| 1 |
on 11/28/2008 10:53 AM Dirk Heinrichs wrote the following: |
| 2 |
> Am Freitag 28 November 2008 09:41:55 schrieb ext Thanasis: |
| 3 |
> |
| 4 |
> |
| 5 |
>> Regarding kernel maintenance, mostly from the point of view of security, |
| 6 |
>> which is the best way to go: |
| 7 |
>> 1) Having gentoo-sources in /var/lib/portage/world, which would mean the |
| 8 |
>> sources would be upgraded whenever portage marks a newer version as |
| 9 |
>> stable (provided someone follows stable)? |
| 10 |
>> 2) Not having gentoo-sources in /var/lib/portage/world, which would mean |
| 11 |
>> the sources would be upgraded only as a dependency for some other |
| 12 |
>> package (which is quite improbable/rare)? |
| 13 |
>> |
| 14 |
>> (or, I may be missing something :-) ) |
| 15 |
>> |
| 16 |
> |
| 17 |
> Yes. Having the _sources_ upgraded doesn't gain you anything. You have to |
| 18 |
> actually compile a new kernel from them and reboot the system with that new |
| 19 |
> kernel. Do you do this right after every kernel source update? |
| 20 |
Yes, I always try to do it. |
| 21 |
> I don't. I only do this when it's possible to reboot the machine. |
| 22 |
> |
| 23 |
Of course. |
| 24 |
> That's the reason why I don't care kernel source upgrades via package manager |
| 25 |
> on any system. Only when it's possible to reboot the machine, I update the |
| 26 |
> kernel sources via git (much faster than installing a complete package), build |
| 27 |
> the new kernel and eventually update all out-of-tree modules via |
| 28 |
> portage/paludis beforehand. |
| 29 |
> |
| 30 |
> HTH... |
| 31 |
> |
| 32 |
> Dirk |
| 33 |
> |
| 34 |
OK, I'm not acquainted with git... :-\ , but that's another subject. :-) |
Archives