Security fixes
by
sting3r
·
· Score: 5, Informative
What they didn't mention were a few interesting security fixes from bugs in 2.4.12, probably due to the self-imposed DMCA "gag order." Since I am not in the US, I will take the liberty of posting them here:
Changing some I2O settings now requires the CAP_NET_ADMIN privilege. Previously any user could alter these settings and possible cause a DoS (lock up the box or lock up the I2O bus).
A race condition in the inode cache was repaired. This would allow stale inode data to be used (under the right circumstances), most likely only on SMP systems.
Several potential vulnerabilities involving ptrace() have been closed, preventing a few kernel-based local root exploits.
Bugs in the USB code which could have been leveraged to obtain direct hardware access have been fixed. These bugs may have resulted in local root exploits if security-critical hardware (such as hard drives) was on the USB bus.
Doesn't everyone know? Linus is recovering from alcholism. He just started the 12 step program. This week has been really hard for Linus because Alan Cox keeps talking about "putting away a few pints at the pub" (he is English) on the linux kernal mailing list. There have been a few flame wars too between the people working on the vm subsystem. Apparently one is a tea-totler and the other a hard core drinker so Linus is leaning towards using the tea-totler's code but Alan says the hard core drinkers code is better...
I think we all need to try to support Linus and Alan without choosing sides. Just grab the latest kernel of your choice and compile away... Try not to mention free beer on the linux kernel mailing list in the next couple weeks. Think free tea or something similar.
I was excited reading the kernel changelog until I got to this line:
- Trond Myklebust: make NFS use SLAB_NOFS, and not play games with PF_MEMALLOC
I'm sure NFS won't mind using SLAB_NOFS, but it's cruel to prohibit it from playing games with PF_MEMALLOC. NFS has reached the point where playing games with PF_MEMALLOC is the sole respite from the drudgery of its mundane life. None of the other protocols will play with it since the Trivial Pursuit incident of 1998, and it's banned from EQ for excessive Britishing.
Sure, we've all been inconvenienced a little now and again when NFS is playing games with PF_MEMALLOC, but it wasn't that bad, and it brought a glimmer of joy into NFS's otherwise bleak existence. Now NFS will be forced to sit alone in its room playing X Bill all alone until it goes mad and starts initializing remote filesystems at random.
Then where will we be?
Trond Myklebust, I hope you're happy with yourself. What did NFS ever do to you? It's just cruel, and we'll all have to deal with the consequences when people start running NFS on 2.4.13. You should be ashamed.
*telekon
--
To understand recursion, you must first understand recursion.
Right now ext3 is not in the official kernel but it is in Alan Cox's which is also synched to the latest version, of course you can patch the official to use ext3 with patches from here. They usually lag a couple of days behind for a patch to be available for the latest kernels , but a cvs snapshot should work fine if you can't wait that long for them to release an official patch.
--
*shrug*
Which releases are production stable?
by
S.+Invicta
·
· Score: 5, Interesting
I must say that I am getting a little bit leary about using the 2.4.x series in production. The fast releases don't inspire confidence. On one hand people (perhaps rightfully so) say don't use a kernel that is newer than 6 mo. old or you are a beta tester. But of course those older kernels were once bleeding new as well...how to know which to use and which to avoid? That 6 mo. old one might be the right age and yet perfectly horrible. Perhaps what is needed is a kernel stability/security chart that shows how well different kernel versions have "aged". Anyone know of such a beast?
Re:Which releases are production stable?
by
Builder
·
· Score: 3, Funny
FreeBSD (http://www.freebsd.org/)
Re:Which releases are production stable?
by
oconnorcjo
·
· Score: 3, Informative
I must say that I am getting a little bit leary about using the 2.4.x series in production. The fast releases don't inspire confidence. On one hand people (perhaps rightfully so) say don't use a kernel that is newer than 6 mo. old or you are a beta tester.
For a production enviroment, I would get a Red Hat or SUSE (or any other large distributor's) kernel and just use that. They are heavily tested and heavily used kernels.
I for one would not upgrade to 2.4 on a serious production server yet unless thier is something 2.2 is missing that you need.
-- I miss the Karma Whores.
Re:Which releases are production stable?
by
GigsVT
·
· Score: 3, Insightful
This is not the way it's "supposed" to be. It might be true, but don't present it that way. Even versioned kernels are SUPPOSED to be stable. All of them. Patchlevel kernel revisions on the even number trees are not supposed to be anything but bugfixes.
-- I've had enough abrasive sigs. Kittens are cute and fuzzy.
Re:Which releases are production stable?
by
ajs
·
· Score: 4, Insightful
If you're grabbing the kernel-o-the-week, I suggest you're always going to be "less than production quality". Vendors like Red Hat, SuSe, Mandrake, etc. spend a whole lot of time integrating new kernel releases with their operating systems. This can include bug-fixing, testing on a number of hardware platforms, retro-fitting patches from development versions that are required for certain business segments and even beta periods for certain cutting-edge features (e.g. Red Hat's long trails internally and externally of the ext3 filesystem).
You should probably think of the stable kernels as just that: stable. That doesn't mean they are ready for prime-time. It's more like a "stable branch". You expect this to be the branch from which the distributions will craft The Right Kernel for their platforms.
Should you use such a kernel, then? Yes, but only if a) you're in a non-mission-critical situation or b) you "must have" a certain bug-fix and are willing to put in the Q/A yourself.
Think of the linux kernel as released on kernel.org like Mozilla. This is like a milestone release. Netscape will come out with something based on it which has Java, Flash, some back-ported bug fixes from later nightlies, etc. The corporate user should probably wait and go with a Netscape release, but here I am submitting this comment from a nightly;-)
Re:Release Often?
by
Barry+Wilkes
·
· Score: 3, Funny
Alan Cox keeps talking about "putting away a few pints at the pub" (he is English) on the linux kernal mailing list.
Well, I guess that proves Alan doesn't read slashdot. He is Welsh. BIG difference. Especially when it comes to things like Rugby.
Alan's branch
by
BlowCat
·
· Score: 5, Interesting
SlashDot seems to pay more attention
to the Linus' branch, but if you really
want to be on the edge, you should
track the Alan's branch (i.e. the "ac"
series). The branches are synchronized
with each other from
time to time, but if you want to fix some
problem, check the code in the AC branch -
it may have the fix already.
That's especially true for the sound
drivers.
As for stability, the Linus' releases
don't seem to be formally tested anyway.
Maybe Linus is more conservative in
applying patches before the release,
but the recent events (2.4.11 and 2.4.12)
show that the kernel may not compile
in a common configuration and
be released notwithstanding.
Tips for Testing and Those New to Kernels
by
goingware
·
· Score: 5, Informative
If you are new to installing your own kernel, or you want to get started on kernel programming, see http://www.kernelnewbies.org/ and join them on IRC in #kernelnewbies on the Open Projects Network.
If you'd like to program or debug the kernel, I recommend a couple of books:
Kernel Projects for Linux by Gary Nutt, ISBN 0-201-61243-7 - this is a lab manual with hands-on kernel programming projects that address a variety of kernel components
Understanding the Linux Kernel by Bovet, Cassetti, and Oram, ISBN 0596000022 - I bought a number of kernel programming books, and this seemed to be the best written of the books that covered recent kernels. It's mainly 2.2, with short addenda in each chapter for the changes that were expected at the time of writing for 2.4
I just wish that some day I will see a working Linux bttv driver. For some reason, I always drop WAY too many frames with every Linux video capture program I use. (MainActor has been best so far - it only drops a few frames, almost gets perfect video quality, almost keeps A&V in sync and almost saves in format that can be read to Virtualdub in Windows, or any other Win32 editing app).
I need to use Windows programs to do video captures, which technically isn't nice either because the driver really doesn't work perfectly there either - it either works perfectly or not at all, depending on the phase of the moon.
Better multimedia support is always nice. One day, I will be able to use Linux for everything. =)
Re:Whoops. Forgot an important one.
by
gowen
·
· Score: 3, Funny
Prediction lists (and their addendums).
Don't forget
Grammar flames (and their addenda)
-- Athletic Scholarships to universities make as much sense as academic scholarships to sports teams.
Re:Predictions [OT]
by
sracer9
·
· Score: 4, Funny
Shoot - might as well go for the gusto:
chmod +x/dev/random
/dev/random
Yep. That ought to do it. Hey, why is windows booting?!?
--
No thanks. I don't smoke anymore.
kernel pre-emption patch
by
DGolden
·
· Score: 5, Informative
If you're on a desktop machine, try the kernel pre-emption patch - it's nice, and will make everything feel more responsive and smooth, since in addition to the normal user-space pre-emptive multitasking, the patch allows a lot of kernel calls to be pre-empted.
Even if you don't want to use the patch, you might want to try renicing X negatively to make it feel a bit snappier.
Slashdot Mirror
"Use the mirrors!"
"Make sure you patch, don't waste bandwith!"
"Damn, there goes my uptime"
"Heh, I'm STILL running Kernel 1.2.1!"
"Does anyone NEED to use the latest kernel? What does it add?"
"Use the latest kernel! Testing is vital!"
"2.4.13? I thought Linux was at 7.2?!"
If I've forgot any, post to this thread. Hell, if you're any of the above postings, post to this thread....
Please avoid slashdoting the main server. Here is list of direct links to mirrors. Version 2.4.13, full tarball : [al] - [dz] - [as] - [ad] - [ao] - [ai] - [aq] - [ag] - [ar] - [am] - [aw] - [ac] - [au] - [at] - [az] - [av] - [bs] - [bh] - [bd] - [bb] - [by] - [be] - [bz] - [bj] - [bm] - [bt] - [bo] - [ba] - [bw] - [bv] - [br] - [io] - [bn] - [bg] - [bf] - [bi] - [kh] - [cm] - [ca] - [ic] - [cv] - [ky] - [cf] - [ea] - [td]
{{.sig}}
-sting3r
Doesn't everyone know? Linus is recovering from alcholism. He just started the 12 step program. This week has been really hard for Linus because Alan Cox keeps talking about "putting away a few pints at the pub" (he is English) on the linux kernal mailing list. There have been a few flame wars too between the people working on the vm subsystem. Apparently one is a tea-totler and the other a hard core drinker so Linus is leaning towards using the tea-totler's code but Alan says the hard core drinkers code is better...
I think we all need to try to support Linus and Alan without choosing sides. Just grab the latest kernel of your choice and compile away... Try not to mention free beer on the linux kernel mailing list in the next couple weeks. Think free tea or something similar.
I was excited reading the kernel changelog until I got to this line:
- Trond Myklebust: make NFS use SLAB_NOFS, and not play games with PF_MEMALLOC
I'm sure NFS won't mind using SLAB_NOFS, but it's cruel to prohibit it from playing games with PF_MEMALLOC. NFS has reached the point where playing games with PF_MEMALLOC is the sole respite from the drudgery of its mundane life. None of the other protocols will play with it since the Trivial Pursuit incident of 1998, and it's banned from EQ for excessive Britishing.
Sure, we've all been inconvenienced a little now and again when NFS is playing games with PF_MEMALLOC, but it wasn't that bad, and it brought a glimmer of joy into NFS's otherwise bleak existence. Now NFS will be forced to sit alone in its room playing X Bill all alone until it goes mad and starts initializing remote filesystems at random.
Then where will we be?
Trond Myklebust, I hope you're happy with yourself. What did NFS ever do to you? It's just cruel, and we'll all have to deal with the consequences when people start running NFS on 2.4.13. You should be ashamed.
*telekon
To understand recursion, you must first understand recursion.
I want to be a slashdot editor too (looks easy):
if(new_kernel_arrived) {
version=X.Y.ZZ
if(slow_week) {
version=X.Y.ZZ-preWW
}
print "Looks like Linux X.Y.ZZ is out. You can get it at the usual place (kernel.org) and the mirrors. Check out the Changelog."
if(CmdrTaco just upgraded to ZZ-1 ||
weekday=tuesday) {
print "This is lame."
} else {
print "Grab. Test. Enjoy"
}
}
Thomas S. Iversen
Right now ext3 is not in the official kernel but it is in Alan Cox's which is also synched to the latest version, of course you can patch the official to use ext3 with patches from here. They usually lag a couple of days behind for a patch to be available for the latest kernels , but a cvs snapshot should work fine if you can't wait that long for them to release an official patch.
*shrug*
I must say that I am getting a little bit leary about using the 2.4.x series in production. The fast releases don't inspire confidence. On one hand people (perhaps rightfully so) say don't use a kernel that is newer than 6 mo. old or you are a beta tester. But of course those older kernels were once bleeding new as well...how to know which to use and which to avoid? That 6 mo. old one might be the right age and yet perfectly horrible. Perhaps what is needed is a kernel stability/security chart that shows how well different kernel versions have "aged". Anyone know of such a beast?
Alan Cox keeps talking about "putting away a few pints at the pub" (he is English) on the linux kernal mailing list.
Well, I guess that proves Alan doesn't read slashdot. He is Welsh. BIG difference. Especially when it comes to things like Rugby.
As for stability, the Linus' releases don't seem to be formally tested anyway. Maybe Linus is more conservative in applying patches before the release, but the recent events (2.4.11 and 2.4.12) show that the kernel may not compile in a common configuration and be released notwithstanding.
If you are new to installing your own kernel, or you want to get started on kernel programming, see http://www.kernelnewbies.org/ and join them on IRC in #kernelnewbies on the Open Projects Network.
Also helpful to newbies, or to convince you it's worthwhile to help with testing, is my other article Why We Should All Test the New Linux Kernel.
And finally there is the Kernel HOWTO.
If you'd like to program or debug the kernel, I recommend a couple of books:
-- Could you use my software consulting serv
Here is a hint to use patches
/usr/src/linux
/usr/src)
1) make sure your kernel source lies in a directory called 'linux'
EG.
2) Now goto the parent directory (eg
3) Now execute the following commond with the downloded patch (be sure you have write permissions in the linux subdirectory)
$ bzip2 -cd | patch -p0
(that is p zero at the end)
Remeber that patches are incremental, so you have to patch from 2.4.10 to 2.4.11, and then to 2.4.12, and not directly with a single patch to 2.4.10
I have personally patched all the kernel relases (from 2.4.1 till 2.4.12) this way, and it worked every time.
If you stil have problems, do get back to me, and I'll help you
This Post was entirely made up of recycled electrons making up recycled signals to generate recycles ASCII to generate t
- Gerd Knorr: btaudio/bttv update
@whee. Sounds good.
I just wish that some day I will see a working Linux bttv driver. For some reason, I always drop WAY too many frames with every Linux video capture program I use. (MainActor has been best so far - it only drops a few frames, almost gets perfect video quality, almost keeps A&V in sync and almost saves in format that can be read to Virtualdub in Windows, or any other Win32 editing app).
I need to use Windows programs to do video captures, which technically isn't nice either because the driver really doesn't work perfectly there either - it either works perfectly or not at all, depending on the phase of the moon.
Better multimedia support is always nice. One day, I will be able to use Linux for everything. =)
Don't forget
Athletic Scholarships to universities make as much sense as academic scholarships to sports teams.
Shoot - might as well go for the gusto:
/dev/random
chmod +x
/dev/random
Yep. That ought to do it. Hey, why is windows booting?!?
No thanks. I don't smoke anymore.
If you're on a desktop machine, try the kernel pre-emption patch - it's nice, and will make everything feel more responsive and smooth, since in addition to the normal user-space pre-emptive multitasking, the patch allows a lot of kernel calls to be pre-empted.
Even if you don't want to use the patch, you might want to try renicing X negatively to make it feel a bit snappier.
Choice of masters is not freedom.