Re: [gentoo-user] Any consequences to package.mask'ing newer kernels?
On Fri, 13 Apr 2007 08:40:10 +0100, Neil Bothwick wrote: equery --quiet --nocolor list --duplicates gentoo-sources | awk '{print $1}' | head -n -2 | xargs --no-run-if-empty emerge --unmerge /dev/null Out of interest: 1) Why --duplicates (i.e. am I missing something ;). No idea, I wrote the script a couple of years ago, if I'd wanted to remember how it worked I'd have commented it. :) I remember now. If you have only one kernel installed, --duplicates prevents it being uninstalled - quite a useful feature ;-) -- Neil Bothwick Oxymoron: Clearly Misunderstood. signature.asc Description: PGP signature
Re: [gentoo-user] Any consequences to package.mask'ing newer kernels?
On Monday 16 April 2007 15:00:30 Neil Bothwick wrote: On Fri, 13 Apr 2007 08:40:10 +0100, Neil Bothwick wrote: equery --quiet --nocolor list --duplicates gentoo-sources | awk '{print $1}' | head -n -2 | xargs --no-run-if-empty emerge --unmerge /dev/null Out of interest: 1) Why --duplicates (i.e. am I missing something ;). No idea, I wrote the script a couple of years ago, if I'd wanted to remember how it worked I'd have commented it. :) I remember now. If you have only one kernel installed, --duplicates prevents it being uninstalled - quite a useful feature ;-) head -n -2 would prevent that anyway. As well as preventing the deletion from /boot and /lib/modules (where it really matters).. -- Bo Andresen signature.asc Description: This is a digitally signed message part.
Re: [gentoo-user] Any consequences to package.mask'ing newer kernels?
On Mon, 16 Apr 2007 15:06:54 +0200, Bo Ørsted Andresen wrote: I remember now. If you have only one kernel installed, --duplicates prevents it being uninstalled - quite a useful feature ;-) head -n -2 would prevent that anyway. As well as preventing the deletion from /boot and /lib/modules (where it really matters).. Of course it will, I'm not thinking straight today. I suppose I could remove the --duplicates and if you don't hear from me again, you'll know there was a good reason for it ;-) -- Neil Bothwick A Microsoft joke (is that a tautology?) signature.asc Description: PGP signature
Re: [gentoo-user] Any consequences to package.mask'ing newer kernels?
On Fri, 13 Apr 2007 02:11:58 +0200, Bo Ørsted Andresen wrote: equery --quiet --nocolor list --duplicates gentoo-sources | awk '{print $1}' | head -n -2 | xargs --no-run-if-empty emerge --unmerge /dev/null Out of interest: 1) Why --duplicates (i.e. am I missing something ;). No idea, I wrote the script a couple of years ago, if I'd wanted to remember how it worked I'd have commented it. :) It was never intended for per review, just a quick hack top free up some disk space. I originally used qpkg, but you're right that equery doesn't need --duplicates. 2) Why the awk? Is there ever more than one column without --no-pipe ? I don't think so, but it doesn't hurt to leave it in. I used awk because the terminal output adds extra fields and I possibly didn't even bother to check whether they were still there when using a pipe. -- Neil Bothwick Q: Why is top-posting evil? A: backwards read don't humans because signature.asc Description: PGP signature
Re: [gentoo-user] Any consequences to package.mask'ing newer kernels?
Neil Bothwick wrote: On Fri, 13 Apr 2007 01:33:43 +0200, Bo Ørsted Andresen wrote: At around 300MB per kernel, that's ten excess kernels, so you can't be doing it that often. Once you're happy with the current kernel, you only need emerge -P gentoo-sources to remove the rest. I use a script that removes all but the last two, and also cleans out /lib/modules and /boot. Neil, any chance we could get that script? Provided you have gentoolkit something as simple as this works: # emerge -Cva $(equery -q list gentoo-sources | head -n -2) That only cleans out /usr/src, it's slightly different to what I use (which rm's the directories first to speed things up) but does basically the same. You also need to clear out /lib/modules and /boot with Here's the script I use, which is guaranteed to work when it doesn't fail. When it does break, you can keep the pieces. #!/bin/bash # clean /lib/modules cd /lib/modules ls -1rt | head -n -2 | xargs --no-run-if-empty rm -fr # clean /boot grep --quiet /boot /etc/fstab mount /boot -o remount,rw cd /boot ls -1rt config-* | head -n -2 | while read f; do bzip2 -9 $f mv $f.bz2 oldconfigs/ done ls -1rt System.map-* | head -n -2 | xargs --no-run-if-empty rm -f if [ -f vmlinux ]; then ls -1rt vmlinux-* | head -n -2 | xargs --no-run-if-empty rm -f else ls -1rt vmlinuz-* | head -n -2 | xargs --no-run-if-empty rm -f fi # clean /usr/src cd /usr/src ls -1drt linux-* | head -n -2 | xargs --no-run-if-empty rm -fr equery --quiet --nocolor list --duplicates gentoo-sources | awk '{print $1}' | head -n -2 | xargs --no-run-if-empty emerge --unmerge /dev/null grep --quiet /boot /etc/fstab mount /boot -o remount,ro # END The vmlinuz/vmlinux stuff is because I have a PPC system too, which calls the kernel vmlinux. Thanks Neil. Tony -- Those who would give up essential Liberty, to purchase a little temporary Safety, deserve neither Liberty nor Safety. -- Benjamin Franklin -- [EMAIL PROTECTED] mailing list
Re: [gentoo-user] Any consequences to package.mask'ing newer kernels?
Neil Bothwick wrote: At around 300MB per kernel, that's ten excess kernels, so you can't be doing it that often. Once you're happy with the current kernel, you only need emerge -P gentoo-sources to remove the rest. I use a script that removes all but the last two, and also cleans out /lib/modules and /boot. Neil, any chance we could get that script? Tony -- Those who would give up essential Liberty, to purchase a little temporary Safety, deserve neither Liberty nor Safety. -- Benjamin Franklin -- [EMAIL PROTECTED] mailing list
Re: [gentoo-user] Any consequences to package.mask'ing newer kernels?
On Friday 13 April 2007 01:12:08 Anthony E. Caudel wrote: At around 300MB per kernel, that's ten excess kernels, so you can't be doing it that often. Once you're happy with the current kernel, you only need emerge -P gentoo-sources to remove the rest. I use a script that removes all but the last two, and also cleans out /lib/modules and /boot. Neil, any chance we could get that script? Provided you have gentoolkit something as simple as this works: # emerge -Cva $(equery -q list gentoo-sources | head -n -2) -- Bo Andresen pgpGwVbNGGWa5.pgp Description: PGP signature
Re: [gentoo-user] Any consequences to package.mask'ing newer kernels?
On Fri, 13 Apr 2007 01:33:43 +0200, Bo Ørsted Andresen wrote: At around 300MB per kernel, that's ten excess kernels, so you can't be doing it that often. Once you're happy with the current kernel, you only need emerge -P gentoo-sources to remove the rest. I use a script that removes all but the last two, and also cleans out /lib/modules and /boot. Neil, any chance we could get that script? Provided you have gentoolkit something as simple as this works: # emerge -Cva $(equery -q list gentoo-sources | head -n -2) That only cleans out /usr/src, it's slightly different to what I use (which rm's the directories first to speed things up) but does basically the same. You also need to clear out /lib/modules and /boot with Here's the script I use, which is guaranteed to work when it doesn't fail. When it does break, you can keep the pieces. #!/bin/bash # clean /lib/modules cd /lib/modules ls -1rt | head -n -2 | xargs --no-run-if-empty rm -fr # clean /boot grep --quiet /boot /etc/fstab mount /boot -o remount,rw cd /boot ls -1rt config-* | head -n -2 | while read f; do bzip2 -9 $f mv $f.bz2 oldconfigs/ done ls -1rt System.map-* | head -n -2 | xargs --no-run-if-empty rm -f if [ -f vmlinux ]; then ls -1rt vmlinux-* | head -n -2 | xargs --no-run-if-empty rm -f else ls -1rt vmlinuz-* | head -n -2 | xargs --no-run-if-empty rm -f fi # clean /usr/src cd /usr/src ls -1drt linux-* | head -n -2 | xargs --no-run-if-empty rm -fr equery --quiet --nocolor list --duplicates gentoo-sources | awk '{print $1}' | head -n -2 | xargs --no-run-if-empty emerge --unmerge /dev/null grep --quiet /boot /etc/fstab mount /boot -o remount,ro # END The vmlinuz/vmlinux stuff is because I have a PPC system too, which calls the kernel vmlinux. -- Neil Bothwick Things are more like they are today than they ever have been before. signature.asc Description: PGP signature
Re: [gentoo-user] Any consequences to package.mask'ing newer kernels?
On Friday 13 April 2007 01:59:47 Neil Bothwick wrote: Provided you have gentoolkit something as simple as this works: # emerge -Cva $(equery -q list gentoo-sources | head -n -2) That only cleans out /usr/src, it's slightly different to what I use (which rm's the directories first to speed things up) but does basically the same. You also need to clear out /lib/modules and /boot with True. Here's the script I use, which is guaranteed to work when it doesn't fail. When it does break, you can keep the pieces. [SNIP] equery --quiet --nocolor list --duplicates gentoo-sources | awk '{print $1}' | head -n -2 | xargs --no-run-if-empty emerge --unmerge /dev/null Out of interest: 1) Why --duplicates (i.e. am I missing something ;). 2) Why the awk? Is there ever more than one column without --no-pipe ? -- Bo Andresen pgpvOj4aemQ3p.pgp Description: PGP signature
Re: [gentoo-user] Any consequences to package.mask'ing newer kernels?
On Mon, 2 Apr 2007 01:02:32 -0400, Walter Dnes wrote: I don't mind the 30 or 40 megs for the source tarball+patches in my distfiles directory. But the quarter gig for each minor r bump, most of which I never build, is a bit much. Why install it if you're not going to build it? r bumps are necessarily minor, as they often contain security fixes. -- Neil Bothwick (A)bort (R)etry (T)ake an axe to it? signature.asc Description: PGP signature
Re: [gentoo-user] Any consequences to package.mask'ing newer kernels?
On Mon, 2 Apr 2007 01:35:42 -0400, Walter Dnes wrote: I got bitten in the latest stable kernel (2.6.19-r5). It moved SATA support out of SCSI, and into a separate section altogether. I plowed through make oldconfig, hitting N for every option. Because I have a SATA drive, the result was kernel panic when I rebooted into the new kernel. Same here, and it was the only time I've had a problem with make oldconfig since switching to 2.6 however long ago. That really was a one off situation that should have been addressed with a suitable ewarn, but hindsight makes that easy. -- Neil Bothwick deja vous - the act of forgetting someone's name /again/ despite being introduced to them several times. signature.asc Description: PGP signature
Re: [gentoo-user] Any consequences to package.mask'ing newer kernels?
Hemmann, Volker Armin ha scritto: In almost every kernel release a security problem is found, that is fixed in a stable release. Stable release? AFAIK, *all* 2.6.x releases are stable releases. The days of double trees (2.4.x and 2.5.x) are gone. Probably I don't get what you mean. I use x86 kernels, not ~x86: that's what you mean as stable? I don't understand. and between that blue moons, your box is wide open to attacks. Well, if in *every* kernel there is *always* a security problem, my box is always open to attacks... :) (I understand your point, however. I didn't realize the linux kernel was so full of security holes. I thought it was one of the most secure components. Why aren't there GLSAs for the kernel?) Which risk? Which mess? There is not a risk, if you use oldconfig. oldconfig doesn't always work well between major releases (2.6.x vs 2.6.x+1). But there is a big risk in security holes. True, but can you explain me the points above? m. -- gentoo-user@gentoo.org mailing list
Re: [gentoo-user] Any consequences to package.mask'ing newer kernels?
On Sonntag, 1. April 2007, b.n. wrote: Hemmann, Volker Armin ha scritto: In almost every kernel release a security problem is found, that is fixed in a stable release. Stable release? AFAIK, *all* 2.6.x releases are stable releases. No, they aren't. There are the 'normal' releases (for example 2.6.20) and the 'stable' releases which fix important bugs and security holes (like, for example 2.6.20.2). The days of double trees (2.4.x and 2.5.x) are gone. Today we have at least 4 trees. Linus. Morton. The 'stable releases' (2.6.XY.Z) Bunk's 2.6.16.XY Which risk? Which mess? There is not a risk, if you use oldconfig. oldconfig doesn't always work well between major releases (2.6.x vs 2.6.x+1). I works like a charm for me -- gentoo-user@gentoo.org mailing list
Re: [gentoo-user] Any consequences to package.mask'ing newer kernels?
Hemmann, Volker Armin ha scritto: On Sonntag, 1. April 2007, b.n. wrote: Hemmann, Volker Armin ha scritto: In almost every kernel release a security problem is found, that is fixed in a stable release. Stable release? AFAIK, *all* 2.6.x releases are stable releases. No, they aren't. There are the 'normal' releases (for example 2.6.20) and the 'stable' releases which fix important bugs and security holes (like, for example 2.6.20.2). Yes, I know that. I didn't call them unstable and stable, that's why I was confused, however I know. Now my questions are: 1)I only see gentoo-sources-2.6.X-rY, I never see gentoo-sources-2.6.X.a.b-rY .What am I installing when I install gentoo-sources-2.6.x-rY? 2)How do the binary distribution people cope with this? The days of double trees (2.4.x and 2.5.x) are gone. Today we have at least 4 trees. Linus. Morton. The 'stable releases' (2.6.XY.Z) Bunk's 2.6.16.XY Well, there have ALWAYS been a lot of different trees, but Morton, for example, AFAIK is not an official tree (although it is maintained closely to the official). However that's just nitpicking. :) Which risk? Which mess? There is not a risk, if you use oldconfig. oldconfig doesn't always work well between major releases (2.6.x vs 2.6.x+1). I works like a charm for me Not for me. And I've sometimes read of newer kernels breaking things on the gentoo mailing list. Upgrading a kernel is never straightforward, imho (maybe it's me being unexperienced, however it's my years-old only desktop box and I hate to b0rk it). m. -- gentoo-user@gentoo.org mailing list
Re: [gentoo-user] Any consequences to package.mask'ing newer kernels?
On Montag, 2. April 2007, b.n. wrote: Hemmann, Volker Armin ha scritto: On Sonntag, 1. April 2007, b.n. wrote: Hemmann, Volker Armin ha scritto: In almost every kernel release a security problem is found, that is fixed in a stable release. Stable release? AFAIK, *all* 2.6.x releases are stable releases. No, they aren't. There are the 'normal' releases (for example 2.6.20) and the 'stable' releases which fix important bugs and security holes (like, for example 2.6.20.2). Yes, I know that. I didn't call them unstable and stable, that's why I was confused, however I know. Now my questions are: 1)I only see gentoo-sources-2.6.X-rY, I never see gentoo-sources-2.6.X.a.b-rY .What am I installing when I install gentoo-sources-2.6.x-rY? look into the changelogs ;) I don't use gentoo-sources, but AFAIK, the -rX releases are related to the vanilla .X releases. 2)How do the binary distribution people cope with this? backporting patches. That is why you get kernels named '2.6.17-201' and stuff like that. The days of double trees (2.4.x and 2.5.x) are gone. Today we have at least 4 trees. Linus. Morton. The 'stable releases' (2.6.XY.Z) Bunk's 2.6.16.XY Well, there have ALWAYS been a lot of different trees, but Morton, for example, AFAIK is not an official tree (although it is maintained closely to the official). It is the official testing tree. Every new feature and lots of patches and drivers have to 'mature' in Morton's tree - and he decides, together with the maintainers, which stuff goes to Linus. -- gentoo-user@gentoo.org mailing list
Re: [gentoo-user] Any consequences to package.mask'ing newer kernels?
On Sun, 1 Apr 2007 23:35:25 +0200, Hemmann, Volker Armin wrote: 1)I only see gentoo-sources-2.6.X-rY, I never see gentoo-sources-2.6.X.a.b-rY .What am I installing when I install gentoo-sources-2.6.x-rY? look into the changelogs ;) I don't use gentoo-sources, but AFAIK, the -rX releases are related to the vanilla .X releases. Not necessarily, which is why you need to read the changelogs. For example, 2.6.21-r1 may be released to fix something with 2.6.20, so when 2.6.21.1 is released, it will be in 2.6.21-r2. Bit it is reasonable to assume that the latest -r release is based on the latest revision of the kernel. Note that stable has different meanings depending on whether you apply it to the kernel or the ebuild. -- Neil Bothwick If this were an actual tagline, it would be funny. signature.asc Description: PGP signature
Re: [gentoo-user] Any consequences to package.mask'ing newer kernels?
On Sat, Mar 31, 2007 at 09:21:22AM +0100, Neil Bothwick wrote At around 300MB per kernel, that's ten excess kernels, so you can't be doing it that often. I ran df and ll between each individual unmerge. The individual kernels take approx 250 megs, freshly emerged. Compiling generates another 200 megs worth of object code, etc. Here's partial output of ll before the cleanup. Note that 2.6.16-r7, 2.6.17-r7, and 2.6.18-r3 were compiled, as well as the current 2.6.19-r5. drwxr-xr-x 19 root root 744 Sep 6 2006 linux-2.6.16-gentoo-r13 drwxr-xr-x 19 root root 744 May 4 2006 linux-2.6.16-gentoo-r6 drwxr-xr-x 20 root root 1488 Oct 14 02:14 linux-2.6.16-gentoo-r7 drwxr-xr-x 19 root root 744 Jun 13 2006 linux-2.6.16-gentoo-r9 drwxr-xr-x 19 root root 712 Jul 29 2006 linux-2.6.17-gentoo-r4 drwxr-xr-x 20 root root 1448 Sep 6 2006 linux-2.6.17-gentoo-r7 drwxr-xr-x 19 root root 744 Sep 16 2006 linux-2.6.17-gentoo-r8 drwxr-xr-x 19 root root 712 Nov 12 09:01 linux-2.6.18-gentoo-r2 drwxr-xr-x 20 root root 1328 Feb 17 18:51 linux-2.6.18-gentoo-r3 drwxr-xr-x 19 root root 712 Dec 24 22:14 linux-2.6.18-gentoo-r5 drwxr-xr-x 19 root root 712 Jan 14 20:15 linux-2.6.18-gentoo-r6 drwxr-xr-x 20 root root 1328 Mar 8 19:32 linux-2.6.19-gentoo-r5 I don't mind the 30 or 40 megs for the source tarball+patches in my distfiles directory. But the quarter gig for each minor r bump, most of which I never build, is a bit much. -- Walter Dnes [EMAIL PROTECTED] In linux /sbin/init is Job #1 Q. Mr. Ghandi, what do you think of Microsoft security? A. I think it would be a good idea. -- gentoo-user@gentoo.org mailing list
Re: [gentoo-user] Any consequences to package.mask'ing newer kernels?
On Sat, Mar 31, 2007 at 04:11:42PM +0200, Hemmann, Volker Armin wrote Which risk? Which mess? There is not a risk, if you use oldconfig. With oldconfig, 99% of the updates seem to consist of added support for exotic raid controllers or network cards. Since my system has been running OK for the past couple of years without the new features, I obviously don't need them. I end up hitting N all the time. I got bitten in the latest stable kernel (2.6.19-r5). It moved SATA support out of SCSI, and into a separate section altogether. I plowed through make oldconfig, hitting N for every option. Because I have a SATA drive, the result was kernel panic when I rebooted into the new kernel. -- Walter Dnes [EMAIL PROTECTED] In linux /sbin/init is Job #1 Q. Mr. Ghandi, what do you think of Microsoft security? A. I think it would be a good idea. -- gentoo-user@gentoo.org mailing list
Re: [gentoo-user] Any consequences to package.mask'ing newer kernels?
On Sat, 31 Mar 2007 01:55:10 -0400, Walter Dnes wrote: Partial df output before unmerging a bunch of kernels Filesystem 1K-blocks Used Available Use% Mounted on /dev/sda1 11726996 7325372 4401624 63% / Partial df output after unmerging a bunch of kernels Filesystem 1K-blocks Used Available Use% Mounted on /dev/sda1 11726996 4183616 7543380 36% / Yes folks, 3.14 gigs. Having gotten rather tired of doing this manually... again... At around 300MB per kernel, that's ten excess kernels, so you can't be doing it that often. Once you're happy with the current kernel, you only need emerge -P gentoo-sources to remove the rest. I use a script that removes all but the last two, and also cleans out /lib/modules and /boot. I went into /etc/portage/package.mask and added sys-kernel/gentoo-sources-2.6.19-r5 It won't hurt me now, but is there anything that might depend on newer kernels? It's assumed I'll upgrade when required by a security alert. Other than that, how long can I get away between kernel upgrades? As long as you like, some people are still running 2.4 kernels! As long as you don't add hardware supported only by a newer kernel, your system will work exactly the same in six months as it does now, although you should bear in mind that -r updates are generally problem fixes. I usually read the Changelog when a new kernel is released and then decide whether it's worth installing. There's no point in forcing a reboot when the old kernel works for me. -- Neil Bothwick Reality is for people who can't handle Star Trek signature.asc Description: PGP signature
Re: [gentoo-user] Any consequences to package.mask'ing newer kernels?
On Saturday 31 March 2007 00:55:10 Walter Dnes wrote: Having gotten rather tired of doing this manually... again... I went into /etc/portage/package.mask and added sys-kernel/gentoo-sources-2.6.19-r5 It won't hurt me now, but is there anything that might depend on newer kernels? It's assumed I'll upgrade when required by a security alert. Other than that, how long can I get away between kernel upgrades? Just watch your GLSAs, and you should be fine. If a package depends on a certain kernel version, it will list that in it's depend line, and emerge will complain that it can't satisfy that dependency. -- Boyd Stephen Smith Jr. ,= ,-_-. =. [EMAIL PROTECTED] ((_/)o o(\_)) ICQ: 514984 YM/AIM: DaTwinkDaddy `-'(. .)`-' http://iguanasuicide.org/ \_/ pgpQFaxdTmTTZ.pgp Description: PGP signature
Re: [gentoo-user] Any consequences to package.mask'ing newer kernels?
On Samstag, 31. März 2007, Walter Dnes wrote: Partial df output before unmerging a bunch of kernels Filesystem 1K-blocks Used Available Use% Mounted on /dev/sda1 11726996 7325372 4401624 63% / Partial df output after unmerging a bunch of kernels Filesystem 1K-blocks Used Available Use% Mounted on /dev/sda1 11726996 4183616 7543380 36% / Yes folks, 3.14 gigs. Having gotten rather tired of doing this manually... again... I went into /etc/portage/package.mask and added sys-kernel/gentoo-sources-2.6.19-r5 It won't hurt me now, but is there anything that might depend on newer kernels? It's assumed I'll upgrade when required by a security alert. Other than that, how long can I get away between kernel upgrades? besides critical bug fixes, security fixes and driver updates? IMHO masking never kernels is a really bad idea. -- gentoo-user@gentoo.org mailing list
Re: [gentoo-user] Any consequences to package.mask'ing newer kernels?
On Samstag, 31. März 2007, Boyd Stephen Smith Jr. wrote: On Saturday 31 March 2007 00:55:10 Walter Dnes wrote: Having gotten rather tired of doing this manually... again... I went into /etc/portage/package.mask and added sys-kernel/gentoo-sources-2.6.19-r5 It won't hurt me now, but is there anything that might depend on newer kernels? It's assumed I'll upgrade when required by a security alert. Other than that, how long can I get away between kernel upgrades? Just watch your GLSAs, and you should be fine. If a package depends on a certain kernel version, it will list that in it's depend line, and emerge will complain that it can't satisfy that dependency. Well, there are many security related kernel bugs (just read the Changelogs of the .18, .19 and .20 'stable' releases), but hardly any kernel GLSAs. It looks like kernels are not covered by GLSAs. -- gentoo-user@gentoo.org mailing list
Re: [gentoo-user] Any consequences to package.mask'ing newer kernels?
Hemmann, Volker Armin ha scritto: besides critical bug fixes, security fixes and driver updates? IMHO masking never kernels is a really bad idea. Why? I upgrade my kernel once in a blue moon -that is, when I need to because of new features I need, because of incompatibility with current system (i.e. upgrade to udev) or just because I need to recompile to enable/disable something and, since I'm recompiling anyway, I also upgrade.(note that I don't use genkernel) Otherwise, I personally don't bother. If my kernel currently serves me well and there is nothing new I really need, why having to recompile, with the risk to make a mess? m. -- gentoo-user@gentoo.org mailing list
Re: [gentoo-user] Any consequences to package.mask'ing newer kernels?
On Samstag, 31. März 2007, b.n. wrote: Hemmann, Volker Armin ha scritto: besides critical bug fixes, security fixes and driver updates? IMHO masking never kernels is a really bad idea. Why? because of: - filesystem bugs (2.6.17 and XFS for example) - security problems (local and remote holes). In almost every kernel release a security problem is found, that is fixed in a stable release. I upgrade my kernel once in a blue moon -that is, when I need to because of new features I need, because of incompatibility with current system (i.e. upgrade to udev) or just because I need to recompile to enable/disable something and, since I'm recompiling anyway, I also upgrade.(note that I don't use genkernel) and between that blue moons, your box is wide open to attacks. Otherwise, I personally don't bother. If my kernel currently serves me well and there is nothing new I really need, why having to recompile, with the risk to make a mess? Which risk? Which mess? There is not a risk, if you use oldconfig. But there is a big risk in security holes. -- gentoo-user@gentoo.org mailing list
[gentoo-user] Any consequences to package.mask'ing newer kernels?
Partial df output before unmerging a bunch of kernels Filesystem 1K-blocks Used Available Use% Mounted on /dev/sda1 11726996 7325372 4401624 63% / Partial df output after unmerging a bunch of kernels Filesystem 1K-blocks Used Available Use% Mounted on /dev/sda1 11726996 4183616 7543380 36% / Yes folks, 3.14 gigs. Having gotten rather tired of doing this manually... again... I went into /etc/portage/package.mask and added sys-kernel/gentoo-sources-2.6.19-r5 It won't hurt me now, but is there anything that might depend on newer kernels? It's assumed I'll upgrade when required by a security alert. Other than that, how long can I get away between kernel upgrades? -- Walter Dnes [EMAIL PROTECTED] In linux /sbin/init is Job #1 Q. Mr. Ghandi, what do you think of Microsoft security? A. I think it would be a good idea. -- gentoo-user@gentoo.org mailing list