kernel-2.6-cn
~~~~~~~~~~~~~
-Ovo je virtualni paket koji instalira odgovarajucu okolinu za CARNet
-Debian kernel izgradjen iz standardnog Debian Etchnhalf kernela, ali sa
-ExecShield i Layer 7 netfilterom. Takodjer, vise se ne koristi initrd vec
-initramfs tehnika, odnosno ne koristi se vise ni LILO vec GRUB kao glavni
-loader za Linux kernel.
+Ovo je virtualni paket koji modificira tipicni Debian posluzitelj sa
+razlicitim sigurnosnim postavkama.
-Vise o Etchnhalf Debian izdanju mozete procitati na:
-
- http://www.debian.org/releases/etch/etchnhalf
-
-ExecShield je dodatni nivo zastite cija je glavna duznost onemoguciti
-izvrsavanje koda sa stranica koje su oznacene tako:
-
- http://en.wikipedia.org/wiki/Exec_Shield
-
-Sam patch je preuzet iz Fedora CVS razvojnog stabla:
-
- http://cvs.fedora.redhat.com/viewvc/rpms/kernel/F-9/linux-2.6-execshield.patch
-
-Dodatak je i Layer 7 Netfilter modul koji omogucava matchiranje odredjenih
-aplikativnih protokola sa boljom ili losijom pouzdanoscu. Stranica
-projekta je:
-
- http://l7-filter.sourceforge.net/
-
-Popis podrzanog hardvera:
--------------------------
-Memorija: do 64GB (bigmem odnosno PAE podrska)
-
-Procesori: IA32 (pocevsi od PIII procesora), x86_64 ukljucno sa EM64T
- procesorima PIII i visi (ali ne IA-64) u SMP i UP nacinu rada
-
-Ploce: sve standardne PC ploce za IA32 ili x86_64 arhitekturu
-
-IDE kontroleri: AMD AMD74xx, CMD64x, Highpoint HPT366, Intel PIIX/ICH, IT821x,
- Promise PDC202xx, ServerWorks, Silicon Image, SIS513, VIA82Cxxx,
- genericki PCI IDE, ITE 821x, Pacific Digital Corporation ADMA,
- Serverworks OSB4/CSB5/CSB6, SiI, SiS, VIA, Marvell
-
-SCSI i SAS kontroleri: 3ware 9000, Dell PERC2, 2/Si, 3/Si, 3/Di, Adaptec
- Advanced Raid Products, HP NetRAID-4M, IBM ServeRAID, ICP SCSI,
- Adaptec AIC77xx/78xx/790x/94xx, HP Controller CCISS SA5xxx/SA6xxx,
- Adaptec I2O, IBM Power RAID, IBM ServeRAID, Emulex LightPulse Fibre
- Channel, LSI Logic MegaRAID, Fusion MPT, Qlogic ISP (QLA
- 1x80/1x160), QLogic Fibre Channel, NCR/Symbios/LSI 8xx/1010,
- FlashPoint, Marvell
-
-mrezne kartice: 3Com 3c59x/3c9xx, RealTek RTL-8139, Broadcom NetXtreme II
- BCM5706/5708, Intel PRO/100, NE2000, PCNet32/PCnetPCI, RealTek
- RTL-8169, SiS sis190, SiS 900, SysKonnect, Digital 21x4x Tulip,
- 3Com Typhoon (3C990, 3CR990, itd), VIA Rhine, VIA Velocity, QLogic
- QLA3xxx, Marvell Yukon 2/SysKonnect, Attansic L1
-
-SATA kontroleri: AHCI, Marvell, nVidia, Promise ATA TX2/TX4/TX4000, Pacific
- Digital Corporation QStor, Silicon Image, Silicon Image 3124/3132,
- Silicon Integrated Systems, K2, Promise, ULi, VIA, Vitesse VSC7174,
- Initio 162x
-
-ostalo: IPv4 i IPv6 Netfilter moduli, QoS pravila, raznorazni
- filesistemi (NFSv3 client i server, XFS, Ext2/3, Minix), VLAN
- 802.1q, bridge 802.1d, USB EHCI/UHCI/OHCI, InfiniBand, SoftRAID
- (append, MD 0/1/4/5/6), LVM2, IPMI, i6300ESB watchdog, i8xx/Intel TCO
- watchdog, DeviceMapper, IEEE 1394 FireWire, KVM Intel/AMD, SATA/SAS
- hubovi/ekspanderi itd.
+Paket je nekad donosio Grsecurity, ExecShield i Layer7 dodatke, no sada
+je iskljucivo nadogradnja (u vidu postavki) na defaultni Debianov kernel.
Datoteke koje se backupiraju:
-----------------------------
/etc/lilo.conf -> /var/backups
/etc/sysctl.conf -> /var/backups
-//etc/kernel-img.conf -> /var/backups
+/etc/kernel-img.conf -> /var/backups
Datoteke koje se mijenjaju uvjetno ili bezuvjetno:
--------------------------------------------------
/vmlinuz /vmlinuz.old /boot/vmlinuz.plain -> eliminacija starih i
zaostalih symlinkova
- -- Dinko Korunic <kreator@carnet.hr> Fri, 13 Feb 2009 15:14:11 +0100
+ -- Dinko Korunic <kreator@carnet.hr> Fri, 19 Feb 2010 16:34:30 +0100
Package: kernel-2.6-cn
Architecture: all
Section: base
-Depends: grub (>= 0.97-47lenny2), procps (>= 1:3.2.7-11), udev (>= 0.125-7+lenny1), perl-base, carnet-tools-cn (>= 2.8.2), module-init-tools (>= 3.4-1), mount (>= 2.13.1.1-1), e2fsprogs (>= 1.41.3-1), microcode.ctl (>= 1.17-9), irqbalance (>= 0.55-2.4lenny1), mdadm (>= 2.6.7.2-1), firmware-bnx2 (>= 0.14+lenny1), linux-image-2.6.26-2+cn1-686-bigmem (>= 2.6.26-15lenny3+cn1) | linux-image-2.6.26-2+cn1-amd64 (>= 2.6.26-15lenny3+cn1)
-Conflicts: iplogger, kernel-cn, kernel-2.4-cn (<< 2.4.33-2)
-Replaces: kernel-cn, kernel-2.4-cn
+Depends: grub (>= 0.97-47lenny2), procps (>= 1:3.2.7-11), udev (>= 0.125-7+lenny1), perl-base, carnet-tools-cn (>= 2.8.2), module-init-tools (>= 3.4-1), mount (>= 2.13.1.1-1), e2fsprogs (>= 1.41.3-1), microcode.ctl (>= 1.17-9), irqbalance (>= 0.55-2.4lenny1), mdadm (>= 2.6.7.2-1), firmware-bnx2 (>= 0.14+lenny1), linux-image-2.6.26-2-686-bigmem | linux-image-2.6.26-2-amd64
+Conflicts: iplogger, kernel-cn, kernel-2.4-cn (<< 2.4.33-2), linux-image-2.6.26-2+cn1-686-bigmem, linux-image-2.6.26-2+cn1-amd64
+Replaces: kernel-cn, kernel-2.4-cn, linux-image-2.6.26-2+cn1-686-bigmem, linux-image-2.6.26-2+cn1-amd64
Provides: kernel-cn
Recommends: memtest86+, linux-headers-2.6.26-2+cn1-686-bigmem | linux-headers-2.6.26-2+cn1-amd64
Description: Linux kernel virtual package for CARNet Linux servers
projects / kernel-cn.git / commitdiff