Nigel Sollars <nsollars@gmail.com> writes: > Um no I dont think so, > > Here is why, as these kernels by Robert have worked real well with my BBB > Rev B. I have had on odd occasions a kernel panic, allowing unsuspected > folk to this end would I think create useless noise. That sounds like a reason to set up an additional repository, containing that kernels, and encouraging people to use it. Relying on a git pull strikes me as a (perhaps small) security risk in comparison. If someone wants to compromise such systems, they can set up a git repo with trojaned kernels, pull some DNS ticks, and get you to pull from them instead. If you instead set up a signed repo, then the signatures wouldn't match, so apt would refuse the upgrade. (reprepro makes setting up and maintaining such a repo pretty easy, and if that's overkill there are other alternatives available) If the problem is actually getting upgrades of the kernel that you were not wanting, then it is generally possible to specify the behaviour you want using "apt pinning" (see the apt_preferences(5) man page) Cheers, Phil. -- |)| Philip Hands [+44 (0)20 8530 9560] HANDS.COM Ltd. |-| http://www.hands.com/ http://ftp.uk.debian.org/ |(| Hugo-Klemm-Strasse 34, 21075 Hamburg, GERMANY
Attachment:
signature.asc
Description: PGP signature