[lug] Redhat doesn't support users that compile their own kernels.

D. Stimits stimits at idcomm.com
Fri Nov 2 08:48:41 MST 2001 

A while back I discovered that the init script for ipchains does not
work correctly if the kernel itself does not support ipchains. This can
be due to the iptables module being loaded, which forces ipchains to
fail load. Or the module could simply not exist. Someone here confirmed
that the problem was that at one point the script does not check for
return values and runs blindly. I entered a bug report at RH bugzilla,
but id 43708. Finally, this is the reply I got, it sounds a lot like
Microsoft:

https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=43708

--- shadow/43708        Sun Oct  7 08:22:37 2001
+++ shadow/43708.tmp.19063      Tue Oct 30 02:01:53 2001
@@ -3,8 +3,8 @@
 Version: 7.1
 Platform: i386
 OS/Version: Linux
-Status: ASSIGNED   
-Resolution: 
+Status: CLOSED   
+Resolution: NOTABUG
 Severity: security
 Priority: high
 Component: ipchains
@@ -52,3 +52,14 @@
 deactivated is "not good". There is an extreme need to test
 for ipchains failure to activate, whether it is by direct failure,
 or by kernel support failure.
+
+------- Additional comments from mharris at redhat.com 2001-10-30 02:16:34
-------
+This is not really a bug, because Red Hat Linux does not support
+user compiled kernels.  You're free to compile and use your own
+kernel of course, but problems introduced by doing so, that are
+not reproduceable with the supplied kernels, are not generally
+considered bugs.
+
+If you can cause a reproduceable problem by using the Red Hat
+supplied kernel, then it is something worthy of investigating
+further.


I'm guessing that the person involved, mharris, does not realize this
bug exists even with redhat kernels if iptables module is loaded and
ipchains is attempted (since loading iptables module blocks ipchains
module). Sounds like a cop-out to me, I can't believe Redhat has
officially taken this attitude.

So I guess be forewarned, Redhat is not interested in all bug reports
against security.

D. Stimits, stimits at idcomm.com
-------------- next part --------------
An embedded message was scrubbed...
From: bugzilla at redhat.com
Subject: [Bug 43708] Changed - /etc/rc.d/init.d/ipchains does not correctly identify failure.
Date: Tue, 30 Oct 2001 02:01:53 -0500
Size: 2067
URL: <http://lists.lug.boulder.co.us/pipermail/lug/attachments/20011102/c87192cf/attachment.mht>

More information about the LUG mailing list