Re: [vserver] Vserver kernel support

From: Corey Wright <undefined_at_pobox.com>
Date: Sun 18 May 2008 - 06:58:45 BST
Message-Id: <20080518005845.06ee74bd.undefined@pobox.com>

On Sat, 17 May 2008 08:59:09 +0200
Peter Mann <Peter.Mann@tuke.sk> wrote:

> > i formerly used ubuntu's kernel source, because each release had a
> > minimum of 18 months of security support, and i merged the closest
> > vserver stable patch with it, but i got tired of spending a whole
> > weekend performing the merge and worrying if i merged everything
> > correctly so as to not introduce any security problems (eg debian's
> > openssl fiasco). yeah, i probably spend an equivalent amount of time
> > over 18 months compiling each new kernel release and vserver patch as i
> > would previously spend merging, but it's pretty evenly distributed
> > across 18 months and a relatively easy task (which is good for
> > security).
>
> ubuntu's kernel is very huge (many addons against vanilla), but there is
> LTS (Long Time Supported) releases supported 5 years for servers, which
> is very good if someone maintain vserver patch for ubuntu kernel

the problem you get into in this situation (ie standardize on a supported
kernel version other than vanilla) is that you lose support from the
linux-vserver project. that's why i previously said in this thread...

that's why i use a vanilla kernel: ... it's ... the only one the
linux-vserver project supports.

as contained in a thread we (you, i, & others) participated in here on the
mailing list two years ago [1], herbert doesn't support distro kernels, and
neither i nor anybody else (afaik) has stepped forward to fulfill the
"maintainer" role he described. if people are maintaining specific
versions of kernels with vserver patches, i haven't read about it here and
don't know where else i would except the #vserver irc channel (and i
haven't found searching the logs [2] with google all that effective unless
searching for a specific keyword or phrase, like an error message).

[1] http://www.paul.sladen.org/vserver/archives/200603/0209.html
[2] http://irc.13thfloor.at/LOG

there are many ways to obtain long-term (longer than vanilla) kernel
support (pick any distro's kernel), but afaik only one way to receive
vserver support (though i hope i'm wrong and someone will correct me). to
maintain support for both kernel source (newer than etch's 2.6.18 as it
doesn't support my hardware well) and vserver patch, i use a vanilla kernel
with the latest vserver patch.

corey

-- 
undefined@pobox.com
Received on Sun May 18 06:59:10 2008
[Next/Previous Months] [Main vserver Project Homepage] [Howto Subscribe/Unsubscribe] [Paul Sladen's vserver stuff]
Generated on Sun 18 May 2008 - 06:59:22 BST by hypermail 2.1.8