1 |
On 10/20/15 4:45 AM, Rich Freeman wrote: |
2 |
> On Tue, Oct 20, 2015 at 4:23 AM, Daniel Campbell <zlg@g.o> wrote: |
3 |
>> However, does this mean the hardened kernel package must stay in ~arch |
4 |
>> since it's technically the testing version? Or would we keyword it |
5 |
>> based on our own findings of stability? |
6 |
> I'd recommend that the team does whatever adds the most value. If it |
7 |
> doesn't want to do QA on released versions then I suggest it all stay |
8 |
> as ~arch. If you're going to do your own QA I don't see why you can't |
9 |
> mark versions as stable - just make it clear to users what stable |
10 |
> means. |
11 |
> |
12 |
> BTW, while they're only tracking the most recent stable branch of the |
13 |
> kernel, they ARE tracking a stable branch, and not mainline. |
14 |
> |
15 |
I have been marking hardened-sources based on the grsecurity testing |
16 |
patches as stable since forever and will continue with the same |
17 |
practice. "Testing" means they add new features there first and those |
18 |
new features can break stuff. We identify breakage in bug reports and |
19 |
hold back to versions that are known to work until upstream fixes the |
20 |
broken features. It works pretty good in practices and most users of |
21 |
hardened-sources already know this. What they may not know is that the |
22 |
3.x is no longer public. |
23 |
|
24 |
-- |
25 |
Anthony G. Basile, Ph.D. |
26 |
Gentoo Linux Developer [Hardened] |
27 |
E-Mail : blueness@g.o |
28 |
GnuPG FP : 1FED FAD9 D82C 52A5 3BAB DC79 9384 FA6E F52D 4BBA |
29 |
GnuPG ID : F52D4BBA |