Hi Thomas,

> Hi,
>
> this maybe slightly off topic, but since my main points are security and
> manageability of production servers ill ask away:
>

It's not off-topic! ;-)

> Since United Linux seems to be focused on the "professional" side, like
> internet servers, how will the upgrade onto a new release level work? As
> it does now, via an Update CD / Yast2? Ive had bad experiences with SuSE
> upgrading, but maybe there is something planned so the "on the fly"
> upgrading is possible?

An upgrade from another Linux variant is not supported. Upgrades from
UnitedLinux 1.0 to the next version will be supported, within the limits
of the product specification of course (means: UnitedLinux-22.4 probably
won't allow upgrades from 1.0).

I have made upgrades for a very long time now, starting with SuSE Linux
5.3 (before, I reinstalled, usually). It works very well, provided you did
not fiddle with the files that belong to the rpm subsystem. RPM takes into
account if a file belongs to the documentation, if it is a configuration
file or a regular file from within the package. The config file issues
have been pretty much straightened out during the last years (I know that
in the beginning there were many packages that overwrote the config files
without paying much attention to changes in these files). This basically
means that you have three options:

1) the config file gets overwritten, silently. Unless this file hasn't
   been altered, this is a bug.
2) the config file gets replaced, and the original can be found as
   %s.rpmsave.
3) the config file is left untouched, with the original from the package
   being placed right next to is, suffix .rpmnew.

For as long as you pay attention to not spoil the rpm subsystem, updates
should work flawlessly.
Btw, it is comparatively easy to update a system manually, with rpm
commands on every single package in the running system. You might run into
trouble because you have to chose the right sequence, especially with the
glibc package (shared libraries), but it may work.

> How long (approximative :) ) will security fixes be maintained (how
> often do you have to "reroll" to a new release)?

I cannot (yet) give any warranties for the answer of this question, and it
is not only up to me to decide about it, so I have to refer to it as
"unofficial": 2 years, at least.

> Will there be "joined" security updating or will it be vendor specific?

Security updates will be done by the SuSE Security team. Vendor specific
packages are not subject to UnitedLinux if they are not included in the
UnitedLinux release.
Please note that the UnitedLinux partners may publish products based on
UnitedLinux. The add-ons on top of UnitedLinux are subject to the vendor's
security processes.

>
> Peace,
> Tom

Thanks,
Roman.

-- 
 -                                                                      -
| Roman Drahtmüller      <drahtsuse.de> // "You don't need eyes to see, |
  SuSE Linux AG - Security       Phone: //             you need vision!"
| Nürnberg, Germany     +49-911-740530 //           Maxi Jazz, Faithless |
 -                                                                      -
-- 
Check the headers for your unsubscription address
For additional commands, e-mail: suse-security-helpsuse.com
Security-related bug reports go to securitysuse.de, not here

• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]