* Roger Marquis <marquisroble.com> [010411 20:38]:
> Scott Johnson wrote:
> > There is a difference between security fixes and a 'more low-key and
> > conservative set of changes intended for our next mainstream release'.
>
> I think this is a point many posters are missing. Production
> systems administration has to be conservative. A good systems
> administrator would *NEVER* run cvsup or -STABLE on a revenue
> generating production server for example. Change deltas must be
> kept to a minimum to minimize the risk of downtime or application
> problems.

I agree with you here. I've seen the performance and reliability
of my box increase from tracking STABLE, but it's a home system.

Remotely upgrading enterprise boxes is a differnet ball game entirely,
but there are always going to be risks doing that, and I don't know
of any way to eliminate them. A kernel bug fix tends to need a reboot.
 
> > I just want to add my voice as to how I use FreeBSD. Simply saying 'use
> > - -STABLE' to those of us running -RELEASE on production systems isn't
> > appropriate,
>
> Agreed. It might be worthwhile to point out that Linux is gaining
> market share by leaps and bounds while FreeBSD's user base remains
> relatively stagnant for *exactly* this reason.

Why? Because RedHat only provide updates as individual RPMS, so updating
a system from one version to another was always a complete nightmare?
(Exhibit A being shipping the new version of RPM as an RPM.
In the new package format.)
A central source tree form kernel and userland is BSDs crtowning glory, IMO.
But that's not to say that patches aren't an option.

> This is all IMHO. Perhaps I'm just spoiled by Solaris' patch
> process. Yet we have seen a significant increase in Sun purchases
> thanks to their Blade 100 and it's $1000 price (headless). The
> FreeBSD community has to make the choice: do you want to FreeBSD
> to be a great developer's OS and an also-ran production platform
> (Dag-Erling Smorgrav's "submit patches or shut up") or would it be
> better in the long term to shift some resources (like incremental
> security patches) in order to boost market share?

IMO, all contact I've had with the FreeBSd team has been motivated out of
a genuine need to create a good product. Saying they do this to
'increase market share' does them a disservice.
Their motivation to me has always seemed to be to make an OS
that sucks less than any other, whether or not that's commercially attractive.

-- 
Rasputin
Jack of All Trades :: Master of Nuns
To Unsubscribe: send mail to majordomoFreeBSD.org
with "unsubscribe freebsd-security" in the body of the message

• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]