[CentOS] This doesn't make sense

Craig White craig.white at ttiltd.com
Wed Sep 21 16:50:27 UTC 2011


On Sep 21, 2011, at 6:41 AM, Ross Walker wrote:

> On Sep 21, 2011, at 12:03 AM, Craig White <craigwhite at azapple.com> wrote:
> 
>>>> 
>>>> I guess the point I was trying to make without being excessively blunt
>>>> is that the track record of timely releases for CentOS 6.x (any release)
>>>> and the track record of timely security updates (none) should really
>>>> cause any one to pause before installing any version of CentOS 6 - even
>>>> if 6.1 and all of the current security updates were released tomorrow.
>>> 
>>> For those systems that are important enough that I need immediate security updates I buy a RHEL license.
>>> 
>>> It's those one-off systems behind the firewall that I use CentOS for.
>>> 
>>> No point in buying an expensive license for an instant messenging server. IPtables is setup to block all non-application traffic, so the risks are low.
>>> 
>>> More likely to have systems compromised through the applications they run then the system utilities themselves.
>> ----
>> I have been using Red Hat and derivations (WBL, CentOS, Fedora) since
>> 1998 and the last few years it has been harder and harder to justify
>> waiting for everyone to get their act together on a new release.
>> 
>> My current employer and previous employer both stopped using RHEL/CentOS
>> for new installs in favor of Ubuntu and now so have I. It is Linux after
>> all and it is reasonable to use it and it works well.
> 
> That's great! I hope it works well for you.
> 
> We moved from Debian to CentOS/RHEL cause the version upgrades kept breaking our environment and always unpredictably.
> 
> Unfortunately a version upgrade is often the only way to get a security update on Debian I found.
> 
> And if I pin a release I didn't get the security updates!
> 
> 
>> I don't have to justify the shortcomings of lack of timely security
>> updates. 
> 
> Yes, with the one big downside that you can't prevent version upgrades without sacrificing security.
> 
>> I don't have to worry about 'long term support'
> 
> Cause there is none.
----
Ubuntu != Debian

No LTS? - https://wiki.ubuntu.com/LTS
----
> 
>> I have a simpler path for version upgrades (apt-get dist-upgrade)
> 
> True dist-upgrade is nice unless third party software causes it to break in the middle. Then, ouch.
----
third party software would in that case break regardless of distribution - the rest is just way easier... people who are seeking to in-place upgrade from CentOS 5.x to 6.x would love to have this option.
----
> 
>> Their documentation is often quite good.
> 
> I think that can be said about most Linux distros.
> 
>> I certainly appreciate CentOS rescuing me from the drift that was WBL
>> some 6 years ago and they generally delivered in a timely fashion.
>> Version 6 however made it clear to me that it was time to move on. I'm
>> only maintaining the CentOS 5 boxes at this point and at some point,
>> they will be replaced.
> 
> I view the version 6 release as a special case, a perfect storm of version releases; 4.9, 6.0, 5.7, 6.1, and a totally new build process upstream put in place for 6.0.
> 
> I think CentOS did the right thing by supporting 4 and 5 first. 6 was brand new and still buggy.
> 
> If it were me making the decisions I might have said, use 6.0 to perfect the build environment, but release 6.1 and let all the early adopters whine and jump if they want to.
----
'the perfect storm' argument seems sort of ridiculous now almost 11 months after the initial release of RHEL 6.0 and there isn't any nor has then ever been any security updates and you almost get the feeling that RHEL 6.2 will be released by the time CentOS gets 6.1 out the door.

More to the core issue though, there has always been simultaneous versions of RHEL available and given the current trajectory, there always will be. There was a time when a few of the admins of CentOS used to chide users of WBL for not being able to get timely security updates from WBL and indicated that this should be of primary concern for its users... I guess now, not so much.

But it's not really my intent to debate which distro - just wanted to point out that at this point, it requires a leap of faith to install CentOS 6.0 and believe that you will get timely security updates because all evidence is to the contrary.

Craig


More information about the CentOS mailing list