Re: Re: kmdl proposal and kmod flaws

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

On Wed, 2006-08-09 at 17:13 +0200, Axel Thimm wrote:
> On Wed, Aug 09, 2006 at 09:38:54AM -0400, Jack Neely wrote:
> > > > Okay...walk me through this then:
> > > > 
> > > > Assuming no yum plugins or other mess.
> > > > 
> > > > A new kernel is available that corrects some random remote DoS.  How do
> > > > I get all 1300 machines to pull down the new AFS modules?
> > > 
> > > It's in the wiki, but here it comes again:
> > > 
> > > o current kernel module scheme w/o any special depsolver handling:
> > >   - broken on rpm level, inherits on all depsolvers
> > >   - Modules of the current kernel get nuked whether you reboot into
> > >     the new kernel or not
> > 
> > Wrong.  Both up2date and yum have always marked packages that provide
> > 'kernel-modules' as install only for several years now.  Modules don't
> > get "nuked" unless you rpm -U.
> 
> Wrong x 3:
> 
> o not always, neither yum, not up2date initially had any
>   "kernel-module(s)" support
> o first implementation had a typo mismatch, kernel-modules vs
>   kernel-module. In fact effectively its a very young approach, I
>   think this was fixed less than a year ago

2003-11-21 01:24  skvidal

    * nevral.py:
    make packages providing 'kernel-modules' installonly.

that was yum 2.0.X


> > >   + but the new kernel gets its kernel modules (and only the new
> > >     kernel ...)
> > 
> > This point has been used in practice by several large universities.
> > I've been doing this for about 6 years.  While not perfect its been
> > proven to be acceptable and allow machines to remain fulled patched.
> 
> 6 years? So you've been using yum's secret unannounced and NSA
> sponsored version back then, huh? ;)
> 

we used the idea in yup prior to yum.
That was about 2000->2001, iirc so yes, about 6 years.

> > NC State University.  Duke.  I believe Matt at Boston U. has used
> this
> > approch in the past as well.
> 
> And I know large universities that extensively make use of proprietary
> operating systems, so what exactly does that say? Mass does not imply
> infallibility.
> 

I don't think he was alleging that. I think he was saying there are some
big users with large installations who have used it and it works.

that's all.

-sv


--
Fedora-packaging mailing list
Fedora-packaging@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/fedora-packaging
[Index of Archives]     [Fedora Users]     [Fedora Desktop]     [Fedora SELinux]     [Big List of Linux Books]     [Yosemite Forum]     [KDE Users]

  Powered by Linux