From owner-freebsd-questions@FreeBSD.ORG Sun May 16 16:05:52 2010 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 24177106566C for ; Sun, 16 May 2010 16:05:52 +0000 (UTC) (envelope-from freebsd@edvax.de) Received: from mx02.qsc.de (mx02.qsc.de [213.148.130.14]) by mx1.freebsd.org (Postfix) with ESMTP id 79B898FC14 for ; Sun, 16 May 2010 16:05:50 +0000 (UTC) Received: from r55.edvax.de (port-92-195-11-18.dynamic.qsc.de [92.195.11.18]) by mx02.qsc.de (Postfix) with ESMTP id DD56B1E8A7; Sun, 16 May 2010 18:05:48 +0200 (CEST) Received: from r55.edvax.de (localhost [127.0.0.1]) by r55.edvax.de (8.14.2/8.14.2) with SMTP id o4GG5mnr001806; Sun, 16 May 2010 18:05:48 +0200 (CEST) (envelope-from freebsd@edvax.de) Date: Sun, 16 May 2010 18:05:47 +0200 From: Polytropon To: Dan Naumov Message-Id: <20100516180547.3c61a7e1.freebsd@edvax.de> In-Reply-To: References: Organization: EDVAX X-Mailer: Sylpheed 2.4.7 (GTK+ 2.12.1; i386-portbld-freebsd7.0) Mime-Version: 1.0 Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit Cc: freebsd-questions@freebsd.org Subject: Re: How long do you go without upgrading FreeBSD to a newer release? X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list Reply-To: Polytropon List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 16 May 2010 16:05:52 -0000 On Sun, 16 May 2010 18:42:44 +0300, Dan Naumov wrote: > Just a thought/question that has recently come to my mind: How long do > you usually wait until upgrading to a newer release of FreeBSD? A quite generic answer: Only as long as needed. :-) Upgrading often is determined by certain considerations, such as the ability to maintain system security (again depending on the setting and the purpose of the installation), or the require- ment for some functionality that explicitely requires upgrading. > What's your oldest currently running installation, > do you have any issues and are you planning on an upgrade or do you > intend to leave it running as is until some critical piece of hardware > breaks down, requiring a replacement? FreeBSD 5.4-p14 on a P2/300, 128 MB RAM, office workstation, last update both in system and applications in 2006. Upgrade planning: no. Leave it running as long as possible: yes. Reason: System runs perfectly (it's not on WAN or acting as a server, so no major security considerations). It runs better than my FreeBSD 7 home system which awaits upgrading to 8 soon. :-) Oldest: 4.1 on a 486 laptop, I'm sure it still works, but it's not in regular use. :-) > The reason I am asking is: I have a 8.0 installation that I am VERY > happy with. It runs like clockwork. eveything is properly configured > and highly locked down, all services accessible to the outside world > are running inside ezjail-managed jails on top of ZFS, meaning it's > also very trivial to restore jails via snapshots, should the need ever > arise. I don't really see myself NEEDING to upgrade for many years. > even long after security updates stop being made for 8.0, since I can > see myself being able to at least work my way around arising security > issues with my configuration and to break into the real host OS and > cause real damage would mean you have to be either really really > dedicated, have a gun and know where I live or serve me with a > warrant. If you're running services available to the outside world, keep in mind *their* security updates also. If those require a system update, do it, but usually they don't - you usually just upgrade the ports in question. For servers, you should follow -p as long as possible. If there are no further security updates for a certain release, it MAY be a valid idea to upgrade to the new release (e. g. 8.0 to 8.2, or what's the current release when 8.0-p doesn't continue). > Do you liva by the "If it's not broken, don't fix it" mantra or do you > religiously keep your OS installations up to date? Maybe you'll laugh, but I go with both ways. :-) I've got an experimental system that I try "bleeding edge" software on, just to see how well it works. Servers and workstations that I need to RELY ON go with "not broken, not fix". I'm sure you'll get more answers that suggest you to really think about what you want to do, and that determines your way, maybe both ways, if that fits your requirements. Both ways have their advantages and disadvantages, and it's up to you how you handle it. -- Polytropon Magdeburg, Germany Happy FreeBSD user since 4.0 Andra moi ennepe, Mousa, ...