On Mon, Oct 06, 2003 at 10:08:57PM +0200, martin f krafft wrote: > also sprach Mark Brown <broonie@sirena.org.uk> [2003.09.22.1109 +0200]: > > Well, what you seem to want is to have the kernel source avaliable > > in a format that makes packaging kernel patches easy. That seems > > like a different issue to me. > > No, this is the issue. I want the kernel sources to be what they > promise, and not what Herbert wants them to be. I can opt-in on have > the bells and whistles Herbert thinks should belong in every > kernel-image, but if I don't make that choice, I want to have the > kernel-source with just the security fixes. After all, Debian is > known for two things: purity and security. I don't see the first one > applying to kernel-source, and given that IPsec is in beta state, > I don't see the second either. I agree with Martin. If patches in the base package make additional kernel patch packages impossible, they should not be applied. Users should have the choice which patches they want to apply. So the proper way IMHO is to provide a vanilla kernel-source package and an IPSec backport package. > Moreover: 2.4 users have the choice to run IPsec: FreeS/WAN works > just fine, and it happily coexists with grsecurity. It's also just > another IPsec stack. Weird, huh? Maybe the 2.5 IPsec stack does > patch more than add an IPsec stack? Herbert? BTW, I do not use the kernel-source package, I always build my own kernel using make-kpkg - with cryptoloop patch. But that's not the point. If I find that that patch conflicts with the Debian kernel source, I would get very irritated. Greetings, Oliver -- .''`. : :' : Oliver Kurth oku@debian.org `. `' Debian GNU/Linux maintainer - www.debian.org `- When sending passwords, please use my gpg key. That's what it's good for.
Attachment:
signature.asc
Description: Digital signature