Facilitating binary kernel upgrades
Tom Grove
freebsd at voidmain.net
Fri Nov 4 12:54:32 PST 2005
Richard Bejtlich wrote:
>Hello all,
>
>I have become a fan of Colin Percival's freebsd-update, which allows
>binary updates of the GENERIC kernel and unmodified userland.
>
>Binary kernel updates are not possible if I modify my kernel to
>include support for IPSec or NAT, e.g.
>
>device crypto
>options FAST_IPSEC
>options IPFIREWALL
>options IPDIVERT
>
>After speaking with Colin, he mentioned that IPSec, NAT, and disk
>quotas (enabled via options QUOTA) are the three most popular kernel
>changes that prevent people from running GENERIC and hence using
>freebsd-update for binary kernel updates.
>
>Can anyone shed light on why those three features are not available in GENERIC?
>
>Thank you,
>
>Richard
>http://www.taosecurity.com
>_______________________________________________
>freebsd-stable at freebsd.org mailing list
>http://lists.freebsd.org/mailman/listinfo/freebsd-stable
>To unsubscribe, send any mail to "freebsd-stable-unsubscribe at freebsd.org"
>
>
>
>
>
My guess is that just because those are the three most popular kernel
changes that prevent people from running GENERIC doesn't mean that the
majority of users implement these changes.
-Tom
More information about the freebsd-stable
mailing list