Hello, list. I just took maintenance of some ebuilds which require user to patch kernel, e.g. l7-filter. Actually l7-filter is the ebuild which only task is to patch kernel and I really hate the way it works: * it requires FEATURES="-sandbox" * you have to reemerge l7-filter after each kernel update * and other similar problems the root of which is that portage never knows a kernel version the patch was already applied to. So I'm thinking on solution to fix this problem. First I've tried to rewrite ebuild to avoid FEATURES="-sandbox" and this is possible, but does not fix other problems. The best idea I could think of to the moment is similar to webapps. emerge just installs patches to some known location while actual patching will be done with some external utility - kernel-patcher. Together with patching it will populate database with information about patches to which kernels were installed. So if user decides to find out what patches were installed to the kernel kernel-patcher will list that. Also if user decides to upgrade kernel it'll be possible to call kernel-patcher and suggest user to install patches, applied to currently symlinked (/usr/src/linux) kernel too, thus simplifying kernel upgrade. Well, I did not wrote all details I have in my head now, but before I've started to work on/draft this this I wanted to hear some opinions as I'm sure some of you already have thoughts about this. Is this feasible solution? Are there better? -- Peter.