[ale] Web server OS

Pat Regan thehead at patshead.com
Thu Dec 25 11:52:45 EST 2008 

Jeff Hubbs wrote:
>> You do think it is different from what other distro users face, you're
>> saying so right here :).
>>   
> I was referring to the specific thing you'd said, o presenter of straw 
> men! :)

Now I'm a little hurt :).  I certainly don't see a straw man here, see
below.

>> Gentoo's default position is to upgrade everything whether you need to
>> or not.
>>   
> No; you can decide to do so, but in general if you want to upgrade only 
> one thing, that's what you tell it, but it will grab updates of 
> dependencies it's *got* to have to do what you ask...unless you tell it 
> not to ("--nodeps"), in which case you're flirting with breakage, which 
> is your right.  See http://linuxreviews.org/man/emerge/ for an idea of 
> the level of control one can bring to bear within Portage. 
>> The server oriented distros take the exact opposite position.  The
>> default is to update only what actually needs updating.
>>   
> There is no Enterprise Advanced Server Gold Edition Gentoo. :)  It is as 
> oriented to servers as it is to embedded. 

When you're trying to provide something along the lines of a five nines
of availability guaranty, it is a lot of work.  I want to spend less
time deciding which packages need to be updated and which don't.

Testing updates before you apply them is quite often a very necessary
step.  I can't speak for RHEL/CentOS, but Debian and Ubuntu both have a
security fix only repository.  It easier to keep up with testing those
updates than it is testing full system updates.

It is also much easier letting someone else flag security related
updates for me.  It is nice to wake up in the morning, see a security
bulletin, and see that the package is already waiting to be downloaded
and installed.  Fixes aren't always so timely, but downtime isn't always
available for one reason or another.

>> My experience tells me that it is generally better to run older battle
>> tested versions of software and manually update the few bits that need
>> updating.  This has been a hassle in the past.  
> Under Gentoo, it is not.  But you are expected to be able to manage your 
> entire system knowledgeably.  The packages that mean the most to you, 
> you can follow assiduously and run the version you want, when you want 
> to run it.

I only hope I know how to manage my entire system knowledgeably.  :)

The packages that mean the most to me are the ones I do keep my eye on,
and I may even have to build them manually anyway.  The packages I want
the system to take care of for me are not those packages.  At least not
directly.  I want the system to take care of the peripheral packages.

Of course, there has to be a point where the custom/important/etc
packages meet up with the distribution.  Sometimes it is all the way
down at libc, sometimes it is much higher up the chain.

They're making me stop typing now.  I guess today is a holiday :)

Pat

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 197 bytes
Desc: OpenPGP digital signature
Url : http://mail.ale.org/pipermail/ale/attachments/20081225/9b14333e/attachment-0001.bin

More information about the Ale mailing list