On Sat, 2003-09-27 at 18:12, Herbert Xu wrote: > Andreas Metzler <firstname.lastname@example.org> wrote: > > martin f krafft <email@example.com> wrote: > >> This thread has been going on for a while, and I think the general > >> voice has been that security backports and other vital patches are > >> totally alright for kernel-source. However, I think the general > >> agreement is that feature backports are not okay. That's what > >> kernel-patches are for. > > That has not been my impression at all. > > As I have said before, kernel-source's primary purpose is for building > default Debian kernel images. Thus it should contain all the patches > necessary so that the images are uniform across architectures. So which of the 11 platforms _REQUIRE_ the IPSEC backport? If any, what is the rational that they *REQUIRE* that piece. > Having said that, I do understand that users will use it for building > custom images. But the presence of kernel-patch-debian fixes that > situation. You can easily obtain a vanilla kernel that you can apply > patches too. > > Now for those who want to get rid of just the ipsec patch, that can > be done as well. Just download it from the URL specified in the README > file and unapply it. > > If someone wants to make a kernel-patch package out of it, go right > ahead. Would that then allow you to NOT include it in the kernel-source package, but then make it a "standard" patch to be installed by default then? And have a Variable "NO_IPSEC_PATCH" or something similar so that kpkg doesn't apply it... but does apply other patches. > > What I'd really like to hear is a reaction from Herbert to: > > Osamu Aoki <firstname.lastname@example.org> in <[🔎] 20030921222634.GB964@aokiconsulting.com> > > | Can your patch file to be more modular like X package? It is a big > > | chunk. > > > > Which could make both sides happy. Instead of one big patch containing > > bugfixes, security fixes and feature additions to make them separately > > available in the kernel-source-package. > > Again this is something that I have already stated my position on. > This is simply unmaintainable due to the complex relationships between > patches. > > In any case, the kernel-source package's README file should contain all > the information you need to extract any particular patch that you're > interested in. But exactly why should this particular patch (IPSEC backport) cause so much grief for the patch system, if it were to be so standard? -- greg, email@example.com REMEMBER ED CURRY! http://www.iwethey.org/ed_curry Your eyes glow like naked livers burning in the sun.
Description: This is a digitally signed message part