| 1 |
On 10/20/15 4:45 AM, Rich Freeman wrote: |
| 2 |
> On Tue, Oct 20, 2015 at 4:23 AM, Daniel Campbell <zlg@g.o> wrote: |
| 3 |
>> However, does this mean the hardened kernel package must stay in ~arch |
| 4 |
>> since it's technically the testing version? Or would we keyword it |
| 5 |
>> based on our own findings of stability? |
| 6 |
> I'd recommend that the team does whatever adds the most value. If it |
| 7 |
> doesn't want to do QA on released versions then I suggest it all stay |
| 8 |
> as ~arch. If you're going to do your own QA I don't see why you can't |
| 9 |
> mark versions as stable - just make it clear to users what stable |
| 10 |
> means. |
| 11 |
> |
| 12 |
> BTW, while they're only tracking the most recent stable branch of the |
| 13 |
> kernel, they ARE tracking a stable branch, and not mainline. |
| 14 |
> |
| 15 |
I have been marking hardened-sources based on the grsecurity testing |
| 16 |
patches as stable since forever and will continue with the same |
| 17 |
practice. "Testing" means they add new features there first and those |
| 18 |
new features can break stuff. We identify breakage in bug reports and |
| 19 |
hold back to versions that are known to work until upstream fixes the |
| 20 |
broken features. It works pretty good in practices and most users of |
| 21 |
hardened-sources already know this. What they may not know is that the |
| 22 |
3.x is no longer public. |
| 23 |
|
| 24 |
-- |
| 25 |
Anthony G. Basile, Ph.D. |
| 26 |
Gentoo Linux Developer [Hardened] |
| 27 |
E-Mail : blueness@g.o |
| 28 |
GnuPG FP : 1FED FAD9 D82C 52A5 3BAB DC79 9384 FA6E F52D 4BBA |
| 29 |
GnuPG ID : F52D4BBA |
Archives