[CentOS] updating a Centos 6 lamp stack

Sat Feb 16 18:39:21 UTC 2013
Johnny Hughes <johnny at centos.org>

On 02/15/2013 05:36 PM, David Mehler wrote:
> Hello,
>
> I've got a new centos 6 system it's i386 and I'm wanting to update
> it's lamp stack, specifically httpd, php, and mysql. Also, if postfix
> as an MTA would be available that's a plus.
>
> I've checked out the centos wiki and it looks like I have two choices
> for third party repos for this task. I have enabled rpmforge as of
> now. The two repos I'm seeing are Les RPM de Remi repository, and IUS
> Community Repo.
>
> I'm wanting from user's who have used either or both impressions, pro
> conn of both and which you'd prefer.

Before you ruin a seven year security plan for your server, I would
suggest that you read and understand this Red Hat backporting article:

https://access.redhat.com/security/updates/backporting/

The WHOLE purpose of CentOS is to provide secure server related packages
for 7 years.  Upgrading items like the LAMP stack is completely counter
to what CentOS is designed for.  I use some of Remi's stuff and I am not
suggesting he does not do good work (he actually does great work) ...
however, if you use his repo for the LAMP stack, now you will not be
assured to get security updates for 7 years, or with
compatibility/integration with other RPMs on your system, etc.  You will
only get updates when he pushes them and only get security updates that
he finds and decides to roll in.  Again, I am not saying that is bad,
just asking what happens if he gets hired to sell cars next week and
stops doing updates?  Please do not take this as a negative to those
repos ... it could be any 3rd party app.  I like 3rd party things too,
but they are far from assured to be there next week, next month, or next
year ... let alone for 7 years.

I would recommend that if you want the latest and greatest LAMP stack
that you use a latest and greatest type distribution like Fedora.  I
know, you don't want to change the OS every 6 to 18 months ... BUT ...
actually you probably do.  You want later versions of major server
packages, and if you want them now, I assume you will want them again in
the future.  At least Fedora would provide security updates during the
period you have it installed and all the packages will work together, etc.

Now, it is your machine and you get to tell me how stupid my advise is
and do whatever you want.  I just want to make sure you have seem what
backporting is, why it is being used instead of just newer versions of
the software released, and what problems can be encountered when one
decides to go outside the main distro for server related things.

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 262 bytes
Desc: OpenPGP digital signature
URL: <http://lists.centos.org/pipermail/centos/attachments/20130216/55af35b6/attachment-0005.sig>