[PLUG] Replacement for /usr/src?
Wil Cooley
wcooley at nakedape.cc
Wed Jan 17 17:11:16 UTC 2007
On Tue, 2007-01-16 at 22:29 -0700, Carlos Konstanski wrote:
> All the systems I come into contact with can be categorized as either
> low-security dev boxes or high-security servers. If I were really
> worried about the implications of building a kernel as root on a
> server, that track of thought leads eventually to the utter removal of
> the compiler from the server. On such systems, perhaps the kernel
> should be built on a different, safer machine.
It's generally not a good practice to do builds on a production server,
if for no other reason than the performance impact and the fact the
builds are most reproducible on fairly clean systems and production
servers tend to accumulate cruft in the face of their duties.
> If you update your kernel, wouldn't you also want to recompile glib
> against the new kernel? I'm not a C programmer, or I'd know these
> things. I'd suppose any C library that calls kernel functions would
> benefit from a recompile. I don't think gentoo's revdep-rebuild finds
> victims of a kernel recompile, though I could be wrong again.
Not usually. You generally only need to rebuild glibc if the syscall
interface changes and that's quite rare. The user/kernel interface is a
well-established protocol that uses a software interrupt (80h) and is in
fact pretty much the same protocol across operating systems. Look down
to "Doing more interesting things" in this:
http://www.leto.net/writing/nasm.txt.
Wil
--
Wil Cooley <wcooley at nakedape.cc>
http://nakedape.cc
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 189 bytes
Desc: This is a digitally signed message part
URL: <http://lists.pdxlinux.org/pipermail/plug/attachments/20070117/6a96cba5/attachment.asc>
More information about the PLUG
mailing list