On Sep 21, 2011, at 12:03 AM, Craig White <craigwhite at azapple.com> wrote: > On Tue, 2011-09-20 at 09:18 -0400, Ross Walker wrote: >> On Sep 19, 2011, at 7:12 PM, Craig White <craig.white at ttiltd.com> wrote: >> >>> On Mon, 2011-09-19 at 18:41 -0400, Ross Walker wrote: >>>> On Sep 17, 2011, at 7:49 PM, Craig White <craigwhite at azapple.com> wrote: >>>> >>>>> At some point, security updates for 6.1 will be released and then it >>>>> becomes a matter of deciding to install it based on the evidence that >>>>> security updates have been non-existent all this time. >>>> >>>> I'm sorry I don't follow you here? >>>> >>>> I'm fairly certain that 6.1 will include both 6.1 security/bug updates AND security/bug updates that have been released up to the beginning of the 6.1 release cycle, minus several that where released during the C6.1 release cycle. Security updates and bug fixes are intermingled without being able to distinguish one from the other outside of the RPM history. >>>> >>>> It's not the security updates that prevent me from moving to 6.0 right now, but those pesky .0 blues. >>> ---- >>> those pesky .0 blues as you call them were clearly there - see other >>> threads about video issues, etc. >>> >>> I guess the point I was trying to make without being excessively blunt >>> is that the track record of timely releases for CentOS 6.x (any release) >>> and the track record of timely security updates (none) should really >>> cause any one to pause before installing any version of CentOS 6 - even >>> if 6.1 and all of the current security updates were released tomorrow. >> >> For those systems that are important enough that I need immediate security updates I buy a RHEL license. >> >> It's those one-off systems behind the firewall that I use CentOS for. >> >> No point in buying an expensive license for an instant messenging server. IPtables is setup to block all non-application traffic, so the risks are low. >> >> More likely to have systems compromised through the applications they run then the system utilities themselves. > ---- > I have been using Red Hat and derivations (WBL, CentOS, Fedora) since > 1998 and the last few years it has been harder and harder to justify > waiting for everyone to get their act together on a new release. > > My current employer and previous employer both stopped using RHEL/CentOS > for new installs in favor of Ubuntu and now so have I. It is Linux after > all and it is reasonable to use it and it works well. That's great! I hope it works well for you. We moved from Debian to CentOS/RHEL cause the version upgrades kept breaking our environment and always unpredictably. Unfortunately a version upgrade is often the only way to get a security update on Debian I found. And if I pin a release I didn't get the security updates! > I don't have to justify the shortcomings of lack of timely security > updates. Yes, with the one big downside that you can't prevent version upgrades without sacrificing security. > I don't have to worry about 'long term support' Cause there is none. > I have a simpler path for version upgrades (apt-get dist-upgrade) True dist-upgrade is nice unless third party software causes it to break in the middle. Then, ouch. > Their documentation is often quite good. I think that can be said about most Linux distros. > I certainly appreciate CentOS rescuing me from the drift that was WBL > some 6 years ago and they generally delivered in a timely fashion. > Version 6 however made it clear to me that it was time to move on. I'm > only maintaining the CentOS 5 boxes at this point and at some point, > they will be replaced. I view the version 6 release as a special case, a perfect storm of version releases; 4.9, 6.0, 5.7, 6.1, and a totally new build process upstream put in place for 6.0. I think CentOS did the right thing by supporting 4 and 5 first. 6 was brand new and still buggy. If it were me making the decisions I might have said, use 6.0 to perfect the build environment, but release 6.1 and let all the early adopters whine and jump if they want to. -Ross