You are not logged in.
^ No worries one of the things I came to respect aboutcha Slob, you have no prob calling it as you see it.
Specific package is amd64-microcode, described as "processor microcode firmware for AMD CPUS". There's another couple similar meant for Intel procs.
Last edited by BLizgreat! (2017-02-06 02:37:01)
Offline
^ I assume it's this (for Intel); https://wiki.debian.org/Microcode
Seems pretty straightforward. Don't even need to reboot, according to the documentation.
You installed it? Any noticeable improvements?
For something that sounds rather crucial, the documentation seems rather lean. :-/
Last edited by glittersloth (2017-02-06 02:43:55)
Offline
Installed the one for AMD, since system has an amd proc, from Sid repo. Cause was a later version than the one in backports.
May just be my imagination but do think OS is a bit snappier afterwards, sometimes runs a bit cooler than it used to, not getting a systemd error about missing microcode during boot anymore and totally agree with you Slob-san, would think there would be clearer docs about this.
Last edited by BLizgreat! (2017-02-06 03:03:31)
Offline
Update: Before I ignorantly start a panic. According to Arch wiki Slob-san was right, people do get the microcode packages via linux-firmware default.
Reason I was seeing errors in systemd boot up, is mostly surely because I'd selectively upgraded some firmware packages from backports.
Will have to do some additional digging around on this OS about this topic.
Last edited by BLizgreat! (2017-02-06 05:30:19)
Offline
Where do you guys stand on upgrading the cpu microcode?
Microcode updates should *always* be applied, they are critical.
I actually opt-out of the Debian method (to keep my sources "clean") and instead use the pre-prepared initramfs images from Arch Linux that can be loaded immediately before the system's initial ram disk (if you use one):
https://www.archlinux.org/packages/extr … tel-ucode/
Just download the package, `tar xf` it then point your bootloader configuration to boot/intel-ucode.img
Offline
Where do you guys stand on upgrading the cpu microcode? Should, shouldn't, ya don't think/find it even matters? Thanks fellas-felletes.
I upgrade it whenever the revised package is released. I find it odd, though, that the internal date of the program is always the same, whild the package is updated a handful of times, annually. On Arch Linux, my package date is 20161104, but the date logged by the program has been 2013-06-12 for the past few years. Yes, I am certain that the latest image installed by the package is the one that's being loaded from /boot.
Tim
Offline
Thanks fellas.
Offline
Two years ago today I logged in to the #! forums to see that it was The End.
And now here I am with BunsenLabs
A million thanks once more to corenominal for #! and to its awesome community for being awesome, and to the team and community members here at the Labs for continuing to be so!
The servant lifted off a kind of ottoman a long peacock-blue drapery, rather of the nature of a domino, on the front of which was emblazoned a large golden sun, and which was splashed here and there with flaming stars and crescents. “You’re to be dressed as Thursday, sir,” said the valet somewhat affably.
Offline
I compiled a new kernel on Gentoo this morning. For one of the rare times, I saw my system use all of its 8 GB of RAM and actually use some of the swap.
Tim
Offline
Trying out Lynis:
Lynis is an open source security tool. It helps with auditing systems running UNIX-alike systems (Linux, macOS, BSD), and providing guidance for system hardening and compliance testing.
A stock, freshly installed BunsenLabs system scored 63/100
I've tweaked my Helium test-bed a bit — apparmor, unbound, nftables, aide — that scored 75/100 but the script didn't recognise my (highly restrictive) firewall so the real score is a bit higher.
OpenBSD-current manages 78/100 straight out of the box, no tweaks... 8)
Offline
Slightly related:
Is the Linux desktop less secure than Windows 10?
For anybody who hasn't yet:
sudo apt purge "gstreamer0.1*"
Offline
For anybody who hasn't yet:
sudo apt purge "gstreamer0.1*"
It will remove 12 packages... Just go ahead then?
Well, no more Clementine and Xfburn either, but I don't need them anyway...
Last edited by martix (2017-02-14 14:07:33)
Offline
Well, no more Clementine and Xfburn
The stretch versions may be backportable (I haven't tried) and depend on gstreamer1.0, which isn't quite as bad as the 0.1 set.
Offline
^That's ok by now, I did not use those applications anyway. If I need something similar, I'll try an alternative. Anyhow thank you for mentioning the security issue with gstreamer.
Offline
thanks for that, i wouldn't have noticed.
i had one old and useless app installed that still required gstreamer0.10*, but it's all gone now.
Offline
Isn't that a Katy Perry song?
No, he can't sleep on the floor. What do you think I'm yelling for?!!!
Offline
My OpenBSD mirror has recently added an arm64 subfolder:
http://mirror.ox.ac.uk/pub/OpenBSD/snapshots/arm64/
Unfortunately, the default compiler for that architecture will be Clang
In other OpenBSD news, syspatch(8) will introduce Linux-style base system upgrades for the upcoming version 6.1, removing the need to recompile for any patches when running OpenBSD-stable
Offline
Last week I learned Perl 5. Now I've written 1k production code SLOC in Perl. And I liked it.
^ Just me or did that in fact come off sounding a bit perverted?
Oh you dirty monkey, you dirty, dirty monkey.
Messing round, just stopping in to see how my fave gnu/nix community is doing.
Offline
My list of kernel parameters is getting silly now:
Helium: ~ $ cat /proc/cmdline
initrd=\intel-ucode.img initrd=\Helium\initrd.img root=/dev/sda3 rw rootflags=subvol=Helium quiet zswap.enabled=1 snd_hda_intel.index=1 apparmor=1 security=apparmor panic=0 scsi_mod.use_blk_mq=y dm_mod.use_blk_mq=y
#riced
Offline
Lol! You need to add ktchen_snk=1
No, he can't sleep on the floor. What do you think I'm yelling for?!!!
Offline