On 02/07/09 16:16, Troy Dawson wrote:
Well ... this is a good place for the discussion.
What *should* we do with those packages that redhat releases for the
extended support series.
Do you have access to them okay? I couldn't get to the rpms (or the src
rpms) using my RHN account, but we have a fairly basic level of
entitlements.
I'll say this upfront that it's a bit of a pain. It's a piece of cake
to look, download and build any src.rpm's that RedHat releases for
them. But the hard part is that you then have to figure out which
release those packages are for. That is the harder part. It is made
even harder by the fact that these packages usually come out a day to
a week after RedHat releases their usual security updates for the
same package. So I have no idea that there is a extra backpatched
security update for whatever it is until after I've already pushed
out the normal security update.
Hmm, I see the problem. Unless redhat have a specific announcement
mechanism for the extended support chain, I can't see how to pick up on
them easily. I imagine that there's quite an overhead in continuing to
support N versions of SL4/5 - presumably Redhat also realise this (hence
the large scale of deployment and subscription fees required to become a
subscriber to the extended support service).
That being said, lets say we do figure out a way for this. How would
we get these packages out to you in a way that you could get them?
How about dropping them into the SL4.7 update repository? That way,
those who use 4x will skip past them (right?), but those sticking with
4.7 explicitly will still pick them up through yum.
Troy
Stephan Wiesand wrote:
On Thu, 2009-07-02 at 11:33 +0100, Orlando Richards wrote:
Ahh - it's released under "Extended Update Support" only -
otherwise it's got to be 2.6.9-89.0.3 for the fix.
Please ignore my original question then!
Why? I think it's quite a good one. SL is actually providing this
"extended update support", so the z-stream kernel errata would be
the most suitable choice, except for 4.8 beta, IMHO.
It's my impression that with the much longer "full support" times,
and the much longer time between point releases, feature backports
upon minor releases have become significantly more aggressive, and
updating to the 4.n+1 kernel on SL4.n is much more likely to cause
problems than it used to be in the past.
There were quite a few problems when updates for 5.3 were pushed
out to 5.2 and older releases, and I wouldn't expect it to work any
better with 4.8. One example: the openib in the 4.8 kernel won't
match the userland packages on 4.7 and earlier. No clue yet whether
or not this will cause any actual problems, but it doesn't feel
right.
Just my 2c, Stephan
-----Original Message----- From: Orlando Richards
[mailto:[email protected]] Sent: 02 July 2009 11:25 To:
Orlando Richards; Troy Dawson Cc:
[email protected] Subject: RE: SL4
kernel
Argh - it seems that redhat haven't even released it yet! At
least, I can't find it in RHN - only up to 2.6.9-78.0.22 :(
-- Dr Orlando Richards Information Services IT Infrastructure
Division Unix Section Tel: 0131 650 4994
The University of Edinburgh is a charitable body, registered
in Scotland, with registration number SC005336.
-----Original Message----- From:
[email protected]
[mailto:owner- [email protected]] On
Behalf Of Orlando
Richards
Sent: 02 July 2009 10:50 To: Troy Dawson Cc:
[email protected] Subject: SL4 kernel
Hi all,
Do you know if there are any plans to release the
2.6.9-78.0.24
version
of the RedHat 4.7 kernel?
This has the fix for CVE-2009-1337, which has just been fixed
with
the
release of 2.6.9-89.0.3 from Scientific Linux. However, we
cannot yet use the -89 release kernel as our hardware vendors
have not yet released supported drivers for RH4.8.
Cheers, Orlando.
--
--
Dr Orlando Richards
Information Services
IT Infrastructure Division
Unix Section
Tel: 0131 650 4994
The University of Edinburgh is a charitable body, registered in
Scotland, with registration number SC005336.
