Bug 194327

Comment 1 Harlan Lieberman-Berg (RETIRED) 2007-09-30 23:33:35 UTC

Created attachment 132277 [details]
Kernel Sources List

Comment 2 solar (RETIRED) 2007-09-30 23:40:05 UTC

The hardened kernel has maintainers as do some of the other kernels in 
the needs-maintainer list of yours.

sys-freebsd/freebsd-sources
sys-kernel/cell-sources lu_zero@gentoo.org
sys-kernel/hardened-sources solar@gentoo.org phreak@gentoo.org pappy@gentoo.org
sys-kernel/hppa-sources
sys-kernel/mips-sources mips@gentoo.org
sys-kernel/openvz-sources vserver-devs@gentoo.org
sys-kernel/rsbac-sources kang@gentoo.org
sys-kernel/sh-sources sh@gentoo.org
sys-kernel/sparc-sources sparc@gentoo.org
sys-kernel/suspend2-sources alonbl@gentoo.org
sys-kernel/usermode-sources dang@gentoo.org
sys-kernel/vserver-sources vserver-devs@gentoo.org
sys-kernel/xbox-sources
sys-kernel/xen-sources

Comment 3 solar (RETIRED) 2007-09-30 23:47:07 UTC

And all the other kernels have the atleast a herd listed. Whats the problem?

Comment 4 Ferris McCormick (RETIRED) 2007-10-01 00:02:32 UTC

sys-kernel/sparc-sources contains exactly one package:  sparc-sources-2.4.34.ebuild
This is the last and only 2.4.xx kernel for sparc, and some older sparc systems use it (e.g., SS20).  We do not officially support these systems any more, but gentoo does run on them (I have one running Gentoo, in fact), and some number of our users use them.  (The user base does gain new members now and then; these systems are pretty much free nowadays, but the seem to last forever.)

Since this kernel has one specific use and is useful only on sparc, please keep it around (as solar already suggested).

Thanks.

Comment 5 Harlan Lieberman-Berg (RETIRED) 2007-10-01 00:26:42 UTC

We are starting over in terms of maintainers, as I said in the email to -core.

Those maintainers must contact me again to keep their kernel source from falling into hardmask and removal.

My email to -core has reasons.

Comment 6 solar (RETIRED) 2007-10-01 00:33:22 UTC

(In reply to comment #5)
> We are starting over in terms of maintainers, as I said in the email to -core.
> 

> Those maintainers must contact me again to keep their kernel source from
> falling into hardmask and removal.


You should CC: those teams here and see who does not respond.
phreak is the primary contact for hardened-sources and is on the kern-sec alias. 
The kern-sec alias exists so bugs don't have to be submitted for every single 
linux-2.6.x problem.

> My email to -core has reasons.

Please include the information in the bug next time.

Comment 7 Tobias Scherbaum (RETIRED) 2007-10-01 05:30:21 UTC

Any reason why this bug is restricted?

Comment 8 Jakub Moc (RETIRED) 2007-10-01 07:50:05 UTC

(In reply to comment #7)
> Any reason why this bug is restricted?

Well, not if you want users jump on the bug and start moaning about their kernel getting masked. :D

CCing the affected maintainers here.

Comment 9 SpanKY 2007-10-01 07:59:16 UTC

sh-sources and xbox-sources were already stated in the past to be in the "dont track for security"

Comment 10 Alon Bar-Lev (RETIRED) 2007-10-01 08:16:55 UTC

I don't understand, if you see it is maintained and ChangeLog is active why you wish to remove them?
Please keep suspend2-sources around.

Comment 11 Jakub Moc (RETIRED) 2007-10-01 09:43:06 UTC

(In reply to comment #9)
> sh-sources and xbox-sources were already stated in the past to be in the "dont
> track for security"

We should get this listing [1] in line with what you've said and what's already stated at [2] anyway - I can imagine people assume a supported kernel implies it's supported security-wise as well.

On that note, any list of security-supported kernels available anywhere? :)

[1] http://www.gentoo.org/doc/en/gentoo-kernel.xml#doc_chap2
[2] http://www.gentoo.org/proj/en/security/kernel.xml#doc_chap3

@hlieberman - you've stated that vanilla is supported security-wise but [2] plain disagrees. Considering that we don't and shouldn't patch this at all, the current doc sounds reasonable. :)

Comment 12 Ferris McCormick (RETIRED) 2007-10-01 11:37:31 UTC

(In reply to comment #5)
> We are starting over in terms of maintainers, as I said in the email to -core.
> 
> Those maintainers must contact me again to keep their kernel source from
> falling into hardmask and removal.
> 
> My email to -core has reasons.
> 
Please consider Comment #4 your contact from the Sparc team for sparc-sources.  Thanks.

Comment 13 Jeroen Roovers (RETIRED) 2007-10-01 13:20:00 UTC

hppa-sources has a maintainer!? Can I mark this bug as SILLY?

Comment 14 Wulf Krueger (RETIRED) 2007-10-01 15:50:28 UTC

cc'ing xen@g.o because I don't think marineam and rbu (nor myself) would be happy to see xen-sources go. 

I think it would have been nice to have CC'ed them from the start...

Comment 15 Benedikt Böhm (RETIRED) 2007-10-02 10:50:14 UTC

vserver-sources and openvz-sources are maintained by phreak and me, please do not remove them

Comment 16 Micheal Marineau (RETIRED) 2007-10-02 17:05:12 UTC

xen-sources is actively maintained now, rbu has been tracking issues in our 2.6.18 kernel and I'm keeping the 2.6.20 kernel up to date with the 2.6.20 genpatches which phreak is maintaining. 2.6.16 is already hard masked and will be removed once a stability bug is resolved in 2.6.18/20. I'll get some real names into the metadata.xml soon if that helps.

Comment 17 Harlan Lieberman-Berg (RETIRED) 2007-10-03 21:59:14 UTC

So far so good!

I do need an email of a developer willing to handle restricted bugs, where I can't CC an entire herd.  I can set it up so I only CC them on bugs that are restricted, and they catch the bugs through herd@ the rest of the time.

Comment 18 Harlan Lieberman-Berg (RETIRED) 2007-10-14 18:06:24 UTC

Continued flak and resistance. Abandoning idea.