Re: Checking for services to be restarted on a default Debian installation
On Wed, Sep 03 2014, Michael Stone wrote: > On Tue, Sep 02, 2014 at 01:41:05PM -0700, Jameson Graef Rollins wrote: >>This package is "Priority: optional", and therefore not installed by >>default. What about just making it "important" or "required"? > > On my system it pulled in more than 20MB of dependencies. That's a lot > to push onto every debian system. Is 20MB really a lot? That seems like essentially nothing to me nowadays. I'm in the middle of a 2.2GB upgrade right now. jamie. pgpt8QUSPqj2A.pgp Description: PGP signature
Re: Checking for services to be restarted on a default Debian installation
On Tue, Sep 02 2014, Tom Dial wrote: > The needrestart package from jessie with package defaults appears to run > automatically and suggest, but not automatically perform, necessary > service restarts. This package is "Priority: optional", and therefore not installed by default. What about just making it "important" or "required"? jamie. pgprQZW4xsnGy.pgp Description: PGP signature
Re: Checking for services to be restarted on a default Debian installation
On Tue, Sep 02 2014, Jack wrote: > On 02/09/2014 18:04, Jameson Graef Rollins wrote: >> On Tue, Sep 02 2014, David Prévot wrote: >> >> Admins >> should have to manually run obscure scripts to check things like that. > > s/should have/should not have/ Yes, thank you for the correction. I definitely meant that they should *not* have to manually run obscure scripts... jamie. pgpuBgJ8m4yyu.pgp Description: PGP signature
Re: Checking for services to be restarted on a default Debian installation
On Tue, Sep 02 2014, David Prévot wrote: > Le 02/09/2014 04:05, Yves-Alexis Perez a écrit : > >> It's quite certain that about nobody know about debian-goodies or >> checkrestart. > > The Securing Debian Manual recommends it, so hopefully you’re wrong. > > https://www.debian.org/doc/manuals/securing-debian-howto/ch4#s-lib-security-update I agree that certainly most people do not know about it. And it's almost certain that most casual users do not. I'm a long time Debian user and I didn't know about it. I think the original point raised in this thread is a good one. There should be a more unified and automated way for the system to know that restart are needed in order for security fixes take affect. Admins should have to manually run obscure scripts to check things like that. jamie. pgpnj2ZVXVKH_.pgp Description: PGP signature
Re: MIT discovered issue with gcc
On Tue, Nov 26 2013, Paul Wise wrote: > On Wed, Nov 27, 2013 at 6:44 AM, Stefan Roas wrote: > >> Such code has never been valid and any assumption anyone may falsely have >> on such code is outright wrong. Such code may do anything, which includes >> nothing so IMHO it's perfectly ok for the optimizer to throw it away. >> After all we'd be better of not relying on something that is "undefined". > > The problem with that attitude is that it results in C programmers > never fixing their code and never even knowing that it is wrong > because the compiler never rejected their code or at the very least > provided a warning. Not everyone knows everything about C and that is > why we have compiler warnings. Every use of undefined behaviour should > at minimum result in a compiler warning. I think this is a very good point. This is a perfect example of where compile warnings would be really really useful. jamie. pgpXPLSJH8sKa.pgp Description: PGP signature