David Oros wrote: > I would like to ask, how to deal with this problem: I cannot stop > using php4 because of some apps from about 100 customers, so I need > stable Debian with php4 in it. My idea is to install stable lenny > debian and compile php4 from source, but I do not want to use it - > only as a last chance. > > Question is: how to have stable upgradeable debian with php4? You can't. Those are two things that are not compatible with each other. I am in the same situation. Or rather I now have clients in the same situation and I am helping them work through the problem. (It is good business when you can get it.) And so I need to solve the same problem. How do I keep the old php4 sites running but still upgrade the system to Lenny Stable? In my case they used some binary blobs that they don't have source code for and are stuck because those binary blobs do not work with PHP5. I addressed this by creating an Etch chroot and running the web server and php4 code in the chroot. The rest of the system is running Lenny and gets full security updates. The Etch chroot is running Apache and PHP4 but no other services. Then I am (slowly) migrating things off of those binary blobs and onto more portable free software replacements on a supported system image. This is not without problems because Apache is the Etch version and there is no security support for it. To help mitigate some of that risk I place an additional protection layer around it by having this isolated instance behind an Apache reverse proxy so that it isn't directly exposed to the hostile Internet. The front line host is Stable Lenny. Using PHP4 is still bad. But using it like this is slightly less bad because the bad parts are isolated. I then keep track of it very carefully and slowly migrate things off of it. This is far from a perfect solution but is at least a working transition. Bob
Attachment:
signature.asc
Description: Digital signature