if that turns out to be the right route, but my role is going to be mainly >>> infrastructure related so I can help make sure people are able to do what >>> they >>> need without blocking on me. >> >> One other important point made in that discussion is that no one seems >> to have time for supporting an entirely new platform for every Tor >> release. So while The Tor Project may support it - we have no one >> willing to bell the cat today. >> >> What this means practically is that as we've seen with Android, we're >> going to seriously lag releases as it won't be the responsibility of any >> single person or group of people. This won't work if we ship our own OS >> (such as a custom OpenWRT image) and it will simply be difficult if >> we're just shipping Tor (with or without supporting libraries). > > We already know that we can't rely on upstream builds. If we want to > our users to have the latest version of Tor, we need to set up an okpg > repository ourselves. >
I'm of a mixed feeling here - we can easily rely on upstream packaging work but we need to have a commitment inside of Tor to actually support a repository, if we need to run our own. It's probably the case that for rapid development, we'll need to do so. Stuff like x-wrt are a hybrid example where we may be able to have regular builds of Tor. I haven't really understood the process by which a package is actually ever compiled by OpenWRT or x-wrt and then shipped to users; the exception is when OpenWRT cuts a release... > Jake; it was my impression that you wanted to do this. Is that not the > case anymore? I want a lot of things. After talking with Erinn, I'm a little more enlightened on build issues. No one will take our work and cut a new Tor release as part of their work flow unless we somehow allocate resources or indicate that this is a priority. With that said - I'm happy to handle packaging of Tor on OpenWRT as I've been working on already. However, that is not enough - we have to actually have a task that is going to be done regularly - no matter what OS or hardware choice we make. Android is a good example, we have repeatedly dropped the ball for a number of (good and bad) reasons. We should not repeat those mistakes - one of the biggest was simply that we did lacked a clear support plan - when a security release for Tor is tagged, Orbot needs to have at least a new Tor binary in a reasonable amount of time. We have utterly failed at this in a few cases - we should avoid re-creating this problem with Torouter. We're adding a new "product" to The Tor Project - one of the things we need to do is actually plan for the software maintenance phase of that product. As it stands, I don't believe we have a build machine (see bug #2969) that either you (Runa) or I have access to. That makes it hard to build an OpenWRT image or even have a system where we can co-work on packages together but also where we trust the compiler for cutting a release. Speaking of which, we also lack a plan for actually cutting releases - for a real beta test, I believe we'll really need to solve this issue. It's not reasonable to ship the Torouter project without having a good way forward and that includes a solid commitment from someone or someones that will ensure Tor builds kick off for each major or security important release. All the best, JAke _______________________________________________ tor-dev mailing list [email protected] https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-dev
