[clue-tech] WS upgrades

David L. Anselmi anselmi at anselmi.us
Sat Nov 19 12:16:35 MST 2005 

Collins Richey wrote:
[...]
>>[0] I have the highest respect for the Debian security team.  But they
>>(mostly) only make security fixes for stable and I don't use that.  Not
>>to denigrate stable or anyone using it, just wishing for a better world.
> 
>>From everything I've seen thus far, Ubuntu will most likely be that
> better world. Solid Debian base, but daring to be more modern and more
> accessible.

No, I don't think so.  At least not my "better world".

 From what I've heard Ubuntu is Debian with a 6 month release cycle 
rather than a "when it's ready" release cycle.  In 6 months you still 
have enough progress that upgrading can be painful, or at least that 
it's a large job rather than a small one (or many small ones).

Releases will be supported for more than 6 months so you'll need a 
security team to patch old releases.  And that enables (encourages?) 
people to skip releases, making the upgrade job that much bigger.

I want a distro modeled on Debian testing where I get a new package a 
few days after upstream releases it.  Even in a production environment 
it rarely matters to my critical apps that perl, or apt, or grep have 
been updated.  Or even the kernel for that matter.  (Maybe because my 
production environments are all Free code.  I've seen custom apps that 
care what Solaris patch level they run on.  My gut feel it that those 
apps suck but maybe there's a legitimate reason they're coupled to the OS.)

When it does matter (Samba upgrade from 2 to 3 on a Samba server), 
there's time to wait on that upgrade and test it to work out the kinks.

To me, Debian testing is close.  There are adjustments I'd make (a way 
to distinguish bug fixes from API changes, maybe) but it's as close as 
I've found.

Maybe I'm looking at technical elegance rather than business sense.  But 
the "upgrade to latest release, patch to keep out hackers, months of 
painful testing for the next release, repeat" process was developed on 
proprietary software and I think Open Source makes it possible to throw 
out that model and do something better.

Here's an example of what I'm thinking:

http://store.yahoo.com/paulgraham/road.html

Especially the section on releases, not so much the "everything's a web 
app".  They seem to have run their application the way I'm 
thinking--small incremental upgrades.  I wonder how they ran their servers?

Dave
_______________________________________________
CLUE-tech mailing list
CLUE-tech at cluedenver.org
http://cluedenver.org/mailman/listinfo/clue-tech

More information about the clue-tech mailing list