Web Server Maintenance Completed

     The web server is now on 4.13.0-36, the most recent Ubuntu.  Spectre and Meltdown have been fixed since 4.13.0-33.  I suspect these subsequent releases are fixing things they broke in the process of fixing these two exploits.  I know 4.13.0-33 was unstable at least on some systems (my old Mac Pro 1,1 for example).

Maintenance Completed – Minor Problems

     Last night’s reboots did not go entirely cleanly.

     It took three reboots of Isumataq, which hosts home directories and a number of virtual machines, for it to come up cleanly.  The first two times it did not properly start networking and manually attempting to start it did not work.  This is not a new problem but one that has been ongoing since 16.04 LTS which introduced systemd which unfortunately while it sped up booting considerably, introduced quite a few bugs, all of which have not been entirely squashed yet.

     Debian NFS did not sync properly when the mail server returned to service and so to restore proper functionality I had to reboot that tonight.

     Ubuntu stopped talking to the network even though the kernel was still up and operational and I could get into the machine through the virtual machine manager.  I rebooted it to fix.

     The current state of meltdown and spectre vulnerability fixes on our network is that meltdown is fixed on all of our hosts both physical and virtual, spectre both variant 1 and variant 2 is fixed on all of our physical hosts and ALL ubuntu based hosts.  Spectre variant 1 is fixed on almost all of our virtual hosts but spectre variant 2 is fixed only on ubuntu based hosts.

     People ask me why I have moved and am continuing to move our services off of CentOS and to Ubuntu, this is an excellent example of why.  To the best of my knowledge, ubuntu is the ONLY Linux distribution that has fixed meltdown and BOTH variants of spectre.  They are usually first out of the gate with exploit fixes.