[prev in list] [next in list] [prev in thread] [next in thread] 

List:       trustedbsd-discuss
Subject:    Re: Re[2]: samba acl support under 4-stable
From:       Robert Watson <rwatson () FreeBSD ! org>
Date:       2001-09-05 21:23:07
[Download RAW message or body]

On Mon, 3 Sep 2001, Gabriel Ambuehl wrote:

> Monday, September 03, 2001, 5:05:48 PM, you wrote:
> > not block any effort to backport, as long as it addressed the above
> > concerns, and would certainly want to be involved.  My
> > recommendation for anyone wanting to do a backport would be that
> > they get involved in making sure the 5.0-CURRENT implementation is
> > really solid.  In particular, this means:
> 
> I mean I'm not Kernel developper, but reading through Jordan's text
> makes me feel like the biggest obstacle for the release of 5.0 is the
> non finished SMPng stuff and some ports to other platforms (including
> one which isn't even really on the market now), now given that many
> people probably don't need anything else than simple non SMP x86 would
> like to have the ACLs, how stable is the standard x86 Kernel in CURRENT? 
> 
> The thing I've been thinking about is something like a TrustedBSD stable
> branch that does support the security features but only runs on single
> CPU x86 and might even be stable enough to run on production machines.
> That would allow for wider testing of the ACLs cause without any actual
> snapshot on current.freebsd.org people probably won't install CURRENT
> just to help testing the ACLs. So what I'm suggesting isn't a backport
> but rather a stripped down 4.9 running only on platforms it can be
> considered to be stable. 

The problem is that the SMPng work is actually a re-architecturing of the
kernel to support fine-grained threading/synchronization within the
kernel.  The result is that it can be unstable at times even for
single-CPU users.  To accomplish what you'd describe would probably
actually require a backport to RELENG_4, which is not impossible but
certainly more costly.  However, it looks like (in part at my suggestion?) 
we will be moving back to a model where snapshots are issued on ISO/CDROM
once in a while for -CURRENT, and those will be "stable" spots in
development.  The result would be moments in -CURRENT development that
might be reasonable for testing of the sort you describe.

Right now, I'm looking at increased interest in ports to OpenBSD and
NetBSD -- the work required to do those ports is very similar to the
backport from -CURRENT to -STABLE, so maybe it's more feasible than I've
been presenting it as: the only problem is that such work would really
require an "owner" to make things go, and my time is currently consumed
with development of the other -CURRENT TrustedBSD features.

Robert N M Watson             FreeBSD Core Team, TrustedBSD Project
robert@fledge.watson.org      NAI Labs, Safeport Network Services




To Unsubscribe: send mail to majordomo@trustedbsd.org
with "unsubscribe trustedbsd-discuss" in the body of the message

[prev in list] [next in list] [prev in thread] [next in thread]