=== zz_mwhudson is now known as mwhudson
=== mwhudson is now known as zz_mwhudson
[19:15] <slangasek> is anybody else seeing a problem with latest kernels in trusty where filesystems are filling up with invisible usage, that clears up on reboot?
[19:17] <slangasek> (problem seen with 3.13.0-4-generic; have just rebooted to 3.13.0-5-generic, waiting to see if the problem manifests again)
=== Traxer is now known as Traxer|on
=== Traxer|on is now known as Traxer
[20:00] <jarkko> i would like to ask why ubuntu maintains the kernel themselfs
[20:07] <Faux> jarkko: Relative to what?
[20:08] <jarkko> i just want to know why ubuntu maintains the kernel themself
[20:08] <jarkko> or is it just backportig drivers?
[20:09] <ogra_> jarkko, every distro does that ... you need to do packaging and testing to make sure it works in context of the rest of the distro 
[20:09] <jarkko> really?
[20:09] <antarus> The kernel configuration process is pretty complicated, and there are lots of decisions ot be made
[20:10] <ogra_> (and you will also find that every distro maintains its own kernel config)
[20:10] <antarus> what features work, what features don't work, what features make sense for Ubuntu, what features do not
[20:10] <ogra_> right
[20:10] <jarkko> so basically the same kernel can be very different on other distro?
[20:10] <ogra_> yes
[20:10] <ogra_> well, differently configured
[20:10] <antarus> and differently patched
[20:11] <ogra_> right
[20:11] <jarkko> never thought that
[20:11] <antarus> although sharing (or poaching) patchsets is pretty common ;p
[20:11] <jarkko> well i have compiled kernel few times and noticed lots of things i have no idea
[20:11] <miseria> "dicen, que el ser humano es un programa del universo; ¿sera que la muerte es solo un cambio de actividades?" bienvenidos: http://castroruben.com *temo_a_un_ser_sin_rival*
[20:11] <jarkko> i mean the config
[20:12] <ogra_> jarkko, fedora builds all its security in userspace around selinux ... ubuntu does the same with apparmor ... you cant have bot that the same time enabled in the kernel ... 
[20:12] <ogra_> just as an example 
[20:12] <ogra_> s/that the/at the/
[20:15] <jarkko> do you have any opinion replacing iptables?
[20:16] <ogra_> not really ... 
[20:16] <ogra_> i dont use it 
[20:18] <ogra_> (not really necessary on ubuntu ... ports only get opened if a userspace process listens on them, in ubuntu there is a "no open ports by default" policy so the risk is pretty low)
[20:18] <jarkko> really?
[20:19] <ogra_> (unless you explicitly install something that is supposed to listen indeed ... like a webserver ... but then you should know that port 80 is open for it)
[20:19] <jarkko> how can i confirm that?
[20:19] <ogra_> use another machine ... get familiar with nmap and scan your ubuntu install from there 
[20:21] <ogra_> a default desktop install will only have DHCP and MDNS open ... 
[20:24] <jarkko> does every kernel release need hard patching?
[20:27] <ogra_> thats something you should ask the kernel team during the workweek ... they are rarely around on weekends ;)