On Wed, Jul 20, 2005 at 15:31:02 +0100, Rosenstrauch, David wrote: > Just wondering: > > In the 2.6.12 kernels, the kernel26 package gets built with > CONFIG_SECURITY_CAPABILITIES = m (module), while the kernel26-scsi > package uses CONFIG_SECURITY_CAPABILITIES = y (compiled in). Anyone > know why this is the case?
Firstly, my apologies, I'm guilty. As I explained on th forums a bit, there had been planned to make ArchLinux able to provide realtime capabilities for the users out of the box. This issue has been discussed as a kernel feature for ages, yet ther hasn't been a good and easy way to provide it for distributions. But there was light. As of kernel-2.6.x a realtime-lsm module was available which made it possible to provide realtime capabilities on a per group basis. Since this patch has never been accepted in the kernel, but many audio oriented users wanted to use it, it was also available as addon module, which required CAPABILITY to be compiled as module. Some of the ArchLinux devs are audio junkies and there was considered a way to provide realtime-lsm as a package which would mess with the capability module - both can't be loaded just either one. I tried to handle that by an abused rc.d deamon script negotiating the modules and make sure that one of them is always loaded since, as you expierienced with the testing Kernel, some apps are broken if none of them is loaded by default. At the time everything was ready to be released, the inevitable thing happend ... kernel developer accepted a realtime solution, but not the lsm module. As of 2.6.12 rlimits is in the kernel. ArchLinux has a patched PAM which can handle that. But capability as module isn't needed anymore for realtime issues. And as a possible troublemaker it compiled back into kernel again. Long explaination, I hope it clears things a bit. -tobbi _______________________________________________ arch mailing list [email protected] http://www.archlinux.org/mailman/listinfo/arch
