| === zz_mwhudson is now known as mwhudson | ||
| === mwhudson is now known as zz_mwhudson | ||
| slangasek | is anybody else seeing a problem with latest kernels in trusty where filesystems are filling up with invisible usage, that clears up on reboot? | 19:15 |
|---|---|---|
| slangasek | (problem seen with 3.13.0-4-generic; have just rebooted to 3.13.0-5-generic, waiting to see if the problem manifests again) | 19:17 |
| === Traxer is now known as Traxer|on | ||
| === Traxer|on is now known as Traxer | ||
| jarkko | i would like to ask why ubuntu maintains the kernel themselfs | 20:00 |
| Faux | jarkko: Relative to what? | 20:07 |
| jarkko | i just want to know why ubuntu maintains the kernel themself | 20:08 |
| jarkko | or is it just backportig drivers? | 20:08 |
| ogra_ | jarkko, every distro does that ... you need to do packaging and testing to make sure it works in context of the rest of the distro | 20:09 |
| jarkko | really? | 20:09 |
| antarus | The kernel configuration process is pretty complicated, and there are lots of decisions ot be made | 20:09 |
| ogra_ | (and you will also find that every distro maintains its own kernel config) | 20:10 |
| antarus | what features work, what features don't work, what features make sense for Ubuntu, what features do not | 20:10 |
| ogra_ | right | 20:10 |
| jarkko | so basically the same kernel can be very different on other distro? | 20:10 |
| ogra_ | yes | 20:10 |
| ogra_ | well, differently configured | 20:10 |
| antarus | and differently patched | 20:10 |
| ogra_ | right | 20:11 |
| jarkko | never thought that | 20:11 |
| antarus | although sharing (or poaching) patchsets is pretty common ;p | 20:11 |
| jarkko | well i have compiled kernel few times and noticed lots of things i have no idea | 20:11 |
| miseria | "dicen, que el ser humano es un programa del universo; ¿sera que la muerte es solo un cambio de actividades?" bienvenidos: http://castroruben.com *temo_a_un_ser_sin_rival* | 20:11 |
| jarkko | i mean the config | 20:11 |
| ogra_ | jarkko, fedora builds all its security in userspace around selinux ... ubuntu does the same with apparmor ... you cant have bot that the same time enabled in the kernel ... | 20:12 |
| ogra_ | just as an example | 20:12 |
| ogra_ | s/that the/at the/ | 20:12 |
| jarkko | do you have any opinion replacing iptables? | 20:15 |
| ogra_ | not really ... | 20:16 |
| ogra_ | i dont use it | 20:16 |
| ogra_ | (not really necessary on ubuntu ... ports only get opened if a userspace process listens on them, in ubuntu there is a "no open ports by default" policy so the risk is pretty low) | 20:18 |
| jarkko | really? | 20:18 |
| ogra_ | (unless you explicitly install something that is supposed to listen indeed ... like a webserver ... but then you should know that port 80 is open for it) | 20:19 |
| jarkko | how can i confirm that? | 20:19 |
| ogra_ | use another machine ... get familiar with nmap and scan your ubuntu install from there | 20:19 |
| ogra_ | a default desktop install will only have DHCP and MDNS open ... | 20:21 |
| jarkko | does every kernel release need hard patching? | 20:24 |
| ogra_ | thats something you should ask the kernel team during the workweek ... they are rarely around on weekends ;) | 20:27 |
Generated by irclog2html.py 2.7 by Marius Gedminas - find it at mg.pov.lt!