Mailinglist Archive: opensuse-factory (1324 mails)

< Previous Next >
Re: [opensuse-factory] Virtualbox broken on tumbleweed
  • From: Richard Brown <RBrownCCB@xxxxxxxxxxxx>
  • Date: Sat, 10 Oct 2015 16:07:29 +0200
  • Message-id: <CAA0b23yC0rEj6e0ftZrUTHU-c+Rwr3DNyoh=ZbLP3T9o_d0a_g@mail.gmail.com>
Erwin,

If you want to make sure that virtualbox is considered in the release
criteria for Tumbleweed, then you need to make sure it's tested in
openQA

You (or someone else) will need to write a test (or a series of tests)
to install, configure and run virtualbox

https://github.com/os-autoinst/openQA/blob/master/docs/WritingTests.asciidoc

Then submit it to the opensuse openQA test repository

https://github.com/os-autoinst/os-autoinst-distri-opensuse

You'll need to modify the 'main.pm' to execute those new tests in the
appropriate time (probably part of the load_x11tests subroutine)

And of course, your biggest challenge will be either figuring out how
to get virtualbox inside KVM (our default platform for testing in
openQA), or resurrecting and refining the old openQA virtualbox
backend to match the feature set of the qemu one (
https://github.com/os-autoinst/os-autoinst/blob/master/backend/vbox.pm
)
or donating supermicro server hardware to openSUSE so we can use that
as a 'real hardware' test using our IPMI backend

or, you could reconsider your use of virtualbox and consider using
KVM/GNOME Boxes/virt-manager instead

With well documented issues such as
http://www.theregister.co.uk/2015/09/15/oracle_virtualbox_security_updates/
and considering the fundamental fact that something in the kernel is
infinitely less likely to break than some module, you really need a
compelling reason to convince me that Virtualbox is a better choice
for desktop virtualisation, and so far your reasoning that 'it should
be treated as critical' does not sway my opinion in the face of the
facts as I see them.

I don't think it's critical, and I don't see why we should treat it as
critical when we have alternatives that have the same features that we
do treat as critical and are easier for us to support, more reliable
for our users, and with an upstream who doesn't hide their security
processes..

Of course..what I want doesn't matter if other people do the work to
make something else happen, hence all those juicy links above, pick
your path and have a lot of fun :)


On 10 October 2015 at 14:41, Erwin Van de Velde
<erwin.vandevelde@xxxxxxxxx> wrote:
Hi all,

First of all, I want to say that I do appreciate the work people put
into Tumbleweed and I do not want to be too negative.

However :-) I would like to see missing packages like the kermel
modules preventing Virtualbox from working properly to be treated as a
bit more critical and updated sooner. Many people use Virtualbox and
this package has been missing for more than a week now. I know you can
just use the previous kernel to have it working, but fixing this
sooner or, even better, preventing the release of the kernel when
important kernel modules do not build properly would be nice in my
opinion.

So please consider this as a question and in a constructive way as I
really like Tumbleweed.

Kind regards,
Erwin


On Fri, Oct 9, 2015 at 9:12 PM, Richard Brown <RBrownCCB@xxxxxxxxxxxx> wrote:
On 9 October 2015 at 21:09, Richard Brown <RBrownCCB@xxxxxxxxxxxx> wrote:
Virtualbox is a flaky pile of _____ which under security has a policy
with it's security updates that's so untransparent it makes me very
nervous

Should really proof read stuff before sending..

What I meant to say was.. Virtualbox is a flaky pile of _____ with a
security policy that lacking any transparency - it makes me very
nervous that stuff could be going on under the radar, which is not a
level of risk I want to take with my hypervisors
--
To unsubscribe, e-mail: opensuse-factory+unsubscribe@xxxxxxxxxxxx
To contact the owner, e-mail: opensuse-factory+owner@xxxxxxxxxxxx

--
To unsubscribe, e-mail: opensuse-factory+unsubscribe@xxxxxxxxxxxx
To contact the owner, e-mail: opensuse-factory+owner@xxxxxxxxxxxx

< Previous Next >