On Fri, Feb 24, 2006 at 11:02:57PM +1300, Matthew Grant wrote: > I am a Debian Maintainer who is seriously considering getting Xen into > Debian and Ubuntu. > I have been installing xen-unstable.hg from source on my AMD 64 and have > been impressed with its relative stability. > I am prepared to sponsor your packages into Debian if we can get them > cleaned up. > Other things I am looking at are special Xen source trees. We would > need the Debian security team to give us access to a patch repository > for all the Linux security patches. What does this mean, exactly? The Debian security team doesn't maintain any such patch repository, so I think any strategy that depends on them implementing this for you is doomed to failure. > The trick is to get the security fixes split out from all the other > updates that come in the point releases for the current vanila kernel.org > tree. Patching Xen against the standard Debian kernel tree may be asking > for problems, so it is better to work off a vanilla kernel.org tarball and > xen-unstable.hg Patching Xen against something *other* than the standard Debian kernel tree is asking for problems, because it means builds of an additional source package for every security update, plus no guarantee that a given security patch will apply cleanly to both trees, even *without* taking the Xen patch itself into consideration. Bastian Blank, a member of the Debian kernel team, is looking at integrating XenoLinux builds into the official linux-2.6 package. I think that's a much better option, and would strongly encourage anyone interested in Xen packaging to coordinate with the kernel team on this. (Yes, I'm aware there's a pkg-xen maintenance team on alioth as well; but AFAICT the maintainer of the current xen package is not a member of that packaging group, and there's no mention of xen on the wnpp bug page -- what's up with that?) -- Steve Langasek Give me a lever long enough and a Free OS Debian Developer to set it on, and I can move the world. vorlon@debian.org http://www.debian.org/
Attachment:
signature.asc
Description: Digital signature