[CentOS] This doesn't make sense

Wed Sep 21 04:03:49 UTC 2011
Craig White <craigwhite at azapple.com>

On Tue, 2011-09-20 at 09:18 -0400, Ross Walker wrote:
> On Sep 19, 2011, at 7:12 PM, Craig White <craig.white at ttiltd.com> wrote:
> > On Mon, 2011-09-19 at 18:41 -0400, Ross Walker wrote:
> >> On Sep 17, 2011, at 7:49 PM, Craig White <craigwhite at azapple.com> wrote:
> >> 
> >>> At some point, security updates for 6.1 will be released and then it
> >>> becomes a matter of deciding to install it based on the evidence that
> >>> security updates have been non-existent all this time.
> >> 
> >> I'm sorry I don't follow you here?
> >> 
> >> I'm fairly certain that 6.1 will include both 6.1 security/bug updates AND security/bug updates that have been released up to the beginning of the 6.1 release cycle, minus several that where released during the C6.1 release cycle. Security updates and bug fixes are intermingled without being able to distinguish one from the other outside of the RPM history.
> >> 
> >> It's not the security updates that prevent me from moving to 6.0 right now, but those pesky .0 blues.
> > ----
> > those pesky .0 blues as you call them were clearly there - see other
> > threads about video issues, etc.
> > 
> > I guess the point I was trying to make without being excessively blunt
> > is that the track record of timely releases for CentOS 6.x (any release)
> > and the track record of timely security updates (none) should really
> > cause any one to pause before installing any version of CentOS 6 - even
> > if 6.1 and all of the current security updates were released tomorrow.
> For those systems that are important enough that I need immediate security updates I buy a RHEL license.
> It's those one-off systems behind the firewall that I use CentOS for.
> No point in buying an expensive license for an instant messenging server. IPtables is setup to block all non-application traffic, so the risks are low.
> More likely to have systems compromised through the applications they run then the system utilities themselves.
I have been using Red Hat and derivations (WBL, CentOS, Fedora) since
1998 and the last few years it has been harder and harder to justify
waiting for everyone to get their act together on a new release.

My current employer and previous employer both stopped using RHEL/CentOS
for new installs in favor of Ubuntu and now so have I. It is Linux after
all and it is reasonable to use it and it works well.

I don't have to justify the shortcomings of lack of timely security

I don't have to worry about 'long term support'

I have a simpler path for version upgrades (apt-get dist-upgrade)

Their documentation is often quite good.

I certainly appreciate CentOS rescuing me from the drift that was WBL
some 6 years ago and they generally delivered in a timely fashion.
Version 6 however made it clear to me that it was time to move on. I'm
only maintaining the CentOS 5 boxes at this point and at some point,
they will be replaced.


This message has been scanned for viruses and
dangerous content by MailScanner, and is
believed to be clean.