Hi, I'm a Fedora package maintainer with an SRE background. As an SRE, I believe that the current common practice of building kernel modules from source on the system where they will be used is inherently unreliable, and we can do better.

I've built a workflow that automatically rebuilds kernel module packages when Fedora's maintainers submit a new kernel package for testing. The build process operates in a secure AWS VPC, and uses KMS to sign modules and packages with keys that can't be exfiltrated.

There are rough spots for third party kernel module packages, but I think I'm at a point were I can start inviting users to help by testing the packages and reporting any problems. The first module I'm building is NVIDIA's open kernel module, but other modules may be offered in the future.

Documentation for the installation process is here: https://project-resistor.codeberg.page/2026/07/05/installing-nvidia-kernel-module.html <https://project-resistor.codeberg.page/2026/07/05/installing-nvidia-kernel-module.html>

And interested users can subscribe to this "issue" and provide feedback: https://codeberg.org/project-resistor-kernel/nvidia-open-kmod/issues/1 <https://codeberg.org/project-resistor-kernel/nvidia-open-kmod/issues/1>
-- 
_______________________________________________
users mailing list -- [email protected]
To unsubscribe send an email to [email protected]
Fedora Code of Conduct: 
https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: 
https://lists.fedoraproject.org/archives/list/[email protected]
Do not reply to spam, report it: 
https://forge.fedoraproject.org/infra/tickets/issues/new

Reply via email to