[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <1633246.WIdWYpcqb3@sifl>
Date: Wed, 13 Jan 2016 11:24:29 -0500
From: Paul Moore <pmoore@...hat.com>
To: Stephen Rothwell <sfr@...b.auug.org.au>
Cc: Linus Torvalds <torvalds@...ux-foundation.org>,
linux-audit@...hat.com, linux-kernel@...r.kernel.org
Subject: Re: [GIT PULL] Audit patches for 4.5
On Thursday, January 14, 2016 02:03:25 AM Stephen Rothwell wrote:
> Hi Paul,
>
> On Wed, 13 Jan 2016 09:29:55 -0500 Paul Moore <pmoore@...hat.com> wrote:
> > The following changes since commit afd2ff9b7e...:
> > Linux 4.4 (2016-01-10 15:01:32 -0800)
> >
> > are available in the git repository at:
> > git://git.infradead.org/users/pcmoore/audit upstream
>
> This has all been rebased onto v4.4 (and all the author dates changed) :-(
>
> And your "next" branch hasn't been updated to match :-(
Hi Stephen,
In December I made some changes to how I manage the SELinux and audit trees:
* https://www.redhat.com/archives/linux-audit/2015-December/msg00019.html
... I will readily admit it isn't a perfect system, in fact it is a step back
in some areas, but the changes make it easier for me to get pre-built kernel
packages to users who are interested in testing the bleeding edge (the Fedora
COPR repository, see below) and it helps me keep up with weekly testing of
both the -rcX kernel releases and the changes in the SELinux and audit trees.
One of the things I've been trying to work on lately is better, more
automated, testing of the SELinux and audit bits in the Linux kernel;
unfortunately, some things have had to change a little to help make this
happen, but I think the more frequent testing outweighs any disadvantages.
The date change is likely a result of moving the patches from audit#next to
audit#upstream as part of the process mentioned above. I haven't updated
audit#next yet because I know you try to keep linux-next quiet until -rc1 is
released; if that has changed let me know and I'll be happy to update
audit#next. Also, if you have any suggestions on how to improve my process,
I'm always open to new ideas.
For reference, the Fedora COPR repository can be found below, it was announced
back in November, but only to the relevant lists. Anyone is welcome to give
the kernels a try (instructions are provided) and report any problems they
find. I tend to push out an update at least once a week to coincide with the
new -rcX release, although the exact day varies due to merge conflicts, build
problems, etc.
* https://copr.fedoraproject.org/coprs/pcmoore/kernel-secnext
Eventually I'd like to do something similar for Debian, Gentoo, distro du
juor, etc. (I'm hoping if I lower the barrier for testing, more people will
give it a try) but I'm starting with Fedora Rawhide to get the kinks worked
out and improve my automation.
-Paul
--
paul moore
security @ redhat
Powered by blists - more mailing lists