Linux 2.4.28 Kernel Released

An anonymous reader submits "After numerous exploits were released, the Linux kernel team has released 2.4.28. (ChangeLog). Stefan Esser detailed numerous exploits in the 2.x smbfs; other exploits were reported earlier in the week."

2.4?

[RangerRick98]

Just out of curiosity, anyone here still running 2.4? All the Linux users I know are on 2.6 for their machines. My Linux server is still 2.4, though.

And since I brought it up, anyone here still got a Linux box running 2.2?

Re:2.4?

[Webmoth]

Maybe desktop users are running 2.6, but there's a heck of a lot of production servers out there running 2.4 or even 2.2.

As many corporations have policies limiting upgrades to extensively tested packages, upgrading to 2.6 right away isn't necessarily an option -- but a bugfix to a minor revision is acceptable.

Re:2.4?

[lcde]

I still run 2.4. I feel more comfortable there. If there is something I want from 2.6 i just patch up. normally there isn't.

Re:2.4?

[IBeatUpNerds]

Personally, I don't really want to upgrade to 2.6 on any machine I have. At work, my desktop is 2.4.20. We use an embedded linux distribution based on 2.4. My laptop is still 2.4. I've tried 2.6 on my laptop, but 1/2 the time I can't resume from APM suspend and ACPI is just a big problem. With 2.4 APM suspend/resume works 95% of the time. I just really don't see a reason to upgrade at this time. Perhaps if I purchase some device that will not work with 2.4 and will only work with 2.6, then I might consider it. Anyone else out there who just likes sticking with what works?

Re:2.4?

[Nimey]

FFS. This question gets asked /every time/ an old-stable version of the kernel is released.

Re:2.4?

[the_maddman]

*cough* lemme ssh into my DNS server....

[user@host ~]$ uname -r
2.0.36
[user@host ~]$ uptime
1:32pm up 316 days, 5:20, 1 user, load average: 0.00, 0.00, 0.00
[user@host ~]$

Good Ol' RedHat 5.2, been caching host name lookups for a good long time.
Of course, it's not out on the internet either.
Poor guy, I just got an Opteron 248 to replace it, I'll have to let the uptime go.

Re:2.4?

[amling]

And since I brought it up, anyone here still got a Linux box running 2.2?

That they'll post the IP for?

Re:2.4?

[m50d]

I am still running 2.4, partly because I need the connexant modem drivers and want the free, full speed version, but mostly for one simple reason: 2.6 is not stable.

2.6 changes far too much for a stable kernel. Every version I've tried crashes when switching out of X and then back on my cheap-as-hell TNT2. That I could accept - it's new, after all. What I can't accept is the attitude of the kernel maintainers. They inserted cryptoloop and then took it out in the space of about 5 minor versions. They ripped out the perfectly good cd writing code and replaced it with a buggy, undertested interface, for no other reason as far as I can tell than that Linus doesn't like it. But the last straw for me was Andrew saying that it's up to the distributions to make sure their kernels are stable. Is Pat Volkerding expected to stabilise the zillions of lines of code in the kernel all by himself? Because that's what it seems to be implying. But, more importantly, the linux people are distributing as a stable piece of software, something which they admit is not suitable for end users.

If this goes on, we need a fork. I don't say this lightly, but the maintainers of linux seem to have abandoned the hobbyists it was started for for the sake of the big business redhat/novell distros. And that's not a kernel I want to be relying on. Anyone with me? Or should I just go over to one of the BSDs?

Re:2.4?

[Geoffreyerffoeg]

That they'll post the IP for?

Sorry, SCO doesn't like you publicizing any IP for Linux 2.2.

Re:2.4?

[ThinkingGuy]

2.0.36 ? But 2.0.40 has been out for months now! :)

Re:2.4?

[ksuMacGyver]

Alan Cox seems to be trying to stablize 2.6 with his -ac patchset.
I think I may be moving over to that from the vanilla releases of 2.6.

Re:2.4?

[amling]

-1 Troll, but just in case, think IP as in "Internet Protocol" not "Intellectual Property".

Re:2.4?

[mikefe]

Ahh yes, 2.0.36. It came out a few weeks after my first Linux install (on Debian "hamm" 2.0). It was also the first kernel I compiled. :)

Re:2.4?

[Geoffreyerffoeg]

I'm not sure what that sentence meant...but I'll clarify anyway, and say that yes, I was making a pun on "the IP [address]" as used by hacker-attackers and "the IP [property]" as used by lawyer-attackers.

Re:2.4?

[MichaelSmith]

f this goes on, we need a fork. I don't say this lightly, but the maintainers of linux seem to have abandoned the hobbyists it was started for for the sake of the big business redhat/novell distros. And that's not a kernel I want to be relying on. Anyone with me? Or should I just go over to one of the BSDs?

I am moving to NetBSD on my servers. I still have linux on most of my workstations, with one laptop running Mandrake 10.0, which has a 2.6 kernel. It hasn't given me any problems.

For my servers I was attracted by the lightness of the base NetBSD install, and the general simplicity of things like tcp/ip configuration

Re:2.4?

[Viol8]

Linus does seem to be losing focus somewhat. Linux used to be a tight, stable kernel. These days its sometimes worse than Windows NT. Seems to be the kernel team have been sitting on their laurals and have forgotten that just because code is relased under the linux name doesn't magically make it bug free and stable. For the stuff I do I'm seriously thinking of ditching open source unixes altogether (as I've had less than happy experiences with FreeBSD too) and moving over to Solaris. It might have bugs too but I least I'll have someone to shout down the phone at when it breaks.

Re:2.4?

[isorox]

That at home? There are many people arround with hundereds of machines at home, one doing DNS, one doing mail, one serving website etc.

Why, aside from costing a bomb in elastic-trickery is there really a need? Whats wrong with one old laptop in a cupboard somwhere running every server you need, a dedicated firewall box (or just a little $80 one from bestbuy), and your main desktop and laptop?

Re:2.4?

[setagllib]

Absolutely. That's why I don't run Linux on production machines to begin with :)

2.4 is more reliable than 2.6, but that's not saying much. It's like WinXP is more reliable than WinME. You still wouldn't stake your life on it.

Re:2.4?

[setagllib]

For my servers I was attracted by the lightness of the base NetBSD install, and the general simplicity of things like tcp/ip configuration

What about the cleanliness, second-to-OpenBSD security, performance, and most of all stability? Linux hasn't ever been secure without third-party patch sets which rarely get merged back, and even they themselves aren't anywhere near any of the free (OSX not counted) BSDs which actually care about security. NetBSD has had 9 security advisories in this entire year, and (I think, check) 7 of these were in userland components imported from other projects. Linux has had a few brown-paper-bag-worthy security holes and lots of other little exploits like the ones this release fixes. This from the media-hyped "free secure operating system"? Almost as bad as Windows XP being called "secure".

To grandparent: Yes, run a BSD. Forking Linux won't help, it's a hack job from the ground up, and anything Linux does can be ported to a BSD cleanly, and it will be done securely and most of all reliably. If corporations that write Linux drivers and so on were made aware of other operating systems and the potential profits from supporting them, the BSDs would have a much better standing.

Actually, most 'projects' that people run Linux for (let's say ReiserFS) are actually only there to make up for Linux deficiencies in the first place. Our friend ReiserFS exists to plug the 'reliable file system' hole in Linux. Even it makes a huge mistake, which is forgetting that data actually gets written to hard disk. If you'll look closely at how it's laid out, there is NO superblock backup. One byte wrong in the superblock can mangle a whole partition in ways no fsck tool can easily fix, and there's your "reliable file system" gone. It hides behind journalling, and to this end it also devotes a very big chunk of your system resources. The BSDs all have the solid FFS/UFS which has been reliable for decades without journalling, with superblock backups, and with very good real-world performance. Tack SoftUpdates on if you want journalling-like reliability and performance enhancements. Not good enough? Run LFS, a (let's call it) half-way between UFS and ReiserFS that is now stable (in NetBSD 2).

-Huge funding and sponsorship doesn't make something good
-Media hype doesn't make something good
-More developers is often worse, not better. Linux has countless developers with highly different and unstandardized ideas of how to code, how to test, how to format error/boot messages, and so on. If you look at the code, you start to wonder how gcc doesn't just reject it as a crime against development. We should talk to the GNU GCC team on adding such a feature.
-Security damn well matters. How Linux developers manage to completely overlook this is just amazing.
-A solution in a week is better than a hack in one day. Linux has had lots of "it'll be good enough for now" hacks that have stayed as core features for years, and may have been replaced by something closer resembling a solution by some clever coder a few years later. Or not.
-If you're going to change something big (SCSI interface, anyone?), wait for a new major version to do it, especially if the old system works fine. The very least you can do is release the new system as an alternate patch/branch and see if people accept it. Never should a big change be 'slipped in' to a mainline branch with no real warning or option to use the old system. Basing this on "I don't like it" is even worse.
-If you're going to port or add significant features, make them fit in the mainline kernel all at once. People say "Linux is portable". This is not true. People have just managed to make patches that replace functionality and make a certain Linux version - with the patches - boot on some architecture. Big deal. Real portability fits in the system with mutual inclusion, and it's in the mainline, gaining the benefits of the main project as well as any contributions. This is why NetBSD, though historically run on less archs/machines overall, is truly Portable. You see this when you use it too - it actually fits on every system like the system was built for it, not like some parents'-basement hacker made a kernel boot.

Re:2.4?

[IBeatUpNerds]

Eh, Linux isn't that bad. I prefer Net or OpenBSD, but in terms of general use, Linux is fair game. Besides, I wouldn't stake my life on any OS.

Re:2.4?

That sentence meant that the poster is stupid.

Please don't coddle the stupid people, it will just encourage them to come back.

Re:2.4?

[stevo3232]

My desktop is still 2.4 and my server is still 2.2. I'm changing to 2.6 in the coming months for my desktop, although my server will be staying at 2.2 for a while still.

Re:2.4?

[TiggsPanther]

Just out of curiosity, anyone here still running 2.4? All the Linux users I know are on 2.6 for their machines. My Linux server is still 2.4, though.

I do. I'm running Fedora Core 1 (FC1 had issues with my hardware, and I'm giving FC3 a month or so before installing) and don't yet feel confident enough to risk using a non-stock kernel.

And since I brought it up, anyone here still got a Linux box running 2.2?

The only reason I'm not is because the old box I used as a fiileserver, gateway/firewall and testing webserver suffered terminal hard-drive failure a few months ago. Had that not happened it'd still be running, as even on 2.2.x it did what it needed to do.

Re:2.4?

[lachlan76]

Do you have 4k stacks turned on? They have to be turned off, otherwise the system goes down when you try to go from X to console.

It's in kernel hacking, IIRC.

Re:2.4?

[UnixSphere]

Yes, Slackware 10.0 uses 2.4.26 as the default, so alot of us Slackware users are still on it. Maybe now Patrick will roll out some new kernel packages. After he gets his health problems sorted out of course.

Re:2.4?

[real+gumby]

I am still running 2.4, ...mostly for one simple reason: 2.6 is not stable...If this goes on, we need a fork.

Err, what you need is a distro. Essentially every distro is a little fork. And the emphasize different things.

Re:2.4?

[l3v1]

I never stop getting surprised how totally narrow people think they have the broaest understanding. Troll me if you wish, but chanting about things like reiser (never mentioning others like xfs, a.s.o.), not merged security features, but never mentioning the easily usable ones (pam.d, xinetd, iptables, grsecurty, selinux, efs, (t)cfs, won't even go on), then simply stating the kernel being bad and wrong because being hacked by a basement hacker, which is nothing but ridiculous.

I very much like *BSDs, FBSD being the one I actually also used. I am aware of many things which can make a *BSD distro favorable, but what you do up there, just makes me remember our early-days fights about the best distro :) and I just have to smile :)

So thanks for having brought up some of me nice memories, but other than that... well, not much else.

Re:2.4?

[l3v1]

From the feature list of Slack10: [...]the Linux 2.4.26 kernel (with Linux 2.6.7 as an alternate choice in /testing)[...]

Re:2.4?

[m50d]

Err, what you need is a distro. Essentially every distro is a little fork. And the emphasize different things.

Why should I need a distro? I remember when Linux was used mostly by hobbyists, and you downloaded the sources for the programs you wanted and compiled them yourself. Heck, there weren't even distros around until about '93. And you expected that to work as well or better than getting a prepackaged version, because that was probably what the person developing the program had done.

I have nothing against distros, but it's sad if doing things your own way is no longer possible.

Re:2.4?

[m50d]

If it's the default, then possibly, although I tried repeatedly with different configurations. I definitely used the version of the nvidia drivers which supposedly had a fix for that, though, so I don't think that's the problem.

Re:2.4?

[real+gumby]

Why should I need a distro? I remember when Linux was used mostly by hobbyists, and you downloaded the sources for the programs you wanted and compiled them yourself. Heck, there weren't even distros around until about '93. And you expected that to work as well or better than getting a prepackaged version, because that was probably what the person developing the program had done.

I have nothing against distros, but it's sad if doing things your own way is no longer possible.

It's still quite possible. Nothing is stopping you from doing that. In fact all a distro is is someone doing all that for you, and making their own choices of kernel, apps, etc. But you are still welcome to build everything yourself, just the way you want, if that's your thing.

Personally I make slightly different choices. I run a distro, but don't install certain stuff I care about in particular, and modify the sources for those packages.

Decades ago I used to build my own memory cards, but the RAM chips (2102s) were made by someone else. I have older friends who used to have to build their own core memory. I don't think any of them would think that worth doing today.

It's all a matter of where you chose to slice your level of abstraction. What's important about Free Software is that you have more choice.

Re:2.4?

[m50d]

My point is that if the linux kernel maintainers aren't going to release a stable kernel, and alan or andrew said they wouldn't, it was down to distro makers to make sure their kernels are stable, then I don't have that choice any more, at least if I want a stable system. I can program reasonably well, but not well enough to maintain a kernel, and my system *must* be stable. So now I'm forced to rely on distros for my kernels, not ones that I've compiled with the source from kernel.org, which is a shame. It's no longer possible to build everything yourself unless you can maintain your own kernel.

Re:2.4?

[Webmoth]

It's like WinXP is more reliable than WinME. You still wouldn't stake your life on it.

Sadly, a lot of life-support equipment runs some embedded version of a Microsoft operating system. Or so I've heard.

Re:2.4?

[setagllib]

Well that's just depressing. Okay, on the other hand, if you strip away all the unstable functionality, any software can be at least practically 'stable'... but I wouldn't be surprised if they left in something terrible.

I still say, firmware or at most simple microkernels for embedded devices. Complexity leads to mistakes, and in embedded devices this is much more annoying and harder to fix. Even my Ti83+ is a buggy PoS (~40% of the ones I have ever seen in my life are, in fact, and in random ways) and that has its own dedicated 'operating system', but Ti somehow managed to get it wrong even after dozens of revisions.

Re:f ninnle p!

Not only did you fail it, but you failed it by 7 minutes.

fp! (Score:-1, Offtopic)
by Anonymous Coward on Wed 17 Nov 08:10PM
fp!


f ninnle p! (Score:0)
by Anonymous Coward on Wed 17 Nov 08:17PM
Implemented first on Ninnle Linux, of course!


Have you ever considered spamming, you have just the intelligence for it.

Re:No news

[m50d]

As I posted above, those of us who like stability are not yet on 2.6. 2.6 is still a development kernel, at least as much as 2.5 was, and if you weren't willing to run 2.5 you shouldn't run 2.6.

2.0.36

[pne]

2.0.36 was also one of the first kernels I installed... since it was the first one (IIRC) to support VFAT.

Re:2.0.36

[mikefe]

Does anyone know what the story was about 2.0.23 or therabouts? It was supposed to be a release blunder on the level of any 2.4 earlier than 2.4.14, but I never cought the details.

Anyone?

Yes

[Viol8]

It does everything I need as a home box. What will upgrading to 2.6 get me (other than a load of pain with incompatable bits and bobs)?

Yes I am

[n0tt00elite]

Because when I tried to upgrade to the 2.6.9 kernel, it screwed everything on my system up. So, why spend the time trying to fix all the weird problems when I can merely stick with what works.

Re:Yes I am

[corrosive_nf]

you should have know that 2.6.9 was a testing kernel.

Re:Yes I am

[n0tt00elite]

Yeah, I prolly should have, but I didn't. Oh well...

Re:f ninnle p!

Nope. I went back and checked.

Definitely the first Ninnle post!

I failed nothing, and I prefer pork rinds to spam.