Date: Sun, 25 Jun 2017 09:39:12 +0200 From: Michelle Sullivan <michelle@sorbs.net> To: =?UTF-8?Q?Martin_Waschb=c3=bcsch?= <martin@waschbuesch.de>, ports@freebsd.org Subject: Re: [RFC] Why FreeBSD ports should have branches by OS version Message-ID: <b62b4a48-ce40-96d8-f4c1-8c3ab4ddadfe@sorbs.net> In-Reply-To: <4B124329-E0E7-4A49-9A6D-A4E2251C2AAE@waschbuesch.de> References: <CAO%2BPfDeFz1JeSwU3f21Waz3nT2LTSDAvD%2B8MSPRCzgM_0pKGnA@mail.gmail.com> <20170622121856.haikphjpvr6ofxn3@ivaldir.net> <dahnkctsm1elbaqlarl8b9euouaplqk2tv@4ax.com> <20170622141644.yadxdubynuhzygcy@ivaldir.net> <4jrnkcpurfmojfdnglqg5f97sohcuv56sv@4ax.com> <20170622211126.GA6878@lonesome.com> <n8eokc5fafda8gedtvbhh7i0qdk83gur5q@4ax.com> <594C4663.5080209@quip.cz> <6mupkc5v5oclrd721pssousokmgtqkvfao@4ax.com> <20170623125424.GA10691@gmail.com> <76e3845a-d05c-7c1a-b548-31381252fe45@sorbs.net> <4B124329-E0E7-4A49-9A6D-A4E2251C2AAE@waschbuesch.de>
next in thread | previous in thread | raw e-mail | index | archive | help
Martin Waschbüsch wrote: >> Am 23.06.2017 um 23:53 schrieb Michelle Sullivan <michelle@sorbs.net>: >> >> Matt Smith wrote: >>> I use FreeBSD *precisely* because it mostly keeps up with the latest stable versions of things. I have postfix 3.2, pgsql 9.6, nginx 1.13, libressl 2.5 etc. It's usually impossible to do this with linux unless you install things directly from source. >> And me I came to FreeBSD because it was security conscious but not latest and greatest or nothing... well not strictly true, P Vixie forced me into trying it.. but I changed from Linux to FreeBSD across my entire product because of stability... which doesn't exist in the same way now (and hasn't since 2013ish).. > FWIW, personally, I never perceived statements about FreeBSD's stability to extend beyond the scope of the (complete) OS itself. There in lies a problem.. Something happened, now the OS is not as stable, as for a 'installed the CD how long before a reboot' is it, but how often do we *have* to upgrade because of a security issue.. seems like every 5 minutes now... ports (some of them) do form part of the OS... if the ports tree stops working on older versions of the OS then you *have* to upgrade. > I always regarded ports very much as a convenience. pkg even more so. I don't consider pkg at all. Ports are partly. > >>> I upgrade my ports/packages via poudriere every single day which mostly just takes 2 minutes of my time as usually that results in maybe one or two packages being updated at a time. I see this as a positive thing rather than doing one massive huge upgrade every 3 months. >> Currently have 87 servers located across 7 continents, all in production processing incoming spam at the millions per day, and serving DNS requests at a rate of over 70,000 queries per second (averaged over a week)... you can't just f**k with that. Patches have to be evaluated, tested, built and regression tested.... > > My personal conclusion is that if I need to ensure that issues (especially security fixes) are dealt with in a timely manner then I have to do the patching, testing, evaluating, etc. myself. Mostly agreed... depends on your definition of 'do the patching yourself'.. if you mean taking patches applying them yourself, then yes 100% agree, if you mean developing the patch yourself in whole or in part... no. > After all, even if all that was thoroughly done by upstream, port maintainer, etc., who’s to say my specific setup and config won’t bring issues to light their testing didn’t? 100% with you. -- Michelle Sullivan http://www.mhix.org/
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?b62b4a48-ce40-96d8-f4c1-8c3ab4ddadfe>