public inbox for gentoo-user@lists.gentoo.org
 help / color / mirror / Atom feed
* [gentoo-user] Managing my kernel
@ 2007-05-14 15:48 Grant
  2007-05-14 16:09 ` Hemmann, Volker Armin
                   ` (2 more replies)
  0 siblings, 3 replies; 14+ messages in thread
From: Grant @ 2007-05-14 15:48 UTC (permalink / raw
  To: Gentoo mailing list

I've been puzzling a bit lately over the best way to manage my kernel.
 I've always tried to keep it as minimal as possible, and I only
enable things as I need them.  I also don't build modules from the
kernel at all.

Is there a better way to go?  I'm starting to think it might be better
to build every single module and let the system load them as it needs
them.

- Grant
-- 
gentoo-user@gentoo.org mailing list



^ permalink raw reply	[flat|nested] 14+ messages in thread

* Re: [gentoo-user] Managing my kernel
  2007-05-14 15:48 [gentoo-user] Managing my kernel Grant
@ 2007-05-14 16:09 ` Hemmann, Volker Armin
  2007-05-14 22:37   ` Aleksandar L. Dimitrov
  2007-05-17 20:17   ` Grant
  2007-05-14 18:18 ` Dale
  2007-05-15  0:33 ` Mark Kirkwood
  2 siblings, 2 replies; 14+ messages in thread
From: Hemmann, Volker Armin @ 2007-05-14 16:09 UTC (permalink / raw
  To: gentoo-user

On Montag, 14. Mai 2007, Grant wrote:
> I've been puzzling a bit lately over the best way to manage my kernel.
>  I've always tried to keep it as minimal as possible, and I only
> enable things as I need them.  I also don't build modules from the
> kernel at all.
>
> Is there a better way to go?  I'm starting to think it might be better
> to build every single module and let the system load them as it needs
> them.
>
> - Grant

well, from my point of view:

everything needed for booting: in kernel
everything needed all the time: in kernel
everything that needs a good kicking once in a while (usb, sound): modules
everything that needs parameters: modules
everything that is not needed all the time: module
-- 
gentoo-user@gentoo.org mailing list



^ permalink raw reply	[flat|nested] 14+ messages in thread

* Re: [gentoo-user] Managing my kernel
  2007-05-14 15:48 [gentoo-user] Managing my kernel Grant
  2007-05-14 16:09 ` Hemmann, Volker Armin
@ 2007-05-14 18:18 ` Dale
  2007-05-15  0:33 ` Mark Kirkwood
  2 siblings, 0 replies; 14+ messages in thread
From: Dale @ 2007-05-14 18:18 UTC (permalink / raw
  To: gentoo-user

Grant wrote:
> I've been puzzling a bit lately over the best way to manage my kernel.
> I've always tried to keep it as minimal as possible, and I only
> enable things as I need them.  I also don't build modules from the
> kernel at all.
>
> Is there a better way to go?  I'm starting to think it might be better
> to build every single module and let the system load them as it needs
> them.
>
> - Grant


I always build everything in the kernel.  The only module I have is the
nvidia driver.  Looks like this:

> root@smoker / # lsmod
> Module                  Size  Used by
> nvidia               4550612  12
> root@smoker / #

I have not had any trouble kernel wise in a long time.  I guess it is
just a matter of preference.

Dale

:-)  :-)  :-)


-- 
www.myspace.com/-remove-me-dalek1967

Copy n paste then remove the -remove-me- part.

-- 
gentoo-user@gentoo.org mailing list



^ permalink raw reply	[flat|nested] 14+ messages in thread

* Re: [gentoo-user] Managing my kernel
  2007-05-14 22:37   ` Aleksandar L. Dimitrov
@ 2007-05-14 21:16     ` Neil Bothwick
  2007-05-15  2:16       ` Aleksandar L. Dimitrov
  0 siblings, 1 reply; 14+ messages in thread
From: Neil Bothwick @ 2007-05-14 21:16 UTC (permalink / raw
  To: gentoo-user

[-- Attachment #1: Type: text/plain, Size: 442 bytes --]

On Tue, 15 May 2007 00:37:57 +0200, Aleksandar L. Dimitrov wrote:

> Gentoo is actually all about keeping all of the stuff as minimal as
> possible ;)

Gentoo is all about doing what you want, not what other people think you
should do. It doesn't matter whether you want all modules, all in-kernel,
every module built or a compromise, it's up to you.


-- 
Neil Bothwick

... Taglines: and How They Affect Women. Next On Oprah.

[-- Attachment #2: signature.asc --]
[-- Type: application/pgp-signature, Size: 189 bytes --]

^ permalink raw reply	[flat|nested] 14+ messages in thread

* Re: [gentoo-user] Managing my kernel
  2007-05-14 16:09 ` Hemmann, Volker Armin
@ 2007-05-14 22:37   ` Aleksandar L. Dimitrov
  2007-05-14 21:16     ` Neil Bothwick
  2007-05-17 20:17   ` Grant
  1 sibling, 1 reply; 14+ messages in thread
From: Aleksandar L. Dimitrov @ 2007-05-14 22:37 UTC (permalink / raw
  To: gentoo-user

On Mon, 14 May 2007 18:09:37 +0200
"Hemmann, Volker Armin" <volker.armin.hemmann@tu-clausthal.de> wrote:

> On Montag, 14. Mai 2007, Grant wrote:
> > I've been puzzling a bit lately over the best way to manage my
> > kernel. I've always tried to keep it as minimal as possible, and I
> > only enable things as I need them.  I also don't build modules from
> > the kernel at all.
> >
> > Is there a better way to go?  I'm starting to think it might be
> > better to build every single module and let the system load them as
> > it needs them.
> >
> > - Grant
> 
> well, from my point of view:
> 
> everything needed for booting: in kernel
> everything needed all the time: in kernel
> everything that needs a good kicking once in a while (usb, sound):
> modules everything that needs parameters: modules
> everything that is not needed all the time: module
I would really add:
everything not needed at all: out!

Kernel build time is also an issue - I don't wanna be watching those
messages floating around the screen forever. Of course, inheriting
the .config is a must, though it can lead to problems if you ain't too
much one of the Changelog-reading-guys.
Otherwise I'll just agree with Volker, though I keep USB in-kernel on
my laptop as it is very important to me.

Gentoo is actually all about keeping all of the stuff as minimal as
possible ;)

Regards, Aleks
-- 
gentoo-user@gentoo.org mailing list



^ permalink raw reply	[flat|nested] 14+ messages in thread

* Re: [gentoo-user] Managing my kernel
  2007-05-14 15:48 [gentoo-user] Managing my kernel Grant
  2007-05-14 16:09 ` Hemmann, Volker Armin
  2007-05-14 18:18 ` Dale
@ 2007-05-15  0:33 ` Mark Kirkwood
  2007-05-15  1:57   ` Dan Farrell
  2 siblings, 1 reply; 14+ messages in thread
From: Mark Kirkwood @ 2007-05-15  0:33 UTC (permalink / raw
  To: gentoo-user

Grant wrote:
> I've been puzzling a bit lately over the best way to manage my kernel.
> I've always tried to keep it as minimal as possible, and I only
> enable things as I need them.  I also don't build modules from the
> kernel at all.
> 
> Is there a better way to go?  I'm starting to think it might be better
> to build every single module and let the system load them as it needs

A friend of mine does this for his production servers:

1/ builds the known needed things into the kernel
2/ disables loadable modules completely

This is probably not suitable for some use cases...(new raid card 
...ooops... redo kernel), but if you are deploying to known hardware it 
is ok.

Cheers

Mark
-- 
gentoo-user@gentoo.org mailing list



^ permalink raw reply	[flat|nested] 14+ messages in thread

* RE: [gentoo-user] Managing my kernel
@ 2007-05-15  0:54 burlingk
  0 siblings, 0 replies; 14+ messages in thread
From: burlingk @ 2007-05-15  0:54 UTC (permalink / raw
  To: gentoo-user



> -----Original Message-----
> From: Aleksandar L. Dimitrov [mailto:aleks_d@gmx.de] 
> Sent: Tuesday, May 15, 2007 11:16 AM
> To: gentoo-user@lists.gentoo.org
> Subject: Re: [gentoo-user] Managing my kernel
> 
> 
> On Mon, 14 May 2007 22:16:04 +0100
> Neil Bothwick <neil@digimed.co.uk> wrote:
> 
> > On Tue, 15 May 2007 00:37:57 +0200, Aleksandar L. Dimitrov wrote:
> > 
> > > Gentoo is actually all about keeping all of the stuff as 
> minimal as 
> > > possible ;)
> > 
> > Gentoo is all about doing what you want, not what other 
> people think 
> > you should do. It doesn't matter whether you want all modules, all 
> > in-kernel, every module built or a compromise, it's up to you.
> > 
> > 
> Well, OK, I should probably add a 'for me' next time.
> 
> Still, the guy asked about opinions - and my opinion I gave. Nothing
> more: In my opinion keeping stuff simple and slim on the 
> kernel side means reliability and performance. This is an 
> opinion formed by the (admittedly limited) experience I got so far.
> 
> Regards, Aleks
> -- 
My personal preference, when it is it feasable, is to compile just the
modules the features that I actually have installed at the time, and
compile as much of it into the kernel as will function properly.

That way I don't have to worry about modprobing anything, and with the
newer kernels, most things that are compiled directly into the kernel
run pretty much automatically.
--
gentoo-user@gentoo.org mailing list



^ permalink raw reply	[flat|nested] 14+ messages in thread

* Re: [gentoo-user] Managing my kernel
  2007-05-15  0:33 ` Mark Kirkwood
@ 2007-05-15  1:57   ` Dan Farrell
  2007-05-15  7:21     ` Etaoin Shrdlu
  2007-05-17  6:38     ` Mark Kirkwood
  0 siblings, 2 replies; 14+ messages in thread
From: Dan Farrell @ 2007-05-15  1:57 UTC (permalink / raw
  To: gentoo-user

On Tue, 15 May 2007 12:33:22 +1200
Mark Kirkwood <markir@paradise.net.nz> wrote:

> Grant wrote:
> > I've been puzzling a bit lately over the best way to manage my
> > kernel. I've always tried to keep it as minimal as possible, and I
> > only enable things as I need them.  I also don't build modules from
> > the kernel at all.
> > 
> > Is there a better way to go?  I'm starting to think it might be
> > better to build every single module and let the system load them as
> > it needs
> 
> A friend of mine does this for his production servers:
> 
> 1/ builds the known needed things into the kernel
> 2/ disables loadable modules completely
> 
> This is probably not suitable for some use cases...(new raid card 
> ...ooops... redo kernel), but if you are deploying to known hardware
> it is ok.
> 
> Cheers
> 
> Mark
But Why?  What's the benefit?  If the code isn't being used, it isn't
going to slow down the kernel is it?  And the size of the kernel is
irrelevant in my opinion -- the kernel is far from the predominant
memory consumer on even a slow system.   I think it's more likely that
you'll have a problem with your kernel configuration than your kernel
performance, and modules are the only way to add kernel support without
rebooting.  Furthermore, kernel modules have their own benefits --
increased run-time configuration, for example (as opposed to a boot
parameter). No, I agree with volker:

>everything needed for booting: in kernel
>everything needed all the time: in kernel
>everything that needs a good kicking once in a while (usb, sound):
>modules everything that needs parameters: modules
>everything that is not needed all the time: module

that way, you can also build modules on-the-fly to suit your needs and
then compile them into the kernel, if desired, the next time you
rebuild it.  
-- 
gentoo-user@gentoo.org mailing list



^ permalink raw reply	[flat|nested] 14+ messages in thread

* Re: [gentoo-user] Managing my kernel
  2007-05-14 21:16     ` Neil Bothwick
@ 2007-05-15  2:16       ` Aleksandar L. Dimitrov
  0 siblings, 0 replies; 14+ messages in thread
From: Aleksandar L. Dimitrov @ 2007-05-15  2:16 UTC (permalink / raw
  To: gentoo-user

On Mon, 14 May 2007 22:16:04 +0100
Neil Bothwick <neil@digimed.co.uk> wrote:

> On Tue, 15 May 2007 00:37:57 +0200, Aleksandar L. Dimitrov wrote:
> 
> > Gentoo is actually all about keeping all of the stuff as minimal as
> > possible ;)
> 
> Gentoo is all about doing what you want, not what other people think
> you should do. It doesn't matter whether you want all modules, all
> in-kernel, every module built or a compromise, it's up to you.
> 
> 
Well, OK, I should probably add a 'for me' next time.

Still, the guy asked about opinions - and my opinion I gave. Nothing
more: In my opinion keeping stuff simple and slim on the kernel side
means reliability and performance. This is an opinion formed by the
(admittedly limited) experience I got so far.

Regards, Aleks
-- 
gentoo-user@gentoo.org mailing list



^ permalink raw reply	[flat|nested] 14+ messages in thread

* Re: [gentoo-user] Managing my kernel
  2007-05-15  1:57   ` Dan Farrell
@ 2007-05-15  7:21     ` Etaoin Shrdlu
  2007-05-15 19:49       ` Dan Farrell
  2007-05-17  6:38     ` Mark Kirkwood
  1 sibling, 1 reply; 14+ messages in thread
From: Etaoin Shrdlu @ 2007-05-15  7:21 UTC (permalink / raw
  To: gentoo-user

On Tuesday 15 May 2007 03:57, Dan Farrell wrote:

> On Tue, 15 May 2007 12:33:22 +1200
>
> Mark Kirkwood <markir@paradise.net.nz> wrote:
> > 1/ builds the known needed things into the kernel
> > 2/ disables loadable modules completely

> But Why?  What's the benefit?  

Well, disabling loadable modules is generally considered to be good for  
the purpose of hardening your system. For example, some rootkits use 
LKMs, and removing loadable modules support might help to prevent such 
attacks.
-- 
gentoo-user@gentoo.org mailing list



^ permalink raw reply	[flat|nested] 14+ messages in thread

* Re: [gentoo-user] Managing my kernel
  2007-05-15  7:21     ` Etaoin Shrdlu
@ 2007-05-15 19:49       ` Dan Farrell
  2007-05-15 20:06         ` Boyd Stephen Smith Jr.
  0 siblings, 1 reply; 14+ messages in thread
From: Dan Farrell @ 2007-05-15 19:49 UTC (permalink / raw
  To: gentoo-user

On Tue, 15 May 2007 09:21:17 +0200
Etaoin Shrdlu <shrdlu@unlimitedmail.org> wrote:

> On Tuesday 15 May 2007 03:57, Dan Farrell wrote:
> 
> > On Tue, 15 May 2007 12:33:22 +1200
> >
> > Mark Kirkwood <markir@paradise.net.nz> wrote:
> > > 1/ builds the known needed things into the kernel
> > > 2/ disables loadable modules completely
> 
> > But Why?  What's the benefit?  
> 
> Well, disabling loadable modules is generally considered to be good
> for the purpose of hardening your system. For example, some rootkits
> use LKMs, and removing loadable modules support might help to prevent
> such attacks.

Interesting, thanks.  I'd never heard of LKM rootkits, although the
concept is I suppose a good one, as far as defeating security goes.  I
must say I'm not going to start worrying about it, but point taken
-- 
gentoo-user@gentoo.org mailing list



^ permalink raw reply	[flat|nested] 14+ messages in thread

* Re: [gentoo-user] Managing my kernel
  2007-05-15 19:49       ` Dan Farrell
@ 2007-05-15 20:06         ` Boyd Stephen Smith Jr.
  0 siblings, 0 replies; 14+ messages in thread
From: Boyd Stephen Smith Jr. @ 2007-05-15 20:06 UTC (permalink / raw
  To: gentoo-user

[-- Attachment #1: Type: text/plain, Size: 1221 bytes --]

On Tuesday 15 May 2007, Dan Farrell <dan@spore.ath.cx> wrote about 'Re: 
[gentoo-user] Managing my kernel':
> On Tue, 15 May 2007 09:21:17 +0200
> Etaoin Shrdlu <shrdlu@unlimitedmail.org> wrote:
> > On Tuesday 15 May 2007 03:57, Dan Farrell wrote:
> > > On Tue, 15 May 2007 12:33:22 +1200
> > > Mark Kirkwood <markir@paradise.net.nz> wrote:
> > > > 2/ disables loadable modules completely
> > >
> > > But Why?  What's the benefit?
> >
> > [S]ome rootkits
> > use LKMs, and removing loadable modules support might help to prevent
> > such attacks.
>
> I'd never heard of LKM rootkits, although the
> concept is I suppose a good one, as far as defeating security goes.  I
> must say I'm not going to start worrying about it, but point taken

The (GPL'd) rootkit I was able to look at didn't even use LKMs, it simply 
patched the kernel live via /proc/kcore.  The version I saw probably 
wouldn't work anymore, but LKMs aren't the only way a rootkit can take 
hold.

-- 
Boyd Stephen Smith Jr.                     ,= ,-_-. =. 
bss03@volumehost.net                      ((_/)o o(\_))
ICQ: 514984 YM/AIM: DaTwinkDaddy           `-'(. .)`-' 
http://iguanasuicide.org/                      \_/     

[-- Attachment #2: This is a digitally signed message part. --]
[-- Type: application/pgp-signature, Size: 189 bytes --]

^ permalink raw reply	[flat|nested] 14+ messages in thread

* Re: [gentoo-user] Managing my kernel
  2007-05-15  1:57   ` Dan Farrell
  2007-05-15  7:21     ` Etaoin Shrdlu
@ 2007-05-17  6:38     ` Mark Kirkwood
  1 sibling, 0 replies; 14+ messages in thread
From: Mark Kirkwood @ 2007-05-17  6:38 UTC (permalink / raw
  To: gentoo-user

Dan Farrell wrote:
> On Tue, 15 May 2007 12:33:22 +1200
> Mark Kirkwood <markir@paradise.net.nz> wrote:
>> A friend of mine does this for his production servers:
>>
>> 1/ builds the known needed things into the kernel
>> 2/ disables loadable modules completely
>>
>> This is probably not suitable for some use cases...(new raid card 
>> ...ooops... redo kernel), but if you are deploying to known hardware
>> it is ok.
>>
>> Cheers
>>
>> Mark
> But Why?  What's the benefit?  If the code isn't being used, it isn't
> going to slow down the kernel is it?  And the size of the kernel is
> irrelevant in my opinion -- the kernel is far from the predominant
> memory consumer on even a slow system.   I think it's more likely that
> you'll have a problem with your kernel configuration than your kernel
> performance, and modules are the only way to add kernel support without
> rebooting.  Furthermore, kernel modules have their own benefits --
> increased run-time configuration, for example (as opposed to a boot
> parameter). No, I agree with volker:
> 
>> everything needed for booting: in kernel
>> everything needed all the time: in kernel
>> everything that needs a good kicking once in a while (usb, sound):
>> modules everything that needs parameters: modules
>> everything that is not needed all the time: module
> 
> that way, you can also build modules on-the-fly to suit your needs and
> then compile them into the kernel, if desired, the next time you
> rebuild it.  

FWIW for my own Gentoo systems I've just used genkernel, as its so 
convenient - so I've probably ended up effectively doing volker's recipe 
too....

Cheers

Mark
-- 
gentoo-user@gentoo.org mailing list



^ permalink raw reply	[flat|nested] 14+ messages in thread

* Re: [gentoo-user] Managing my kernel
  2007-05-14 16:09 ` Hemmann, Volker Armin
  2007-05-14 22:37   ` Aleksandar L. Dimitrov
@ 2007-05-17 20:17   ` Grant
  1 sibling, 0 replies; 14+ messages in thread
From: Grant @ 2007-05-17 20:17 UTC (permalink / raw
  To: gentoo-user

> > I've been puzzling a bit lately over the best way to manage my kernel.
> >  I've always tried to keep it as minimal as possible, and I only
> > enable things as I need them.  I also don't build modules from the
> > kernel at all.
> >
> > Is there a better way to go?  I'm starting to think it might be better
> > to build every single module and let the system load them as it needs
> > them.
> >
> > - Grant
>
> well, from my point of view:
>
> everything needed for booting: in kernel
> everything needed all the time: in kernel
> everything that needs a good kicking once in a while (usb, sound): modules
> everything that needs parameters: modules
> everything that is not needed all the time: module

So you don't leave anything unbuilt?  Is there any real disadvantage
to that as long as you modularize as much as possible?  It sounds
delightfully simple to go that route.  That would be a really portable
kernel too.

- Grant
-- 
gentoo-user@gentoo.org mailing list



^ permalink raw reply	[flat|nested] 14+ messages in thread

end of thread, other threads:[~2007-05-17 20:22 UTC | newest]

Thread overview: 14+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2007-05-14 15:48 [gentoo-user] Managing my kernel Grant
2007-05-14 16:09 ` Hemmann, Volker Armin
2007-05-14 22:37   ` Aleksandar L. Dimitrov
2007-05-14 21:16     ` Neil Bothwick
2007-05-15  2:16       ` Aleksandar L. Dimitrov
2007-05-17 20:17   ` Grant
2007-05-14 18:18 ` Dale
2007-05-15  0:33 ` Mark Kirkwood
2007-05-15  1:57   ` Dan Farrell
2007-05-15  7:21     ` Etaoin Shrdlu
2007-05-15 19:49       ` Dan Farrell
2007-05-15 20:06         ` Boyd Stephen Smith Jr.
2007-05-17  6:38     ` Mark Kirkwood
  -- strict thread matches above, loose matches on Subject: below --
2007-05-15  0:54 burlingk

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox