on 11/28/2008 10:53 AM Dirk Heinrichs wrote the following:
Am Freitag 28 November 2008 09:41:55 schrieb ext Thanasis:
Regarding kernel maintenance, mostly from the point of view of security,
which is the best way to go:
1) Having gentoo-sources in /var/lib/portage/world, which would mean the
sources would be upgraded whenever portage marks a newer version as
stable (provided someone follows stable)?
2) Not having gentoo-sources in /var/lib/portage/world, which would mean
the sources would be upgraded only as a dependency for some other
package (which is quite improbable/rare)?
(or, I may be missing something :-) )
Yes. Having the _sources_ upgraded doesn't gain you anything. You have to
actually compile a new kernel from them and reboot the system with that new
kernel. Do you do this right after every kernel source update?
Yes, I always try to do it.
I don't. I only do this when it's possible to reboot the machine.
Of course.
That's the reason why I don't care kernel source upgrades via package manager
on any system. Only when it's possible to reboot the machine, I update the
kernel sources via git (much faster than installing a complete package), build
the new kernel and eventually update all out-of-tree modules via
portage/paludis beforehand.
HTH...
Dirk
OK, I'm not acquainted with git... :-\ , but that's another subject. :-)
