| 1 |
Robert Bridge пишет: |
| 2 |
|
| 3 |
> That's what the "static package" people are referring to. A server that |
| 4 |
> can be set up, and once running should need minimal updating, for |
| 5 |
> security reasons. |
| 6 |
|
| 7 |
What security reasons are you talking about? Hardened Gentoo is the most |
| 8 |
secure linux distribution available. |
| 9 |
|
| 10 |
> You can't do that safely in Gentoo. |
| 11 |
|
| 12 |
You can't do exactly that. But that's not the only way. With Gentoo, you |
| 13 |
can do another things to make your servers reliable and secure. |
| 14 |
|
| 15 |
> Some people are happy with regularly changing packages, restarting |
| 16 |
> services every month because a new version of the server is in tree, |
| 17 |
> dealing with the breakage induced by things like python upgrades, bash |
| 18 |
> upgrades, portage upgrades, gcc upgrades, ... |
| 19 |
|
| 20 |
Some people do their job. And that people has no in-production problems |
| 21 |
*at all* regarding changes in the tree. |
| 22 |
|
| 23 |
> But for a 24/7 uptime on a high load server, most people consider those |
| 24 |
|
| 25 |
For a 24/7 uptime on a high load server, some people consider |
| 26 |
reliability through redundancy, stress and regress pre-production |
| 27 |
testing, dedicated and secure chroot environments for every sinlge |
| 28 |
service with minimal amount of packages and enabled USE flags, and so on... |
| 29 |
|
| 30 |
> to be unacceptable. Now Gentoo can be got to not do those, but as |
| 31 |
> anyone will tell you, updating a Gentoo box after a year is painful, |
| 32 |
|
| 33 |
Don't do full update at once after a year. |
| 34 |
|
| 35 |
> and when you have to update to cover a critical security hole? Now try updating a Debian box after a year? |
| 36 |
|
| 37 |
Debian and security... Hmmm... |
| 38 |
|
| 39 |
> Don't mistake one awkward piece of software which is not supported in |
| 40 |
> the other distros for the general properties of those distros. Gentoo |
| 41 |
> is good for tweaking, it's good for doing "Your own thing", that does |
| 42 |
|
| 43 |
Gentoo is good for people who care to invest their time and effort |
| 44 |
instead of whining. |
| 45 |
|
| 46 |
> not make it automagically better than Debian or RHEL, or SLES in the |
| 47 |
> high-stability stakes. |
| 48 |
|
| 49 |
Gentoo is absolutely better for me. |
Archives