[lug] Redhat doesn't support users that compile their own ker nels.

Riggs, Rob RRiggs at doubleclick.net
Fri Nov 2 09:12:00 MST 2001 

I'll have to side with Red Hat on this one. They really can't support all
possible combinations of custom kernels out there. They would go broke
trying. It's a problem with your kernel, not the init script. However, if
you were to send Red Hat a patch for the init script so that it behaves the
way you desire, there is a good chance that they would incorporate it.

On the other hand, if you report it as a bug with *their* kernel ("ipchains
init script does not report failure when iptables module is loaded"), there
is a good chance that they'd fix it themselves.

The key is convincing them that it is a problem on their end, and not with
something you've done.

-Rob


-----Original Message-----
From: D. Stimits [mailto:stimits at idcomm.com]
Sent: Friday, November 02, 2001 8:49 AM
To: BLUG
Subject: [lug] Redhat doesn't support users that compile their own
kernels.


A while back I discovered that the init script for ipchains does not
work correctly if the kernel itself does not support ipchains. This can
be due to the iptables module being loaded, which forces ipchains to
fail load. Or the module could simply not exist. Someone here confirmed
that the problem was that at one point the script does not check for
return values and runs blindly. I entered a bug report at RH bugzilla,
but id 43708. Finally, this is the reply I got, it sounds a lot like
Microsoft:

https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=43708

--- shadow/43708        Sun Oct  7 08:22:37 2001
+++ shadow/43708.tmp.19063      Tue Oct 30 02:01:53 2001
@@ -3,8 +3,8 @@
 Version: 7.1
 Platform: i386
 OS/Version: Linux
-Status: ASSIGNED   
-Resolution: 
+Status: CLOSED   
+Resolution: NOTABUG
 Severity: security
 Priority: high
 Component: ipchains
@@ -52,3 +52,14 @@
 deactivated is "not good". There is an extreme need to test
 for ipchains failure to activate, whether it is by direct failure,
 or by kernel support failure.
+
+------- Additional comments from mharris at redhat.com 2001-10-30 02:16:34
-------
+This is not really a bug, because Red Hat Linux does not support
+user compiled kernels.  You're free to compile and use your own
+kernel of course, but problems introduced by doing so, that are
+not reproduceable with the supplied kernels, are not generally
+considered bugs.
+
+If you can cause a reproduceable problem by using the Red Hat
+supplied kernel, then it is something worthy of investigating
+further.


I'm guessing that the person involved, mharris, does not realize this
bug exists even with redhat kernels if iptables module is loaded and
ipchains is attempted (since loading iptables module blocks ipchains
module). Sounds like a cop-out to me, I can't believe Redhat has
officially taken this attitude.

So I guess be forewarned, Redhat is not interested in all bug reports
against security.

D. Stimits, stimits at idcomm.com

More information about the LUG mailing list