1 |
On Sunday 08 November 2009 23:20:31 Stroller wrote: |
2 |
> > You really need to learn to make your own kernel. ... |
3 |
> |
4 |
> Whilst I agree in principle that a good (slim?) kernel is better and |
5 |
> your comments on that, I am sceptical whether the majority of people |
6 |
> have the knowledge to make any significant performance or security |
7 |
> improvements. |
8 |
> |
9 |
> AIUI the kernels shipped by distros like Red Hat, for instance, are |
10 |
> configured by the very people that work on and maintain the mainline |
11 |
> kernel tree. How can any of us simple end-users compete with that? |
12 |
> |
13 |
> I imagine it to be very easy for any of us normal people to enable or |
14 |
> disable options that make significant performance impact - but we |
15 |
> would never know it, because we're not benchtesting it or even |
16 |
> qualified to assess proper benchtests. |
17 |
> |
18 |
> I cannot believe that in a day you could study this subject |
19 |
> sufficiently to have any reasonable competence on the matter. And thus |
20 |
> if you do spend only a day, that's wasted time. I would add that the |
21 |
> kernel is evolving constantly, and in a year's time your knowledge - |
22 |
> and your .config - is likely to be at least somewhat outdated. |
23 |
> |
24 |
> I chose to copy the .config from Knoppix because it's easy to get hold |
25 |
> of that, but also because it's selected by someone who knows more than |
26 |
> me, and it is likely to work with any hardware I install into my |
27 |
> machine or connect by USB. I take Volker's point that a LiveCD .config |
28 |
> could be the worst possible choice so I'm open to alternatives, but |
29 |
> I hope those who say I should "learn to make your own kernel" |
30 |
> appreciate my points over how effectual that will be - sure, I can |
31 |
> delete my .config and start again with `make menuconfig` and I can go |
32 |
> through every option and read the help, and I'm sure I'll get just as |
33 |
> good results as 80% of the people on this list, but I just don't know |
34 |
> that that's much of an answer. |
35 |
|
36 |
You are reading way more into the subject than is actually there. |
37 |
|
38 |
Red Hat employees do work on mainline and do write kernel code. But finding a |
39 |
bug, writing new code and fixing security exploits are very different |
40 |
activities to simply configuring the code that is there. And that is what RH |
41 |
do - they take the code that is already there, apply whatever backport and |
42 |
experimental patches suits their distro, then go through menuconfig switching |
43 |
some things on and some things off. Their needs are different to yours - they |
44 |
need their kernel to run on just about any hardware on the planet, so they |
45 |
build a horrendously complex initrd with support for every known boot device, |
46 |
then build every module that even half-way works. And also enable every known |
47 |
kernel sub-system (because someone somewhere is going to use it). |
48 |
|
49 |
By your analogy, you might consider Red Hat more qualified than you to decide |
50 |
if you should build an MTA with or without LDAP support. Which is of course |
51 |
patently ridiculous - if you know you need LDAP then you need it. Otherwise |
52 |
you don't (and this is not a security issue, it's a features issue) |
53 |
|
54 |
If you configure your own kernel, you only need build the bits you use. The |
55 |
sole benefit for a Gentoo users to using a custom distro kernel is support for |
56 |
things not in mainline (like some entire FibreChannel product ranges out |
57 |
there). But please note that even if you copy an RH .config, you do not have |
58 |
those patches to hand so you will not get those extra features. Unless you |
59 |
patched the ebuild yourself, in which case you are already au-fait with |
60 |
building a kernel and we would not be having this discussion. |
61 |
|
62 |
In summary, I hear your reasoning and understand your concerns. But it is |
63 |
flawed and you are worried about something that is not actually there. |
64 |
|
65 |
|
66 |
-- |
67 |
alan dot mckinnon at gmail dot com |