[Centos] Kernel packages and 3rd party kernel modules

Sun Jun 27 09:43:17 UTC 2004
Dag Wieers <dag at wieers.com>


I'd like to come back to this topic. We've discussed this before on IRC 
but there's still no acceptable solution implemented.

3rd party kernel-modules are build against the official Red Hat kernels, 
to make them work with the TaoLinux/CentOS kernels there are specific 

	+ kernel RPM package should provide the same version/release
	+ kernel version/release should be the same for
		o /lib/modules/kernel-version-release
		o /boot/vmlinuz-version-release

This means there's not much room for customization if you want 3rd party 
modules to work. You can have a different version in the RPM as long as 
the Red Hat version/release is also provided by the package and the 
kernel-files/directories have the exact version/release.

To give you a better understanding of the pitfalls:

| Installing a kernel-module, beware that I already do not require an 
| exact version for the kernel RPM package, because that has other 
| problems. Still I need to make sure I have an exact kernel and that's 
| why we use the vmlinuz file.

	[root at breeg root]# rpm -ihvU kernel-module-openswan-2.4.21-15.0.2.EL-2.1.2-1.1.el3.dag.i586.rpm 
	error: Failed dependencies:
	        /boot/vmlinuz-2.4.21-15.0.2.EL is needed by kernel-module-openswan-2.4.21-15.0.2.EL-2.1.2-1.1.el3.dag

| Loading a module (I --nodeps installed the module), gives the following 
| warning. Beware that the module is placed in 
| /lib/modules/version-release which is different currently than the one 
| from TaoLinux. So people can't just do "modprobe ipsec":

	[root at breeg modules]# insmod /lib/modules/2.4.21-15.0.2.EL/kernel/net/openswan/ipsec.o      
	Warning: kernel-module version mismatch
	        2.4.21-15.0.2.EL/kernel/net/openswan/ipsec.o was compiled for kernel version 2.4.21-15.0.2.EL
	        while this kernel is version 2.4.21-15.TL2
	Warning: loading 2.4.21-15.0.2.EL/kernel/net/openswan/ipsec.o will taint the kernel: forced load
	  See http://www.tux.org/lkml/#export-tainted for information about tainted modules
	Module ipsec loaded, with warnings

Although I can make it work like this, this is far from optimal and for 
other 3rd party kernel modules this isn't even guaranteed to work.

PS I tried with a CentOS kernel, but I can't seem to find a i586 kernel on 
the website.

--   dag wieers,  dag at wieers.com,  http://dag.wieers.com/   --
[Any errors in spelling, tact or fact are transmission errors]