[arch-general] How often kernel26-lts updated?
girard.cedric at gmail.com
Fri Mar 25 12:24:37 EDT 2011
On Fri, Mar 25, 2011 at 5:07 PM, Karol Babioch <karol at babioch.de> wrote:
> Am 25.03.2011 16:42, schrieb Thomas S Hatch:
> > which is why I use the latest kernel on my
> > servers and reboot them a lot becaus
> As I'm about to set up some new servers I was thinking about this in the
> past few days. How does it work out for you?
> Because I don't think that rebooting is an option on servers. If there
> are running http, mail, dns, etc. service(s) its not that great to
> reboot the system.
If your services are only running on one server with no failover (either
manual or automatic), you are already vulnerable to such downtimes.
> Could you elaborate on the point you tried to make? Why is a feature
> frozen kernel/software a potential security issue? As far as I know
> major security issues get updated, so you just need to reload the
> modules, don't you? Or am I missing a point here? Because this is what
> most long term distributions do.
I'm not sure it was implied by Thomas that frozen features kernel are a
security issue. But as new vulnerabilities are being discovered, even on a
feature freeze you need to do security updates.
> As you don't expect a server to be in desperate need of new features and
> new supported hardware I personally don't think that the latest kernel
> is needed.
> What do the others think about it?
No. But what I understood from what Thomas said is: as you need to reboot
your server anyway from time to time to apply security updates, you may
decide to switch to an even more often updated kernel, if your architecture
permit it (reboot != service interruption).
More information about the arch-general