On Sunday 21 September 2003 14:41, Herbert Xu wrote: > martin f krafft <[EMAIL PROTECTED]> wrote: > > I am the kernel-patch-2.4-grsecurity maintainer, and I have been > > flooded with grave and important bugs ever since kernel version > > 2.4.20, since grsecurity does not apply to these kernel versions > > anymore. It doesn't apply to the Debianised versions of these > > kernels anymore, it applies to the vanilla kernel just fine. > > I've got a few points for you: > > * The vanilla kernel source is readily available:
Yes, but it is not available in a finest way possible. > apt-get install kernel-source-2.4.22 kernel-patch-debian-2.4.22 > tar xjf /usr/src/kernel-source-2.4.22.tar.bz2 > cd kernel-source-2.4.22 > /usr/src/kernel-patches/all/2.4.22/unpatch/debian This is misleading by the way of kernel source tree you provide. kernel-source-2.4.22 must contain just plain vanilla kernel sources + debian/ directory. Then if I want your backported patches (or anything else) I'll apt-get install kernel-patch-debian-2.4.22 and patch (NOTE: not to *unpatch*) the 2.4.22 source tree. > * The IPSEC backport can be easily reversed by unapplying > the patches given in the README.Debian file. it is better to provide in README.Debian patches (made as debian pacvkages) you suggest to be applied not to unapplied. > * The IPSEC backport has minimal effect on the binary images. It > has no effect unless you load the relevant modules. The increase > in size is tiny compared to the increases brought on by ACPI and > compiler changes. I agree it is nice to have kernel patches as debian packages, but if the name of kernel source tree is kernel-source-2.4.22 it should provide 2.4.22 vanilla sources otherwise name it kernel-source-2.4.22-vendor-debian. > So either get the people who're complaining to you to unapply the > IPSEC patch, or fix your patch instead. it is faster and wiser to fix your kernel-source-2.4.22 (unpatch is useless, leave to users to patch if they want) then all other kernel-patch-<whatever> packages will be fine. -- pub 4096R/0E4BD0AB 2003-03-18 <keyserver.bu.edu> 1AE7 7C66 0A26 5BFF DF22 5D55 1C57 0C89 0E4B D0AB