Slashdot Mirror

← Back to Stories (view on slashdot.org)

A "Never Reboot" Service For Linux

Posted by kdawson on from the bits-don't-rot dept.

An anonymous reader writes "Ksplice, the company based on the MIT Ksplice project, is now offering its 'never reboot' service for Red Hat, Debian, and other Linux distros. You subscribe and get real-time kernel security updates that apply in-memory instead of rebooting. Last summer we discussed the free service for Ubuntu. Cool tech, but will people really pay $4 a month for this?"

15 of 321 comments (clear)

  1. How long till they.. by mystikkman · · Score: 5, Interesting

    How long till they get sued by Microsoft?

    http://www.google.com/patents?id=cVyWAAAAEBAJ&dq=hotpatching

    1. Re:How long till they.. by wcb4 · · Score: 5, Insightful

      Its a shame that MS never figured out how to actually implement this. How many times do I have to restart my computer to finish applying update?

      --
      I reject your reality ... and substitute my own.
    2. Re:How long till they.. by JSG · · Score: 5, Insightful

      The patent on this was filed in 2002. Yet in 2010 I am still making a handsome profit in overtime rebooting customer systems on a "patch Tuesday" monthly frenzy.

      Please MS, don't implement this one.

    3. Re:How long till they.. by __aasqbs9791 · · Score: 5, Insightful

      Yeah, I love the updates that require a reboot so they can install another update that then requires another reboot.

  2. Re:So instead of doing it right... by oldhack · · Score: 4, Interesting

    An interesting illustration of theory (how it should be) vs. practice (how it pans out).

    --
    Fuck systemd. Fuck Redhat. Fuck Soylent, too. Wait, scratch the last one.
  3. Yes, they are. by KingSkippus · · Score: 5, Informative

    Stating the obvious, yes, they are.

    But third-party companies are under no obligation to offer their products and/or services for free, and this is a service of a third-party company (Ksplice).

    If there is a demand for this service, plus an unwillingness to pay Ksplice for it, it's entirely possible (and likely) that someone will come along and offer an open source equivalent. But until the itch is scratched, Ksplice is perfectly within the right to offer the service at a cost.

    1. Re:Yes, they are. by mysidia · · Score: 4, Interesting

      Very true. However, the Linux kernel is GPL'ed.

      They provide binary patches which contain code that is a derivative work of the Linux kernel. What makes the binary ksplice patches derivative is they are converting patches that were created by other people under GPL terms, into a binary form suitable for use with ksplice.

      This means those binary patches must be distributed under the GPL, allowing recipients to share those binary patches.

      It also means they must make machine-readable source code available to all their patches, along with any changes they have made, and they must provide all compilation scripts, tools, and configuration files they use to build those patches. per the clause of the GPL that states:

      The “Corresponding Source” for a work in object code form means all the source code needed to generate, install, and (for an executable work) run the object code and to modify the work, including scripts to control those activities. However, it does not include the work's System Libraries, or general-purpose tools or generally available free programs which are used unmodified in performing those activities but which are not part of the work. For example, Corresponding Source includes interface definition files associated with source files for the work, and the source code for shared libraries and dynamically linked subprograms that the work is specifically designed to require,

      I can see a lot of people willing to pay $5 or so per month for access to the patches for each distinct OS their systems run.

      And some big enterprises paying a per-system fee to ensure everything is fully supported, and that they can always call them for help if something goes wrong with any system.....

      However, I don't see that it can be legal for them to force you to agree to pay a per-system fee to use a binary patch.

      That would seem to be in violation of your GPL rights.

      Given we've already established the binary patch files must be distributed under GPL.

      Any kernel-mode components of the patcher must also be under GPL, and also any user-mode components that are specific to the kernel design.

      The rest can be reverse-engineered.

  4. Re:Huh? by Donniedarkness · · Score: 4, Informative
    Nothing bad about it, it's just that sometimes it causes a few problems.

    I do tech support at a school. The moment that something goes offline (like our mail server), we start getting calls telling us that things are messed up.

    Before anyone asks: Yes, we try our best to only reboot after-hours, and yes, we tell everyone when a service will be down.

    --
    Earn a % of cash back from Newegg, Tiger Direct, Walmart.com, and more: http://www.mrrebates.com?refid=458505
  5. hrm... by Charliemopps · · Score: 5, Insightful

    Color me stupid but wouldn't any application in which you'd rather not be rebooting (i.e. Router, firewall, file server, etc...) be the exact same application in which you'd NEVER want some 3rd party having access to your kernel? I mean, if a large percent of distros were using this I can just imagine it would be the A#1 target for every malicious coder in the world.

  6. Re:So instead of doing it right... by el_tedward · · Score: 4, Insightful

    Designing your own operating system isn't exactly a small feat.. Linux already has very good penetration into the server market, and offers the security that most organizations should have. Linux is what Windows should be. There's a LOT you can do with that kernel.

    Obviously complexity makes security difficult, but there's nothing wrong with making something complex if you're actually capable of managing it. Is setting up a rock solid firewall difficult for the average person in IT? Should we just get rid of anything in security that is relatively complex? I'd much rather have more options (not necessarily obfuscation) than be pigeon holed into something just because it's simple. Security is not simple, and it never will be.

  7. Depends. by Hasai · · Score: 4, Interesting

    "Cool tech, but will people really pay $4 a month for this?"

    Depends. If it's your laptop, I suspect the answer is no. If it's your server farm, I suspect the answer is yes.

    As an aside: Novell used to run contests to see who had the server with the greatest uptime since its last boot. Best one I ever saw was the Netware server that ran so long that everyone forgot where it was and it was accidentally walled-up inside a closet. Wouldn't it be great if the Linux community could run this type of contest? :)

    --

    Regards;

    Hasai

  8. That might work for you by Chuck+Chunder · · Score: 4, Funny

    but telling people to check their email when their mail server is offline probably doesn't work for them.

    --
    Boffoonery - downloadable Comedy Benefit for Bletchley Park
  9. Re:They better be encrypted! by Anonymous Coward · · Score: 5, Funny

    Why not just compile the kernel locally, like normal people do

    Um. Someone else want to break the news, or should I just go ahead and tell him?

  10. Re:It can be quite beneficial by drsmithy · · Score: 5, Insightful

    The occasional reboot, under controlled circumstances, is an excellent test of what will happen in an emergency situation. Mainly, it answers the question of whether the server and required services actually will all come back up by themselves.

    More importantly, if your service architecture can't handle the scheduled outage of individual servers, then it is unquestionably broken.

    If you are concerned with individual server uptimes having a bearing on anything except your e-penis, then You're Doing It Wrong.

  11. Re:They better be encrypted! by teslar · · Score: 5, Funny

    Someone else want to break the news?

    Ok, I'll do it.

    Dear Hurricane78,

    please, do not be alarmed. You suffer from an interesting form of amnesia that makes you believe we are still living sometime in February 2010. You also thought that J Cameron's (not to be confused with the late 20th-century fictionfilmer J Cameron. This one is more like the factfilmer D Attenborough) documentary on our early days on Pandora was syfy. But that's ok.

    The fact is, however, that these days, normal people run "stock" kernels provided by "distros". It works pretty well and we think Linux is almost "ready for the desktop" now. If only we could get multiple monitors to work....

    While we're at it, I should also tell you that Ubuntu is no longer with us. They never really recovered from the unexpected Crappy Century bug after it's version numbers began to repeat in the early 2100s, turning almost all computers into a "Warty".

    This may all come as a shock to you. But do not worry. The nature of your amnesia means that you will very soon - right about now in fact - have convinced yourself that this post was humorous in nature and not actually reflective of reality. Trust me, many wish they could live in your world. The end of the 20th/beginning of the 21st century was the highlight for the human race. In fact, many of us are currently working on a project - codename "Charging" - that would result in the creation of a VR set in this glorious era. Like "Second Life", only more immersive. Now if you'll excuse me, I have to go and figure out where we'll get the energy to power this VR from....