Recompiling the Kernel Remotely

[DigitalRaptor]

Hi,

I have a dedicated Gentoo server through NetSonic (http://www.netsonic.net/gentoo-pkgs.php) and I love Gentoo.

Emerge has made it a dream to stay up to date and secure, especially when compared to my RedHat 7.3 box where recompiling Apache / PHP with all of the moduels was a nightmare. Gentoo just works!

But the one item I need to upgrade and haven't is the kernel. Different kernel source and the genkernel package have been listed in "emerge world" and I've installed them, but haven't actually run genkernel and recompiled the kernel.

This is a live server running dozens of websites and my email server, so I've been hesitant to mess with what works. And if I screw it up it's like $150 / hour for them to fix it if I can't SSH it.

Using genkernel, what is the procedure for upgrading the kernel and not getting stuck without SSH access? And how safe is it? For that matter, how necessary is it?

Thanks,
Brian

[adaptr]

Do not use genkernel for a production server!
'nuff said, really, but if you really need to upgrade the kernel (why do you need to?) you should first test this on an exact copy of the running system you can reach.
_________________
>>> emerge (3 of 7) mcse/70-293 to /
Essential tools: gentoolkit eix profuse screen

[DigitalRaptor]

I'll take your word for it, but for my benefit as well as the thousands of others who use Gentoo for the exact purpose I do:

Why not use genkernel on a live, production server?

When you do absolutely have to upgrade the kernel?

The only time I plan on doing it is when I absolutely must for security reasons. I have no other reason, as the server already does what it is supposed to very nicely: serve up pages and email.

I'm just trying to find out how to now so it isn't an emergency when I need to.

Thanks,
Brian

[adaptr]

Do you know exactly what genkernel does, and can you guarantee that the resulting kernel will be bootable first try ?
I think the answer to both is no, and that is exactly why.

If I build a kernel manually from a known starting point (i.e. a kernel upgrade) I can be 99.99% certain that the result will at least boot - even if only to a root shell; I can get any system back up from a root shell.

And I thought that was your second question - why you would need to upgrade the kernel ?

You don't - for the reasons given, and because a production server should not use bleeding-edge code as a matter of principle.

With a carefully-crafted and well-tested kernel your server should run for years without ever needing to be restarted, let alone requiring a kernel upgrade.

My new web &mail server, although not a production machine in the strictest sense of the word (it's just for me) has been running Gentoo for 3 months now, and I still have not replaced the old one - I have even hesitated between 2.4 and 2.6 kernel series for a few weeks.

Conservatism, stability, and then yet more conservatism
_________________
>>> emerge (3 of 7) mcse/70-293 to /
Essential tools: gentoolkit eix profuse screen