=== zz_mwhudson is now known as mwhudson | ||
=== mwhudson is now known as zz_mwhudson | ||
slangasek | is anybody else seeing a problem with latest kernels in trusty where filesystems are filling up with invisible usage, that clears up on reboot? | 19:15 |
---|---|---|
slangasek | (problem seen with 3.13.0-4-generic; have just rebooted to 3.13.0-5-generic, waiting to see if the problem manifests again) | 19:17 |
=== Traxer is now known as Traxer|on | ||
=== Traxer|on is now known as Traxer | ||
jarkko | i would like to ask why ubuntu maintains the kernel themselfs | 20:00 |
Faux | jarkko: Relative to what? | 20:07 |
jarkko | i just want to know why ubuntu maintains the kernel themself | 20:08 |
jarkko | or is it just backportig drivers? | 20:08 |
ogra_ | jarkko, every distro does that ... you need to do packaging and testing to make sure it works in context of the rest of the distro | 20:09 |
jarkko | really? | 20:09 |
antarus | The kernel configuration process is pretty complicated, and there are lots of decisions ot be made | 20:09 |
ogra_ | (and you will also find that every distro maintains its own kernel config) | 20:10 |
antarus | what features work, what features don't work, what features make sense for Ubuntu, what features do not | 20:10 |
ogra_ | right | 20:10 |
jarkko | so basically the same kernel can be very different on other distro? | 20:10 |
ogra_ | yes | 20:10 |
ogra_ | well, differently configured | 20:10 |
antarus | and differently patched | 20:10 |
ogra_ | right | 20:11 |
jarkko | never thought that | 20:11 |
antarus | although sharing (or poaching) patchsets is pretty common ;p | 20:11 |
jarkko | well i have compiled kernel few times and noticed lots of things i have no idea | 20:11 |
miseria | "dicen, que el ser humano es un programa del universo; ¿sera que la muerte es solo un cambio de actividades?" bienvenidos: http://castroruben.com *temo_a_un_ser_sin_rival* | 20:11 |
jarkko | i mean the config | 20:11 |
ogra_ | jarkko, fedora builds all its security in userspace around selinux ... ubuntu does the same with apparmor ... you cant have bot that the same time enabled in the kernel ... | 20:12 |
ogra_ | just as an example | 20:12 |
ogra_ | s/that the/at the/ | 20:12 |
jarkko | do you have any opinion replacing iptables? | 20:15 |
ogra_ | not really ... | 20:16 |
ogra_ | i dont use it | 20:16 |
ogra_ | (not really necessary on ubuntu ... ports only get opened if a userspace process listens on them, in ubuntu there is a "no open ports by default" policy so the risk is pretty low) | 20:18 |
jarkko | really? | 20:18 |
ogra_ | (unless you explicitly install something that is supposed to listen indeed ... like a webserver ... but then you should know that port 80 is open for it) | 20:19 |
jarkko | how can i confirm that? | 20:19 |
ogra_ | use another machine ... get familiar with nmap and scan your ubuntu install from there | 20:19 |
ogra_ | a default desktop install will only have DHCP and MDNS open ... | 20:21 |
jarkko | does every kernel release need hard patching? | 20:24 |
ogra_ | thats something you should ask the kernel team during the workweek ... they are rarely around on weekends ;) | 20:27 |
Generated by irclog2html.py 2.7 by Marius Gedminas - find it at mg.pov.lt!