On Tue, 2009-08-11 at 20:42 -0500, Ron Blizzard wrote:
On Tue, Aug 11, 2009 at 5:25 PM, Ian Murraymurrayie@yahoo.co.uk wrote:
I am troubled by the window of opportunity that a hacker has between RH releasing a point release and CentOS releasing the equivalent. Every RH published errata for that stream is a known weakness to your system and there is not a sausage you can do about it until the CentOS project delivers the point release. The quicker it is, the less of a problem, but the slower it is, the more exposed you are. CentOS have not exactly been knocking out the updates very quickly.
If security and immediate updates is your main criteria, then you probably are better off with RH. But a lot of people use CentOS and, as far as I can tell, there have not been any major security problems caused by the unavoidable delay between RH's release and CentOS's release. But, as someone else mentioned here, a mixture might be your best option. RH on critical servers and CentOS on less critical ones.
Ok I have been reading and reading this thread and I finally had to say something. I am a fairly new user to CentOS and as such I supposed am not entitled to my opinion but here goes anyway.
I really don't understand all the griping there has been alot of sniping and other such complaints in the past few weeks and to me it all got started with the open letter to lance, but that is moot now as the problem has been resolved and the powers that be are settings things straight and it has even been said that they have new things planned for us in the future, this is excellent news.
It seems the two complaints thrown out there the most are
A) lack of a contrib or community repo
B) speed of updates
Ok lets address A first - there are several repo's out there that you can use with cent as we all know and if you don't know I refer you here
http://wiki.centos.org/AdditionalResources/Repositories
Now if you still are missing a package that you want I would suggest either learning how to make your own rpm's and make yourself a nice little server and run your own repo I know a great OS that would be ideal for this : )
There has also been hints and such at a contrib repo that may or may not appear at sometime in the future, this is also more excellent news. But again questions have been raised about who can put things in this repo or not. Well that is left up to the powers that be not me or you. So Ideally this really is a moot point because one can use whatever repo they wish to add extra functionality to their machine, or build your own rpm's or dare I say it built it from source( although this is not reccommended).
So on with B - From my understanding the main core of things in cent is maintained from a people that I can count on two hands. So lets put this in the simplest of terms, they are maintaining how many different versions, and as the link provided earlier to the 4 series update this is a large laundry list of things to do. So I can understand why somethings will take a longer time frame sometimes. And I have also did some reading on rebuilding the entire OS from rhel sources and this is not as simple as just rebuilding a src.rpm, be nice if it was though huh.
Ok on with my .02 I am an old RH junkie I started with 7.0 and since they pulled the distro I have been bouncing ever since. With finding cent I have found a home again something I can use is stable and easy to maintain and break if I choose to break it. IMHO other distro's are all just racing for the latest features and who can boot the fastest while most simple and normal desktop features get neglected. My biggest disappointment in this thread is all I read is why cant this ? why cant I, why why why. Where is the How ? How can I help? How can I be of service? How can I help to push updates and releases out faster ? These are the questions that are lacking and should be asked. We are all after the same thing here, we like cent we use cent how can we make a better cent?
The core group has made a clear and concise statement of what the goal of the project is, if this suits you great but you cannot bang on them for staying true to their goals, they never once said - oh you cant use that repo, or you cant do this. Once you download and install its yours use it as YOU see fit. If something should arise where you need help, ask, from my experience so far everyone has been very friendly and willing to help(though not spoon feed) I love that in the IRC topic. If you have idea's or questions by all mean's please ask but do so politely.
The fact of the matter is this I understand all the concerns and questions in this thread but beating a dead horse will solve nothing. Again those of us outside of the core group need to stop griping and beating the core group up over it. We need to stand up and ask - How may I help ? What do you need to get this done. Ask yourself what talents do you have that you can offer the project. There are many ways to do this and you can find them here
http://wiki.centos.org/Contribute
I for one thank the Dev's for their work I know it is time consuming and you guys are doing one hell of a job. I know some of the barking can be discouraging but please do not let a few impede your progress, on what is a great os for us to use, and to finish up may I offer my help in any way I can. I am no super guru by any means but I do have some skills and would be happy to help, and yes I know I have to earn it, so be it I love a challenge, thank you again for the excellent os that is CentOS