[lug] Redhat doesn't support users that compile their own kernels.

Ed Hill ed at eh3.com
Fri Nov 2 09:15:11 MST 2001 

Hi D. Smits,

First, a big congrats to you for actually submitting a bug report
rather than whinge-ing!!!  You rock!  ;-)

Have you tried sending this response to "mharris" or opening a
second bugzilla report that includes your comments below?  In my
experience, the RH guys *will* listen to reason--even if they
don't "get it" the first time.

Ed


D. Stimits wrote:

> A while back I discovered that the init script for ipchains does not
> work correctly if the kernel itself does not support ipchains. This can
> be due to the iptables module being loaded, which forces ipchains to
> fail load. Or the module could simply not exist. Someone here confirmed
> that the problem was that at one point the script does not check for
> return values and runs blindly. I entered a bug report at RH bugzilla,
> but id 43708. Finally, this is the reply I got, it sounds a lot like
> Microsoft:
> 
> https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=43708
> 
> --- shadow/43708        Sun Oct  7 08:22:37 2001
> +++ shadow/43708.tmp.19063      Tue Oct 30 02:01:53 2001
> @@ -3,8 +3,8 @@
>  Version: 7.1
>  Platform: i386
>  OS/Version: Linux
> -Status: ASSIGNED   
> -Resolution: 
> +Status: CLOSED   
> +Resolution: NOTABUG
>  Severity: security
>  Priority: high
>  Component: ipchains
> @@ -52,3 +52,14 @@
>  deactivated is "not good". There is an extreme need to test
>  for ipchains failure to activate, whether it is by direct failure,
>  or by kernel support failure.
> +
> +------- Additional comments from mharris at redhat.com 2001-10-30 02:16:34
> -------
> +This is not really a bug, because Red Hat Linux does not support
> +user compiled kernels.  You're free to compile and use your own
> +kernel of course, but problems introduced by doing so, that are
> +not reproduceable with the supplied kernels, are not generally
> +considered bugs.
> +
> +If you can cause a reproduceable problem by using the Red Hat
> +supplied kernel, then it is something worthy of investigating
> +further.
> 
> 
> I'm guessing that the person involved, mharris, does not realize this
> bug exists even with redhat kernels if iptables module is loaded and
> ipchains is attempted (since loading iptables module blocks ipchains
> module). Sounds like a cop-out to me, I can't believe Redhat has
> officially taken this attitude.
> 
> So I guess be forewarned, Redhat is not interested in all bug reports
> against security.
> 
> D. Stimits, stimits at idcomm.com
> 
> 
> ------------------------------------------------------------------------
> 
> Subject:
> 
> [Bug 43708] Changed - /etc/rc.d/init.d/ipchains does not correctly 
> identify failure.
> From:
> 
> bugzilla at redhat.com
> Date:
> 
> Tue, 30 Oct 2001 02:01:53 -0500
> To:
> 
> mharris at redhat.com, stimits at idcomm.com, dlt at redhat.com
> 
> 
> Please do not reply directly to this email. All additional
> comments should be made in the comments box of this bug
> report.
> 
> https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=43708
> 
> --- shadow/43708	Sun Oct  7 08:22:37 2001
> +++ shadow/43708.tmp.19063	Tue Oct 30 02:01:53 2001
> @@ -3,8 +3,8 @@
>  Version: 7.1
>  Platform: i386
>  OS/Version: Linux
> -Status: ASSIGNED   
> -Resolution: 
> +Status: CLOSED   
> +Resolution: NOTABUG
>  Severity: security
>  Priority: high
>  Component: ipchains
> @@ -52,3 +52,14 @@
>  deactivated is "not good". There is an extreme need to test
>  for ipchains failure to activate, whether it is by direct failure,
>  or by kernel support failure.
> +
> +------- Additional comments from mharris at redhat.com 2001-10-30 02:16:34 -------
> +This is not really a bug, because Red Hat Linux does not support
> +user compiled kernels.  You're free to compile and use your own
> +kernel of course, but problems introduced by doing so, that are
> +not reproduceable with the supplied kernels, are not generally
> +considered bugs.
> +
> +If you can cause a reproduceable problem by using the Red Hat
> +supplied kernel, then it is something worthy of investigating
> +further.
> 
> 
> 
> 



-- 
Edward H. Hill III, PhD
Post-Doctoral Researcher    |  Emails:   <ed at eh3.com>, <ehill at mines.edu>
Division of ESE             |  URL:      http://www.eh3.com
Colorado School of Mines    |  Phone:    303-273-3483
Golden, CO  80401           |  Fax:      303-273-3311

More information about the LUG mailing list