You are not logged in.
Pages: 1
First, I'm assuming that everything I see in Synaptic comes from the Devuan repos; is that correct? My main question is what is the newest available kernel? The newest one I see is 3.16.0-5. Is that right? The number seems kind of low to me. Is this kernel patched for the Meltdown/Spectre flaws?
Another question I have is that I have both 3.16.0-4 and 3.16.0-5 installed. Does Miyo automatically boot into the newest kernel? I don't get any prompt on boot-up asking me which kernel I want to boot into. uname -r shows 3.16.0-5 so I assume that's the case. If I ever needed to boot into an older kernel, how would I go about that?
Thanks!
Offline
Yes, everything is Devuan repos.
The 3.16 kernel is older, but it's the LTS kernel...so it's tried, tested, and stable...and will continue being supported for two more years.
If you enable the backports repository, you can install a newer kernel from backports.
If you ever need to boot an older kernel...
When you turn on the computer and reach the grub screen, use your "down arrow" key to highlight "Advanced options for...", then use the arrow key again to highlight an older kernel and hit Enter on your keyboard.
To my knowledge, there have been no patches for meltdown and spectre in kernel 3.16, because it's believed that 3.16 isn't affected...
I have been Devuanated, and my practice in the art of Devuanism shall continue until my Devuanization is complete. Until then, I will strive to continue in my understanding of Devuanchology, Devuanprocity, and Devuanivity.
Veni, vidi, vici vdevuaned. I came, I saw, I Devuaned.
Offline
Thanks MiyoLinux. I did some research and found this below on debian's site. Is this what I need to do on Miyo/Devuan to get the backports? Also I'm a bit confused, would it go in the file sources.list found in /etc/apt or would it go in the file devuan.list in /etc/apt/sources.list.d? Thanks for your help.
1. For jessie add this line
deb http://ftp.debian.org/debian jessie-backports main
to your sources.list (or add a new file with the ".list" extension to /etc/apt/sources.list.d/)
2. Run apt-get update
Offline
No, never use Debian repos directly. The backports repo is available via devuan at:
http://pkgmaster.devuan.org/merged/ jessie-backports main contrib non-free
or
http://auto.devuan.org/merged/ jessie-backports main contrib non-free
Offline
To my knowledge, there have been no patches for meltdown and spectre in kernel 3.16, because it's believed that 3.16 isn't affected...
https://wiki.debian.org/DebianSecurity/SpectreMeltdown
Are you joking?
Also, processor architecture matters just as much as kernel version. Not only will i386 probably never be patched, but anything before 4.14.14 (on amd64) is just a backport, criticized for nebulous integrity.
http://forums.debian.net/viewtopic.php?f=3&t=135775
Last edited by siva (2018-04-30 18:42:59)
Offline
Ron, I'm on my phone, so I can't check...but I believe I included the backports repo already but have it commented out. To check, open your terminal and issue this command...
sudo leafpad /etc/apt/sources.list
When the file opens, look at the bottom for the jessie-backports repo. If it's there, remove the # from in front of it. Then save and close the file.
Next, run this command in the terminal...
sudo apt-get update
Don't run an upgrade...close the terminal.
Now open Synaptic and search for...
linux image
Find the newer kernel and install it.
Then I'd recommend putting the # back on the backports repo.
I have been Devuanated, and my practice in the art of Devuanism shall continue until my Devuanization is complete. Until then, I will strive to continue in my understanding of Devuanchology, Devuanprocity, and Devuanivity.
Veni, vidi, vici vdevuaned. I came, I saw, I Devuaned.
Offline
Then I'd recommend putting the # back on the backports repo.
You can also specify backported packages with the "-t [repo]" option (eg, "-t jessie-backports"). Then you can keep the bpo repo uncommented and use only when needed.
Offline
I successfully added the backports, but when I mark the kernel for installation I get this error message:
linux-image-4.9.0-0.bpo.6-amd64:
Depends: linux-base (>=4.3~) but 3.5 is to be installed
If I have the backport enabled, why am I not being offered an updated linux-base version?
Offline
Oh dear...yes, I forgot that you will need to install the linux-base from backports too. I'm sorry. Try this from your terminal...
sudo apt-get -t jessie-backports install linux-base linux-image-4.9.0-0.bpo.6-amd64
I have been Devuanated, and my practice in the art of Devuanism shall continue until my Devuanization is complete. Until then, I will strive to continue in my understanding of Devuanchology, Devuanprocity, and Devuanivity.
Veni, vidi, vici vdevuaned. I came, I saw, I Devuaned.
Offline
Thanks MiyoLinux. That worked!
Offline
I have been Devuanated, and my practice in the art of Devuanism shall continue until my Devuanization is complete. Until then, I will strive to continue in my understanding of Devuanchology, Devuanprocity, and Devuanivity.
Veni, vidi, vici vdevuaned. I came, I saw, I Devuaned.
Offline
HOORAY to the one and only MIYO!!
Offline
HOORAY to the one and only MIYO!!
Well...I'm not one to brag or anything, but I am pretty awesome and deserve all of the accolades and prominence that I'm given...'n stuff.
LOLOLOLOLOLOL!!!
I have been Devuanated, and my practice in the art of Devuanism shall continue until my Devuanization is complete. Until then, I will strive to continue in my understanding of Devuanchology, Devuanprocity, and Devuanivity.
Veni, vidi, vici vdevuaned. I came, I saw, I Devuaned.
Offline
MiyoLinux wrote:To my knowledge, there have been no patches for meltdown and spectre in kernel 3.16, because it's believed that 3.16 isn't affected...
https://wiki.debian.org/DebianSecurity/SpectreMeltdownAre you joking?
Also, processor architecture matters just as much as kernel version. Not only will i386 probably never be patched, but anything before 4.14.14 (on amd64) is just a backport, criticized for nebulous integrity.
http://forums.debian.net/viewtopic.php?f=3&t=135775
Sorry siva...I wasn't ignoring your post. I just saw it now for the first time...not sure how I missed it yesterday.
No, I wasn't joking. In trying not to muddy the waters, I was simply giving the "official" reason as to why 3.16 won't be patched as stated by Debian (in the link I provided)...since Devuan's kernel comes from Debian.
I have been Devuanated, and my practice in the art of Devuanism shall continue until my Devuanization is complete. Until then, I will strive to continue in my understanding of Devuanchology, Devuanprocity, and Devuanivity.
Veni, vidi, vici vdevuaned. I came, I saw, I Devuaned.
Offline
I wasn't offended lol.
I'm wondering where you found that statement from Debian. It is my understanding that jessie-security solved this issue with a patched kernel, according to the CVE tracker. Would you mind sharing?
Again, however, all i386/i686 kernels are still vulnerable, and the kpti patch developers have no intent to fix them in the near future.
Offline
I wasn't offended lol.
I'm wondering where you found that statement from Debian. It is my understanding that jessie-security solved this issue with a patched kernel, according to the CVE tracker. Would you mind sharing?
Again, however, all i386/i686 kernels are still vulnerable, and the kpti patch developers have no intent to fix them in the near future.
I shared it in the link that I provided; however, that link no longer says what it said when I first posted it. The caveat from the link is...
This article will be updated periodically with new information as it becomes available, until the issues have been resolved.
In looking at the article today, it no longer says what I said that it said yesterday. Strange.
I have been Devuanated, and my practice in the art of Devuanism shall continue until my Devuanization is complete. Until then, I will strive to continue in my understanding of Devuanchology, Devuanprocity, and Devuanivity.
Veni, vidi, vici vdevuaned. I came, I saw, I Devuaned.
Offline
It's probably the reptile overlords updating the reality simulator again. Not your fault.
The CVE tracker has outlined the vulnerable and patched versions for a few months, and it looks like it hasn't changed.
https://security-tracker.debian.org/tra … -2017-5754
The only claims for invulnerability I've heard are hardware-level exceptions.
Offline
MiyoLinux wrote:
Then I'd recommend putting the # back on the backports repo.
I can't remember if I put them back. Should it look like this:
# jessie-backports
#deb http://auto.mirror.devuan.org/merged jessie-backports main
#deb-src http://auto.mirror.devuan.org/merged jessie-backports main
or just this:
# jessie-backports
deb http://auto.mirror.devuan.org/merged jessie-backports main
deb-src http://auto.mirror.devuan.org/merged jessie-backports main
Another question, if I disable the backports then won't I not be offered an update on the new kernel when one is released?
Last edited by Ron (2018-05-03 00:17:04)
Offline
The first option disables backports. I have always put a space after the # but don't know whether that's necessary. The second example enables them.
Offline
MiyoLinux wrote:
Then I'd recommend putting the # back on the backports repo.I can't remember if I put them back. Should it look like this:
# jessie-backports #deb http://auto.mirror.devuan.org/merged jessie-backports main #deb-src http://auto.mirror.devuan.org/merged jessie-backports main
or just this:
# jessie-backports deb http://auto.mirror.devuan.org/merged jessie-backports main deb-src http://auto.mirror.devuan.org/merged jessie-backports main
Another question, if I disable the backports then won't I not be offered an update on the new kernel when one is released?
Hi Ron! You can just leave the "deb" line uncommented (without the #). Unless you're planning on building something from source, you can put the # in front of the "deb-src" repos.
Sometimes I forget and give advice about my personal preferences. I never use backports myself, so I always leave them commented out.
As I said, unless you plan to build something from source, this is my recommendation for how it should look...
# jessie-backports
deb http://auto.mirror.devuan.org/merged jessie-backports main
#deb-src http://auto.mirror.devuan.org/merged jessie-backports main
If you plan to build from source, then leave it as...
# jessie-backports
deb http://auto.mirror.devuan.org/merged jessie-backports main
deb-src http://auto.mirror.devuan.org/merged jessie-backports main
Hope that helps!
I have been Devuanated, and my practice in the art of Devuanism shall continue until my Devuanization is complete. Until then, I will strive to continue in my understanding of Devuanchology, Devuanprocity, and Devuanivity.
Veni, vidi, vici vdevuaned. I came, I saw, I Devuaned.
Offline
Pages: 1