Feature changed by: Jiri Benc (jbenc) Feature #306907, revision 17 Title: Add support for Ksplice openSUSE-11.2: Rejected by Andreas Jaeger (a_jaeger) reject date: 2009-08-12 10:52:21 reject reason: Let's evaluate for 11.3. Priority Requester: Important - openSUSE-11.3: Evaluation + openSUSE-11.3: Rejected by (jbenc) + reject date: 2010-03-24 12:07:28 + reject reason: Not enough resources in the kernel teams to provide + updates as ksplice patches. Priority Requester: Important Requested by: Stephan Kleine (bitshuffler) Description: KSplice allows it currently to apply most but not all kernel updates without the need to reboot which is especially great for servers. It's backed by a newly founded corporation that continually tries to improve it so hopefully sometime in the future a reboot wont be necessary for any kernel update. Fedora as well as Ubuntu already support it so openSUSE shouldn't stay behind. URL: http://www.ksplice.com/ Discussion: #1: Harald Milz (suse2miha) (2009-08-04 21:16:55) Ksplice will be THE reason for many webserver admins to choose Ubuntu and not openSUSE. Don't lose any ground on the server market, make use of Ksplice too. #2: (bmwiedemann) (2009-10-09 11:37:37) A presentation at LinuxTag 2009 from the ksplice guys as well as http://en.wikipedia.org/wiki/Ksplice says, that all security patches can be made rebootless. Only 12% of 64 studied patches needed manual extra code (e.g. for updating structure data). The proper way of distribution would of course also update /lib/modules and /boot/vmlinuz/initrd but possibly patch the running kernel via a rpm post-inst script. I have noted that in the past, openSUSE kernel-updates happened later than those for Debian and Ubuntu, but often contained several fixes at a time. I guess, part of this is due to the reboot needed after a kernel-update, so with Ksplice critical security fixes could reach users faster. #3: John Sheehy (jesheehy) (2010-02-10 03:36:17) Ksplice or similar functionality is critical for production servers, especially those exposed in the DMZ. In the future there should never be an excuse that a security patch didn't get applied since it required a reboot and a maintenance window wasn't available right away. + #4: Jiri Benc (jbenc) (2010-03-24 12:06:24) + This is really two requests: + 1. Add the ksplice kernel module into the distribution. + 2. Provide the kernel updates as ksplice patches (most likely as an + alternative to the normal updates). + While 1. is easy, I don't see the kernel teams having enough resources + for 2. It will require the community to step in; anybody who's + interested in doing the work is welcome. + That said, 1. does not make sense without 2. If we find somebody who + does the work (please speak up if you are interested!), the module can + be distributed as a KMP and/or this feature can be reopened. -- openSUSE Feature: https://features.opensuse.org/306907