OpenVZ Forum: Support » Production stable kernel for Debian based Systems

Home » General » Support » Production stable kernel for Debian based Systems

Show: Today's Messages :: Show Polls :: Message Navigator
E-mail to friend

Re: Production stable kernel for Debian based Systems [message #38534 is a reply to message #38525]

Tue, 29 December 2009 15:32

efball
Messages: 41
Registered: September 2006
Location: Santa Rosa, California

Member

ceelian wrote on Tue, 29 December 2009 04:41

Quote:

linux-image-2.6.26-2-openvz-686 is in the Debian lenny/stable distribution.

That's what i am a bit scared, and i must admit that i have several IMHO security critical bugs with this kernel (see http://forum.openvz.org/index.php?t=msg&th=8199&star t=0& )

That was three years ago. (lenny wasn't even released then). When I do a "netstat -tapn" in a vz container with the linux-image-2.6.26-2-openvz-686 kernel I'm only seeing processes from the container I'm in.

Quote:

There is even an lenny repository with kernel 2.6.28. Use it at your own risk!

And if you have a look on http://wiki.openvz.org/Kernel_versioning you see that all Kernels above 2.6.18 are development/unstable kernels.

But the 2.6.28 kernel is in testing, not stable. The 2.6.26 kernel is the debian lenny/stable kernel (openvz or not), which sounds pretty stable to me, and debian updates it with security patches.

Quote:

I am working with OpenVZ already for 5 Years in Production Environment never ever had serious security troubles, but since half a year we have to struggle kernel bugs which needs to get fixed soon to be save from an exploiting attack. Therefore we need a security maintained OpenVZ Kernel which is as recent (in the meaning of security not in Kernel Version Number) as possible.

I really don't want to build one myself unless there is no other way to go.

Has anyone experiences with the Repo from Thorsten Schifferdecker (http://debian.systs.org/)?

I had good experiences with the FZA Line in the past, but thought they were a bit outdated while i was thinking that the debian 2.6.22 is stable.

Are they still a good choice?

No the FZA kernels are obsolete (I used them with Etch). ovzkernel-2.6.18-686 appears recent, but I really haven't used it much.

E Frank Ball efball@efball.com

Report message to a moderator

[Message index]

		Production stable kernel for Debian based Systems By: ceelian on Fri, 25 December 2009 10:28
		Re: Production stable kernel for Debian based Systems By: glic3rinu on Sun, 27 December 2009 11:42
		Re: Production stable kernel for Debian based Systems By: efball on Tue, 29 December 2009 00:24
		Re: Production stable kernel for Debian based Systems By: ceelian on Tue, 29 December 2009 09:41
		Re: Production stable kernel for Debian based Systems By: efball on Tue, 29 December 2009 15:32
		Re: Production stable kernel for Debian based Systems By: elmig on Thu, 31 December 2009 13:54
		Re: Production stable kernel for Debian based Systems By: ceelian on Tue, 29 December 2009 09:55
		Re: Production stable kernel for Debian based Systems By: jormartr on Fri, 01 January 2010 20:00

Previous Topic:	Kernel Panic
Next Topic:	I can't navigate in my VM

Goto Forum:

-=] Back to Top [=-

[ Syndicate this forum (XML) ] [

] [

]

Current Time: Thu Sep 12 18:23:30 GMT 2024

Total time taken to generate the page: 0.05480 seconds