Enter your search termsSubmit search formWeblkml.org
Date Fri, 14 Oct 2011 09:21:00 -0600
From Greg KH <>
Subject Answers to some common kernel.org account questions
We (the kernel.org team) have noticed a fair amount of confusion about
the procedure for the reinstatement of kernel.org accounts. In an
attempt to clarify the situation, we have put together the following FAQ
WHAT ARE WE DOING AT THIS TIME?
The first priority for kernel.org is to get the git trees back on line
so that subsystem maintainers can publish their patch streams and get
them into the mainline. Other functionalities, such as email and file
uploads, will be restored later, as time allows.
WHO IS ELIGIBLE FOR A KERNEL.ORG ACCOUNT?
At this time, we are only providing access to developers who previously
hosted git repositories on kernel.org, and whose repositories have shown
activity after February, 2011. At a later time we will be able to
consider creating accounts for developers with inactive trees or who
have not had a kernel.org account in the past.
DO I NEED A KERNEL.ORG ACCOUNT?
Possession of a kernel.org account is *not* necessary for contributors
to the Linux kernel. As always, changes can be contributed through
trees hosted elsewhere, by direct posting of patches to a relevant
mailing list, or through a subsystem maintainer's tree.
WHY DO I NEED A PGP KEY?
Kernel.org Hacked but Development Continues on Github
There are many components that make the Linux development model work. This past week, the Linux Planet was tested with a security breach of the kernel.org site that ended up proving the value of distributed development model. It's a model that has come under attack from both a security and legal perspective over the years. Time and again, however, the Linux model has emerged victorious.
1. Kernel.org Attacked
The kernel.org site was revealed to have had a major security breach this past week. It's a breach that went un-noticed for 17 days before kernel.org maintainers were aware of it.
While the breach was and is a significant security event and one that should not have occurred, there is a silver lining in the story. Developers from Linus Torvalds on down the line have little to fear from the breach, thanks to the inherent security of the kernel development process.
While kernel.org hosts the main git repository for the mainline Linux kernel, it is a distributed development model. That means that there are many copies of a given tree on development machines (and mirror servers) around the world. Everything in the tree is signed by a SHA-1 cryptographic key.
"Any tampering with any file in the kernel.org repository would immediately be noticed by each developer as they updated their personal repository, which most do daily," Kernel.org stated in its disclosure about the attack.
2. Kernel Development Moves to Github
Most Popular LinuxPlanet Stories
- Kernel.org (you will notice that some of the kernel.org links are still bad as of 11-15-11)
- LKML: Greg KH: Answers to some common kernel.org account questions
- Ext4 Howto - Ext4
- Index of /gentoo/releases/x86/autobuilds/current-iso
- Everyday GIT With 20 Commands Or So
- SuperRescue - Download (I have)
- Index of /pub/software/network/tftp
- [PATCH] Support for the Geniatech/Mygica A680B (05e1:0480)
- Linux 3.1 release delayed for kernel.org and Linus' vacation
- Answers to some common kernel.org account questions
- Linux Today - Linux Top 5: Kernel.org Breach Expands
- Kernel.org Breach Expands -- Linux Planet Linux Top 5
- Kernel.org Hacked but Development Continues on Github -- Linux Planet Linux Top 5
- About - GitHub