View previous topic :: View next topic |
Author |
Message |
predatorfreak l33t
Joined: 13 Jan 2005 Posts: 708 Location: USA, Michigan.
|
Posted: Sun Mar 20, 2005 8:39 am Post subject: 2.6.11.5-vividserv1: We do it on a server! |
|
|
Yo folks, as promised, here's 2.6.11.5-vividserv1. Release notes/patchlist/diff link follows.
/* 2.6.11.5-vividserv1
* Release created by: predatorfreak
* Comments: This is my first vivid server release, I tried to make sure I nailed most major bugs.
* Please test it out and report back. Also, on why I didn't include a custom CPU scheduler, theres
* no need to because O(1) works perfectly for server useage. Apply OVER 2.6.11, not 2.6.11.5
* Highlights: Lots of clean ups and bug fixes, more hardware drivers and some other things.
*/
patch-2.6.11.5.gz | 2.6.11.5
2.6.11-kj.patch.gz | Kernel janitors patchset, lots of code clean ups
sk98lin_v7.09_2.6.11_patch | SK98Lin updates, Improved hardware support and some bug fixes mostly
bk-scsi.patch | SCSI code updates, mostly bug fixes
bk-audit.patch | Some clean ups and fixes
bk-ide-dev.patch | IDE code updates, again mostly bug fixes
bk-ntfs.patch | NTFS code updates, more bug fixes
cant-unmount-bad-inode.patch | Fix bugs where bad inodes prevent unmounting
blockdev-mnt-racefix.diff | Some blockdev race fixes which caused mount/unmount problems
clean-up-and-unify-asm-resourceh-files.patch | Clean ups to the ASM resource headers
execshield.diff | execsheild-nx for enhenced security
copy_pte_range-latency-fix.patch | Some latency fixes
fbdev-cleanup-and-fix.diff | FBDEV clean ups and fixes
mm-fixes.diff | Fixs for some files in mm/ (mostly taken from -mm)
genetic-lib-2.6.10-gl4.patch | Genetic library 0.4
genetic-as-sched-2.6.10-gl4.patch | Genetic AS IO scheduler (0.4)
genetic-io-sched-2.6.10-gl4.patch | Genetic IO scheduler base patches (0.4)
oom-vm-changes.diff | Changes to OOM/VM related things (Mostly taken from -mm)
oops-fix.diff | Some oops fixes from -mm
irqpoll.patch | Fixs some IRQ problems
openbsd-netrand.diff | OpenBSD Style TCP ISN Randomization (default == good && openbsd-netrand == better)
properly-share-process-and-session-keyrings-with-clone_thread.patch | More fixes from -mm
readahead-cleanups.diff | Some clean ups from -mm
run-softirqs-on-proper-processor-on-offline.patch | Again, fixes from -mm
vmlinux-fix-physical-addrs-all.diff | hmm, this is becoming too common, more fixes from -mm
smpbootc-cleanups.patch | Some clean ups from -mm
swapspace-layout-improvements.patch | Swap Space layout improvements
sys_setpriority-euid-semantics-fix.patch | -mm fixes
tty-output-lossage-fix.patch | -mm fixes again...
diif link: http://prdownloads.sourceforge.net/vivid-sources/patch-2.6.11.5-vividserv1.diff.bz2?download
Ok, fixed up the posting problems.
Edit: the bk-ntfs included is at least 3 weeks old, so it is not effected by the recent problems in bk-ntfs. _________________ System: predatorbox
Distro: Arch Linux x86_64
Current projects: blackhole, convmedia and anything else I cook up. |
|
Back to top |
|
|
fallow Bodhisattva
Joined: 08 Jan 2004 Posts: 2208 Location: Poland
|
Posted: Sun Mar 20, 2005 9:11 am Post subject: |
|
|
hmm, we have officially new release uploaded to sf.net ? hmm is good to know.
so if I must post here directly about it then I can do this.
server(s) = small home / lan servers etc.
* mm fixes for the server ? not so good idea for me
* bk-drivers is also not good idea for servers imho
* a clean up patches ...
* for genetic anticipatory is required J.Moilanen`s usb-oops-deplug.stuff fix . I don't see it here .. ? -> http://vivid.dat.pl/fallow/pub/love-sources/2.6.11-love2/2.6.11-love2-usb-oops-fix1.diff
for me server edition SHOULD avoid mm/unstable/untested patches , gives stability and only really needed stuff.
and grsec/rsbac/qnet or ohter features ?
cheers. _________________ "Time is a companion that goes with us on a journey. It reminds us to cherish each moment, because it will never come again. What we leave behind is not as important as how we have lived" J-L. Picard |
|
Back to top |
|
|
predatorfreak l33t
Joined: 13 Jan 2005 Posts: 708 Location: USA, Michigan.
|
Posted: Sun Mar 20, 2005 9:32 am Post subject: |
|
|
fallow wrote: | hmm, we have officially new release uploaded to sf.net ? hmm is good to know.
so if I must post here directly about it then I can do this.
server(s) = small home / lan servers etc.
* mm fixes for the server ? not so good idea for me
* bk-drivers is also not good idea for servers imho
* a clean up patches ...
* for genetic anticipatory is required J.Moilanen`s usb-oops-deplug.stuff fix . I don't see it here .. ? -> http://vivid.dat.pl/fallow/pub/love-sources/2.6.11-love2/2.6.11-love2-usb-oops-fix1.diff
for me server edition SHOULD avoid mm/unstable/untested patches , gives stability and only really needed stuff.
and grsec/rsbac/qnet or ohter features ?
cheers. |
Fallow, the changes I have from mm are perfectly stable with no noted side-effects (I've been testing them in dark-sources for awhile), on qnet that will come in due time, as for grsec I have execsheild-nx in there, which is better in my experiance then grsec, for RSBAC I'll check that out. I'll include the USB oops fix in the next release, keep in mind I just got home from vacation .
Edit: Also, I'm going to remove the bk patches in the next release.
Edit 2: In the next release I'll also add the libata patch I've been using in dark-sources, I would consider it stable enough for production use because I have had no problems with it here........ _________________ System: predatorbox
Distro: Arch Linux x86_64
Current projects: blackhole, convmedia and anything else I cook up. |
|
Back to top |
|
|
fallow Bodhisattva
Joined: 08 Jan 2004 Posts: 2208 Location: Poland
|
Posted: Sun Mar 20, 2005 12:22 pm Post subject: |
|
|
predatorfreak wrote: |
Fallow, the changes I have from mm are perfectly stable with no noted side-effects (I've been testing them in dark-sources for awhile) |
If all will be stable and tested , then will be in vanilla not in mm .
predatorfreak wrote: |
on qnet that will come in due time, as for grsec I have execsheild-nx in there, which is better in my experiance then grsec, for RSBAC I'll check that out.
|
www.grsecurity.net wrote: |
* An intelligent and robust Role-Based Access Control (RBAC) system that can generate least privilege policies for your entire system with no configuration
* Change root (chroot) hardening
* /tmp race prevention
* Extensive auditing
* Prevention of entire classes of exploits related to address space bugs (from the PaX project)
* Additional randomness in the TCP/IP stack
* A restriction that allows a user to only view his/her processes
* Every security alert or audit contains the IP address of the person that caused the event
|
If You want to do a final release AS vivid-sources then please be in contact with me.
Is not so easy to have project with other poeple . Look at sf.net/projects/vivid-sources . There not only me in vivid-sources. It requires a compromises etc. If You want to release a something without even final talking with others - You can`t release it as our project - vivid sources , You always can release it as dark-sources
cheers. |
|
Back to top |
|
|
predatorfreak l33t
Joined: 13 Jan 2005 Posts: 708 Location: USA, Michigan.
|
Posted: Sun Mar 20, 2005 10:23 pm Post subject: |
|
|
fallow wrote: | predatorfreak wrote: |
Fallow, the changes I have from mm are perfectly stable with no noted side-effects (I've been testing them in dark-sources for awhile) |
If all will be stable and tested , then will be in vanilla not in mm .
predatorfreak wrote: |
on qnet that will come in due time, as for grsec I have execsheild-nx in there, which is better in my experiance then grsec, for RSBAC I'll check that out.
|
www.grsecurity.net wrote: |
* An intelligent and robust Role-Based Access Control (RBAC) system that can generate least privilege policies for your entire system with no configuration
* Change root (chroot) hardening
* /tmp race prevention
* Extensive auditing
* Prevention of entire classes of exploits related to address space bugs (from the PaX project)
* Additional randomness in the TCP/IP stack
* A restriction that allows a user to only view his/her processes
* Every security alert or audit contains the IP address of the person that caused the event
|
If You want to do a final release AS vivid-sources then please be in contact with me.
Is not so easy to have project with other poeple . Look at sf.net/projects/vivid-sources . There not only me in vivid-sources. It requires a compromises etc. If You want to release a something without even final talking with others - You can`t release it as our project - vivid sources , You always can release it as dark-sources
cheers. |
I'm sorry If I caused any problems releasing this under vivid-sources project on sourceforge, but as I understood it when I started on this project I had full freedom to create the patchset as I saw fit, if this has changed please tell me so that I may change vividserv to darkserv and release it under my darkpatches project. _________________ System: predatorbox
Distro: Arch Linux x86_64
Current projects: blackhole, convmedia and anything else I cook up. |
|
Back to top |
|
|
fallow Bodhisattva
Joined: 08 Jan 2004 Posts: 2208 Location: Poland
|
Posted: Mon Mar 21, 2005 1:14 pm Post subject: |
|
|
predatorfreak wrote: | I'm sorry If I caused any problems releasing this under vivid-sources project on sourceforge, but as I understood it when I started on this project I had full freedom to create the patchset as I saw fit, if this has changed please tell me so that I may change vividserv to darkserv and release it under my darkpatches project. |
No reason to changing existing release into other sources . But If You want to do it fell free
Yes of course You have free hand , but I expect a minimum before final release - consulting with the other members before , if You want to have ONLY your idea in all project - You have own dark-sources.
I also doing a love-sources but we are consulting overall priorities etc.
cheers. |
|
Back to top |
|
|
predatorfreak l33t
Joined: 13 Jan 2005 Posts: 708 Location: USA, Michigan.
|
Posted: Mon Mar 21, 2005 1:21 pm Post subject: |
|
|
fallow wrote: | predatorfreak wrote: | I'm sorry If I caused any problems releasing this under vivid-sources project on sourceforge, but as I understood it when I started on this project I had full freedom to create the patchset as I saw fit, if this has changed please tell me so that I may change vividserv to darkserv and release it under my darkpatches project. |
No reason to changing existing release into other sources . But If You want to do it fell free ;)
Yes of course You have free hand , but I expect a minimum before final release - consulting with the other members before , if You want to have ONLY your idea in all project - You have own dark-sources.
I also doing a love-sources but we are consulting overall priorities etc.
cheers. |
As I've told you before fallow, I'll consult you and troll from now on before I release a vividserv release (else I'll call the unconsulted release a darkserv release :).
Edit: also, as I've stated before, I'm sorry about my quick actions and not consulting you first.
Edit 2: I'm off to bed since I've been up all night. _________________ System: predatorbox
Distro: Arch Linux x86_64
Current projects: blackhole, convmedia and anything else I cook up. |
|
Back to top |
|
|
PLum Tux's lil' helper
Joined: 20 May 2004 Posts: 108 Location: /dev/world/poland/gliwice
|
Posted: Wed Mar 23, 2005 11:19 am Post subject: |
|
|
okey nice work,
but one question - why there is no imq patch included, in this release ?
and other stuff like account, and other patch-o-matic futures
i know i can always put them by my self - but it would be nice to got the almost all needed stuff in one place |
|
Back to top |
|
|
predatorfreak l33t
Joined: 13 Jan 2005 Posts: 708 Location: USA, Michigan.
|
Posted: Wed Mar 23, 2005 1:52 pm Post subject: |
|
|
PLum wrote: | okey nice work,
but one question - why there is no imq patch included, in this release ?
and other stuff like account, and other patch-o-matic futures
i know i can always put them by my self - but it would be nice to got the almost all needed stuff in one place |
This was a quickie release, After I consult fallow on the next release (Which is likely to include qnet, lids (NOT GRSEC) and other things.), I will release that version. _________________ System: predatorbox
Distro: Arch Linux x86_64
Current projects: blackhole, convmedia and anything else I cook up. |
|
Back to top |
|
|
|
|
You cannot post new topics in this forum You cannot reply to topics in this forum You cannot edit your posts in this forum You cannot delete your posts in this forum You cannot vote in polls in this forum
|
|