Re: [leaf-devel] Bering uClibc with Kernel 2.6

[KP Kirchdoerfer]

On Friday 14 March 2008 21:20:52 Martin Hejl wrote:
 Hi John,

  this is a little depressing. After spending years (and tons of emails)
  discussing the need for a kernel 2.6 version of LEAF, there has been
  no response on this list on the topic.
 
  Sorry, Martin, I only read the list as a newsgroup, every week or so.

 No problem. I just started to doubt the value of the time spent (and not
 mainly by me - Dirk and Eric put in as much, if not more, time as I
 have). It's not about ego (hence my line about not looking for a good
 job, well done response), it's simply about finding out if one is
 wasting one's time. I don't gain anything if people use the new branch
 (or Bering uClibc, or any other LEAF branch), so if I'm working on
 something that nobody is really interested in, I guess I'd better stop
 wasting my time and do something more productive. If there is interest,
 and people will use it (and some will contribute), it's much easier to
 justify the time spent. To me, that's really all it comes down to.

Martin;

I think your and your colleagues efforts aren't waisted:

firewall# apkg -l
initrd26
root 4.0 Rev 0 uClibc 0.9.28
config 0.6 Rev 8 uClibc 0.9.28
etc 4.0 Rev 0 uClibc 0.9.28
modules 2.6.x Rev 0 uClibc 0.9.28
iptables 1.4.0 Rev 0 uClibc 0.9.28
ppp 2.4.4 Rev 3 uClibc 0.9.28
pppoe 2.4.4 Rev 2 uClibc 0.9.28
keyboard 1.1 Rev 2 uClibc 0.9.28
shorwall 3.4.7 Rev 1 uClibc 0.9.28
ulogd 1.24 Rev 6 uClibc 0.9.28
dnsmasq 2.40 Rev 1 uClibc 0.9.28
dropbear 0.50 Rev 3 uClibc 0.9.28
mhttpd 1.19 Rev 6 uClibc 0.9.28
openntpd 3.9p1 Rev 3 uClibc 0.9.28
webconf 1.1.3 Rev 3 uClibc 0.9.28
configdb
moddb


firewall# uname -a
Linux firewall 2.6.24.2 #1 Sun Feb 17 14:31:32 CET 2008 i586 unknown
firewall# ping leaf.sourceforge.net
PING leaf.sourceforge.net (66.35.250.209): 56 data bytes
64 bytes from 66.35.250.209: seq=0 ttl=53 time=220.237 ms
64 bytes from 66.35.250.209: seq=1 ttl=53 time=250.771 ms

This is a lot more, than I expected from the first alpha version!

I had to add two more netfilter modules to get shorewall running (xt_limit, 
xt_TCPMSS), but anything else was out of the box.
 
So you provided a good base to develop a 2.6 versin further to production 
quality.

kp

-
This SF.net email is sponsored by: Microsoft
Defy all challenges. Microsoft(R) Visual Studio 2008.
http://clk.atdmt.com/MRT/go/vse012070mrt/direct/01/

___
leaf-devel mailing list
leaf-devel@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/leaf-devel

Re: [leaf-devel] Bering uClibc with Kernel 2.6

[KP Kirchdoerfer]

On Saturday 08 March 2008 13:30:04 Erich Titl wrote:
 Hi Martin

 Martin Hejl wrote, at 07.03.2008 21:56:
  Hi all,
 
  this is a little depressing. After spending years (and tons of emails)
  discussing the need for a kernel 2.6 version of LEAF, there has been no
  response on this list on the topic. Is somebody actually interested in
  continued work on that image (and has just not had an issue with it what
  I've posted last Saturday), or did I scare off people with my too
  verbose email, or is there just no interest, as long as somebody
  provides the drivers for the hardware people need?

 Actually playing with e1000 for 2.4 reset me a little lately. Definitely
 I am convinced that if LEAF wants to go on strongly we need to be on par
 with other project which do similar work, e.g. 2.6 is a must.

 And for all your effort which point into the future here it is _WELL DONE_

 One of my concerns in the 2.6 branch will be IPSEC, as now we need to
 use the native stack. It appears that with using the native stack IPSEC
 will be an application like any other, so we may have now the benefit of
 using Strongswan's IKEv2 implementation :-)

 Anyway, I need to probably get two buidltool branches, how are you
 people doing this?

Erich; 
I'm having two pathes buildtool and buildtool26 (well, I do have some more as 
testbeds for building older stuff as well, but doesn't matter here), whenever 
I change to the one, which the ld-uClibc loader doesn't point to, I'll be 
asked by buildtool.pl if I want to create a proper symlink, responding 
with Y and giving the root password is all I have to do.
Arne and Martin did a pretty good job to make it as simple as possible for a 
poor man to run more than one build environment at a time.

kp 

-
This SF.net email is sponsored by: Microsoft
Defy all challenges. Microsoft(R) Visual Studio 2008.
http://clk.atdmt.com/MRT/go/vse012070mrt/direct/01/

___
leaf-devel mailing list
leaf-devel@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/leaf-devel

Re: [leaf-devel] Bering uClibc with Kernel 2.6

[John Keith Hohm]

On Fri, 07 Mar 2008 21:56:17 +0100
Martin Hejl [EMAIL PROTECTED] wrote:

 this is a little depressing. After spending years (and tons of emails)
 discussing the need for a kernel 2.6 version of LEAF, there has been
 no response on this list on the topic.

Sorry, Martin, I only read the list as a newsgroup, every week or so.

 Maybe having a branch that
 supports 2.6 kernel isn't all that important after all, despite the
 fact that the topic has been coming up every now and then since 2005
 (possibly earlier than that, but 2005 was the earliest I could find
 doing a quick search of the archives).

It's important to me because LEAF still seems by far the simplest
small, easily customizable distribution for running Shorewall; and the
latest Shorewall-4 with the excellent shorewall-perl compiler handles
IPsec only in the new kernel 2.6 style with nf-policy-match support.

Without really understanding the leadership structure of the project I
had assumed from a mailing list archive reading it was futile to work
on a kernel 2.6 branch; you seem to have proved otherwise, so perhaps I
will find the time to collaborate.

Like Charles, I am facing the prospect of upgrading to a much larger
and more complex distribution, although I have been more interested in
Alpine Linux than an actual mounted-disk-filesystem Debian install.

-- 
John Keith Hohm
[EMAIL PROTECTED]

-
This SF.net email is sponsored by: Microsoft
Defy all challenges. Microsoft(R) Visual Studio 2008.
http://clk.atdmt.com/MRT/go/vse012070mrt/direct/01/

___
leaf-devel mailing list
leaf-devel@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/leaf-devel

Re: [leaf-devel] Bering uClibc with Kernel 2.6

[Martin Hejl]

Hi John,

 this is a little depressing. After spending years (and tons of emails)
 discussing the need for a kernel 2.6 version of LEAF, there has been
 no response on this list on the topic.
 
 Sorry, Martin, I only read the list as a newsgroup, every week or so.
No problem. I just started to doubt the value of the time spent (and not
mainly by me - Dirk and Eric put in as much, if not more, time as I
have). It's not about ego (hence my line about not looking for a good
job, well done response), it's simply about finding out if one is
wasting one's time. I don't gain anything if people use the new branch
(or Bering uClibc, or any other LEAF branch), so if I'm working on
something that nobody is really interested in, I guess I'd better stop
wasting my time and do something more productive. If there is interest,
and people will use it (and some will contribute), it's much easier to
justify the time spent. To me, that's really all it comes down to.

 It's important to me because LEAF still seems by far the simplest
 small, easily customizable distribution for running Shorewall; and the
 latest Shorewall-4 with the excellent shorewall-perl compiler handles
 IPsec only in the new kernel 2.6 style with nf-policy-match support.
Well, there's an new issue, I guess. Somebody will have to build a
perl.lrp package that provides everything shorewall-perl needs. I guess
size isn't much of an issue (I doubt that anybody who knows what they're
talking about is going to expect a 2.6 kernel, a useful set of tools
plus perl to fit onto one floppy). But since I have no experience
whatsoever with that part of shorewall (I got by just fine with the part
of shorewall provided with Bering uClibc), I'm afraid somebody else will
have to provide that set of tools. I can help with the buildtool stuff,
so I'm sure it can be done as a collaborative effort - but I doubt I'll
find the time or energy to provide that all by myself (that's mainly
what the paragraph about focusing on the core features, on things that
those who build the packages need themselves and can actually test
themselves, was all about in my first email in this thread).

 Without really understanding the leadership structure of the project 
I don't think there's much of a leadership structure. Everybody is
free to contribute, or to create a branch of their own if they want to
do something different from what everybody else is doing. At least,
that's the way I understood the evolutionary development model that Mike
proposed - and I like the idea. It just didn't seem to really work too
well in the past (since it seemed it always came down to a small group
of people doing the development). But this _could_ change now, with a
new branch that uses the (IHMO) solid base of Bering uClibc, uses the
same build toolchain (so people who know how to build packages for
Bering uClibc, can build packages for the new branch without having to
re-learn anything). That was mainly the reason for my frustration - we
provided a working image, the devel toolchain is the same as for the
current stable release, so not getting any feeback was a bit
disappointing. Maybe I sent the email too soon - but maybe the email
served as a wakeup call as well, getting more people out of the let's
see how that progresses mode (one that I often fall into myself...).

 I
 had assumed from a mailing list archive reading it was futile to work
 on a kernel 2.6 branch; you seem to have proved otherwise, so perhaps I
 will find the time to collaborate.
Well, maybe that wasn't made very clear (or, more likely, it never
really was clear to any of the participants of the discussion at the
time - it's hard to say anything for sure before one has tried it. And
then, the 2.6 kernel has changed over the last 2+ years, since the
discussion first came up). To me, it always seemed impossible to
continue to support floppies with kernel 2.6. That still holds true - at
this point, it doesn't look like it's doable. I would still like to find
a way to boot from floppy, but at this point, it doesn't look like it
will happen.
But using a 2.6 kernel booting from something with more storage is
surely possible (obviously, by now), it just meant a considerable amount
of work, and at the time the discussion first came up, it just didn't
seem reasonable to spend that time, given the marginal benefit a 2.6
kernel would have meant.

For me, the reason to start working on that was first of all, because I
wanted to see if it could be done (to get past the gee, wouldn't it be
nice if... stage), and maybe more importantly, because I have a few PC
Engines ALIX boxes lying around here that I feel would benefit from a
2.6 kernel (if and how much they'll benefit from it remains to be seen -
I've not had time to actually work on that part yet).

I would be very happy to see LEAF to get a broader developer base, with
people working on all kinds of things, rather than just waiting for the
the core developers to provide something (I never liked 

Re: [leaf-devel] Bering uClibc with Kernel 2.6

[David Nicol]

On Mon, Mar 10, 2008 at 4:58 PM, Martin Hejl [EMAIL PROTECTED] wrote:
 oops - sorry

   Hi Nicol,
  make that Hi David

I wasn't trying to make any point; just sharing my experiences that
(1) tinygentoo image was easy to work with for creating uclibc-linked
this and that (2) with a 2.6 you can embed your whole file system into
the kernel and boot and go just from the kernel -- no file system at all --
that way you don't have to pivot-root from the initrd -- just stay there.

I'm sort of fishing for stories about why that might be a bad idea, beyond
that 1: it varies from standard practice and 2: the initramfs is not backed
by swap, as normal shmfs is

(I guess I'm also sharing that the existing build environment had too
high a learning barrier; that the gcc.lrp package did not appear to exist
on the .iso; and that a build environment lrp might be a good idea;
that altogether I found Bering to be organized well)

Also you seem to have misconstrued my size matters to mean
something different from what I intended.

No harm, no foul.

-
This SF.net email is sponsored by: Microsoft
Defy all challenges. Microsoft(R) Visual Studio 2008.
http://clk.atdmt.com/MRT/go/vse012070mrt/direct/01/

___
leaf-devel mailing list
leaf-devel@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/leaf-devel

Re: [leaf-devel] Bering uClibc with Kernel 2.6

[Eric Spakman]

Hi David,

 (2) with a 2.6 you can embed your whole file system into the
 kernel and boot and go just from the kernel -- no file system at all --
 that way you don't have to pivot-root from the initrd -- just stay there.

That's not correct. Indeed you can make a choice to include the initramfs
(not initrd) into the kernel, but it has no technical advantage besides
having only a kernel instead of a kernel and an initramfs.cpio. The reason
to have both options has to do with GPL and including non-GPLed modules.
Besides it's easier to have a seperate kernel and initramfs if you want to
support multiple boot devices and also keep size down.
In both cases you have to do a switch_root (not pivot_root which was the
case with kernel 2.4) to free the initramfs and start init.

So you always have a file system, ramfs, even if you embed the whole
system in the kernel and you have to do a switch_root to give init the
control and do some other housekeeping.

Eric


-
This SF.net email is sponsored by: Microsoft
Defy all challenges. Microsoft(R) Visual Studio 2008.
http://clk.atdmt.com/MRT/go/vse012070mrt/direct/01/

___
leaf-devel mailing list
leaf-devel@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/leaf-devel

Re: [leaf-devel] Bering uClibc with Kernel 2.6

[Martin Hejl]

Hi David,

 I'm sort of fishing for stories about why that might be a bad idea, beyond
 that 1: it varies from standard practice and 2: the initramfs is not backed
 by swap, as normal shmfs is
Well, one downside of this approach is that you cannot control the size
of the root-fs by a variable in leaf.cfg, as we can do now. Boxes that
have a lot of packages loaded need a bigger root fs, old boxes with
little RAM need a smaller one. It seems difficult to me to decide which
root-fs size works for everybody.

 (I guess I'm also sharing that the existing build environment had too
 high a learning barrier; 
I guess it does - but I'm afraid the one's who have written it or have
used it for several years are not the perfect candidates for writing
easy to understand docs that explain things to people new to the build
environment. It surely has its rough edges - but it does what it needs
to do most of the time.

 that the gcc.lrp package did not appear to exist
 on the .iso; 
Yup, that's correct.

 and that a build environment lrp might be a good idea;
I disagree - but if somebody builds a gcc.lrp, it can be put into the
contrib area, and people can decide for themselves if they need it or not.

 Also you seem to have misconstrued my size matters to mean
 something different from what I intended.
It appears that I have

 No harm, no foul.
That's good.

Martin



-
This SF.net email is sponsored by: Microsoft
Defy all challenges. Microsoft(R) Visual Studio 2008.
http://clk.atdmt.com/MRT/go/vse012070mrt/direct/01/

___
leaf-devel mailing list
leaf-devel@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/leaf-devel

Re: [leaf-devel] Bering uClibc with Kernel 2.6

[Eric Spakman]

Hi David,

 (2) with a 2.6 you can embed your whole file system into the
 kernel and boot and go just from the kernel -- no file system at all --
 that way you don't have to pivot-root from the initrd -- just stay there.


 I'm sort of fishing for stories about why that might be a bad idea,
 beyond that 1: it varies from standard practice and 2: the initramfs is
 not backed by swap, as normal shmfs is

An added note: Like Martin explained it has to do with system memory.

It is theoretical possible to use the initramfs ramfs as root filesystem,
but it has a big drawback. In the initramfs we create three dynamic tmpfs
(a superset of ramfs) for root, tmp and log with an upper memory limit
set, which can be defined in leaf.cfg.
This means that, when correctly set, that growing files (like logfiles)
can't crash the system if the total size is beyond the physical memory
size of the system, because of the upper limit. This isn't possible with
the simple initramfs fs.

Eric


-
This SF.net email is sponsored by: Microsoft
Defy all challenges. Microsoft(R) Visual Studio 2008.
http://clk.atdmt.com/MRT/go/vse012070mrt/direct/01/

___
leaf-devel mailing list
leaf-devel@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/leaf-devel

Re: [leaf-devel] Bering uClibc with Kernel 2.6

[David Nicol]

On Fri, Mar 7, 2008 at 3:56 PM, Martin Hejl [EMAIL PROTECTED] wrote:
 Hi all,

  this is a little depressing. After spending years (and tons of emails)
  discussing the need for a kernel 2.6 version of LEAF, there has been no
  response on this list on the topic. Is somebody actually interested in
  continued work on that image (and has just not had an issue with it what
  I've posted last Saturday), or did I scare off people with my too
  verbose email, or is there just no interest, as long as somebody
  provides the drivers for the hardware people need?


I had no trouble running the 3.1 release candidate with a static 2.6 kernel;
also I found the tinygentoo embedded stage 3 environment to be useful for
compiling things to run there.

Size is an issue.  But if you're booting isolinux instead of fd, you can cram
all you want (like, the whole root.lrp and etc.lrp packages) into an initrd and
just keep it as the root isntead of all that pivoting and remounting.

-
This SF.net email is sponsored by: Microsoft
Defy all challenges. Microsoft(R) Visual Studio 2008.
http://clk.atdmt.com/MRT/go/vse012070mrt/direct/01/

___
leaf-devel mailing list
leaf-devel@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/leaf-devel

Re: [leaf-devel] Bering uClibc with Kernel 2.6

[Charles Steinkuehler]

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

Erich Titl wrote:

| Actually playing with e1000 for 2.4 reset me a little lately. Definitely
| I am convinced that if LEAF wants to go on strongly we need to be on par
| with other project which do similar work, e.g. 2.6 is a must.
|
| And for all your effort which point into the future here it is _WELL DONE_

I agree!

Besides driver issues, another reason to migrate to a 2.6 kernel is
support for IPV6, which will become vastly more important in the years
to come, particularly outside the US, where the IPV4 address pool is
already beginning to be exhausted.

| One of my concerns in the 2.6 branch will be IPSEC, as now we need to
| use the native stack. It appears that with using the native stack IPSEC
| will be an application like any other, so we may have now the benefit of
| using Strongswan's IKEv2 implementation :-)

I can likely assist with the IPSec stuff.  I have migrated a few sites
from leaf-based firewalls to minimal debian installs, using the new
IPSec tools (racoon and racoon-tool, in my case).  I have a few more
sites that still run leaf and will need to be upgraded soon.  A 2.6
kernel based release with modern IPSec would allow me to avoid migrating
to debian (and rotating HDDs).

I don't yet have any real-world experience with IPV6, other than the
dropped IPV6 packets seen by anyone running a firewall...the nasties
have taken to using IPV6 tunneling to try and circumvent firewall rules,
as many routers block IPV4 traffic but have separate (and frequently
non-existent or less maintained) rule sets for IPV6.

- --
Charles Steinkuehler
[EMAIL PROTECTED]
-BEGIN PGP SIGNATURE-
Version: GnuPG v1.4.7 (MingW32)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org

iD8DBQFH1VUXLywbqEHdNFwRAi/sAJ0d/ZHMKLXR+ryRRT9v4GhXUw5rDQCg/TsQ
0SuTICfWv3CevIn3uCF8qQQ=
=jG9Q
-END PGP SIGNATURE-

-
This SF.net email is sponsored by: Microsoft
Defy all challenges. Microsoft(R) Visual Studio 2008.
http://clk.atdmt.com/MRT/go/vse012070mrt/direct/01/

___
leaf-devel mailing list
leaf-devel@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/leaf-devel

Re: [leaf-devel] Bering uClibc with Kernel 2.6

[Martin Hejl]

Hi Nicol,

thanks for your feedback,

 I had no trouble running the 3.1 release candidate with a static 2.6 kernel;
Well, but doesn't a static kernel (I assume you mean that everything you
needed was compiled into the kernel statically, rather than as a module)
 pretty much stand against everything that LEAF seems to stand for
(which as far as I'm concerned, is being modular, making sure that
people can use it to suit their needs, without having to set up their
own build environment)?

 also I found the tinygentoo embedded stage 3 environment to be useful for
 compiling things to run there.
Well, what's wrong with the build environment we already have (see
http://leaf.sourceforge.net/doc/buc-buildtool.html )? If what's wrong
with it is that it requires a separate box, and one cannot compile
things on the box the packages are to be deployed on - that's by design,
I'm not going to build a toolchain on an ElanSC520, which still is a
very good box for most home users). Maybe it simply comes down to me not
being a gentoo user, and not subscribing to the ideas that seem to be
important for people who use that distribution (which is fine with me,
as long as I'm allowed to have a different point of view).

 Size is an issue.  But if you're booting isolinux instead of fd, you can cram
 all you want (like, the whole root.lrp and etc.lrp packages) into an initrd 
 and
 just keep it as the root isntead of all that pivoting and remounting.
I must be missing something. Last time I checked, isolinux was for
booting from El Torito (i.e CD-ROM) images.

If one is booting from CD-ROM, what difference does the extra size for a
2.6 kernel make? I guess a 2.6 kernel plus initrd should fit nicely onto
a 2.88MB image, so booting off a CD is not going to be an issue. But I
fail to see how a big monolithic initrd will help in any way, if one is
already booting off a media that has plenty of space available.
And I'm rather unsure how one would boot off a compact flash, using
isolinux (and all the boxes I have to support boot off CF, and they have
neither a floppy, nor a CD-ROM - so unless I misunderstood what isolinux
could do, I fail to see how isolinux could help with booting an
embedded box with LEAF. So far (to me) embedded with LEAF means
boxes like the Soekris or PC-Engines boxes, possibly even the Nexcom
boxes - even though they're not exactly embedded, being 19 inch rack
mounts...). Maybe we're just using completely different hardware, which
might explain the different focus (or maybe, I'm just missing your point
- it wouldn't be the first time that I totally misunderstand something).

But if I didn't totally misunderstand the point you're trying to make,
I'll have to disagree - to me (even though my opinion only counts for
the stuff that I do, and everybody else is free to hold a different
opinion, and work on things I wouldn't be working on) LEAF is about
creating a platform. The platform should serve as a decent and secure
home/home-office firewall out of the box, but it shouldn't require too
much work to turn it into something else. To me, that means the distro
should be modular. To some (or so it appears to me) modularity seems to
be a bad compromise, and optimization for the box that will be running
the code is very important. To me, optimization is good, after one has
identified a bottleneck. But optimizing just for the sake of
optimization seems to be a waste of time to me. I guess those two
schools of thought are not easily combined, so it sounds like a gentoo
style branch might be called for, to suit the needs of some. If there
are people willing to put in the work required, and those people are
willing to share their results, I'm sure that will happen, and I'm also
sure there will be users who will happily use that branch. After all, it
seems very well in line with Mike's idea of an evolutionary development
model, where different ideas compete with each other, and hopefully, the
one that suits the user's needs best will prevail.

Martin


-
This SF.net email is sponsored by: Microsoft
Defy all challenges. Microsoft(R) Visual Studio 2008.
http://clk.atdmt.com/MRT/go/vse012070mrt/direct/01/

___
leaf-devel mailing list
leaf-devel@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/leaf-devel

Re: [leaf-devel] Bering uClibc with Kernel 2.6

[Martin Hejl]

oops - sorry

 Hi Nicol,
make that Hi David

sorry about that

Martin


-
This SF.net email is sponsored by: Microsoft
Defy all challenges. Microsoft(R) Visual Studio 2008.
http://clk.atdmt.com/MRT/go/vse012070mrt/direct/01/

___
leaf-devel mailing list
leaf-devel@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/leaf-devel

Re: [leaf-devel] Bering uClibc with Kernel 2.6

[Martin Hejl]

Hi Paul,

thanks for your feedback

 With that
 experience,
 my question would be, what significant benefits does the 2.6 kernel 
 provide to a minimalist system?  
For me, the main reason was new drivers. It appears that more and more
things are only added to the 2.6 kernel, and not to the 2.4 line. Sooner
or later, it will be difficult to get network adapters to work that
haven't been around for ages.

 I'm still interested in a firewall I can run from a write-protected 
 floppy, always have been.  It seems the 2.6 kernel is larger, which is a
 disadvantage.  
In that case, the branch with 2.6 kernel will not be for you - I don't
see a way to get a working image with 2.6 kernel onto a floppy (and even
with a two floppy setup it still seems very tight, since one needs a
kernel plus initrd on the first floppy).
But sooner or later, floppy support will have to go anyway - since there
won't be any new systems that are shipped with a floppy. For embedded
systems, floppies have been dead for quite a while, and it seems that
these days, even standard desktops no longer come with a floppy.
Don't get me wrong - I didn't like having to admit that we had to drop
floppy support (and if we find a way to continue floppies, we will -
simply because it will give us the extra incentive to keep things small
and avoid any kind of bloat).
I haven't used real floppies with leaf boxes in ages (I _have_ used it
in VMs, but simply because the floppy images where available and easy to
boot from), and I haven't looked back. I don't miss the unreliability of
floppies (especially superformatted floppies) one bit. Losing the
ability to write protect the boot media is a bummer, but if that's
absolutely needed, one can create a CD to boot from, and use that
instead of floppies (granted, not as simple and convenient as moving the
write-protect thingie in a floppy, but still, a usable alternative).
But I'm not trying to convert you to moving away from floppies - if they
work for you and you don't have any issues with that setup, by all
means, stick with it, until your requirements change.

 I wouldn't argue that, for
 instance, the new locking  dispatching aren't improvements, but do they
 remedy real problems for a LEAF implementation?  
Surely not, as far as I'm concerned.

 It seems one branch of hardware development is making small, motorless 
 systems that would make nice LEAF applicances, so we might need support 
 for them in new kernels.
An example for that would be the ALIX box from PC-Engines. There doesn't
appear to be a watchdog driver in either kernel version yet, but at
least I've found a patch for kernel 2.6

It seems that Low power computing is getting popular with chip
manufacturers these days, so I guess we'll see more and more single chip
systems, that have a lot of the needed stuff on chip (like the AMD Geode
LX800 with its random number generator, crypto support, watchdog). I
doubt that support for these new systems will be added to the 2.4 kernel.

Another thing I'm interested in with kernel 2.6 (once it matures) is the
Open Source Atheros wifi driver. Again, I doubt that will make it into
kernel 2.4.

 The 2.4 kernel brought us stateful packet inspection, and that was a
 very
 GOOD thing.  I'm just unaware of a NEED for the 2.6 kernel at present.
I don't think there is a NEED for 2.6 kernel in leaf right now. But
there will be at some point (the point when modern hardware will hardly
be supported anymore - just like with 2.2 Kernel today. I doubt you
would be able to get any of the current Gigabit cards to work with a 2.2
kernel - but I must admit, I haven't tried it). So before things get too
bad on the driver front, it seems smart to start working on something
that will give us a perspective for the next 5+ years (just like Bering
did with switching to kernel 2.4, when many people said that 2.2 could
do all they needed, IPTables was too complicated and IPChains did just
fine and so on).

I guess in short, there is no dying need to switch to kernel 2.6 right
now. There might be a few years from today. And if we only start working
on that when there's a dying need, I'm afraid the project will be dead
before we're finished (since either users will have moved away due to
the lack of support for their hardware, or they'll have moved away since
the quickly hacked together 2.6 version is not as stable as
Bering/Bering uClibc). So, even though we don't desperately need 2.6
kernel right now, it would be a bad choice to (IMHO) to just sit there
and be happy that all we need to do today can be done with kernel 2.4

Martin


-
This SF.net email is sponsored by: Microsoft
Defy all challenges. Microsoft(R) Visual Studio 2008.
http://clk.atdmt.com/MRT/go/vse012070mrt/direct/01/

___
leaf-devel mailing list
leaf-devel@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/leaf-devel

Re: [leaf-devel] Bering uClibc with Kernel 2.6

[Martin Hejl]

Hi Erich,

 And for all your effort which point into the future here it is _WELL DONE_
;-)

 One of my concerns in the 2.6 branch will be IPSEC, as now we need to
 use the native stack. It appears that with using the native stack IPSEC
 will be an application like any other, so we may have now the benefit of
 using Strongswan's IKEv2 implementation :-)
I'll take your word for it - I've only briefly played with IPSEC a long
time ago, and I've been very happy that I could do everything I need
with OpenVPN.

 Anyway, I need to probably get two buidltool branches, how are you
 people doing this?
If you mean 2 build environments (one for Bering uClibc, one for
whatever it's name will be), yes, I have two separate setups (happens
automatically, since the two are stored separately in CVS). Not terribly
nice if one is switching between the two (since one always has to
remember to have /lib/ld-uClibc.so.0 point to the right buildenv, but
other than that (and the extra space this needs), it's no big deal to me.

Martin


-
This SF.net email is sponsored by: Microsoft
Defy all challenges. Microsoft(R) Visual Studio 2008.
http://clk.atdmt.com/MRT/go/vse012070mrt/direct/01/

___
leaf-devel mailing list
leaf-devel@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/leaf-devel

Re: [leaf-devel] Bering uClibc with Kernel 2.6

[Martin Hejl]

Hi all,

this is a little depressing. After spending years (and tons of emails)
discussing the need for a kernel 2.6 version of LEAF, there has been no
response on this list on the topic. Is somebody actually interested in
continued work on that image (and has just not had an issue with it what
I've posted last Saturday), or did I scare off people with my too
verbose email, or is there just no interest, as long as somebody
provides the drivers for the hardware people need?

I didn't expect a storm of activity - but I (perhaps foolishly) expected
some sort of response. I'm not looking for a good job, well done
response - but some sort of feedback that somebody is actually giving
the latest developments a try would be helpful. Without any kind of
feedback whatsoever, it's very hard to justify spending one's spare time
on something nobody will use anyway.

Maybe LEAF is a victim of the fact that it works so well, and as long as
somebody helps getting the latest network drivers to work, all is well
as far as the LEAF developers are concerned. By the way thank you Erich
for spending your time on that, I truly appreciate your involvement in
getting those drivers to work (and despite the fact that it may sound
like it, I do not mean that cynically - I actually appreciate the work
you've been doing). And by all means, I don't mean to discount the
people who have contributed to the LEAF project in the recent past - I'm
just a little surprised that there has been no response of any kind on
this list about what seems to have been asked for so many times in the
part. Maybe having a branch that supports 2.6 kernel isn't all that
important after all, despite the fact that the topic has been coming up
every now and then since 2005 (possibly earlier than that, but 2005 was
the earliest I could find doing a quick search of the archives).

Martin


-
This SF.net email is sponsored by: Microsoft
Defy all challenges. Microsoft(R) Visual Studio 2008.
http://clk.atdmt.com/MRT/go/vse012070mrt/direct/01/

___
leaf-devel mailing list
leaf-devel@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/leaf-devel

Re: [leaf-devel] Bering uClibc with Kernel 2.6

[Martin Hejl]

Hi Mike,

 I didn't expect a storm of activity - but I (perhaps foolishly) expected
 some sort of response. I'm not looking for a good job, well done
 response - but some sort of feedback that somebody is actually giving
 the latest developments a try would be helpful. Without any kind of
 feedback whatsoever, it's very hard to justify spending one's spare time
 on something nobody will use anyway.
 My comments on the new branch name were pending project name change, so
 I'll provide them now...
 
 Since LEAF is now a Framework, how about using wood types for branches?
 
 Douglas Fir - a bare bones frame
 Rosewood - polished but not necessarily robust
 Ceder - infection resistant
 etc.
My comment on the lack of response was not really geared towards the
naming issue. Sure, if we find a catchy name, that's great - but if
nobody uses it, and nobody contributes, what difference does it make? To
me, Open Source projects have always been about different people from
all walks of life and all kinds of backgrounds contributing to the
project. I don't see that with LEAF at the moment (and I'm not
discounting the people who have contributed in the past, and continue to
contribute - but if a project has to rely on a handful of people, what
happens when a few of those people decides he/she doesn't have the spare
time anymore?)

 Some of this is likely my fault. Since my accident, I haven't devoted as
 much time to LEAF as I did in the past. :-(
Maybe - but most likely not. You not being able to put in as many hours
as you did in the past has nothing to do with the fact that this project
never had a broad developer base. As long as I remember (and I've been
been around for a while), it's always been about individuals making the
difference. Dave in the beginning, then Matthew with Matterhorn and
Eiger (I also remember something called Kilimanjaro - but I don't
remember who created that), if I recall correctly, then Charles with
Eigerstein and Dachstein, then Jaques and Erik with Bering, then Eric,
kp and Luis with Bering uClibc (forgive me if I remembered something
incorrectly or if I forgot somebody - I'm going by memory here, so there
will undoubtedly be inaccuracies). I guess the back in the days of Koon
Wong's package archive, and Rick's c0wz site, we had what might me
called a broad community - but looking back, even that was mainly driven
by a few individuals.
I'm not sure what I'm trying to say - maybe that unless we manage to
build up more manpower, we'll always run into trouble when one of the
core developers decides it's time to move on and do something else (and
IMHO, there's nothing wrong with people seeking new challenges or just
getting bored with doing the same thing all the time - most of us have
to do tedious work during our days work, so I don't blame anybody for
not being willing to do the same kind of work for an extended period of
time in their spare time as well).

 I hope to update our website in the next couple of months. Maybe that
 will help invigorate community participation.
Maybe it will - but I doubt that the people who are mostly attracted by
a shiny webpage are what the project needs right now. Keeping the
webpage up to date is a worthy goal - but I don't think that the lack of
a re-furbished webpage is holding the project back (getting the LEAF
documentation set to build as a PDF again might help - but honestly, I
doubt it would make a difference with the issues we're (or maybe mainly
I am) discussing). It's not about lack of visibility or lack of
documentation - to me, it's about lack of participation, and people
tending to consume and expect their needs met, rather than actively
contributing. And again, by no means do I mean to discount all the
people who have (including you) actively contributed in all kinds of
ways. It just seems to me there are not enough people like that to keep
things going.
Or maybe it's just one of those Fridays, and I'm too pessimistic.

Martin



 

-- 
You think that's tough?  Try herding cats!

-
This SF.net email is sponsored by: Microsoft
Defy all challenges. Microsoft(R) Visual Studio 2008.
http://clk.atdmt.com/MRT/go/vse012070mrt/direct/01/

___
leaf-devel mailing list
leaf-devel@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/leaf-devel

[leaf-devel] Bering uClibc with Kernel 2.6

[Martin Hejl]

Hi everybody,

for the last few weeks, Dirk Gfroerer, Eric Spakman and myself have been
working on getting kernel 2.6 to work with Bering-uClibc. By now, we
have things working enough that we feel it's fit to be shown to the
other leaf developers out there. It is by no means ready, probably not
even functional at this point, but we have a kernel, an initrd and a
quemu image that boots.

I've checked all the changes into CVS - to check it out from CVS, do the
following:

leaf project members:
export CVS_RSH=ssh
cvs -z3 -d:ext:[EMAIL PROTECTED]:/cvsroot/leaf \
 co src/The_UnNamed_One

everybody else:
cvs -d :pserver:[EMAIL PROTECTED]:/cvsroot/leaf login
cvs -z3 -d :pserver:[EMAIL PROTECTED]:/cvsroot/leaf \
  co src/The_UnNamed_One

Things to do first after checkout:
in src/bering-uclibc/buildtool/make/MasterInclude.mk :

HOSTCC  should pointing to a gcc 3.x compiler. The buildenv will not
build with gcc 4.0

Building the buildenv and packages is the same as for Bering uclibc. It
has been tested on RHEL 3/4 and CentOS 4

If you want to test it, you can find a qemu image plus kernel and initrd at:
http://sourceforge.net/project/showfiles.php?group_id=13751package_id=265425

To run this image in qemu, download and extract the tarball (it contains
the image, kernel and initrd) and then start quemu like this:

qemu -hda root.img --initrd initrd.lrp --kernel linux \
  --append init= rw LEAFCFG=/dev/hda1:msdos

(for some reason, qemu hangs when started just with qemu -hda hd.img 
after loading the kernel and initrd)

To access the contents of the image, follow these steps:
# /sbin/fdisk -lu root.img
This should produce output similar to this:

  You must set cylinders.
  You can do this from the extra functions menu.
 
  Disk hd.img: 0 MB, 0 bytes
  8 heads, 32 sectors/track, 0 cylinders, total 0 sectors
  Units = sectors of 1 * 512 = 512 bytes
 ---^
 
   Device Boot  Start End  Blocks   Id  System
  hd.img1   *  32  125439   62704b  W95 FAT32
   ^

the underlined numbers are relevant if you want to mount the image
(since it's an image of a whole HD, not just of a partition)

So, to mount, you then do:
# mount -o loop,offset=$(( 32 * 512 )) hd.img /mnt/loop

(replace 32 and 512 with the corresponding numbers from
/sbin/fdisk -lu root.img , should they be different on your system).

About the changes we made:
* kernel 2.6.24.2
* initrd is now using initramfs
* udev (busybox calls it mdev) support
* updated versions of busybox, iptables, iproute2

Where to go from here:
This obviously still needs a lot of work, and even more testing. We'll
be happy to receive feedback here on leaf-devel about things that work
and don't work, but please refrain from asking us to build package XY,
add support for modules currently unsupported or something like that at
this point. Currently, the focus is on getting the base image working -
everything else will come at a later point.

Due to things we have learned from the 2.x and 3.x releases of Bering
uClibc, we are going to significantly cut down the number of packages
maintained by the core Bering uClibc team. Packages can be added,
provided that somebody is willing to be the maintainer of that package.
The reason for this is that it has become almost impossible for a
handful of people to maintain the 158 packages we are currently offering
for Bering uClibc 3.x (some of which we can't even test, since we don't
have the hardware or the software setup to test them).
In the end, this will mean that the contrib section will probably become
quite a bit bigger, while the number of core packages will be smaller.
And hopefully, it will also mean that number of developers increases at
least a bit, so the workload gets spread out a bit more than in the past.

We're still looking for a name for this branch (we don't really want to
call it Bering uClibc 4.0 - with dropping floppy support, and changing
how the packages are maintained, it's probably better give it a new
name) - so if you have ideas, we're be happy to hear them. We've been
looking for something short (not a mouthful), somewhat relating to
Bering (as in straits, canals, dams or something like that)
But in the end, if it sounds good, and doesn't cause cultural problems
(many names that sound great in German just don't work for an
international community), I guess we can agree on that.

Martin


-
This SF.net email is sponsored by: Microsoft
Defy all challenges. Microsoft(R) Visual Studio 2008.
http://clk.atdmt.com/MRT/go/vse012070mrt/direct/01/

___
leaf-devel mailing list
leaf-devel@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/leaf-devel