Live CD kernels
John Richard Moser
nigelenki at comcast.net
Mon Jan 31 00:01:15 CST 2005
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
oh what the heck I just tested the live cd for hoary and it's an install
CD in there.
http://cdimage.ubuntu.com/daily-live/current/hoary-live-i386.iso seems
to be install :) I guess you meant "live install CD" (all install cds
are livecds or broken).
John Richard Moser wrote:
> Can we see Hoary liveCDs with experimental kernels on them? Normal
> users will just boot, but a submenu to grub to supply experimental
> kernels would allow a longer release test cycle for kernels even though
> they won't be supported until at least Hoary+1. This would be good for QA.
>
> I'm specifically thinking of Martin Pitt's experimental hardened
> kernels. He maintains a set of packages that install Linux-2.6.10 with
> grsecurity on Hoary, and mark up several files (most likely for roughly
> 15 or 20 packages, a lot of which probably aren't in main) to work with PaX.
>
> Some of the GrSecurity protections will have to be disabled at least
> until real boot, at which point they can be enabled via sysctl settings
> (make sure you use pivot_root() to set the real root, which I believe
> happens on Morphix). The LiveCD filesystems themselves will also need
> to be marked up before being squashfs'd or cloop'd using pitti's tools
> to actually work.
>
> Martin, do you think you could get some work done to allow the
> experimental Hoary LiveCDs to house your hardened kernels and allow the
> user to test them? It would give an opportunity for a longer period of
> testing, and would also give you an idea of what needs to be done to
> make LiveCDs function with them. This information will be useful after
> Hoary if you decide to move to them for the following release.
>
> This should just be considered as an opportunity task, not a primary or
> secondary priority; considerations for security hardening aren't going
> to be looked at any further until AFTER Hoary's release, so there are
> more urgent matters for Ubuntu's developers to handle for the timebeing.
>
- --
All content of all messages exchanged herein are left in the
Public Domain, unless otherwise explicitly stated.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.0 (GNU/Linux)
Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org
iD8DBQFB/cmnhDd4aOud5P8RAmP4AJ9eUgL5uvw7giJlk4JwsCzXN9sqNgCeLkL4
CvpXxLg5QYmlkd52srvllig=
=czMI
-----END PGP SIGNATURE-----
More information about the ubuntu-devel
mailing list