Re: Woody or Sarge
> If you're satisfied with the existing feature set, are new features
> really anywhere near as important as security fixes? Particularly
> when it comes to production servers?
New features aren't important at all. It is all about maintaining the
current state of a server while keeping it secure on a hostile network.
And with the least amount of effort, where security updates do not break
> No kidding. There's one person on the Portland Linux User's Group
> mailing list saying he's just has his up-to-date Red Hat server
> compromised as many times as the Windows server it's replacing. That
> just has to be exasperating for him!
RedHat has been a frustrating experience. I put a lot of effort into
building a few rpms for RedHat 7.1 that met some very specific needs. Also
created a kickstart CD that loaded 'my' version of RedHat 7.1 onto
headless servers without user intervention. When the CD popped out the box
was accessible via ssh on the local network. So RedHat pumped out a bunch
of releases in fairly quick succession. RedHat 8 was never fit for
production use, IMHO. When RedHat 9 was released I was still deploying new
servers using RedHat 7.2. Then updates for anything but RedHat Enterprise
Linux quickly vanished. My BIG issue is the short lived support in terms
of security updates. Having to reinstall a server after 18 month is
> Not long after the next Stable happens, because it's not hard to
> upgrade in Debian. 18 months seems about average, IIRC.
This means that for longest possible support I should be looking at
deploying Sarge, not Woody. How timely are security issues addressed in a