Re: [opensuse-project] openSUSE LTS kernel
On Sun, Dec 12, 2010 at 10:16 PM, Rajko M. <rmatov101@charter.net> wrote:
On Sunday, December 12, 2010 12:36:09 pm Kim Leyendecker wrote:
Let me ask a technical question:
Which kernel version will be supported?
That was another comment on this discussion; a lot of words about names and none tried to start discuss for instance how to revive 11.1 as a test case (kernel is 2.6.27). It is just out of support, so it can be easy to continue adding security patches.
I would like to see some action plan what one has to do to keep 11.1 alive for another 6 months as a test is whole idea feasible.
In my humble opinion, better idea would be to think how to make upgrade path bullet proof, so that one has no fear what will happen on next change. That will help desktop and server use cases with single effort.
-- Regards, Rajko
My gut feeling is the answer is right (by chance?), but we have the logic backwards. The LTS project should not pick a release (11.1) and then use its kernel for the long term support regardless. I would think the kernel's supported for other LTS projects (SLES, SLED, Redhat, etc.) should be identified, and then a openSUSE release that uses a LTS kernel should be picked for LTS designation. Backporting kernel security patches is a lot of work. Also, a lot of LTS kernels get not just security updates, but functional updates. ie. Redhat has back-ported ext4 to 2.6.18 I believe so that older Redhat installs can use ext4. Redhat 6 is 2.6.32 based, so from a pure Redhat perspective 2.6.18 or 2.6.32 would be the best kernels to drive a LTS release. Fortunately SLES 11 is using the 2.6.27 kernel, so we know Novell will be back-porting security patches to it for 3 more years (or more). Does Novell also back-port new functionalities like Redhat does? Regardless since both opensuse 11.1 and SLES 11 use the 2.6.27 kernel, that kernel makes an excellent choice indeed. Is there any reason for the openSUSE 11.1 LTS release to not explicitly use the kernel from SLES 11? That way when patches come out, etc. openSUSE LTS can leverage at least that one very important security support from Novell. Greg -- Greg Freemyer Head of EDD Tape Extraction and Processing team Litigation Triage Solutions Specialist http://www.linkedin.com/in/gregfreemyer CNN/TruTV Aired Forensic Imaging Demo - http://insession.blogs.cnn.com/2010/03/23/how-computer-evidence-gets-retriev... The Norcross Group The Intersection of Evidence & Technology http://www.norcrossgroup.com -- To unsubscribe, e-mail: opensuse-project+unsubscribe@opensuse.org For additional commands, e-mail: opensuse-project+help@opensuse.org
On Mon, Dec 13, 2010 at 11:20:27AM -0500, Greg Freemyer wrote:
Fortunately SLES 11 is using the 2.6.27 kernel, so we know Novell will be back-porting security patches to it for 3 more years (or more).
This is not true, sorry. -- To unsubscribe, e-mail: opensuse-project+unsubscribe@opensuse.org For additional commands, e-mail: opensuse-project+help@opensuse.org
Then can you please explain the situation shortly? kind regards kdl On 13.12.2010 17:30, Greg KH wrote:
On Mon, Dec 13, 2010 at 11:20:27AM -0500, Greg Freemyer wrote:
Fortunately SLES 11 is using the 2.6.27 kernel, so we know Novell will be back-porting security patches to it for 3 more years (or more). This is not true, sorry.
-- Kim Leyendecker (kimleyendecker@hotmail.de) Kernel 2.4.37.10-kdl Maintainer Powered by openSUSE 11.2 "Emerald" GNOME This mail was composed under Linux -- To unsubscribe, e-mail: opensuse-project+unsubscribe@opensuse.org For additional commands, e-mail: opensuse-project+help@opensuse.org
A: No. Q: Should I include quotations after my reply? http://daringfireball.net/2007/07/on_top On Mon, Dec 13, 2010 at 05:56:53PM +0100, Kim Leyendecker wrote:
Then can you please explain the situation shortly?
Markus already did. thanks, greg k-h -- To unsubscribe, e-mail: opensuse-project+unsubscribe@opensuse.org For additional commands, e-mail: opensuse-project+help@opensuse.org
On Mon, Dec 13, 2010 at 10:10:11AM -0800, Greg KH wrote:
A: No. Q: Should I include quotations after my reply?
http://daringfireball.net/2007/07/on_top
On Mon, Dec 13, 2010 at 05:56:53PM +0100, Kim Leyendecker wrote:
Then can you please explain the situation shortly?
Markus already did.
s/Markus/Marcus/ sorry about that. -- To unsubscribe, e-mail: opensuse-project+unsubscribe@opensuse.org For additional commands, e-mail: opensuse-project+help@opensuse.org
On Mon, Dec 13, 2010 at 11:20:27AM -0500, Greg Freemyer wrote:
On Sun, Dec 12, 2010 at 10:16 PM, Rajko M. <rmatov101@charter.net> wrote:
On Sunday, December 12, 2010 12:36:09 pm Kim Leyendecker wrote:
Let me ask a technical question:
Which kernel version will be supported?
That was another comment on this discussion; a lot of words about names and none tried to start discuss for instance how to revive 11.1 as a test case (kernel is 2.6.27). It is just out of support, so it can be easy to continue adding security patches.
I would like to see some action plan what one has to do to keep 11.1 alive for another 6 months as a test is whole idea feasible.
In my humble opinion, better idea would be to think how to make upgrade path bullet proof, so that one has no fear what will happen on next change. That will help desktop and server use cases with single effort.
-- Regards, Rajko
My gut feeling is the answer is right (by chance?), but we have the logic backwards.
The LTS project should not pick a release (11.1) and then use its kernel for the long term support regardless.
I would think the kernel's supported for other LTS projects (SLES, SLED, Redhat, etc.) should be identified, and then a openSUSE release that uses a LTS kernel should be picked for LTS designation. Backporting kernel security patches is a lot of work.
Also, a lot of LTS kernels get not just security updates, but functional updates. ie. Redhat has back-ported ext4 to 2.6.18 I believe so that older Redhat installs can use ext4. Redhat 6 is 2.6.32 based, so from a pure Redhat perspective 2.6.18 or 2.6.32 would be the best kernels to drive a LTS release.
Fortunately SLES 11 is using the 2.6.27 kernel, so we know Novell will be back-porting security patches to it for 3 more years (or more). Does Novell also back-port new functionalities like Redhat does?
Regardless since both opensuse 11.1 and SLES 11 use the 2.6.27 kernel, that kernel makes an excellent choice indeed.
Is there any reason for the openSUSE 11.1 LTS release to not explicitly use the kernel from SLES 11? That way when patches come out, etc. openSUSE LTS can leverage at least that one very important security support from Novell.
We already used the same kernel for SLE11 GA and openSUSE 11.1. However, SLE11 GA also leaves support and maintenance currently, and SLE11 SP1 is based on 2.6.32. As some 2.6.27.stable support is done by the outside still (not Greg, but someone else), the critical things at least should be able to get picked up. Ciao, Marcus -- To unsubscribe, e-mail: opensuse-project+unsubscribe@opensuse.org For additional commands, e-mail: opensuse-project+help@opensuse.org
On Mon, Dec 13, 2010 at 05:49:56PM +0100, Marcus Meissner wrote:
As some 2.6.27.stable support is done by the outside still (not Greg, but someone else), the critical things at least should be able to get picked up.
Note, those .27-longterm kernel releases will be much more infrequent than I was doing (if that could be possible), so anyone wishing to run an "enterprise" distro on .27 will have to be responsible for keeping up with the security issues on their own as they will end up being more frequent than the .27-longterm releases will be. good luck, greg k-h -- To unsubscribe, e-mail: opensuse-project+unsubscribe@opensuse.org For additional commands, e-mail: opensuse-project+help@opensuse.org
participants (4)
-
Greg Freemyer -
Greg KH -
Kim Leyendecker -
Marcus Meissner