1 |
Robert Bridge пишет: |
2 |
|
3 |
> That's what the "static package" people are referring to. A server that |
4 |
> can be set up, and once running should need minimal updating, for |
5 |
> security reasons. |
6 |
|
7 |
What security reasons are you talking about? Hardened Gentoo is the most |
8 |
secure linux distribution available. |
9 |
|
10 |
> You can't do that safely in Gentoo. |
11 |
|
12 |
You can't do exactly that. But that's not the only way. With Gentoo, you |
13 |
can do another things to make your servers reliable and secure. |
14 |
|
15 |
> Some people are happy with regularly changing packages, restarting |
16 |
> services every month because a new version of the server is in tree, |
17 |
> dealing with the breakage induced by things like python upgrades, bash |
18 |
> upgrades, portage upgrades, gcc upgrades, ... |
19 |
|
20 |
Some people do their job. And that people has no in-production problems |
21 |
*at all* regarding changes in the tree. |
22 |
|
23 |
> But for a 24/7 uptime on a high load server, most people consider those |
24 |
|
25 |
For a 24/7 uptime on a high load server, some people consider |
26 |
reliability through redundancy, stress and regress pre-production |
27 |
testing, dedicated and secure chroot environments for every sinlge |
28 |
service with minimal amount of packages and enabled USE flags, and so on... |
29 |
|
30 |
> to be unacceptable. Now Gentoo can be got to not do those, but as |
31 |
> anyone will tell you, updating a Gentoo box after a year is painful, |
32 |
|
33 |
Don't do full update at once after a year. |
34 |
|
35 |
> and when you have to update to cover a critical security hole? Now try updating a Debian box after a year? |
36 |
|
37 |
Debian and security... Hmmm... |
38 |
|
39 |
> Don't mistake one awkward piece of software which is not supported in |
40 |
> the other distros for the general properties of those distros. Gentoo |
41 |
> is good for tweaking, it's good for doing "Your own thing", that does |
42 |
|
43 |
Gentoo is good for people who care to invest their time and effort |
44 |
instead of whining. |
45 |
|
46 |
> not make it automagically better than Debian or RHEL, or SLES in the |
47 |
> high-stability stakes. |
48 |
|
49 |
Gentoo is absolutely better for me. |