Re: Debian should not modify the kernels!

To: debian-devel@lists.debian.org
Subject: Re: Debian should not modify the kernels!
From: Herbert Xu <herbert@gondor.apana.org.au>
Date: Sun, 28 Sep 2003 13:10:27 +1000
Message-id: <[🔎] E1A3Rx5-0003vt-00@gondolin.me.apana.org.au>
In-reply-to: <[🔎] 1064707784.1890.38.camel@duke.gregfolkert.net>

Greg Folkert <greg@gregfolkert.net> wrote:
> 
> So  which of the 11 platforms _REQUIRE_ the IPSEC backport? If any, what
> is the rational that they *REQUIRE* that piece. 

As the current maintainer of kernel-source, I decide which patches
are included per default.  The individual architecture maintainers
can choose to override my decisions through architecture patches.

As for the criteria for inclusion, I have already outlined some simple
rules earlier in this thread.  I would recommend you to read it if you
are interested.

>> If someone wants to make a kernel-patch package out of it, go right
>> ahead.
> 
> Would that then allow you to NOT include it in the kernel-source
> package, but then make it a "standard" patch to be installed by default
> then? And have a Variable "NO_IPSEC_PATCH" or something similar so that
> kpkg doesn't apply it... but does apply other patches.

No, the purpose of such a kernel-patch package would be to allow a user
to easily obtain the IPSEC patch should they wish to either apply it
to a vanilla kernel, or unapply it from the Debian kernel.

Its existence is orthogonal to whether this patch is included in the
Debian kernel source.

> But exactly why should this particular patch (IPSEC backport) cause so
> much grief for the patch system, if it were to be so standard?

I do not believe that this patch has caused excessive grief for the
benefits that it brings.  In fact, conflicts between the Debian kernel
source and random kernel patches floating around are a fact of life.

For example, the grsecurity patch has had a history of conflicts with
various patches in the Debian kernel source.  Most of those patches that
caused conflicts were in fact essential security fixes.  You can review
this for yourself by visiting to the BTS entry for the grsecurity
package.

Cheers,
-- 
Debian GNU/Linux 3.0 is out! ( http://www.debian.org/ )
Email:  Herbert Xu ~{PmV>HI~} <herbert@gondor.apana.org.au>
Home Page: http://gondor.apana.org.au/~herbert/
PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt

Reply to:

Follow-Ups:
- Re: Debian should not modify the kernels!
  - From: viro@parcelfarce.linux.theplanet.co.uk
- Re: Debian should not modify the kernels!
  - From: Greg Folkert <greg@gregfolkert.net>

References:
- Re: Debian should not modify the kernels!
  - From: Greg Folkert <greg@gregfolkert.net>

Prev by Date: Re: To what extent should Debian modify the kernel? (Re: Debian should not modify the kernels!)
Next by Date: Re: Debian should not modify the kernels!
Previous by thread: Re: Debian should not modify the kernels!
Next by thread: Re: Debian should not modify the kernels!
Index(es):
- Date
- Thread