From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from pigeon.gentoo.org ([69.77.167.62] helo=lists.gentoo.org) by finch.gentoo.org with esmtp (Exim 4.60) (envelope-from ) id 1KlKMm-0005A0-BE for garchives@archives.gentoo.org; Thu, 02 Oct 2008 09:21:00 +0000 Received: from pigeon.gentoo.org (localhost [127.0.0.1]) by pigeon.gentoo.org (Postfix) with SMTP id C8A60E05AF; Thu, 2 Oct 2008 09:20:59 +0000 (UTC) Received: from deepllc.ru (sw-1005.peterhost.ru [80.93.49.57]) by pigeon.gentoo.org (Postfix) with ESMTP id 6BF6EE05AF for ; Thu, 2 Oct 2008 09:20:59 +0000 (UTC) Received: from [192.168.0.3] (arach.krasnoyarsk.ru [87.103.146.206]) (authenticated bits=0) by deepllc.ru (8.14.3/8.14.2) with ESMTP id m929IUIj083841 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Thu, 2 Oct 2008 13:18:36 +0400 (MSD) (envelope-from p.labushev@gmail.com) Message-ID: <48E49268.90106@gmail.com> Date: Thu, 02 Oct 2008 17:20:40 +0800 From: Pavel Labushev User-Agent: Thunderbird 2.0.0.16 (X11/20080827) Precedence: bulk List-Post: List-Help: List-Unsubscribe: List-Subscribe: List-Id: Gentoo Linux mail X-BeenThere: gentoo-server@lists.gentoo.org Reply-to: gentoo-server@lists.gentoo.org MIME-Version: 1.0 To: gentoo-server@lists.gentoo.org Subject: Re: [gentoo-server] Server Packages for Gentoo References: <908514.71571.qm@web65403.mail.ac4.yahoo.com> <20080930182846.1e5856fb@robbieab.com> <279fbba40810010355q5da249b0k47edad2306422afc@mail.gmail.com> <20081001153404.5b01b1e6@robbieab.com> In-Reply-To: <20081001153404.5b01b1e6@robbieab.com> Content-Type: text/plain; charset=UTF-8; format=flowed Content-Transfer-Encoding: quoted-printable X-Archives-Salt: c2ced2d3-319e-45f8-a79a-32c1a848397a X-Archives-Hash: 569cc1a4e6dee91b5e6134ea72acc85f Robert Bridge =D0=BF=D0=B8=D1=88=D0=B5=D1=82: > That's what the "static package" people are referring to. A server that > can be set up, and once running should need minimal updating, for > security reasons. What security reasons are you talking about? Hardened Gentoo is the most=20 secure linux distribution available. > You can't do that safely in Gentoo. You can't do exactly that. But that's not the only way. With Gentoo, you=20 can do another things to make your servers reliable and secure. > Some people are happy with regularly changing packages, restarting > services every month because a new version of the server is in tree, > dealing with the breakage induced by things like python upgrades, bash > upgrades, portage upgrades, gcc upgrades, ...=20 Some people do their job. And that people has no in-production problems=20 *at all* regarding changes in the tree. > But for a 24/7 uptime on a high load server, most people consider those For a 24/7 uptime on a high load server, some people consider=20 reliability through redundancy, stress and regress pre-production=20 testing, dedicated and secure chroot environments for every sinlge=20 service with minimal amount of packages and enabled USE flags, and so on.= .. > to be unacceptable. Now Gentoo can be got to not do those, but as > anyone will tell you, updating a Gentoo box after a year is painful, Don't do full update at once after a year. > and when you have to update to cover a critical security hole? Now try = updating a Debian box after a year? Debian and security... Hmmm... > Don't mistake one awkward piece of software which is not supported in > the other distros for the general properties of those distros. Gentoo > is good for tweaking, it's good for doing "Your own thing", that does Gentoo is good for people who care to invest their time and effort=20 instead of whining. > not make it automagically better than Debian or RHEL, or SLES in the > high-stability stakes. Gentoo is absolutely better for me.