Date: Thu, 2 Nov 2000 09:58:45 -0600 (CST) From: Joe Greco <jgreco@ns.sol.net> To: hackers@freebsd.org Cc: gjb@gbch.net, davep@afterswish.com Subject: Re: FreeBSD in good standing in netcraft survey Message-ID: <200011021558.JAA81776@aurora.sol.net> In-Reply-To: <200011021538.JAA27180@earth.execpc.com> from "jgreco@execpc.com" at Nov 02, 2000 09:38:02 AM
next in thread | previous in thread | raw e-mail | index | archive | help
> David Preece writes:
> > Possibly off topic, possibly not. Am I the only one who doesn't really care
> > about uptimes?
>
> I certainly am not impressed by uptimes over about 100 days.
> They show that the site does not care about keeping current.
And why should you care about "keeping current"?
As the owner/maintainer of a few hundred FreeBSD systems, I can tell
you that I'm not going to run around to each, every time there's a new
release, because if I did, I'd never get anything else at all done. I
certainly am not going to "keep current" at anything MORE frequent than
that, either...
> If it made sense to have several hundred days of uptime, what is
> the point of all the development work done by the FreeBSD (and
> other OS) developers? These people work hard to improve the
> system and it makes sense to at least run the latest production
> release. In the case of FreeBSD, this means a reboot at least
> every three to four months when the CDs are released.
Oh, like hell it does. For most applications, there's not very much I
can do with a 4.1.1R box that I wasn't able to do with 2.1.0R. Some
people use FreeBSD for the sake of the OS itself... others of us just
use it as a means to an end. I use it as an application-running
platform, which means that unless there's some deficiency that causes
it to be unable to run my application, or a major security problem, I
don't really care what release I run.
Most of my production servers are still running 3.*, because 4.0 (and
to a lesser extent 4.1*) was not stable enough to run some of the stuff
I was doing, and other things like device drivers were missing. There
are still other issues: vinum can't see more than 32 drives on 4.*, but
works fine on 3.*.
Also, some of us run systems in "highly secure" mode, which means that
there is extensive firewalling, lots of detail to permissions and file
flags, securemode, etc. This makes it a nuisance to upgrade systems,
because you've got to singleuser them in order to do it. It also means
they're an order of magnitude less vulnerable to your average kiddie
script cracker.
The major things which have tempted me to jump release versions in the
past:
3.{0,1}R -> 3.2R in securemode, clock couldn't be stepped back
(or forward, either, I think) - making xntpd rather useless. Part of
my security policy is making sure clocks are sync'ed, for logs and stuff
like that. I had been forcibly commenting out the kernel check for
securemode when setting the clock. I upgraded some boxes to 3.2R that
I had originally missed.
3.4R -> 3.5R on my routers, more than 65535 routes would cause
instability on releases < 3.5R. All the BGP speakers got upgraded to a
3.4-stable and will soon get upgraded to 3.5R.
But every time I down a box for an upgrade, some service is being taken
out of service. When I take down a big router, my BGP session flaps and
my Internet connectivity goes to hell. Yeah, sure, that's something I
want to do every three or four months, just for the hell of it.
We all appreciate the hard work and efforts of the developers. That does
not mean that we're obligated to upgrade our machines every time a release
walks out the door. Up 'til two weeks ago, I had several routers that were
still running 2.1.7R, and I even had a 2.0R box floating around (it had
some old legacy services on it, and it was a choice of leave it running or
turn it off).
In general, all I really care about keeping current is the applications I
run on the machines, since those tend to be visible (and exploitable) to
the world.
--
... Joe
-------------------------------------------------------------------------------
Joe Greco - Systems Administrator jgreco@ns.sol.net
Solaria Public Access UNIX - Milwaukee, WI 414/342-4847
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-hackers" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200011021558.JAA81776>