Language Selection

English French German Italian Portuguese Spanish

Kernel Changes Draw Concern

Filed under
Linux

Members of the open-source community are expressing concern over rapid feature changes in the Linux 2.6 kernel, which they say are too focused on the desktop and could make the kernel too large.

Sam Greenblatt, a senior vice president at Computer Associates International Inc., in Islandia, N.Y., said that while the kernel is evolving for the desktop, server and embedded markets, more and more technology is being included, and the kernel is "getting fatter. We are not interested in the game drivers and music drivers that are being added to the kernel. We are interested in a more stable kernel."

Morton, who works for Open Source Development Labs Inc., in Beaverton, Ore., said there is no formal road map for an enterprise Linux feature set since the development of those technologies rests largely with vendors such as Red Hat Inc., IBM, Novell Inc. and CA.

"We are pumping feature changes into the kernel at an enormous rate," said Andrew Morton, the current maintainer of the Linux 2.6 kernel.

Still, Morton took issue with Greenblatt's contention, saying that most new features are optional and that their use is at the discretion of organizations compiling their builds of the kernel.

Morton said new features should continue to be added to the stable 2.6 tree rather than forming a new 2.7 development tree.

Critics of the development process point to growing competition among vendors to get code for new features accepted. But Morton maintains that the competition is healthy because it helps top-level kernel developers understand what subfeatures are required and what other users need.

On the enterprise front, Morton said he expects to merge code from Cambridge University's Computer Laboratories' Xen virtualization technology into the Linux kernel within the next few months. Xen "does the right thing technically," unlike other technologies, which are mainly workarounds for the fact that the operating system is not appropriately licensed, Morton said.

But CA's Greenblatt disagreed, saying that other virtualization technologies, such as one from VMware Inc., in Palo Alto, Calif., currently fill the virtualization role.

"We would be happy to see a true hypervisor [an application that allows multiple operating systems to run concurrently on the same physical server]. We think [Xen] is great innovation, but its concept of virtualization is still not to the point that we want to see in there," Greenblatt said.

Ian Pratt, a Xen project leader at Cambridge University, in England, said that Xen is indeed a true hypervisor.

"It runs on the bare metal and provides protected virtual environments for guest operating systems running on top of it," Pratt said. "Because of the paravirtualized approach, where we make some modifications to the guest operating systems, we've been able to allow the hypervisor and Linux to work in a more cooperative fashion."

On the issue of adding more clustering technology to the kernel, Morton said he hopes that clustering teams are working on factoring out common components for a merge into the mainline kernel.

InfiniBand, a channel-based, switch-fabric architecture from Topspin Communications Inc., in Mountain View, Calif., which was acquired last week by Cisco Systems Inc. , has already been moved into the kernel, Morton said, adding that the other InfiniBand stakeholders "seemed fine" with that decision.

Pratt said the Xen team is working with InfiniBand vendors to ensure that InfiniBand channels can be extended into guest operating systems running over Xen in an efficient yet fully protected manner.

Source.

More in Tux Machines

Cooking With Linux and EzeeLinux Shows

Red Hat Leftovers

  • RPKG guide from Tito user
    Since the beginning of the rpkg project, it was known as a client tool for DistGit. Times changed and a new era for rpkg is here. It was enhanced with project management features, so we can safely label it as a tito alternative. A features review, pros and cons and user guide is a theme for a whole new article. In this short post, I, as a long-time tito user, want to show rpkg alternatives for the tito commands, that I frequently use.
  • All-Flash Platform-as-a-Service: Pure Storage and Red Hat OpenShift Reference Architecture
    Pure Storage® is excited to announce a reference architecture for Red Hat OpenShift Container Platform, using both Pure Storage FlashArray and FlashBlade™ to provide all the underlying storage requirements.
  • Red Hat OpenStack Platform 13 Delivers Long-Term Support
    The Red Hat OpenStack Platform 13 release was officially announced here on May 21, bringing along with it new features and expanded support for the open-source cloud platform. In a video interview with eWEEK, Mark McLoughlin, senior director of engineering for OpenStack at Red Hat, details what's new in the release and what is set to come in the next release. Red Hat OpenStack Platform 13 is based on the upstream OpenStack Queens release that first became generally available on Feb. 28. "The key thing for the OpenStack Platform 13 release is that it is a long life release," McLoughlin said.
  • Red Hat, Inc. (RHT) stock remained among YTD Quarterly with rise of 12.54%
  • 10 tasks for running containers on Atomic Host
    Unlike a virtual machine, which includes an entire operating system, a container is meant to hold only the software needed to run an application. Therefore, to run a container efficiently and securely, you need an operating system that provides secure container services and acts as a foundation for running containers. One operating system developed for that task is Atomic Host. Think of Atomic Host as a secure, specialized version of Fedora, CentOS, or Red Hat Enterprise Linux (RHEL). Its best use is to provide a reliable and easily upgradable operating system for running containers. Different formats of Atomic Host are available to run on anything from bare metal to a variety of cloud environments. With an Atomic Host system installed, you can use the docker command as you would on other container-enabled systems. However, Atomic Host also comes with an additional command called atomic, which expands what you can do with containers.

Security: Firefox Accounts, 'DevSecOps', VPNFilter, PassProtect, Reproducible Builds

  • Two-step authentication in Firefox Accounts
  • Firefox Finally Offers Two Factor Auth to Protect Your Passwords
    Mozilla is rolling out two factor authentication for Firefox accounts and if you sync passwords using Firefox Sync you should enable it immediately. The option for two factor authentication should show up in your Firefox account settings in a few weeks, but you can skip the wait by clicking this link. Do that and you should see the option for two-factor authentication, as shown above.
  • Now Make Your Firefox Account Safer With New Two Factor Authentication
    It seems that tech giants, finally, are gearing up to make portals more secure. In an announcement made yesterday, Mozilla has announced two-factor authentication for Firefox accounts. It is an optional security feature that will require inserting authentication code after signing in your Firefox account with your credentials. The newly introduced two-step verification feature is based on the commonly used Time-based One-Time Password (TOTP)-based standard. Currently, the feature is available with Duo, Google Authenticator, and Authy. Users will need to install these apps to receive the authentication code.
  • Navigating the container security ecosystem
    SJ Technologies partnered with Sonatype for the DevSecOps Community 2018 Survey. The survey was wildly popular, receiving answers from more than 2,000 respondents representing a wide range of industries, development practices, and responsibilities. One-third of respondents (33%) came from the technology industry, and banking and financial services was the second most represented group (15%). 70% of all respondents were using a container registry. With so many respondents utilizing containers, a deeper dive into container security is in order.
  • New VPNFilter malware targets at least 500K networking devices worldwide
  • 500,000 Routers Are Infected With Malware and Potentially Spying On Users
  • 500,000 Routers In 54 Countries Hacked To Create Massive Botnet Army
  • PassProtect Tells You If Your Password Is Compromised
    A compromised password can’t protect you. PassProtect is a Chrome extension that notifies you whenever a password you enter is exposed, giving you the chance to change it. Data breaches happen all the time, and the result is usually a bunch of usernames and password floating around the web. Attackers use these lists to access accounts, so it’s important to change your passwords after a breach. Most users can’t keep track of it all, however. Which is where PassProtect come in. Using data from Have I Been Pwned, Troy Hunt’s database of compromised passwords, PassProtect lets you know when a password you use was part of a recent breach.
  • PassProtect warns Chrome users when their username or passwords get pwned
    Data breaches happen all the time. When they do, it’s invariably bad, with countless people ensnared. The MySpace breach, for example, impacted nearly 360 million. LinkedIn impacted 165 million more. One tool helping to mitigate the aftermath is Okta’s new Chrome plugin, PassProtect.
  • Reproducible Builds: Weekly report #160
    This week’s edition was written by Bernhard M. Wiedemann, Chris Lamb, Levente Polyak and Mattia Rizzolo & reviewed by a bunch of Reproducible Builds folks on IRC & the mailing lists.

today's howtos