[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: kernel security upgrades


one more summarization for me (as one of my mentores told me, in French,
there is a proverb that goes "the night is the best advisor", and I had
some good ideas this night :).

If we do the following, we need to/we break (numbers only for reference):

1. add new normal kernel images:
   update cd build to not include all of them (relevant only at point
   releases, as we don't build cd images for stable weekly or so)
2. remove old normal kernel images:
   this breaks some installation medias at some archs the kernel install
3. have both old and new normal images available:
   This "just" confuses our users, and has a real danger of installing
   kernels with security issues.
4. add new udebs:
   if we want to use them, update rootskel, base-installer, d-i build system
5. remove old udebs:
   breaks businesscard cds the hard way, because they want to retrieve

Also, due to legal reasons, we need to at least keep the kernel-source
around of any image where we distribute binaries of. Do we also need to
keep the binary packages around for legal or for being sane?

So, because of the 5. reason, I think that we need to keep any udeb
around that fits to any of the businesscard cds we officially distribute
(should we do that also for the RC3 cds?).

Weighting between the 3. "confuses users" (which hits all users) and
2. "some archs don't get an kernel auto-installed" (which hits only few
users with outdated images), I tend to accept the second breakage, and
add a note and describe a work around in the release notes (and, if that
is possible with reasonable effort, enhance the error message).

For the legal requirement (which we simply must obey), one possibility
would be to push any of the sources where we included udebs from in the
installer into an extra directory (like dists/sarge/installer-sources/)
at any time where we update the installer (so that we don't forget it
later on). Via that, we can keep udebs of kernels where the kernel is no
longer "normally" distributed by us.

Does that sound not too unreasonable?

   PGP 1024/89FB5CE5  DC F1 85 6D A6 45 9C 0F  3B BE F1 D0 C5 D1 D9 0C

Reply to: