[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Debian should not modify the kernels!

On Sat, 2003-09-27 at 18:12, Herbert Xu wrote:
> Andreas Metzler <ametzler@downhill.at.eu.org> wrote:
> > martin f krafft <madduck@debian.org> wrote:
> >> This thread has been going on for a while, and I think the general
> >> voice has been that security backports and other vital patches are
> >> totally alright for kernel-source. However, I think the general
> >> agreement is that feature backports are not okay. That's what
> >> kernel-patches are for.
> That has not been my impression at all.
> As I have said before, kernel-source's primary purpose is for building
> default Debian kernel images.  Thus it should contain all the patches
> necessary so that the images are uniform across architectures.

So  which of the 11 platforms _REQUIRE_ the IPSEC backport? If any, what
is the rational that they *REQUIRE* that piece. 

> Having said that, I do understand that users will use it for building
> custom images.  But the presence of kernel-patch-debian fixes that
> situation.  You can easily obtain a vanilla kernel that you can apply
> patches too.
> Now for those who want to get rid of just the ipsec patch, that can
> be done as well.  Just download it from the URL specified in the README
> file and unapply it.
> If someone wants to make a kernel-patch package out of it, go right
> ahead.

Would that then allow you to NOT include it in the kernel-source
package, but then make it a "standard" patch to be installed by default
then? And have a Variable "NO_IPSEC_PATCH" or something similar so that
kpkg doesn't apply it... but does apply other patches.

> > What I'd really like to hear is a reaction from Herbert to:
> > Osamu Aoki <osamu@debian.org> in <[🔎] 20030921222634.GB964@aokiconsulting.com>
> > | Can your patch file to be more modular like X package?  It is a big
> > | chunk.
> > 
> > Which could make both sides happy. Instead of one big patch containing
> > bugfixes, security fixes and feature additions to make them separately
> > available in the kernel-source-package.
> Again this is something that I have already stated my position on.
> This is simply unmaintainable due to the complex relationships between
> patches.
> In any case, the kernel-source package's README file should contain all
> the information you need to extract any particular patch that you're
> interested in.

But exactly why should this particular patch (IPSEC backport) cause so
much grief for the patch system, if it were to be so standard?
greg, greg@gregfolkert.net
REMEMBER ED CURRY! http://www.iwethey.org/ed_curry

Your eyes glow like naked livers burning in the sun.

Attachment: signature.asc
Description: This is a digitally signed message part

Reply to: