KSplice in Fedora?
Bill McGonigle
bill at bfccomputing.com
Wed Jul 1 18:19:01 UTC 2009
On 07/01/2009 01:48 PM, Jochen Schmitt wrote:
>
> On Fedora we have kernels from the 2.6.27 and from the 2.6.28 series.
> This means, that you have to create seperates kernel patch modules for
> each kernel release which was submitted for Fedora-10.
This is why I suggested it would be practical to set a bar. The example
I gave was a kernel which was the latest kernel in the past two weeks.
This would usually be one, occasionally two. For a sysadmin, it's
pretty easy to schedule a reboot within two weeks. '-r now' can be
impossible.
> The reseason to do it, is that ksplice is not able to handled patches,
> which may change global data structures.
Have there been remotely exploitable and/or CVSS 'high' kernel problems
for which the patches need to change global data structures? Perhaps
I'm just unaware of them. Besides this, Jon Masters' post says ksplice
can handle this (unless I'm misunderstanding his post). Even though it
can, if a bar as set above were set, Fedora wouldn't need to.
-Bill
--
Bill McGonigle, Owner Work: 603.448.4440
BFC Computing, LLC Home: 603.448.1668
http://www.bfccomputing.com/ Cell: 603.252.2606
Twitter, etc.: bill_mcgonigle Page: 603.442.1833
Email, IM, VOIP: bill at bfccomputing.com
Blog: http://blog.bfccomputing.com/
VCard: http://bfccomputing.com/vcard/bill.vcf
More information about the fedora-devel-list
mailing list